Improvements are made to the security issue in the connection process between LoRawan terminal equipment and network server. A security model is proposed based on LoRaWAN protocol which, through the two-way authentication mechanism between the terminal and server, strengthens the security of terminal and server authentication to prevent the third-party equipment eavesdropping. This model updates regularly the authentication rules, prevents the replay attack, strengthens the link safety and at the same time, reduces the impact on the power consumption as far as possible. Simulation results show that that the security of this mechanism for the LoRaWAN protocol terminal authentication process becomes greater with the shortening of the update cycle. The energy consumption of the authentication process of the two parties of this mechanism increases with the shortening of the cycle. But it doesn't have an obvious impact on the energy consumption of the overall data transmission phase and the reception delay of the data transmission phase. The acceptance delay during the data transmission phase increases by less than 7%.