CN116738388A - Development mode authority authentication method, computer-readable storage medium, and electronic device - Google Patents

Development mode authority authentication method, computer-readable storage medium, and electronic device Download PDF

Info

Publication number
CN116738388A
CN116738388A CN202310592591.5A CN202310592591A CN116738388A CN 116738388 A CN116738388 A CN 116738388A CN 202310592591 A CN202310592591 A CN 202310592591A CN 116738388 A CN116738388 A CN 116738388A
Authority
CN
China
Prior art keywords
authentication
scene
information
development mode
identification information
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310592591.5A
Other languages
Chinese (zh)
Inventor
赵豪
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Weilai Software Technology Shanghai Co ltd
Original Assignee
Weilai Software Technology Shanghai Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Weilai Software Technology Shanghai Co ltd filed Critical Weilai Software Technology Shanghai Co ltd
Priority to CN202310592591.5A priority Critical patent/CN116738388A/en
Publication of CN116738388A publication Critical patent/CN116738388A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to the technical field of computers, in particular to a development mode authority authentication method, a computer readable storage medium and electronic equipment, and aims to solve the problems that the safety of the existing development mode authority authentication is low, and the existing development mode authority authentication is not convenient and intelligent enough. For this purpose, the development mode authority authentication method of the present invention includes: generating scene identity information by the scene authentication equipment at least based on the identification information of the scene equipment and broadcasting the scene identity information; the intelligent cabin acquires scene identity information and forwards the scene identity information to the authentication server, the authentication server performs scene identity authentication based on the scene identity information and sends development mode authority authentication feedback information to the intelligent cabin, so that the intelligent cabin grants development mode authority to a target scene based on the development mode authority authentication feedback information. By performing the development mode authority authentication based on the scene identity information, the security of the development mode access is improved, and the development mode authority corresponding to the target scene can be intelligently and conveniently granted.

Description

Development mode authority authentication method, computer-readable storage medium, and electronic device
Technical Field
The invention relates to the technical field of computers, and particularly provides a development mode authority authentication method, a computer readable storage medium and electronic equipment.
Background
With the rapid development of intelligent network-connected automobiles, the intelligent cabin becomes an important bearing for the intellectualization of automobiles. With the rapid development of intelligent cabin technology and product capability, information security and privacy protection of intelligent cabins are also receiving increasing attention.
In conventional approaches, the development mode of the intelligent cockpit, such as engineering mode or debug mode, typically does not have a universal reliable access authentication approach. This is mainly achieved by some special interactions, such as clicking on components of some user interface in succession, or by some menu opening hidden in a relatively deep way. On one hand, the security of access authentication is low, and on the other hand, specific development mode authorities cannot be allocated according to scene identities, so that the method is not convenient and intelligent.
Disclosure of Invention
The invention aims to solve the technical problems that the security of the authority authentication of the existing development mode is low, and the existing development mode is not convenient and intelligent enough.
In a first aspect, the present invention provides a development mode authority authentication method applied to a scene authentication device, the method comprising:
Generating scene identity information based at least on the identification information of the scene authentication device;
broadcasting the scene identity information.
In some embodiments, the method further comprises:
in the initialization stage, a pair of public key and private key is generated;
and sending the public key and the identification information to an authentication server.
In some embodiments, the generating scene identity information based at least on the identification information of the scene authentication device includes:
the scene identity information is generated based on the private key and the identification information or based on the private key, the identification information and the signature time.
In some embodiments, generating the scene identity information based on the private key and the identification information comprises:
signing the identification information by using the private key to obtain signature information;
obtaining the scene identity information based on the signature information and the identification information;
or alternatively, the process may be performed,
generating the scene identity information based on the private key, the identification information, and the signature time includes:
signing the identification information and the signature time by using the private key to obtain signature information;
and obtaining the scene identity information based on the signature information, the identification information and the signature time.
In a second aspect, the present invention provides a development mode authority authentication method applied to an intelligent cockpit, the method comprising:
when the target scene is located, acquiring scene identity information; the scene identity information is generated by scene authentication equipment corresponding to the target scene, and at least comprises identification information of the scene authentication equipment;
transmitting the scene identity information to an authentication server;
and receiving development mode authority authentication feedback information fed back by the authentication server, and granting development mode authority to the target scene based on the development mode authority authentication feedback information.
In some embodiments, the scene identity information includes signature information and the identification information, the signature information is obtained by the scene authentication device signing the identification information with a private key; or alternatively, the process may be performed,
the scene identity information comprises signature information, the identification information and signature time, and the signature information is obtained by signing the identification information and the signature time by using a private key through the scene authentication equipment.
In some embodiments, when the scene identity information includes signature information, the identification information, and signature time, before the sending the scene identity information to the authentication server, the method further includes:
Judging whether the time difference between the current time and the signature time exceeds a preset threshold value or not;
if not, the step of sending the scene identity information to an authentication server is executed.
In some embodiments, the development mode authority authentication feedback information includes a scene identity authentication result, a development mode type, and a function corresponding to the development mode type;
granting development mode rights to the target scene based on the development mode rights authentication feedback information, including:
and when the scene identity authentication result is passed, granting the opening authority of the development mode type and the operation authority of the function corresponding to the development mode type to the target scene.
In some embodiments, after the granting of the development mode authority to the target scene based on the development mode authority authentication feedback information, the method further comprises:
receiving an opening application of a user to a target development mode type, wherein the opening application comprises user identity information;
transmitting the user identity information to the authentication server;
and receiving a user identity authentication result fed back by the authentication server, and selectively starting the target development mode type based on the user identity authentication result.
In some embodiments, after the sending the user identity information to the authentication server and before receiving the user identity authentication result fed back by the authentication server, the method further includes:
receiving at least one user identity authentication mode to be selected, which is sent by the authentication server;
and determining a target user identity authentication mode from the at least one user identity authentication mode to be selected according to a user instruction and sending the target user identity authentication mode to the authentication server.
In some embodiments, after the granting of the development mode authority to the target scene based on the development mode authority authentication feedback information, the method further comprises:
responding to a call request of a user for a target function in a development mode type, and signing the call request through a safety interface; the call request comprises call parameters and identification information of the development mode type;
taking the call request and a signature corresponding to the call request as a call request to be authenticated, and sending the call request to be authenticated to the authentication server;
and receiving a call request authentication result fed back by the authentication server, and selectively calling the target function based on the call request authentication result.
In a third aspect, the present invention provides a development mode authority authentication method applied to an authentication server, the method comprising:
acquiring scene identity information sent by an intelligent cabin, wherein the scene identity information is generated by scene authentication equipment corresponding to a target scene where the intelligent cabin is located, and the scene identity information at least comprises identification information of the scene authentication equipment;
performing scene identity authentication based on the scene identity information;
and when the scene identity authentication result is passing, determining a development mode type authorized for the target scene and a function corresponding to the development mode type, and sending development mode authority authentication feedback information to the intelligent cabin based on the scene identity authentication result, the development mode type and the function corresponding to the development mode type.
In some embodiments, the scene identity information includes signature information and the identification information, the signature information is obtained by the scene authentication device signing the identification information with a private key; or alternatively, the process may be performed,
the scene identity information comprises signature information, the identification information and signature time, and the signature information is obtained by signing the identification information and the signature time by using a private key through the scene authentication equipment.
In some embodiments, before the scene identity authentication based on the scene identity information, the method further includes:
obtaining a public key and identification information generated by the scene authentication equipment in an initialization stage and storing the public key and the identification information;
determining a target public key corresponding to the scene identity information based on the identification information;
the scene identity authentication based on the scene identity information comprises the following steps:
and performing scene identity authentication based on the target public key and the scene identity information.
In some embodiments, after sending development mode authority authentication feedback information to the intelligent cabin based on the scene identity authentication result, the development mode type, and the function corresponding to the development mode type, the method further includes:
receiving user identity information sent by an intelligent cabin;
authenticating the user identity information by adopting a target user identity authentication mode;
and feeding back the user identity authentication result to the intelligent cabin.
In some embodiments, after receiving the user identity information sent by the intelligent cabin and before authenticating the user identity information using the target user identity authentication mode, the method further comprises:
Sending at least one user identity authentication mode to be selected to the intelligent cabin according to the user identity information;
and receiving the target user identity authentication mode fed back by the intelligent cabin, wherein the target user identity authentication mode is determined from the at least one user identity authentication mode to be selected by the intelligent cabin according to a user instruction.
In some embodiments, after sending development mode authority authentication feedback information to the intelligent cabin based on the authentication result, the development mode type, and the function corresponding to the development mode type, the method further includes:
receiving a call request to be authenticated sent by an intelligent cabin, wherein the call request to be authenticated comprises a call request and a signature corresponding to the call request, and the call request at least comprises a call parameter;
authenticating the call request to be authenticated;
and feeding back the authentication result of the calling request to the intelligent cabin.
In a fourth aspect, the present invention provides a computer-readable storage medium, in which a computer program is stored, the computer program, when executed by a processor, implementing a development mode authority authentication method for use in a scene authentication device as set forth in any one of the above, or implementing a development mode authority authentication method for use in an intelligent cockpit as set forth in any one of the above, or implementing a development mode authority authentication method for use in an authentication server as set forth in any one of the above.
In a fifth aspect, the present invention provides an electronic device comprising:
at least one processor;
and a memory communicatively coupled to the at least one processor;
the memory stores a computer program, and when the computer program is executed by the at least one processor, the method for authenticating the development mode authority applied to the scene authentication device is realized, or the method for authenticating the development mode authority applied to the intelligent cabin is realized, or the method for authenticating the development mode authority applied to the authentication server is realized.
Scheme 1. A development mode authority authentication method, characterized in that it is applied to scene authentication equipment, the method comprises:
generating scene identity information based at least on the identification information of the scene authentication device;
broadcasting the scene identity information.
The method according to scheme 1, further comprising:
in the initialization stage, a pair of public key and private key is generated;
and sending the public key and the identification information to an authentication server.
The method according to claim 1 or 2, wherein generating scene identity information based at least on the identification information of the scene authentication device comprises:
The scene identity information is generated based on the private key and the identification information or based on the private key, the identification information and the signature time.
The method of claim 3, wherein generating the scene identity information based on the private key and the identification information comprises:
signing the identification information by using the private key to obtain signature information;
obtaining the scene identity information based on the signature information and the identification information;
or alternatively, the process may be performed,
generating the scene identity information based on the private key, the identification information, and the signature time includes:
signing the identification information and the signature time by using the private key to obtain signature information;
and obtaining the scene identity information based on the signature information, the identification information and the signature time.
Scheme 5. A development mode authority authentication method, characterized in that it is applied to the intelligent cabin, the method includes:
when the target scene is located, acquiring scene identity information; the scene identity information is generated by scene authentication equipment corresponding to the target scene, and at least comprises identification information of the scene authentication equipment;
Transmitting the scene identity information to an authentication server;
and receiving development mode authority authentication feedback information fed back by the authentication server, and granting development mode authority to the target scene based on the development mode authority authentication feedback information.
The method according to the scheme 5, wherein the scene identity information comprises signature information and the identification information, and the signature information is obtained by signing the identification information by the scene authentication device by using a private key; or alternatively, the process may be performed,
the scene identity information comprises signature information, the identification information and signature time, and the signature information is obtained by signing the identification information and the signature time by using a private key through the scene authentication equipment.
The method according to claim 6, wherein when the scene identity information includes signature information, the identification information, and signature time, before the scene identity information is sent to the authentication server, the method further includes:
judging whether the time difference between the current time and the signature time exceeds a preset threshold value or not;
if not, the step of sending the scene identity information to an authentication server is executed.
The method according to the scheme 5, wherein the development mode authority authentication feedback information includes a scene identity authentication result, a development mode type, and a function corresponding to the development mode type;
granting development mode rights to the target scene based on the development mode rights authentication feedback information, including:
and when the scene identity authentication result is passed, granting the opening authority of the development mode type and the operation authority of the function corresponding to the development mode type to the target scene.
The method according to claim 5, wherein after the granting of the development mode authority to the target scene based on the development mode authority authentication feedback information, the method further comprises:
receiving an opening application of a user to a target development mode type, wherein the opening application comprises user identity information;
transmitting the user identity information to the authentication server;
and receiving a user identity authentication result fed back by the authentication server, and selectively starting the target development mode type based on the user identity authentication result.
A method according to claim 9, wherein after the user identity information is sent to the authentication server and before the user identity authentication result fed back by the authentication server is received, the method further comprises:
Receiving at least one user identity authentication mode to be selected, which is sent by the authentication server;
and determining a target user identity authentication mode from the at least one user identity authentication mode to be selected according to a user instruction and sending the target user identity authentication mode to the authentication server.
The method according to claim 5, wherein after the granting of the development mode authority to the target scene based on the development mode authority authentication feedback information, the method further comprises:
responding to a call request of a user for a target function in a development mode type, and signing the call request through a safety interface; the call request comprises call parameters and identification information of the development mode type;
taking the call request and a signature corresponding to the call request as a call request to be authenticated, and sending the call request to be authenticated to the authentication server;
and receiving a call request authentication result fed back by the authentication server, and selectively calling the target function based on the call request authentication result.
Scheme 12. A development mode rights authentication method, characterized in that it is applied to an authentication server, the method comprising:
Acquiring scene identity information sent by an intelligent cabin, wherein the scene identity information is generated by scene authentication equipment corresponding to a target scene where the intelligent cabin is located, and the scene identity information at least comprises identification information of the scene authentication equipment;
performing scene identity authentication based on the scene identity information;
and when the scene identity authentication result is passing, determining a development mode type authorized for the target scene and a function corresponding to the development mode type, and sending development mode authority authentication feedback information to the intelligent cabin based on the scene identity authentication result, the development mode type and the function corresponding to the development mode type.
The method according to claim 12, wherein the scene identity information includes signature information and the identification information, the signature information being obtained by the scene authentication device signing the identification information with a private key; or alternatively, the process may be performed,
the scene identity information comprises signature information, the identification information and signature time, and the signature information is obtained by signing the identification information and the signature time by using a private key through the scene authentication equipment.
The method according to claim 13, wherein before the scene identity authentication based on the scene identity information, the method further comprises:
obtaining a public key and identification information generated by the scene authentication equipment in an initialization stage and storing the public key and the identification information;
determining a target public key corresponding to the scene identity information based on the identification information;
the scene identity authentication based on the scene identity information comprises the following steps:
and performing scene identity authentication based on the target public key and the scene identity information.
The method according to claim 12, wherein after sending development mode authority authentication feedback information to the intelligent cabin based on the scene identity authentication result, the development mode type, and the function corresponding to the development mode type, the method further comprises:
receiving user identity information sent by an intelligent cabin;
authenticating the user identity information by adopting a target user identity authentication mode;
and feeding back the user identity authentication result to the intelligent cabin.
The method according to claim 15, wherein after receiving the user identity information sent by the intelligent cockpit and before authenticating the user identity information using the target user identity authentication mode, the method further comprises:
Sending at least one user identity authentication mode to be selected to the intelligent cabin according to the user identity information;
and receiving the target user identity authentication mode fed back by the intelligent cabin, wherein the target user identity authentication mode is determined from the at least one user identity authentication mode to be selected by the intelligent cabin according to a user instruction.
The method according to claim 12, wherein after sending development mode authority authentication feedback information to the intelligent cockpit based on the authentication result, the development mode type, and the function corresponding to the development mode type, the method further comprises:
receiving a call request to be authenticated sent by an intelligent cabin, wherein the call request to be authenticated comprises a call request and a signature corresponding to the call request, and the call request at least comprises a call parameter;
authenticating the call request to be authenticated;
and feeding back the authentication result of the calling request to the intelligent cabin.
A computer-readable storage medium, wherein a computer program is stored in the computer-readable storage medium, and the computer program when executed by a processor implements the method for authenticating development mode authority applied to a scene authentication device according to any one of claims 1 to 4, or implements the method for authenticating development mode authority applied to a smart cockpit according to any one of claims 5 to 11, or implements the method for authenticating development mode authority applied to an authentication server according to any one of claims 12 to 17.
An electronic device according to claim 19, comprising:
at least one processor;
and a memory communicatively coupled to the at least one processor;
wherein the memory stores a computer program which, when executed by the at least one processor, implements the method for authenticating development mode rights applied to a scene authentication device of any one of claims 1 to 4, or implements the method for authenticating development mode rights applied to a smart cockpit of any one of claims 5 to 11, or implements the method for authenticating development mode rights applied to an authentication server of any one of claims 12 to 17.
Under the condition of adopting the technical scheme, the scene identification information can be generated and broadcast by the scene authentication equipment at least based on the identification information of the scene equipment; when the intelligent cabin is in the target scene, scene identity information can be acquired and forwarded to the authentication server, the authentication server performs scene identity authentication based on the scene identity information, determines a development mode type and a corresponding function authorized for the target scene when authentication is passed, and sends development mode authority authentication feedback information to the intelligent cabin based on an authentication result, the development mode type and the function, so that the intelligent cabin grants development mode authority to the target scene based on the development mode authority authentication feedback information. The development mode authority authentication is performed based on the scene identity information, so that the safety of the access to the development mode is improved, the information safety is ensured, in addition, the development mode authority corresponding to the target scene can be intelligently and conveniently granted, the user operation is avoided, and the user experience is improved.
Drawings
Preferred embodiments of the present invention are described below with reference to the accompanying drawings, in which:
fig. 1 is a schematic flow chart of a development mode authority authentication method applied to scene authentication equipment according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a development mode authority authentication method applied to an intelligent cabin according to an embodiment of the present invention;
FIG. 3 is a flowchart of a development mode authority authentication method applied to an intelligent cabin according to another embodiment of the present invention;
fig. 4 is a schematic flow chart of a development mode authority authentication method applied to an authentication server according to an embodiment of the present invention;
fig. 5 is a flowchart of a target public key determining method applied to an authentication server according to an embodiment of the present invention;
FIG. 6 is a schematic flow chart of a development mode authority authentication method applied to an intelligent cabin and an authentication server according to an embodiment of the invention;
FIG. 7 is a schematic flow diagram of a development mode authority authentication method applied to an intelligent cabin and an authentication server according to an embodiment of the present invention;
fig. 8 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
Some embodiments of the invention are described below with reference to the accompanying drawings. It should be understood by those skilled in the art that these embodiments are merely for explaining the technical principles of the present invention, and are not intended to limit the scope of the present invention.
Referring to fig. 1, fig. 1 is a schematic flow chart of a development mode authority authentication method applied to a scene authentication device according to an embodiment of the present invention, which may include:
step S11: generating scene identity information based at least on the identification information of the scene authentication device;
step S12: and broadcasting the scene identity information.
In some embodiments, the scene authentication device may be disposed in a physical space of the corresponding scene, as an example, for a power-change scene, the scene authentication device may be disposed at a ceiling of the power-change station; for a showcase scene, the scene authentication device may be provided at a ceiling of a showroom or the like.
The identification information of the scene authentication device may be an ID (Identity document, identification number) of the scene authentication device.
In some embodiments, step S11 may specifically generate scene identity information based on the identification information of the scene authentication device. In the embodiment of the invention, the identification information of the scene authentication device can be in one-to-one correspondence with the scenes, the scene where the scene is currently located can be determined according to the identification information of the scene authentication device, and the deletable development mode authority corresponding to the scene where the scene is currently located can be automatically determined. The manual operation of the user can be avoided, and the intelligent control system is more convenient and intelligent.
In other embodiments, in order to ensure the security and validity of the information, step S11 may further specifically generate the scene identity information based on the private key and the identification information or generate the scene identity information based on the private key, the identification information and the signature time, where generating the scene identity information based on the private key and the identification information may be: signing the identification information by using a private key to obtain signature information; obtaining scene identity information based on the signature information and the identification information; generating scene identity information based on the private key, the identification information, and the signature time may be: signing the identification information and the signature time by using a private key to obtain signature information; scene identity information is obtained based on the signature information, the identification information and the signature time.
In some embodiments, the method provided by the embodiment of the present invention may further include: generating a pair of public key and private key by the application scene authentication equipment in an initialization stage; the public key and the identification information are sent to an authentication server. By generating the public key and the private key and signing the identification information or the identification information and the signature time by utilizing the private key, whether the source and the information content of the acquired scene identity information are tampered or not can be verified based on the public key, so that the safety of the scene identity information transmission and the safety of the development mode authority authentication method can be improved.
In some embodiments, step S12 may specifically broadcast the scene identity information in real time or intermittently broadcast the scene identity information.
Referring to fig. 2, fig. 2 is a schematic flow chart of a development mode authority authentication method applied to an intelligent cabin, which may include:
step S21: when the target scene is located, acquiring scene identity information; the scene identity information is generated by scene authentication equipment corresponding to the target scene, and at least comprises identification information of the scene authentication equipment;
step S22: the scene identity information is sent to an authentication server;
step S23: and receiving development mode authority authentication feedback information fed back by the authentication server, and granting development mode authority to the target scene based on the development mode authority authentication feedback information.
In some embodiments, the scene identity information may include signature information and identification information, the signature information being obtained by the scene authentication device signing the identification information with a private key.
In other embodiments, the scene identity information includes signature information, identification information, and signature time, the signature information being obtained by the scene authentication device signing the identification information and the signature time with a private key.
In some embodiments, the development mode authority authentication feedback information may include a scene identity authentication result, a development mode type, and a function corresponding to the development mode type.
In some embodiments, step S23 may be specifically: and when the scene identity authentication result is passed, granting opening permission of the development mode type and operation permission of a function corresponding to the development mode type to the target scene. The method can automatically provide the deletable development mode authority corresponding to the current scene, avoids manual operation of a user, and is more convenient and intelligent.
In some embodiments, the development mode type may include an engineering mode or a debug mode. As an example, the functions corresponding to the development mode may include at least one of network settings, audio settings, and display settings, and the functions corresponding to the debug mode may include performance monitoring and/or log debugging.
In other embodiments, the intelligent cabin can also display the development mode type for granting the opening authority and the function list corresponding to the development mode type to the user.
In other embodiments, when the scene identity information includes signature information, identification information and signature time, in order to ensure validity of the information, the scene identity information may be further verified based on the current time and the signature time, as shown in fig. 3, and fig. 3 is a schematic flow chart of a development mode authority authentication method applied to an intelligent cabin according to another embodiment of the present invention, which may include:
Step S31: when the target scene is located, acquiring scene identity information; the scene identity information is generated by scene authentication equipment corresponding to the target scene, and comprises identification information, signature information and signature time of the scene authentication equipment;
step S32: judging whether the time difference between the current time and the signature time exceeds a preset threshold value or not; if not, executing step S33;
step S33: the scene identity information is sent to an authentication server;
step S34: and receiving development mode authority authentication feedback information fed back by the authentication server, and granting development mode authority to the target scene based on the development mode authority authentication feedback information.
Steps S31, S33 and S34 may be implemented in the same manner as steps S21-S23, respectively, and will not be described herein for brevity, and reference may be made to the above description.
In the embodiment of the invention, the preset time threshold can be flexibly set according to the requirement, and the preset time threshold can be larger than or equal to zero.
The current time is the time for judging the intelligent cabin, if the time difference between the current time and the signature time exceeds a preset threshold value, the scene identity information corresponding to the signature time is at risk of relay or replay attack, and the corresponding scene identity information is determined to be invalid and discarded.
In some embodiments, referring to fig. 4, fig. 4 is a flowchart of a development mode authority authentication method applied to an authentication server according to an embodiment of the present invention, which may include:
step S41: acquiring scene identity information sent by an intelligent cabin, wherein the scene identity information is generated by scene authentication equipment corresponding to a target scene where the intelligent cabin is located, and the scene identity information at least comprises identification information of the scene authentication equipment;
step S42: performing scene identity authentication based on scene identity information;
step S43: when the scene identity authentication result is passing, determining a development mode type authorized to the target scene and a function corresponding to the development mode type, and sending development mode authority authentication feedback information to the intelligent cabin based on the scene identity authentication result, the development mode type and the function corresponding to the development mode type.
In some embodiments, when the scene identity information includes identification information of the scene authentication device, step S42 may specifically be to determine whether the identification information is identification information that can grant permission of the development mode, and if so, the scene identity information passes the scene identity authentication.
In some embodiments, the development mode type may include an engineering mode or a debug mode. As an example, the functions corresponding to the development mode may include at least one of network settings, audio settings, and display settings, and the functions corresponding to the debug mode may include performance monitoring and/or log debugging.
In some embodiments, step S43 may be specifically: and when the scene identity authentication result is passed, carrying out target scene recognition according to the identification information of the scene authentication equipment, determining a development mode type authorized to the target scene and a function corresponding to the development mode type according to the recognized target scene, a prestored scene and a development mode authority list, and sending development mode authority authentication feedback information to the intelligent cabin based on the authentication result, the development mode type and the function corresponding to the development mode type. According to the method, scene identity is authenticated, when scene identity authentication is passed, namely development mode authority authentication is passed, the development mode type authorized to the target scene and the function corresponding to the development mode type are determined, so that the safety of access to the development mode is improved, the information safety is ensured, the development mode authority corresponding to the target scene can be intelligently and conveniently granted, the user operation is avoided, and the user experience is improved.
To improve security, in some embodiments, the scene identity information may include signature information and identification information, the signature information being obtained by the scene authentication device signing the identification information with a private key. In other embodiments, the scene identity information may include signature information, identification information, and signature time, the signature information being obtained by the scene authentication device signing the identification information and the signature time with a private key.
Accordingly, before step S42, a target public key corresponding to the scene authentication device may be determined, as shown in fig. 5, fig. 5 is a schematic flow chart of a target public key determining method applied to the authentication server according to an embodiment of the present invention, which may include;
step S51: acquiring a public key and identification information generated by scene authentication equipment at an initialization stage, and storing the public key and the identification information;
step S52: and determining a target public key corresponding to the scene identity information based on the identification information.
In some embodiments, when the authentication server is set at the cloud, the scene authentication device generates a pair of public key and private key in an initialization phase, and sends identification information of the public key and the scene authentication device to the authentication server; accordingly, step S51 may specifically be: and directly receiving the public key and the identification information generated by the scene authentication device in the initialization stage and storing the public key and the identification information.
In other embodiments, when the authentication server is locally set, the scene authentication device generates a pair of public key and private key in an initialization phase, and sends identification information of the public key and the scene authentication device to the cloud server; accordingly, step S51 may specifically be: and acquiring the public key and the identification information generated by the scene authentication device in the initialization stage from the cloud server and storing the public key and the identification information.
In some embodiments, step S52 may be specifically: the stored public key corresponds to the identification information, the identification information in the scene identity information is matched with the stored identification information, and the public key corresponding to the stored identification information is determined to be the target public key when the matching is consistent.
Accordingly, step S42 may specifically be: and performing scene identity authentication based on the target public key and the scene identity information.
In some embodiments, when the scene identity information includes signature information and identification information, the signature information being obtained by the scene authentication device signing the identification information with the private key, performing scene identity authentication based on the target public key and the scene identity information may include: decrypting the signature information by using the target public key, judging whether the identifier information obtained after decryption is consistent with the identifier information in the scene identity information, and if so, enabling the scene identity information to pass scene identity authentication.
In some embodiments, when the scene identity information includes signature information, identification information, and signature time, the signature information being obtained by the scene authentication device signing the identification information and the signature time with the private key, performing the scene identity authentication based on the target public key and the scene identity information may include: decrypting the signature information by using the target public key, judging whether the identification information and the signature time obtained after decryption are consistent with the identification information and the signature time in the scene identity information, and if so, enabling the scene identity information to pass scene identity authentication.
By verifying the signature information obtained by the private key by using the target public key, whether the source and the information content of the acquired scene identity information are tampered or not can be verified, so that the security of the scene identity information transmission and the security of the development mode authority authentication method can be improved.
In some embodiments, in order to further strengthen the authentication strength of the development mode authority, after the development mode authority is granted to the target scene based on the development mode authority authentication feedback information, user identity authentication may also be performed on the user who has made the development mode type opening application, which will be described in detail below.
Referring to fig. 6, fig. 6 is a schematic flow chart of a development mode authority authentication method applied to an intelligent cabin and an authentication server according to an embodiment of the present invention, which may include:
step S61: the intelligent cabin receives an opening application of a user for a target development mode type, wherein the opening application comprises user identity information;
step S62: the intelligent cabin sends the user identity information to an authentication server;
step S63: the authentication server receives user identity information sent by the intelligent cabin;
step S64: the authentication server adopts a target user identity authentication mode to authenticate the user identity information;
Step S65: the authentication server feeds back the user identity authentication result to the intelligent cabin;
step S66: the intelligent cabin receives the user identity authentication result fed back by the authentication server and selectively opens the target development mode type based on the user identity authentication result.
In some embodiments, the target user identity authentication mode may include any one of a fixed password authentication mode, a one-time password authentication mode (OTP), a short message authentication mode, and a domain account password authentication mode.
When the target user identity authentication mode is a fixed password authentication mode, the user identity information may include a user ID and a password input by a user, and accordingly, step S64 may specifically be that the authentication server authenticates the user identity information by using the fixed password authentication mode, specifically, the authentication server stores a password preset by the user, compares the received password input by the user with the stored password preset by the user, and when the comparison is consistent, the password authentication is passed; further judging whether the user ID is the ID which can be granted to the target development mode type, if so, determining that the user identity authentication result is passed.
In some embodiments, in order to improve information security, a password preset by a user may be encrypted and stored by a salinized hash algorithm, and correspondingly, the authentication server may encrypt the password input by the user by using the salinized hash algorithm, and compare the encrypted password input by the user with the password preset by the user and stored in the salinized hash mode, and when the comparison is consistent, the password authentication is passed.
When the target user identity authentication mode is a One-Time Password (OTP) authentication mode, the user identity information may include the user ID and the One-Time Password input by the user, and accordingly, step S64 may specifically be that the authentication server authenticates the user identity information using the One-Time Password authentication mode. Specifically, the mobile terminal of the user can finish loading the OTP seed through code scanning to generate a disposable password, the user inputs the disposable password, and correspondingly, the authentication server generates a reference password through an algorithm agreed with the mobile terminal and the OPT seed, compares the reference password with some password input by the user, and if the reference password is consistent with the password, the password authentication is passed; further judging whether the user ID is the ID which can be granted to the target development mode type, if so, the user identity authentication result is passed.
When the target user identity authentication mode is a short message authentication mode, the user identity information may include a user ID and a short message verification code input by the user, and correspondingly, step S64 may specifically be that the authentication server authenticates the user identity information using the short message authentication mode. Specifically, the authentication server can send a short message verification code to a prestored contact way of a registered user in a short message mode, acquire the short message verification code input by the user, judge whether the short message verification code input by the user is consistent with the short message verification code sent by the user, and if so, pass the short message verification; further judging whether the user ID is the ID which can be granted to the target development mode type, if so, the user identity authentication result is passed.
When the target user identity authentication mode is a domain account password authentication mode, the user identity information may include a user ID, a domain account and a password, and accordingly, step S64 may specifically be that the authentication server uses the account password authentication mode to verify the domain account and the password input by the user, and when the verification is passed; further judging whether the user ID is the ID which can be granted to the target development mode type, if so, the user identity authentication result is passed.
In the embodiment of the invention, the password, the short message or the domain account number and the verification of the corresponding password are firstly carried out, so that the information security can be improved, the effectiveness of the user ID is ensured, and the reliability of the development mode authority authentication can be improved.
In some embodiments, step S66 may be specifically that the intelligent cabin receives the user identity authentication result fed back by the authentication server, and when the user identity authentication result is passed, the target development mode type is started; when the user identity authentication result is failure, the target development mode type is not started, namely the current user information is not allowed to enter the target development mode type, and the function corresponding to the mode type cannot be executed.
In other embodiments, when the user identity authentication result is passing, the method may further include the authentication server determining a function of a target development mode type authorized to the current user ID according to a pre-stored user ID and a function authority list of the development mode type. Correspondingly, the authentication server can also feed back the determined function of the authorized target development mode type to the intelligent cabin. The intelligent cockpit can also grant the current user ID with the operation authority of the function of the target development mode type and display the function list of the target development mode type.
In some embodiments, to improve the flexibility of user identity authentication, before step S64, the method may further include:
the authentication server sends at least one user identity authentication mode to be selected to the intelligent cabin according to the user ID;
the intelligent cabin receives at least one user identity authentication mode to be selected, which is sent by an authentication server;
the intelligent cabin determines a target user identity authentication mode from at least one user identity authentication mode to be selected according to a user instruction and sends the target user identity authentication mode to an authentication server;
and the authentication server receives the target user identity authentication mode fed back by the intelligent cabin.
The user identity authentication mode to be selected can comprise at least one of a fixed password authentication mode, a one-time password authentication mode (OTP), a short message authentication mode and a domain account password authentication mode.
According to the development mode authority authentication method provided by the embodiment of the invention, the scene identity authentication is further combined with the user identity authentication to perform the development mode authority authentication, so that the authentication strength and the security of the development mode authority authentication are further improved, and the abuse of functions of the development mode can be more effectively prevented.
In other embodiments, in order to further strengthen the authentication strength of the development mode authority, after the development mode authority is granted to the target scene based on the development mode authority authentication feedback information, the received call request for the target function of the development mode type may be also authenticated, which will be described in detail below.
Referring to fig. 7, fig. 7 is a schematic flow chart of a development mode authority authentication method applied to an intelligent cabin and an authentication server according to an embodiment of the present invention, which may include:
step S71: the intelligent cabin responds to a call request of a user for a target function in the development mode type, and signs the call request through a safety interface; the call request at least comprises a call parameter;
step S72: taking the call request and the signature corresponding to the call request as a call request to be authenticated, and sending the call request to be authenticated to an authentication server;
step S73: the authentication server receives a call request to be authenticated sent by the intelligent cabin;
step S74: the authentication server authenticates the call request to be authenticated;
step S75: the authentication server feeds back the authentication result of the calling request to the intelligent cabin;
step S76: and the intelligent cabin receives the call request authentication result fed back by the authentication server and selectively calls the target function based on the call request authentication result.
In some embodiments, signing the call request through the secure interface in step S71 may specifically be signing the call request through a private key generated through the secure interface.
In some embodiments, step S74 may specifically be that the authentication server authenticates the call request to be authenticated based on the public key generated by the pre-stored security interface, specifically decrypts the signature corresponding to the call request in the call request to be authenticated by using the public key, and determines whether the decrypted call request is consistent with the call request in the call request to be authenticated, if so, the call request to be authenticated passes the authentication.
In other embodiments, the call request may include a call parameter and a development mode type ID, and step S74 may further include authenticating the call request to be authenticated by the authentication server based on a public key generated by a pre-stored security interface, determining whether a request parameter in the call request to be authenticated meets a specification of a target API (Application Programming Interface ), determining whether the development mode type ID has authority to call the target API, and determining whether the call request to be authenticated includes unsafe elements such as an attack script; if the public key passes the authentication of the call request to be authenticated, the request parameter accords with the specification of the target API, the development mode type ID has the authority of calling the target API, and the call request to be authenticated does not contain unsafe elements, and the call request to be authenticated passes the authentication.
When the public key fails to authenticate the call request to be authenticated, the request parameter does not accord with the specification of the target API, the development mode type ID does not have the authority of calling the target API, and at least one condition that the call request to be authenticated contains unsafe elements occurs, the call request to be authenticated fails to pass. The authentication server can intercept the corresponding call request to be authenticated, and can not continue to be transmitted to the intelligent cabin, and can log the abnormal condition of the related call request to be authenticated.
In some embodiments, step S76 may be specifically: and the intelligent cabin receives a call request authentication result fed back by the authentication server, and when the call request authentication result is passed, the intelligent cabin calls the target function.
In some embodiments, the target functions may include at least one of file manipulation, network manipulation, data manipulation, and application management functions associated with the system, and in other embodiments, the target functions may also include map navigation and/or entertainment functions.
In the embodiment of the invention, the authentication strength of the development mode authority can be further enhanced and the security can be improved by authenticating the call request of the development mode type target function.
It should be noted that, in other embodiments, after the development mode authority is granted to the target scene based on the development mode authority authentication feedback information and the user identity authentication is performed on the user who issues the development mode type opening application, the received call request for the target function of the development mode type may be authenticated, so as to effectively improve the security and reliability of the development mode authority authentication.
It will be appreciated by those skilled in the art that the present invention may implement all or part of the procedures in the methods of the above embodiments, or may be implemented by a computer program for instructing relevant hardware, where the computer program may be stored in a computer readable storage medium, and the computer program may implement the steps of each of the method embodiments when executed by a processor. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable storage medium may include: any entity or device, medium, usb disk, removable hard disk, magnetic disk, optical disk, computer memory, read-only memory, random access memory, electrical carrier wave signals, telecommunications signals, software distribution media, and the like capable of carrying the computer program code.
In another aspect of the present invention, there is further provided a computer readable storage medium having a computer program stored therein, the computer program implementing the development mode authority authentication method according to any one of the above embodiments when executed by a processor. The computer readable storage medium may be a storage device including various electronic devices, and optionally, the computer readable storage medium in the embodiments of the present invention is a non-transitory computer readable storage medium.
Another aspect of the invention also provides an electronic device that may include at least one processor; and a memory communicatively coupled to the at least one processor; the memory stores a computer program, and the computer program when executed by at least one processor implements the development mode authority authentication method according to any one of the above embodiments.
Referring to fig. 8, a structure in which the memory 81 and the processor 82 are connected by a bus is exemplarily shown in fig. 8, and the memory 81 and the processor 82 are each provided with only one.
In other embodiments, the electronic device may include multiple memories 81 and multiple processors 82. And the program for executing the development mode authority authentication method of any of the above-described embodiments may be divided into a plurality of sub-programs, each of which may be loaded and executed by the processor 82 to perform the different steps of the development mode authority authentication method of the above-described method embodiment, respectively. Specifically, each of the sub-programs may be stored in a different memory 81, respectively, and each of the processors 82 may be configured to execute the programs in one or more memories 81 to collectively implement the development mode authority authentication method of the above-described method embodiment.
In some embodiments, the electronic device may be a scene authentication device, where the scene authentication device may implement any of the development mode authority authentication methods described in the method embodiments applied to the scene authentication device.
In some embodiments, the electronic device may be an intelligent cockpit, and the intelligent cockpit may implement any of the development mode authority authentication methods described in the method embodiments applied to the intelligent cockpit.
In some embodiments, the electronic device may be an authentication server, where the authentication server may implement any of the development mode authority authentication methods described in the method embodiments applied to the authentication server.
In some embodiments, the authentication server may be disposed at the vehicle machine end, and in other embodiments, the authentication server may also be disposed at the cloud end.
Thus far, the technical solution of the present invention has been described in connection with the preferred embodiments shown in the drawings, but it is easily understood by those skilled in the art that the scope of protection of the present invention is not limited to these specific embodiments. Equivalent modifications and substitutions for related technical features may be made by those skilled in the art without departing from the principles of the present invention, and such modifications and substitutions will fall within the scope of the present invention.

Claims (10)

1. A development mode authority authentication method, characterized by being applied to a scene authentication device, comprising:
generating scene identity information based at least on the identification information of the scene authentication device;
broadcasting the scene identity information.
2. The method according to claim 1, wherein the method further comprises:
in the initialization stage, a pair of public key and private key is generated;
and sending the public key and the identification information to an authentication server.
3. The method according to claim 1 or 2, wherein the generating scene identity information based at least on the identification information of the scene authentication device comprises:
the scene identity information is generated based on the private key and the identification information or based on the private key, the identification information and the signature time.
4. The method of claim 3, wherein generating the scene identity information based on a private key and the identification information comprises:
signing the identification information by using the private key to obtain signature information;
obtaining the scene identity information based on the signature information and the identification information;
or alternatively, the process may be performed,
generating the scene identity information based on the private key, the identification information, and the signature time includes:
Signing the identification information and the signature time by using the private key to obtain signature information;
and obtaining the scene identity information based on the signature information, the identification information and the signature time.
5. A development mode authority authentication method, characterized by being applied to an intelligent cabin, the method comprising:
when the target scene is located, acquiring scene identity information; the scene identity information is generated by scene authentication equipment corresponding to the target scene, and at least comprises identification information of the scene authentication equipment;
transmitting the scene identity information to an authentication server;
and receiving development mode authority authentication feedback information fed back by the authentication server, and granting development mode authority to the target scene based on the development mode authority authentication feedback information.
6. The method of claim 5, wherein the scene identity information comprises signature information and the identification information, the signature information being obtained by the scene authentication device signing the identification information with a private key; or alternatively, the process may be performed,
the scene identity information comprises signature information, the identification information and signature time, and the signature information is obtained by signing the identification information and the signature time by using a private key through the scene authentication equipment.
7. The method of claim 6, wherein when the scene identity information includes signature information, the identification information, and signature time, the method further comprises, prior to sending the scene identity information to an authentication server:
judging whether the time difference between the current time and the signature time exceeds a preset threshold value or not;
if not, the step of sending the scene identity information to an authentication server is executed.
8. The method of claim 5, wherein the development mode authority authentication feedback information includes a scene identity authentication result, a development mode type, and a function corresponding to the development mode type;
granting development mode rights to the target scene based on the development mode rights authentication feedback information, including:
and when the scene identity authentication result is passed, granting the opening authority of the development mode type and the operation authority of the function corresponding to the development mode type to the target scene.
9. The method of claim 5, wherein after the granting of the development mode authority to the target scene based on the development mode authority authentication feedback information, the method further comprises:
Receiving an opening application of a user to a target development mode type, wherein the opening application comprises user identity information;
transmitting the user identity information to the authentication server;
and receiving a user identity authentication result fed back by the authentication server, and selectively starting the target development mode type based on the user identity authentication result.
10. The method of claim 9, wherein after the transmitting the user identity information to the authentication server and before receiving the user identity authentication result fed back by the authentication server, the method further comprises:
receiving at least one user identity authentication mode to be selected, which is sent by the authentication server;
and determining a target user identity authentication mode from the at least one user identity authentication mode to be selected according to a user instruction and sending the target user identity authentication mode to the authentication server.
CN202310592591.5A 2023-05-24 2023-05-24 Development mode authority authentication method, computer-readable storage medium, and electronic device Pending CN116738388A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310592591.5A CN116738388A (en) 2023-05-24 2023-05-24 Development mode authority authentication method, computer-readable storage medium, and electronic device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310592591.5A CN116738388A (en) 2023-05-24 2023-05-24 Development mode authority authentication method, computer-readable storage medium, and electronic device

Publications (1)

Publication Number Publication Date
CN116738388A true CN116738388A (en) 2023-09-12

Family

ID=87912419

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310592591.5A Pending CN116738388A (en) 2023-05-24 2023-05-24 Development mode authority authentication method, computer-readable storage medium, and electronic device

Country Status (1)

Country Link
CN (1) CN116738388A (en)

Similar Documents

Publication Publication Date Title
CN108737430B (en) Encryption communication method and system for block chain node
CN109150835B (en) Cloud data access method, device, equipment and computer readable storage medium
CN108964885B (en) Authentication method, device, system and storage medium
CN109005155B (en) Identity authentication method and device
CN108111473B (en) Unified management method, device and system for hybrid cloud
CN107733636B (en) Authentication method and authentication system
CN111783068B (en) Device authentication method, system, electronic device and storage medium
CN108471610B (en) Bluetooth connection control system
CN107145769B (en) Digital Rights Management (DRM) method, equipment and system
US11424915B2 (en) Terminal registration system and terminal registration method with reduced number of communication operations
CN111901342B (en) Authority application verification method, device, equipment and storage medium
CN104426659A (en) Dynamic password generating method, authentication method, authentication system and corresponding equipment
CN105577619B (en) Client login method, client and system
US8844056B2 (en) Service provision
CN106992978B (en) Network security management method and server
CN108667800B (en) Access authority authentication method and device
CN110807210B (en) Information processing method, platform, system and computer storage medium
CN110417784B (en) Authorization method and device of access control equipment
CN112261103A (en) Node access method and related equipment
CN109359450B (en) Security access method, device, equipment and storage medium of Linux system
CN112585608A (en) Embedded equipment, legality identification method, controller and encryption chip
CN114297597B (en) Account management method, system, equipment and computer readable storage medium
CN112084485B (en) Data acquisition method, device, equipment and computer storage medium
CN115801287A (en) Signature authentication method and device
CN116738388A (en) Development mode authority authentication method, computer-readable storage medium, and electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination