CN112003867A - Communication method of vehicle-mounted T-BOX and cloud server and related equipment - Google Patents

Communication method of vehicle-mounted T-BOX and cloud server and related equipment Download PDF

Info

Publication number
CN112003867A
CN112003867A CN202010881930.8A CN202010881930A CN112003867A CN 112003867 A CN112003867 A CN 112003867A CN 202010881930 A CN202010881930 A CN 202010881930A CN 112003867 A CN112003867 A CN 112003867A
Authority
CN
China
Prior art keywords
authentication
box
vehicle
certificate
authentication failure
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010881930.8A
Other languages
Chinese (zh)
Other versions
CN112003867B (en
Inventor
徐俊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Pateo Connect and Technology Shanghai Corp
Original Assignee
Shanghai Pateo Electronic Equipment Manufacturing Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Pateo Electronic Equipment Manufacturing Co Ltd filed Critical Shanghai Pateo Electronic Equipment Manufacturing Co Ltd
Priority to CN202010881930.8A priority Critical patent/CN112003867B/en
Publication of CN112003867A publication Critical patent/CN112003867A/en
Application granted granted Critical
Publication of CN112003867B publication Critical patent/CN112003867B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/48Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for in-vehicle communication

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the invention discloses a communication method of a vehicle-mounted T-BOX and a cloud server and related equipment, wherein when an authentication failure database is determined to be matched with first equipment information contained in a first CA certificate, the authentication failure times are determined according to an authentication failure time record and a first preset time length. And when the authentication failure times are smaller than the failure time threshold value or the first equipment information is not matched, performing CA authentication according to the first CA certificate. And when the authentication failure times are larger than or equal to the failure time threshold or the CA authentication fails, adding the current time as the authentication failure time of the first equipment information into an authentication failure database, and returning a handshake failure signal to the vehicle-mounted T-BOX. And when the CA authentication is determined to pass, sending a handshake success signal to the vehicle-mounted T-BOX, and receiving a data report message sent by the vehicle-mounted T-BOX after the handshake success so as to process the data report message. The safety authentication efficiency of the vehicle-mounted T-BOX is improved.

Description

Communication method of vehicle-mounted T-BOX and cloud server and related equipment
Technical Field
The invention relates to the technical field of communication, in particular to a communication method of a vehicle-mounted T-BOX and a cloud server and related equipment.
Background
The vehicle networking system comprises four parts, namely a host, a vehicle-mounted T-BOX, a mobile phone APP and a background system. The host is mainly used for video entertainment in the vehicle and vehicle information display; the vehicle-mounted T-BOX is mainly used for communicating with a background system/mobile phone APP, and vehicle information display and control of the mobile phone APP are achieved. After a user sends a control command through a mobile phone end APP, a background system CAN send a monitoring request command to the vehicle-mounted T-BOX, the vehicle-mounted T-BOX sends a control message through a CAN bus after obtaining the control command and realizes control over a vehicle, and finally an operation result is fed back to the mobile phone APP of the user, so that the function CAN help the user to remotely start the vehicle, open an air conditioner, adjust a seat to a proper position and the like.
The vehicle-mounted T-BOX Can deeply read the vehicle Can bus data and the private protocol so as to acquire the related data of the vehicle, and then transmits the acquired data to the background cloud server through the network. In the prior art, when the vehicle-mounted T-BOX is required to report data to the cloud server, the cloud server needs to perform security authentication on the vehicle-mounted T-BOX firstly, and bidirectional CA authentication is generally used between the vehicle-mounted T-BOX and the cloud server so as to improve the security of data communication; however, since the bidirectional CA authentication takes a long time and the security verification efficiency is very low, it is necessary to improve the above problem.
Disclosure of Invention
The embodiment of the invention provides a communication method of a vehicle-mounted T-BOX and a cloud server and related equipment, which can improve the safety authentication efficiency of the vehicle-mounted T-BOX.
In a first aspect, an embodiment of the present invention provides a communication method for an on-vehicle T-BOX and a cloud server, which is applied to the cloud server, and the method includes:
receiving a handshake signal of an onboard T-BOX, wherein the handshake signal comprises a first CA certificate of the onboard T-BOX;
when first equipment information contained in the first CA certificate is determined to be matched in an authentication failure database, acquiring authentication failure times corresponding to the first equipment information within a first preset time before the current time according to an authentication failure time record of the authentication failure database, wherein the authentication failure database comprises a corresponding relation between the equipment information of a vehicle-mounted T-BOX and the authentication failure time;
determining that the authentication failure times are smaller than a failure time threshold, or when the first equipment information is not matched in the authentication failure database, performing CA authentication on the vehicle-mounted T-BOX according to the first CA certificate;
when the authentication failure times are determined to be larger than or equal to the failure time threshold, adding the current time as the authentication failure time of the first equipment information into the authentication failure database, and returning a handshake failure signal to the vehicle-mounted T-BOX;
when CA authentication is determined not to pass, adding the current moment as authentication failure time of the first equipment information into the authentication failure database, and returning a handshake failure signal to the vehicle-mounted T-BOX;
when CA authentication is determined to pass, a handshake success signal is sent to the vehicle-mounted T-BOX;
and receiving a data report message sent by the vehicle-mounted T-BOX after the vehicle-mounted T-BOX successfully grips, and processing the data report message, wherein the data report message comprises service data of the vehicle-mounted T-BOX and second equipment information.
Optionally, the processing the data reporting packet includes:
when the first equipment information and the second equipment information are determined to be inconsistent, filtering a data report message of the vehicle-mounted T-BOX, adding the first equipment information and the second equipment information to the authentication failure database, and adding the current time as the authentication failure time of the first equipment information and the authentication failure time of the second equipment information to the authentication failure database;
and processing the service data of the vehicle-mounted T-BOX when the first equipment information is determined to be consistent with the second equipment information.
Optionally, the CA authentication includes:
performing one-way CA authentication according to a first trust certificate database and the first CA certificate, wherein the first trust certificate database comprises CA certificates of a plurality of vehicle-mounted T-BOX trusted by the cloud server;
when a first CA certificate is matched in the first trust certificate database, determining that the first CA certificate passes CA authentication;
determining that the first CA certificate is not CA-authenticated when the first CA certificate is not matched in the first trust certificate database.
Optionally, the CA authentication includes:
performing a first one-way CA authentication according to a first trust certificate database and the first CA certificate to generate a first one-way CA authentication result, wherein the first trust certificate database comprises CA certificates of a plurality of vehicle-mounted T-BOX trusted by the cloud server;
sending a second CA certificate of the cloud server to the vehicle-mounted T-BOX so that the vehicle-mounted T-BOX performs second one-way CA authentication on the cloud server according to the second CA certificate and a second trust certificate database to generate a second one-way CA authentication result, wherein the second trust certificate database comprises CA certificates of a plurality of cloud servers trusted by the vehicle-mounted T-BOX;
receiving the second one-way CA authentication result sent by the vehicle-mounted T-BOX;
when the first one-way CA authentication result and the second one-way CA authentication result both pass one-way authentication, determining that the first CA certificate passes two-way CA authentication;
and when the first one-way CA authentication result and/or the second one-way CA authentication result is/are not passed through one-way authentication, determining that the first CA certificate is not passed through two-way CA authentication.
Optionally, the method further comprises:
and deleting the record of the authentication failure time of which the time difference with the current time is greater than a second preset time length in the authentication failure database.
Optionally, the method further comprises:
before receiving a handshake signal of the vehicle-mounted T-BOX, sending a pre-configuration file to the vehicle-mounted T-BOX, so that when the vehicle-mounted T-BOX sends the data report message, the service data is determined according to the pre-configuration file, and the pre-configuration file is used for appointing the service data uploaded by the vehicle-mounted T-BOX.
In a second aspect, an embodiment of the present invention provides a cloud server, including:
the receiving module is used for receiving a handshake signal of the vehicle-mounted T-BOX, wherein the handshake signal comprises a first CA certificate of the vehicle-mounted T-BOX;
the acquisition module is used for acquiring the authentication failure times corresponding to the first equipment information within a first preset time before the current time according to the authentication failure time record of the authentication failure database when the first equipment information contained in the first CA certificate is matched in the authentication failure database, wherein the authentication failure database comprises the corresponding relation between the equipment information of the vehicle-mounted T-BOX and the authentication failure time;
the first processing module is used for determining that the authentication failure times are smaller than a failure time threshold value, or carrying out CA authentication on the vehicle-mounted T-BOX according to the first CA certificate when the first equipment information is not matched in the authentication failure database;
the second processing module is used for adding the current moment as the authentication failure time of the first equipment information into the authentication failure database and returning a handshake failure signal to the vehicle-mounted T-BOX when the authentication failure times are determined to be larger than or equal to the failure times threshold;
the third processing module is used for adding the current moment as the authentication failure time of the first equipment information into the authentication failure database when the CA authentication is determined not to pass, and returning a handshake failure signal to the vehicle-mounted T-BOX;
the fourth processing module is used for sending a handshake success signal to the vehicle-mounted T-BOX when the CA authentication is determined to pass;
the receiving module is further configured to receive a data reporting message sent by the vehicle-mounted T-BOX after the handshake is successful, where the data reporting message includes service data of the vehicle-mounted T-BOX and second device information;
and the fifth processing module is used for processing the data reporting message.
Optionally, the fifth processing module includes:
a first sub-module, configured to filter a data report packet of the on-vehicle T-BOX when it is determined that the first device information and the second device information are inconsistent, add the first device information and the second device information to the authentication failure database, and add a current time to the authentication failure database as authentication failure time of each of the first device information and the second device information;
and the second sub-module is used for processing the service data of the vehicle-mounted T-BOX when the first equipment information is determined to be consistent with the second equipment information.
In a third aspect, an embodiment of the present invention provides a cloud server, including: a processor and a memory;
the processor is connected with the memory, wherein the memory is used for storing program codes, and the processor is used for calling the program codes to execute the communication method between the vehicle-mounted T-BOX and the cloud server according to the first aspect.
In a fourth aspect, an embodiment of the present invention provides a computer storage medium storing a computer program, the computer program comprising program instructions that, when executed by a processor, perform the communication method between the vehicle-mounted T-BOX and the cloud server according to the first aspect.
According to the communication method, after the handshake signal of the vehicle-mounted T-BOX is received, the handshake signal carries the first CA certificate, and when the authentication failure database is matched with the first equipment information contained in the first CA certificate, the authentication failure times corresponding to the first equipment information are determined according to the authentication failure time record and the first preset duration. And when the authentication failure times are smaller than the failure time threshold value or the first equipment information is not matched in the authentication failure database, carrying out CA authentication according to the first CA certificate. And when the authentication failure times are larger than or equal to the failure time threshold, adding the current time as the authentication failure time of the first equipment information into an authentication failure database, and returning a handshake failure signal to the vehicle-mounted T-BOX. And when the CA authentication fails, adding the current moment as the authentication failure time of the first equipment information into an authentication failure database, and returning a handshake failure signal to the vehicle-mounted T-BOX. And when the CA authentication is determined to pass, sending a handshake success signal to the vehicle-mounted T-BOX so as to receive a data report message sent by the vehicle-mounted T-BOX after the handshake success, and processing the data report message, wherein the data report message comprises service data of the vehicle-mounted T-BOX and second equipment information. Therefore, in the embodiment of the invention, the first CA certificate included in the handshake signal is utilized to complete the authentication of the authentication failure times of the vehicle-mounted T-BOX and the dual authentication of the CA authentication, and the safety authentication efficiency of the vehicle-mounted T-BOX and the safety of data communication can be effectively improved.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments are briefly introduced below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without creative efforts.
Fig. 1 is a scene schematic diagram of a communication method between an on-vehicle T-BOX and a cloud server according to an embodiment of the present invention;
fig. 2 is a schematic flowchart of a communication method between an on-vehicle T-BOX and a cloud server according to an embodiment of the present invention;
fig. 3 is a schematic structural diagram of a cloud server according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a cloud server according to an embodiment of the present invention.
Detailed Description
The technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention.
It should be understood that the terms "first," "second," and the like in the description and claims of this application and in the drawings are used for distinguishing between different objects and not for describing a particular order. Furthermore, the terms "include" and "have," as well as any variations thereof, are intended to cover non-exclusive inclusions. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those steps or elements listed, but may alternatively include other steps or elements not listed, or inherent to such process, method, article, or apparatus.
Reference in the specification to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment can be included in at least one embodiment of the invention. The appearances of the phrase in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is explicitly and implicitly understood by the person skilled in the art that the described embodiments of the invention can be combined with other embodiments.
In the prior art, before reporting service data to a background server, a vehicle-mounted T-BOX terminal in a car networking system needs to perform a security verification process between the two terminals, and generally, security verification is performed through bidirectional CA authentication, which results in more time spent for security verification and low security verification efficiency of the vehicle-mounted T-BOX. In order to solve the technical problems, the application provides a communication method of the vehicle-mounted T-BOX and the cloud server, which can effectively improve the safety verification efficiency of the vehicle-mounted T-BOX and the data communication safety of the cloud server.
Referring to fig. 1, fig. 1 is a schematic scene diagram of a communication method between an on-vehicle T-BOX and a cloud server according to an embodiment of the present invention; in fig. 1, before reporting service data to the cloud server 102, the T-BOX terminal 101 mounted on the vehicle transmits a communication handshake signal to the cloud server 102, where the handshake signal includes a CA certificate of the T-BOX terminal 101, and the CA certificate includes first device information of the T-BOX terminal 101. After receiving the handshake signal, the cloud server 102 performs information matching according to the authentication failure database 103 to determine whether the first device information is matched, and the authentication failure database 103 stores a corresponding relationship between the device information of the vehicle-mounted T-BOX with which authentication fails and authentication failure time. And when the first equipment information is not matched, performing CA authentication. In another case, when the first device information is matched, assuming that the matched time is a, the authentication failure times of the first device information are further determined. The number of authentication failure times corresponding to the first device information within 5 minutes (the time length may be adjusted) before the time a in the authentication failure database 103 is determined, and the number is used as the number of authentication failure times. And when the authentication failure times are less than the set threshold value, the CA authentication is continued. And when the authentication failure times are greater than or equal to the threshold, adding the current time as the new authentication failure time of the first device information into the authentication failure database 103, and returning a handshake failure signal to the T-BOX terminal 101.
If the CA passes the authentication, the handshake is successful, a handshake success signal is returned to the T-BOX terminal 101, and at this time, the T-BOX terminal 101 is allowed to send a data report message to the cloud server 102. If the CA authentication fails, a handshake failure signal is returned to the T-BOX terminal 101, and the current time is used as the new authentication failure time of the first device information and is added to the authentication failure database 103.
Then, in order to further improve the security of data communication, after the cloud server 102 receives the data report message, second device information of the T-BOX terminal 101 is acquired from the message, and device authentication is performed on the T-BOX terminal 101 according to the first device information and the second device information, when the first device information and the second device information are consistent, it indicates that the device authentication is passed, and the cloud server 102 processes service data in the message. When the first equipment information is inconsistent with the second equipment information and the equipment authentication is not passed, filtering the data report message and not processing the data report message; and adds the first device information and the second device information to the authentication failure database 103, and adds the current time as the authentication failure time of each of the first device information and the second device information to the authentication failure database 103.
By the method, the double authentication of the authentication failure times authentication and the CA authentication of the vehicle-mounted T-BOX can be completed by using the communication handshake signals, and the safety authentication efficiency of the vehicle-mounted T-BOX and the safety of data communication can be effectively improved. Moreover, after the double authentication, an equipment authentication link is also set, and the data communication safety of the cloud server is further improved.
Please refer to fig. 2, which is a flowchart illustrating a communication method between a vehicle-mounted T-BOX and a cloud server according to an embodiment of the present invention; the method is applied to the cloud server, and the communication method of the vehicle-mounted T-BOX and the cloud server comprises the following steps:
step 201, receiving a handshake signal of the vehicle-mounted T-BOX, wherein the handshake signal comprises a first CA certificate of the vehicle-mounted T-BOX;
specifically, the cloud server receives a handshake signal sent by the vehicle-mounted T-BOX, wherein the handshake signal comprises a first CA certificate of the vehicle-mounted T-BOX.
Step 202, when determining that first equipment information contained in a first CA certificate is matched in an authentication failure database, acquiring the authentication failure times corresponding to the first equipment information within a first preset time before the current time according to an authentication failure time record of the authentication failure database, wherein the authentication failure database comprises the corresponding relation between the equipment information of a vehicle-mounted T-BOX and the authentication failure time;
specifically, an authentication failure database is arranged in the cloud server, wherein the database stores the device information of the vehicle-mounted T-BOX which fails in authentication every time and the corresponding authentication failure time. And the cloud server performs matching in the authentication failure database according to the first equipment information contained in the first CA certificate, and then determines the authentication failure times corresponding to the first equipment information when determining the record matched with the first equipment information. The method comprises the steps of determining a time point when first equipment information is matched in a database, determining the number of authentication failure times corresponding to the first equipment information in the database in a time period of a first preset time before the time point according to the time point, and taking the number as the authentication failure times corresponding to the first equipment information.
The specific value of the first preset time period can be set according to needs, such as 5 minutes, 10 minutes or 20 minutes. Assuming that the time point matched with the first device information is A, in 5 minutes before the time point A is determined in the authentication failure database, the number of authentication failure times corresponding to the first device information is used as the authentication failure times.
Step 203, determining that the authentication failure times are smaller than a failure time threshold, or when the first equipment information is not matched in the authentication failure database, performing CA authentication on the vehicle-mounted T-BOX according to the first CA certificate;
specifically, when the number of authentication failures of the first device information is less than the failure number threshold, then the CA authentication is performed on the in-vehicle T-BOX according to the first CA certificate. In addition, when the first device information is not matched in the authentication failure database, CA authentication is performed on the vehicle-mounted T-BOX according to the first CA certificate.
Step 204, when the authentication failure times are determined to be larger than or equal to the failure time threshold, adding the current time as the authentication failure time of the first equipment information into an authentication failure database, and returning a handshake failure signal to the vehicle-mounted T-BOX;
specifically, when the authentication failure times of the first device information are determined to be greater than or equal to the failure time threshold, the vehicle-mounted T-BOX corresponding to the first device information frequently requests to report data, the safety of the vehicle-mounted T-BOX is low, at the moment, the vehicle-mounted T-BOX is prohibited from reporting data, a handshake failure signal is returned to the vehicle-mounted T-BOX, and the current time (the time when the authentication failure times are determined to be greater than or equal to the failure time threshold) is taken as the new authentication failure time of the first device information and added to the authentication failure database. The specific size of the failure number threshold may be set according to actual needs, for example, 10 times, 20 times, or 50 times.
Step 205, when determining that the CA authentication fails, adding the current moment as the authentication failure time of the first device information into an authentication failure database, and returning a handshake failure signal to the vehicle-mounted T-BOX;
specifically, when the CA authentication fails, the CA certificate of the vehicle-mounted T-BOX is not trusted, the safety of the vehicle-mounted T-BOX cannot be guaranteed at the moment, the CA authentication fails, the moment when the CA authentication fails is determined to be the authentication failure time of the first equipment information and is added into an authentication failure database, a handshake failure signal is returned to the vehicle-mounted T-BOX, and the vehicle-mounted T-BOX is informed of the handshake interaction result.
Step 206, when the CA authentication is determined to pass, a handshake success signal is sent to the vehicle-mounted T-BOX;
specifically, when the CA passes the authentication, the cloud server sends a handshake success signal to the vehicle-mounted T-BOX, and the vehicle-mounted T-BOX is allowed to upload a data report message to the cloud server.
And step 207, receiving a data report message sent by the vehicle-mounted T-BOX after the handshake is successful, and processing the data report message, wherein the data report message comprises the service data of the vehicle-mounted T-BOX and the second equipment information.
Specifically, after receiving the handshake success signal, the vehicle-mounted T-BOX uploads a data report message to the cloud server, and the cloud server processes the message, wherein the data report message comprises service data of the vehicle-mounted T-BOX and second equipment information of the vehicle-mounted T-BOX. Herein, the service data reported by the cloud server by the vehicle-mounted T-BOX terminal may include a driving mileage, a vehicle water temperature, a remaining oil amount, a vehicle condition report, a driving report, an oil consumption statistic, a fault reminding, a violation query, a position track, a driving behavior, a safety anti-theft function, an appointment service, a remote vehicle finding, a monitoring central control warning, an airbag state and the like.
In the embodiment of the invention, the first CA certificate included in the handshake signal is utilized to complete the authentication of the authentication failure times of the vehicle-mounted T-BOX and the dual authentication of the CA authentication, thereby effectively improving the safety authentication efficiency of the vehicle-mounted T-BOX and the safety of data communication. When the authentication fails for the authentication times, the safety authentication process of the vehicle-mounted T-BOX is directly stopped, so that the authentication speed of the vehicle-mounted T-BOX is accelerated to a certain extent; and double safety certification is carried out on the vehicle-mounted T-BOX, so that the data communication safety performance of the cloud server is effectively improved.
In a possible embodiment, in step 207, the processing the data reporting packet includes:
step 2071, when the first device information and the second device information are determined to be inconsistent, filtering a data report message of the vehicle-mounted T-BOX, adding the first device information and the second device information to an authentication failure database, and adding the current time as the respective authentication failure time of the first device information and the second device information to the authentication failure database;
specifically, in the new equipment authentication link, whether second equipment information and first equipment information in a data report message are consistent or not is determined, when the second equipment information and the first equipment information are inconsistent, it is indicated that a CA certificate may be falsely used by the vehicle-mounted T-BOX, and the security cannot be guaranteed, at this time, the data report message is not continuously processed, the first equipment information and the second equipment information are added to an authentication failure database, and the time when the two pieces of equipment information are inconsistent is taken as the authentication failure time of the first equipment information and the second equipment information and is added to the authentication failure database.
And 2072, processing the service data of the vehicle T-BOX when the first device information is determined to be consistent with the second device information.
Specifically, when the first equipment information and the second equipment information are determined to be consistent, the service data of the vehicle-mounted T-BOX is continuously processed. Therefore, the risk that the vehicle-mounted T-BOX falsely reports data through the CA certificate without authorization is avoided, and the safety of cloud service can be effectively improved by combining the authentication failure times, the CA authentication and the equipment authentication.
In one possible embodiment, in step 203, the CA authentication may be a one-way authentication including:
step S11, performing one-way CA authentication according to a first trust certificate database and a first CA certificate, wherein the first trust certificate database comprises CA certificates of a plurality of vehicle-mounted T-BOX trusted by a cloud server;
specifically, a first trust certificate database is arranged in the cloud server, wherein CA certificates of the vehicle-mounted T-BOX trusted by the plurality of cloud servers are stored, and the CA certificates may be uploaded to the cloud server by a background worker in advance.
Step S21, when the first trust certificate database matches the first CA certificate, determining that the first CA certificate passes CA authentication;
specifically, matching is performed in the first trust certificate database according to the first CA certificate, and when the first CA certificate is matched, it is determined that the first CA certificate passes through the CA certificate. The CA certificate comprises the certificate valid date, the certificate serial number, the public key and the equipment information of the vehicle-mounted T-BOX, so that when the certificate is matched with the certificate valid date, the certificate serial number of the first CA certificate can be inquired to determine whether the first CA certificate exists in the first trust certificate database.
In step S31, when the first CA certificate is not matched in the first trust certificate database, it is determined that the first CA certificate is not authenticated by CA.
Specifically, when the first CA certificate is not matched in the first trust certificate database, it indicates that the first CA certificate is not authenticated by the CA.
The one-way CA authentication has the advantage of fast authentication speed, but the authentication reliability is low.
In another possible embodiment, in order to improve the reliability of the CA authentication, in step 203, the CA authentication is a bidirectional authentication including:
step S12, performing first one-way CA authentication according to a first trust certificate database and a first CA certificate to generate a first one-way CA authentication result, wherein the first trust certificate database comprises CA certificates of a plurality of vehicle-mounted T-BOX trusted by a cloud server;
specifically, the first unidirectional CA authentication may be performed according to the method from step S11 to step S31, and a first unidirectional CA authentication result is generated, which is not described again. When the authentication passes, the first one-way CA authentication result is that the one-way authentication passes; and when the authentication fails, the first one-way CA authentication result is that the one-way authentication fails. The first one-way CA authentication result may be represented by "0" and "1", where 0 represents non-authentication and 1 represents authentication. It can also be represented by "true" and "false", where true represents authenticated and false represents not authenticated.
Step S22, sending a second CA certificate of the cloud server to the vehicle-mounted T-BOX so that the vehicle-mounted T-BOX performs second one-way CA authentication on the cloud server according to the second CA certificate and a second trust certificate database to generate a second one-way CA authentication result, wherein the second trust certificate database comprises CA certificates of a plurality of cloud servers trusted by the vehicle-mounted T-BOX;
specifically, the cloud server sends a second CA certificate of the cloud server to the vehicle-mounted T-BOX, and the vehicle-mounted T-BOX conducts second one-way CA authentication according to the second CA certificate and a second trust certificate database so as to generate a second one-way CA authentication result. Similarly, a second trust certificate database is arranged on the vehicle-mounted T-BOX, the data stores a plurality of CA certificates of the cloud server trusted by the vehicle-mounted T-BOX, and the CA certificates can be stored in the vehicle-mounted T-BOX in advance before the vehicle is delivered out of the warehouse. And the second one-way CA authentication result may also be expressed by "0" and "1", or by "true" and "false".
Step S32, receiving a second one-way CA authentication result sent by the vehicle-mounted T-BOX;
specifically, the vehicle-mounted T-BOX returns the second one-way CA authentication result to the cloud server.
Step S42, when the first one-way CA authentication result and the second one-way CA authentication result both pass one-way authentication, determining that the first CA certificate passes two-way CA authentication;
specifically, the cloud server integrates the first one-way CA authentication result and the second one-way CA authentication result to determine a final result of the bidirectional CA authentication. And when the first one-way CA authentication result and the second one-way CA authentication result both pass one-way authentication, determining that the first CA certificate passes two-way CA authentication.
And step S52, when the first one-way CA authentication result and/or the second one-way CA authentication result is/are not passed the one-way authentication, determining that the first CA certificate is not passed the two-way CA authentication.
Specifically, when either or both of the first one-way CA authentication result and the second one-way CA authentication result are not authenticated, it is determined that the first CA certificate is not authenticated by the two-way CA.
In one possible embodiment, the authentication failure database stores the authentication failure time belonging to the same device information in the same folder according to the device information, and the name of the folder may be the device information, such as the device number. Therefore, when the authentication failure times are determined, the corresponding folder is determined according to the first device information, and then the number of the authentication failure times meeting the conditions in the folder is determined according to the first preset time length. The authentication failure time is stored in different folders, so that the speed of determining the authentication failure times is improved conveniently.
In one possible embodiment, the communication method of the vehicle-mounted T-BOX and the cloud server further comprises the following steps:
and deleting the record of the authentication failure time of which the time difference with the current time is greater than a second preset time length in the authentication failure database.
Specifically, a specific value of the second preset time period may be set as needed, for example, 1 hour, 12 hours, or 1 month. And deleting the data records of the authentication failure time, of which the time difference with the current time is greater than a second preset time length, in the authentication failure database, so as to reduce the size of the authentication failure database.
In one possible embodiment, the communication method of the vehicle-mounted T-BOX and the cloud server further comprises the following steps:
and before receiving a handshake signal of the vehicle-mounted T-BOX, sending a pre-configuration file to the vehicle-mounted T-BOX so that the vehicle-mounted T-BOX returns service data according to the pre-configuration file, wherein the pre-configuration file is used for appointing the service data uploaded by the vehicle-mounted T-BOX.
Specifically, the staff member can determine the specific information contained in the pre-configuration file according to the data processing requirement, for example, the service data needing to be uploaded by the vehicle-mounted T-BOX, such as water temperature, mileage and the like, is specified in the pre-configuration file. The pre-configuration file may also specify the data type and upload period of the onboard T-BOX upload data. For example, the business data is classified in advance, and can be divided into data that must be uploaded and data that can not be uploaded, such as the water temperature of the vehicle. And the upload period may be 1 time per month, or 1 time per week, or once per day. The staff can set in the pre-configuration file to determine the type of data to be uploaded and the uploading period. And the cloud server issues the pre-configuration file to the specified vehicle-mounted T-BOX so as to instruct the vehicle-mounted T-BOX to upload corresponding data, or upload specified data to the cloud server according to a specified period. By using the method of the embodiment of the invention, after the triple authentication is passed, the service data can be uploaded to the cloud server, and then the cloud server performs statistical processing and the like on the data.
Based on the description of the communication method embodiment of the vehicle-mounted T-BOX and the cloud server, the embodiment of the present invention further discloses a cloud server, and referring to fig. 3, fig. 3 is a schematic structural diagram of a cloud server provided in the embodiment of the present invention, where the cloud server 300 includes:
the receiving module 301 is configured to receive a handshake signal of the vehicle-mounted T-BOX, where the handshake signal includes a first CA certificate of the vehicle-mounted T-BOX;
an obtaining module 302, configured to obtain, when first device information included in a first CA certificate is determined to be matched in an authentication failure database, an authentication failure frequency corresponding to the first device information within a first preset time before a current time according to an authentication failure time record of the authentication failure database, where the authentication failure database includes a correspondence between device information of a vehicle-mounted T-BOX and the authentication failure time;
the first processing module 303 is configured to determine that the authentication failure number is smaller than a failure number threshold, or perform CA authentication on the vehicle-mounted T-BOX according to the first CA certificate when the first device information is not matched in the authentication failure database;
the second processing module 304 is configured to, when it is determined that the authentication failure number is greater than or equal to the failure number threshold, add the current time as authentication failure time of the first device information to the authentication failure database, and return a handshake failure signal to the on-vehicle T-BOX;
a third processing module 305, configured to add the current time as the authentication failure time of the first device information to the authentication failure database when determining that the CA authentication fails, and return a handshake failure signal to the on-board T-BOX;
the fourth processing module 306 is configured to send a handshake success signal to the vehicle-mounted T-BOX when it is determined that the CA authentication passes;
the receiving module 301 is further configured to receive a data report message sent by the vehicle-mounted T-BOX after the handshake is successful, where the data report message includes service data of the vehicle-mounted T-BOX and second device information;
a fifth processing module 307, configured to process the data reporting packet.
In one possible embodiment, the fifth processing module 307 comprises:
the first submodule is used for filtering a data reporting message of the vehicle-mounted T-BOX when the first equipment information is determined to be inconsistent with the second equipment information, adding the first equipment information and the second equipment information to an authentication failure database, and adding the current time as the respective authentication failure time of the first equipment information and the second equipment information to the authentication failure database;
and the second sub-module is used for processing the service data of the vehicle-mounted T-BOX when the first equipment information is determined to be consistent with the second equipment information.
In one possible embodiment, the first processing module 303 includes:
the third sub-module is used for performing one-way CA authentication according to the first trust certificate database and the first CA certificate, wherein the first trust certificate database comprises CA certificates of a plurality of vehicle-mounted T-BOX trusted by the cloud server; when the first CA certificate is matched in the first trust certificate database, determining that the first CA certificate passes CA authentication; when the first CA certificate is not matched in the first trust certificate database, it is determined that the first CA certificate is not authenticated by the CA.
In one possible embodiment, the first processing module 303 includes:
the fourth sub-module is used for performing first one-way CA authentication according to the first trust certificate database and the first CA certificate to generate a first one-way CA authentication result, wherein the first trust certificate database comprises CA certificates of a plurality of vehicle-mounted T-BOX trusted by the cloud server;
the fifth submodule is used for sending the second CA certificate of the cloud server to the vehicle-mounted T-BOX so that the vehicle-mounted T-BOX can perform second one-way CA authentication on the cloud server according to the second CA certificate and a second trust certificate database to generate a second one-way CA authentication result, and the second trust certificate database comprises CA certificates of a plurality of cloud servers trusted by the vehicle-mounted T-BOX;
the sixth submodule is used for receiving a second one-way CA authentication result sent by the vehicle-mounted T-BOX; when the first one-way CA authentication result and the second one-way CA authentication result both pass one-way authentication, determining that the first CA certificate passes two-way CA authentication; and when the first one-way CA authentication result and/or the second one-way CA authentication result is/are not passed through one-way authentication, determining that the first CA certificate is not passed through two-way CA authentication.
In one possible embodiment, the cloud server 300 further includes:
and the deleting module is used for deleting the record of the authentication failure time of which the time difference with the current time is greater than a second preset time length in the authentication failure database.
In one possible embodiment, the cloud server 300 further includes:
and the sending module is used for sending a pre-configuration file to the vehicle-mounted T-BOX before receiving the handshake signal of the vehicle-mounted T-BOX so as to ensure that the vehicle-mounted T-BOX determines the service data according to the pre-configuration file when sending the data report message, and the pre-configuration file is used for appointing the service data uploaded by the vehicle-mounted T-BOX.
It is to be noted that, for a specific implementation manner of the function of the cloud server 300, reference may be made to the above description of the communication method between the vehicle-mounted T-BOX and the cloud server, and details are not repeated here. Each unit or module in the cloud server may be respectively or completely combined into one or several other units or modules to form the cloud server, or some unit(s) or module(s) thereof may be further split into multiple functionally smaller units or modules to form the cloud server, which may implement the same operation without affecting implementation of technical effects of embodiments of the present invention. The above units or modules are divided based on logic functions, and in practical applications, the functions of one unit (or module) may also be implemented by a plurality of units (or modules), or the functions of a plurality of units (or modules) may be implemented by one unit (or module).
Based on the description of the method embodiment and the device embodiment, the embodiment of the invention also provides a cloud server.
Fig. 4 is a schematic structural diagram of a cloud server according to an embodiment of the present invention. The cloud server 400 may include: the processor 401, the network interface 404 and the memory 405, and the cloud server 400 may further include: a user interface 403, and at least one communication bus 402. Wherein a communication bus 402 is used to enable connective communication between these components. The user interface 403 may include a Display (Display) and a Keyboard (Keyboard), and the selectable user interface 403 may also include a standard wired interface and a standard wireless interface. The network interface 404 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 405 may be a high-speed RAM memory or a non-volatile memory (e.g., at least one disk memory). The memory 405 may alternatively be at least one storage device located remotely from the aforementioned processor 401. As shown in fig. 4, the memory 405, which is a type of computer storage medium, may include therein an operating system, a network communication module, a user interface module, and a device control application program.
In the cloud server 400 shown in fig. 4, the network interface 404 may provide a network communication function; and the user interface 403 is primarily an interface for providing input to a user; and processor 401 may be configured to invoke a device control application stored in memory 405 to implement the above-described method of communication between the on-board T-BOX and the cloud server.
It should be understood that the cloud server 400 described in the embodiment of the present invention may perform the foregoing communication method between the vehicle-mounted T-BOX and the cloud server, and details are not described herein. In addition, the beneficial effects of the same method are not described in detail.
Further, here, it is to be noted that: an embodiment of the present invention further provides a computer storage medium, and the computer program includes program instructions, and when the processor executes the program instructions, the foregoing description of the communication method between the vehicle-mounted T-BOX and the cloud server can be executed, and therefore, details will not be repeated here. In addition, the beneficial effects of the same method are not described in detail. For technical details not disclosed in the embodiments of the computer storage medium to which the present invention relates, reference is made to the description of the method embodiments of the present invention.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by hardware related to instructions of a computer program, which can be stored in a computer-readable storage medium, and when executed, the processes of the embodiments of the methods described above can be included. The storage medium may be a magnetic disk, an optical disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), or the like.
The above disclosure is only for the purpose of illustrating the preferred embodiments of the present invention, and it is therefore to be understood that the invention is not limited by the scope of the appended claims.

Claims (10)

1. A communication method of an on-vehicle T-BOX and a cloud server is applied to the cloud server, and the method comprises the following steps:
receiving a handshake signal of an onboard T-BOX, wherein the handshake signal comprises a first CA certificate of the onboard T-BOX;
when first equipment information contained in the first CA certificate is determined to be matched in an authentication failure database, acquiring authentication failure times corresponding to the first equipment information within a first preset time before the current time according to an authentication failure time record of the authentication failure database, wherein the authentication failure database comprises a corresponding relation between the equipment information of a vehicle-mounted T-BOX and the authentication failure time;
determining that the authentication failure times are smaller than a failure time threshold, or when the first equipment information is not matched in the authentication failure database, performing CA authentication on the vehicle-mounted T-BOX according to the first CA certificate;
when the authentication failure times are determined to be larger than or equal to the failure time threshold, adding the current time as the authentication failure time of the first equipment information into the authentication failure database, and returning a handshake failure signal to the vehicle-mounted T-BOX;
when CA authentication is determined not to pass, adding the current moment as authentication failure time of the first equipment information into the authentication failure database, and returning a handshake failure signal to the vehicle-mounted T-BOX;
when CA authentication is determined to pass, a handshake success signal is sent to the vehicle-mounted T-BOX;
and receiving a data report message sent by the vehicle-mounted T-BOX after the vehicle-mounted T-BOX successfully grips, and processing the data report message, wherein the data report message comprises service data of the vehicle-mounted T-BOX and second equipment information.
2. The method of claim 1, wherein the processing the data reporting packet comprises:
when the first equipment information and the second equipment information are determined to be inconsistent, filtering a data report message of the vehicle-mounted T-BOX, adding the first equipment information and the second equipment information to the authentication failure database, and adding the current time as the authentication failure time of the first equipment information and the authentication failure time of the second equipment information to the authentication failure database;
and processing the service data of the vehicle-mounted T-BOX when the first equipment information is determined to be consistent with the second equipment information.
3. The method according to claim 1 or 2, wherein the CA authentication comprises:
performing one-way CA authentication according to a first trust certificate database and the first CA certificate, wherein the first trust certificate database comprises CA certificates of a plurality of vehicle-mounted T-BOX trusted by the cloud server;
when a first CA certificate is matched in the first trust certificate database, determining that the first CA certificate passes CA authentication;
determining that the first CA certificate is not CA-authenticated when the first CA certificate is not matched in the first trust certificate database.
4. The method according to claim 1 or 2, wherein the CA authentication comprises:
performing a first one-way CA authentication according to a first trust certificate database and the first CA certificate to generate a first one-way CA authentication result, wherein the first trust certificate database comprises CA certificates of a plurality of vehicle-mounted T-BOX trusted by the cloud server;
sending a second CA certificate of the cloud server to the vehicle-mounted T-BOX so that the vehicle-mounted T-BOX performs second one-way CA authentication on the cloud server according to the second CA certificate and a second trust certificate database to generate a second one-way CA authentication result, wherein the second trust certificate database comprises CA certificates of a plurality of cloud servers trusted by the vehicle-mounted T-BOX;
receiving the second one-way CA authentication result sent by the vehicle-mounted T-BOX;
when the first one-way CA authentication result and the second one-way CA authentication result both pass one-way authentication, determining that the first CA certificate passes two-way CA authentication;
and when the first one-way CA authentication result and/or the second one-way CA authentication result is/are not passed through one-way authentication, determining that the first CA certificate is not passed through two-way CA authentication.
5. The method according to claim 1 or 2, characterized in that the method further comprises:
and deleting the record of the authentication failure time of which the time difference with the current time is greater than a second preset time length in the authentication failure database.
6. The method according to claim 1 or 2, characterized in that the method further comprises:
before receiving a handshake signal of the vehicle-mounted T-BOX, sending a pre-configuration file to the vehicle-mounted T-BOX, so that when the vehicle-mounted T-BOX sends the data report message, the service data is determined according to the pre-configuration file, and the pre-configuration file is used for appointing the service data uploaded by the vehicle-mounted T-BOX.
7. A cloud server, comprising:
the receiving module is used for receiving a handshake signal of the vehicle-mounted T-BOX, wherein the handshake signal comprises a first CA certificate of the vehicle-mounted T-BOX;
the acquisition module is used for acquiring the authentication failure times corresponding to the first equipment information within a first preset time before the current time according to the authentication failure time record of the authentication failure database when the first equipment information contained in the first CA certificate is matched in the authentication failure database, wherein the authentication failure database comprises the corresponding relation between the equipment information of the vehicle-mounted T-BOX and the authentication failure time;
the first processing module is used for determining that the authentication failure times are smaller than a failure time threshold value, or carrying out CA authentication on the vehicle-mounted T-BOX according to the first CA certificate when the first equipment information is not matched in the authentication failure database;
the second processing module is used for adding the current moment as the authentication failure time of the first equipment information into the authentication failure database and returning a handshake failure signal to the vehicle-mounted T-BOX when the authentication failure times are determined to be larger than or equal to the failure times threshold;
the third processing module is used for adding the current moment as the authentication failure time of the first equipment information into the authentication failure database when the CA authentication is determined not to pass, and returning a handshake failure signal to the vehicle-mounted T-BOX;
the fourth processing module is used for sending a handshake success signal to the vehicle-mounted T-BOX when the CA authentication is determined to pass;
the receiving module is further configured to receive a data reporting message sent by the vehicle-mounted T-BOX after the handshake is successful, where the data reporting message includes service data of the vehicle-mounted T-BOX and second device information;
and the fifth processing module is used for processing the data reporting message.
8. The cloud server of claim 7, wherein the fifth processing module comprises:
a first sub-module, configured to filter a data report packet of the on-vehicle T-BOX when it is determined that the first device information and the second device information are inconsistent, add the first device information and the second device information to the authentication failure database, and add a current time to the authentication failure database as authentication failure time of each of the first device information and the second device information;
and the second sub-module is used for processing the service data of the vehicle-mounted T-BOX when the first equipment information is determined to be consistent with the second equipment information.
9. A cloud server, comprising: a processor and a memory;
the processor is connected with the memory, wherein the memory is used for storing program codes, and the processor is used for calling the program codes to execute the communication method of the vehicle-mounted T-BOX and the cloud server as claimed in any one of claims 1-6.
10. A computer storage medium characterized in that it stores a computer program comprising program instructions which, when executed by a processor, perform the communication method of the in-vehicle T-BOX and the cloud server as recited in any one of claims 1 to 6.
CN202010881930.8A 2020-08-27 2020-08-27 Communication method of vehicle-mounted T-BOX and cloud server and related equipment Active CN112003867B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010881930.8A CN112003867B (en) 2020-08-27 2020-08-27 Communication method of vehicle-mounted T-BOX and cloud server and related equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010881930.8A CN112003867B (en) 2020-08-27 2020-08-27 Communication method of vehicle-mounted T-BOX and cloud server and related equipment

Publications (2)

Publication Number Publication Date
CN112003867A true CN112003867A (en) 2020-11-27
CN112003867B CN112003867B (en) 2022-05-27

Family

ID=73471259

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010881930.8A Active CN112003867B (en) 2020-08-27 2020-08-27 Communication method of vehicle-mounted T-BOX and cloud server and related equipment

Country Status (1)

Country Link
CN (1) CN112003867B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115189925A (en) * 2022-06-22 2022-10-14 一汽奔腾轿车有限公司 OTA secure communication method based on TLS bidirectional authentication

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103745347A (en) * 2013-12-27 2014-04-23 厦门盛华电子科技有限公司 Mobile payment method between two mobile terminals on basis of digital certificate SIM (Subscriber Identity Module) cards
CN104168269A (en) * 2014-07-24 2014-11-26 深圳市腾讯计算机系统有限公司 Secure connection establishing method, apparatus and system
CN106254373A (en) * 2016-08-31 2016-12-21 北京信安世纪科技有限公司 Digital certificate synchronous method, digital signature server and digital certificate synchronize system
US20180260822A1 (en) * 2016-03-09 2018-09-13 Mark A. Wells METHOD AND SYSTEM FOR AUDITING AND VERIFYING VEHICLE IDENTIFICATION NUMBERS (VINs) WITH AUDIT FRAUD DETECTION
CN109727358A (en) * 2019-02-21 2019-05-07 深圳四海万联科技有限公司 Vehicle share system based on bluetooth key
CN110891257A (en) * 2019-11-26 2020-03-17 成都信息工程大学 Internet vehicle remote upgrading system and method with anti-attack bidirectional authentication

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103745347A (en) * 2013-12-27 2014-04-23 厦门盛华电子科技有限公司 Mobile payment method between two mobile terminals on basis of digital certificate SIM (Subscriber Identity Module) cards
CN104168269A (en) * 2014-07-24 2014-11-26 深圳市腾讯计算机系统有限公司 Secure connection establishing method, apparatus and system
US20180260822A1 (en) * 2016-03-09 2018-09-13 Mark A. Wells METHOD AND SYSTEM FOR AUDITING AND VERIFYING VEHICLE IDENTIFICATION NUMBERS (VINs) WITH AUDIT FRAUD DETECTION
CN106254373A (en) * 2016-08-31 2016-12-21 北京信安世纪科技有限公司 Digital certificate synchronous method, digital signature server and digital certificate synchronize system
CN109727358A (en) * 2019-02-21 2019-05-07 深圳四海万联科技有限公司 Vehicle share system based on bluetooth key
CN110891257A (en) * 2019-11-26 2020-03-17 成都信息工程大学 Internet vehicle remote upgrading system and method with anti-attack bidirectional authentication

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
康雅萍: "《移动终端数据资产安全管理系统的研究与实现》", 《信息通信》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115189925A (en) * 2022-06-22 2022-10-14 一汽奔腾轿车有限公司 OTA secure communication method based on TLS bidirectional authentication

Also Published As

Publication number Publication date
CN112003867B (en) 2022-05-27

Similar Documents

Publication Publication Date Title
CN110111472B (en) Vehicle key control method and device
CN111061499B (en) ECU updating method and system based on file system
US7917253B2 (en) Method for making vehicle-related data available to an authorized third party
US8050811B2 (en) Method for controlling the distribution of vehicle-related data
CN108701039B (en) Method and device for wirelessly updating software of vehicle
US20160087804A1 (en) Method and system for issuing csr certificate for vehicle-to-anything communication
US9762470B2 (en) Determining performance criteria of a vehicle communication network connection
US10083548B2 (en) Appliance diagnostic information via a wireless communication link
US9179311B2 (en) Securing vehicle service tool data communications
CN111882008A (en) Method and system for binding vehicle with Internet of vehicles account
Buquerin et al. A generalized approach to automotive forensics
CN110830491A (en) Internet of vehicles information acquisition method and device
CN112566061B (en) Internet of vehicles data transmission method and system and vehicle service cloud
CN114553933B (en) Control authority taking over method, device and system for unmanned vehicle
CN112003867B (en) Communication method of vehicle-mounted T-BOX and cloud server and related equipment
CN105005539A (en) Authenticating data at a microcontroller using message authentication codes
CN113795008B (en) V2X signature verification method and device, electronic equipment and readable storage medium
US20220050925A1 (en) Automotive data sharing and consent management platform
CN111653008B (en) Intelligent networking automobile identity information configuration and use method
CN110874738A (en) Method and device for collecting and processing traffic violation information of intelligent traffic control and intelligent traffic control
CN110798320B (en) Vehicle information sharing method and device and vehicle-mounted equipment
CN114844624A (en) Secure transmission of commands to a vehicle during assembly
CN113806131A (en) Access control method and device for fault code library, electronic equipment and storage medium
CN114726505B (en) Vehicle remote security authentication method and device, storage medium and terminal equipment
EP4354910A1 (en) Vehicle-to-x-based data processing method and apparatus, and vehicle-to-x-based certificate application method and apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
CB02 Change of applicant information

Address after: 201821 room 208, building 4, No. 1411, Yecheng Road, Jiading Industrial Zone, Jiading District, Shanghai

Applicant after: Botai vehicle networking technology (Shanghai) Co.,Ltd.

Address before: Room 208, building 4, 1411 Yecheng Road, Jiading Industrial Zone, Jiading District, Shanghai, 201800

Applicant before: SHANGHAI PATEO ELECTRONIC EQUIPMENT MANUFACTURING Co.,Ltd.

CB02 Change of applicant information
GR01 Patent grant
GR01 Patent grant
CP03 Change of name, title or address

Address after: Room 3701, No. 866 East Changzhi Road, Hongkou District, Shanghai, 200000

Patentee after: Botai vehicle networking technology (Shanghai) Co.,Ltd.

Country or region after: China

Address before: 201821 room 208, building 4, No. 1411, Yecheng Road, Jiading Industrial Zone, Jiading District, Shanghai

Patentee before: Botai vehicle networking technology (Shanghai) Co.,Ltd.

Country or region before: China