CN106114453B - A kind of distribution high safety automotive theft proof system - Google Patents

A kind of distribution high safety automotive theft proof system Download PDF

Info

Publication number
CN106114453B
CN106114453B CN201610556798.7A CN201610556798A CN106114453B CN 106114453 B CN106114453 B CN 106114453B CN 201610556798 A CN201610556798 A CN 201610556798A CN 106114453 B CN106114453 B CN 106114453B
Authority
CN
China
Prior art keywords
network node
network
node
cloud
module
Prior art date
Application number
CN201610556798.7A
Other languages
Chinese (zh)
Other versions
CN106114453A (en
Inventor
不公告发明人
Original Assignee
广汽本田汽车有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 广汽本田汽车有限公司 filed Critical 广汽本田汽车有限公司
Priority to CN201610556798.7A priority Critical patent/CN106114453B/en
Publication of CN106114453A publication Critical patent/CN106114453A/en
Application granted granted Critical
Publication of CN106114453B publication Critical patent/CN106114453B/en

Links

Classifications

    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R25/00Fittings or systems for preventing or indicating unauthorised use or theft of vehicles
    • B60R25/10Fittings or systems for preventing or indicating unauthorised use or theft of vehicles actuating a signalling device
    • B60R25/102Fittings or systems for preventing or indicating unauthorised use or theft of vehicles actuating a signalling device a signal being sent to a remote location, e.g. a radio signal being transmitted to a police station, a security company or the owner
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R2325/00Indexing scheme relating to vehicle anti-theft devices
    • B60R2325/10Communication protocols, communication systems of vehicle anti-theft devices
    • B60R2325/106Internet
    • BPERFORMING OPERATIONS; TRANSPORTING
    • B60VEHICLES IN GENERAL
    • B60RVEHICLES, VEHICLE FITTINGS, OR VEHICLE PARTS, NOT OTHERWISE PROVIDED FOR
    • B60R2325/00Indexing scheme relating to vehicle anti-theft devices
    • B60R2325/20Communication devices for vehicle anti-theft devices
    • B60R2325/205Mobile phones

Abstract

A kind of distribution high safety automotive theft proof system, characterized in that including camera, wireless singlechip, wireless transmitter, thermal sensor, burglar alarm, cloud network and security protection system;The image taken is transmitted to wireless singlechip by the camera on automobile, and is sent to cloud network by wireless transmitter;The thermal sensor concatenates burglar alarm, other than providing local burglar alarm, the warning message sensed is also sent to wireless singlechip, and be sent to cloud network by wireless transmitter;The cloud network is analyzed the information that wireless transmitter is sent, handled and is stored, and sends the result in the cell phone application of designated user.

Description

A kind of distribution high safety automotive theft proof system

Technical field

The present invention relates to anti-theft field of vehicles, and in particular to a kind of distribution high safety automotive theft proof system.

Background technology

Automobile is increasingly widely applied as a kind of main means of transport in city, but just as Growing larceny is similarly more and more under the expanded scope of its demand, and the safety defense monitoring system of current cell Also it can not ensure the real-time of automobile without the monitoring at monitoring dead angle, while user is difficult not revealed safely in guarantee monitoring information Under the premise of remote monitoring oneself automobile the case where.

Invention content

In view of the above-mentioned problems, the present invention provides a kind of distributed high safety automotive theft proof system.

The purpose of the present invention is realized using following technical scheme:

A kind of distribution high safety automotive theft proof system, including camera, wireless singlechip, wireless transmitter, thermoinduction Device, burglar alarm, cloud network and security protection system;The camera on automobile transmits the image taken It is sent to cloud network to wireless singlechip, and by wireless transmitter;The thermal sensor concatenates burglar alarm, in addition to providing Outside local burglar alarm, the warning message sensed is also sent to wireless singlechip, and cloud is sent to by wireless transmitter Network;The cloud network is analyzed the information that wireless transmitter is sent, handled and is stored, and sends the result to specified use In the cell phone application at family.

This automotive theft proof system has the beneficial effect that:Utilize the photographic device and Wireless monolithic on each automobile The equipment such as machine realize the independent monitoring of every automobile, while support whole system using cloud network calculates storage, significantly Reduce the input of local server, and can be by mobile phone remote monitoring oneself automobile the case where.

Description of the drawings

Using attached drawing, the invention will be further described, but the embodiment in attached drawing does not constitute any limit to the present invention System, for those of ordinary skill in the art, without creative efforts, can also obtain according to the following drawings Other attached drawings.

Fig. 1 is a kind of structure diagram of distributed high safety automotive theft proof system;

Fig. 2 is the structure diagram of security protection system.

Reference numeral:Camera -1;Wireless singlechip -2;Wireless transmitter -3;Thermal sensor -4;Burglar alarm -5; Cloud network -6;Security protection system -7;Cloud network node security is classified subsystem -10;Security protection configuration subsystem -20;Net Network safety monitoring subsystem -30;Cloud service subsystem -40;Incidence matrix generation module -11;Minimum spanning tree module -12;Point Grade module -13;Substitute module -14.

Specific implementation mode

The invention will be further described with the following Examples.

Application scenarios 1:

A kind of distributed high safety automotive theft proof system as shown in Figure 1, including it is camera 1, wireless singlechip 2, wireless Transmitter 3, thermal sensor 4, burglar alarm 5, cloud network 6 and security protection system 7;The camera on automobile The image taken is transmitted to wireless singlechip 2 by 1, and is sent to cloud network 6 by wireless transmitter 3;The thermal sensor 4 Burglar alarm 5 is concatenated, other than local burglar alarm is provided, the warning message sensed is also sent to wireless singlechip 2, And cloud network 6 is sent to by wireless transmitter 3;The information that the cloud network 6 sends wireless transmitter 3 is analyzed, is located Reason and storage, and send the result in the cell phone application of designated user.

The present invention utilizes the equipment such as the photographic device being mounted on each automobile and wireless singlechip, realizes every automobile Independent monitoring, while support whole system using cloud network calculates storage, greatly reduces the throwing of local server Enter, and can be by mobile phone remote monitoring oneself automobile the case where.

Preferably, when someone is close to the thermal sensor, start alarm automatically, and send to the cell phone application of user Pre-warning signal;The wireless singlechip 2 is also communicated with the electronic safety lock being arranged on arrangements for automotive doors, when thermal sensor 4 is touched Hair electronic safety lock without electronic control and when being opened simultaneously, wireless singlechip 2 is automatically by cloud network 6 to the mobile phone of user APP sends the signal that car door is illegally opened.

Preferably, the burglar alarm 5 is audible-visual annunciator.

Preferably, as shown in Fig. 2, security protection system 7, for providing security protection for the cloud network comprising cloud Network node safety classification subsystem 10, security protection configuration subsystem 20, network security monitoring subsystem 30 and cloud service Network node is divided into 4 by system 40, the network node security classification system 10 by calculating the importance values of network node Different safe classes, the security protection configuration subsystem 20 are classified the classification knot of subsystem 10 according to cloud network node security Fruit, the link between the network node and node of different safety class provide different secure cryptographic services;The network Safety monitoring subsystem 30 is used for monitoring network node state, and the cloud service subsystem 40 is that entire security protection cloud system carries It is supported for cloud.

(1) cloud network node security classification subsystem 10 include incidence matrix generation module 11, minimum spanning tree module 12, Diversity module 13 and replacement module 14:

The importance values acquisition of cloud network node security classification subsystem 10 is based primarily upon following theory:It is to be measured by removing Node assesses status of the node in the network, specifically, if after node to be measured is removed, it is raw in obtained new figure The number of Cheng Shu is fewer, then the importance values of the node are bigger.

A, incidence matrix generation module 11:

A non-directed graph with m network node V and n link E, wherein V={ V are indicated with G1, V2... Vm, E= {E1, E2... En, indicate the connection relation of network structure interior joint and link with the incidence matrix R of m × n, the one of matrix R A network node in row corresponding network, a row of R indicate the value of the relating attribute of network node and corresponding sides, each in R The value of element is 0 or 1, wherein 0 represents link and is not associated with network node, 1 represents link is associated with network node;For example, If the element that m rows n-th arrange in R is 1, m-th of network node and nth bar link association are represented;

B. minimum spanning tree module 12:

It is represented with (i, j) and connects network node V in non-directed graph GiWith network node VjLink, ω (Vi, Vj) represent this chain The weight on road, if there are the T subsets for being E and being no cycle figure so that ω (T) is minimum, T is just known as to the minimum spanning tree of G, then Minimum spanning tree sum τ (G)=det (RR in GT), wherein det () represents determinant generating function,;

C. diversity module 13:

Node V is obtained by following formulaiImportance values riWherein τ (G) is to be generated by minimum The minimum spanning tree sum that tree computing module obtains;K is the quantity of the i-th row nonzero element in incidence matrix R, and Z is remove R the The new matrix obtained after the nonzero element column of i rows and the i-th row, det (Zi) represent the determinant of Z;riValue it is bigger, I.e. node shows higher importance, works as riValue when take 1, then it represents that ViIt is most important network node in the network, Once the connectivity that the network node is destroyed figure will be dramatically destroyed, to cause network communication to interrupt;By with Upper method calculates separately the importance values of all-network node, concurrently sets classification thresholds T1, T2, T3, and T1 > T2 > T3, such as Fruit riThe network node is then labeled as important node, if T1 > r by > T1i> T2, then by the network node labeled as time weight Node is wanted, if T2 > riThe network node is then labeled as intermediate node, if r by > T3iLess than T3, then by the network node It is denoted as respectively labeled as fringe node, and by the safe class of important node, secondary important node, intermediate node and fringe node Grade 1, grade 2, grade 3 and class 4;T3=0.25, fringe node number do not exceed the 30% of overall network number of nodes;

D. substitute module 14:

When changing network node quantity or node location, the important of each network node is recalculated automatically Property value, and re-start safety classification and label;

(2) security protection configuration subsystem 20:Between the identical network node of safe class, using based on network layer Secure Internet Protocol IPSec carries out information exchange, provides the protecting information safety of channel level, ipsec protocol answers cryptographic technique For network layer, provide point-to-point data transmission includes safety certification, data encryption, access control, the peace of integrality discriminating Full service;Using being operated in application layer protocol on network layer protocol into row information between the network node of different safety class Interaction, the safety of application layer is based on PKI system, the safety for being ensured information file transfer with cryptographic technique, being shared and being used, Specifically it is encrypted using cipher mode below:

A. for safe class be n1 network node A and safe class be n2 network node B, when A will to B transmit believe It when ceasing MES, sends ask from A to B first, B returns to Shu n1-n2 Shu random number Rs D1, B and retains RD1;

B.A is digitally signed with each RD1 of pre-assigned secret key pair, and generates Shu corresponding random numbers of Shu n1-n2 RD2;The matrix that RD1 and RD2 is formed to Shu n1-n2 Shu × Shu n1-n2 Shu rank carries out information MES using matrix encryption technology Encryption, B is sent to by encrypted result;Since the value range of n1 and n2 is 1-4, it is easy to know the net for different safety class For network node, which is up to 3 × 3 rank matrixes, minimum 1 × 1 matrix, and for the identical network node of safe class For, n1-n2=0, i.e., without the encrypted operation of matrix;When safe class is bypassed the immediate leadership, transmission series are higher, and Shu n1-n2 Shu are got over Greatly, then the exponent number of scrambled matrix is bigger, and cryptographic security is better, and for peer or when bypassing the immediate leadership little, Encryption Algorithm Calculation amount accordingly reduces, and has stronger adaptivity.

C.B call decryption function encrypted information is decrypted, obtain RD1 ' and information MES, by RD1 and RD1 ' into Row comparison match receives if successful match and retains MES, and MES is returned A if inconsistent or is abandoned;

(3) network security monitoring subsystem 30 is used for monitoring network number of nodes and network node location comprising perception mould Block and transmission module:

The sensing module around network node by disposing a large amount of wireless sensors realizations, not due to network node Know self-position, the wireless sensor is by receiving network node wireless signal, in conjunction with itself and other sensors position Relationship positions network node location;

(4) cloud service subsystem 40, including cloud storage module and cloud computing module:

The cloud storage module includes public cloud sub-module stored and private cloud storage submodule, publicly-owned storage cloud Module mainly stores network node ranked data, and the storage content external world can carry out free access, the private cloud storage submodule Block mainly stores secret key and decryption function, can only be accessed by the personnel of authentication;

The cloud computing module is realized by disposing SOA servers, including public cloud computational submodule and privately owned cloud computing Submodule, the public cloud computational submodule is classified subsystem for cloud network node security and network security monitoring subsystem provides Support is calculated, the private clound computational submodule provides calculating support for security protection configuration subsystem, and all types of user passes through end Program is held to obtain high in the clouds data.

In this embodiment:Using the photographic device and the equipment such as wireless singlechip on each automobile, realize The independent monitoring of every automobile, while support whole system using cloud network calculates storage, greatly reduces local clothes Be engaged in device input, and can be by mobile phone remote monitoring oneself automobile the case where;Network system node security classification system 10 Calculated using the node importance based on minimum spanning tree, can relatively accurate, calculation amount calculate the important of network node smaller Property, and safety classification, T3=0.25 are carried out to the node in network on this basis, fringe node number does not exceed overall network section The 30% of points;Information of the security protection configuration subsystem 20 between the network node of different safety class is transmitted using different Encryption policy, and when safe class bypass the immediate leadership transmit higher (when Shu n1-n2 Shu are bigger), then the exponent number of scrambled matrix is bigger, adds Close safety is better, and for peer or when bypassing the immediate leadership little, the calculation amount of Encryption Algorithm accordingly reduces, and has stronger adaptive Ying Xing;Cloud service module is set, memory space can be saved, improves calculating speed, saves time cost.

Preferably, the specific positioning operation of network node is as follows in the network security monitoring subsystem:

Using network node as the center of circle, r draws circle for radius, and the wireless sensor quantity fallen in circle is n, i-th of wireless biography The signal strength that sensor receives the network node corresponds to qi, i=1,2 ..., n;

The position (x, y) of network node is as follows:

The transmission module is used to the monitoring result of sensing module being transferred to cloud service subsystem 40.

Network security monitoring subsystem is set in this embodiment, network node data, accurate positioning can be acquired in time.

Application scenarios 2:

A kind of distributed high safety automotive theft proof system as shown in Figure 1, including it is camera 1, wireless singlechip 2, wireless Transmitter 3, thermal sensor 4, burglar alarm 5, cloud network 6 and security protection system 7;The camera on automobile The image taken is transmitted to wireless singlechip 2 by 1, and is sent to cloud network 6 by wireless transmitter 3;The thermal sensor 4 Burglar alarm 5 is concatenated, other than local burglar alarm is provided, the warning message sensed is also sent to wireless singlechip 2, And cloud network 6 is sent to by wireless transmitter 3;The information that the cloud network 6 sends wireless transmitter 3 is analyzed, is located Reason and storage, and send the result in the cell phone application of designated user.

The present invention utilizes the equipment such as the photographic device being mounted on each automobile and wireless singlechip, realizes every automobile Independent monitoring, while support whole system using cloud network calculates storage, greatly reduces the throwing of local server Enter, and can be by mobile phone remote monitoring oneself automobile the case where.

Preferably, when someone is close to the thermal sensor, start alarm automatically, and send to the cell phone application of user Pre-warning signal;The wireless singlechip 2 is also communicated with the electronic safety lock being arranged on arrangements for automotive doors, when thermal sensor 4 is touched Hair electronic safety lock without electronic control and when being opened simultaneously, wireless singlechip 2 is automatically by cloud network 6 to the mobile phone of user APP sends the signal that car door is illegally opened.

Preferably, the burglar alarm 5 is audible-visual annunciator.

Preferably, as shown in Fig. 2, security protection system 7, for providing security protection for the cloud network comprising cloud Network node safety classification subsystem 10, security protection configuration subsystem 20, network security monitoring subsystem 30 and cloud service Network node is divided into 4 by system 40, the network node security classification system 10 by calculating the importance values of network node Different safe classes, the security protection configuration subsystem 20 are classified the classification knot of subsystem 10 according to cloud network node security Fruit, the link between the network node and node of different safety class provide different secure cryptographic services;The network Safety monitoring subsystem 30 is used for monitoring network node state, and the cloud service subsystem 40 is that entire security protection cloud system carries It is supported for cloud.

(1) cloud network node security classification subsystem 10 include incidence matrix generation module 11, minimum spanning tree module 12, Diversity module 13 and replacement module 14:

The importance values acquisition of cloud network node security classification subsystem 10 is based primarily upon following theory:It is to be measured by removing Node assesses status of the node in the network, specifically, if after node to be measured is removed, it is raw in obtained new figure The number of Cheng Shu is fewer, then the importance values of the node are bigger.

A, incidence matrix generation module 11:

A non-directed graph with m network node V and n link E, wherein V={ V are indicated with G1, V2... Vm, E= {E1, E2... En, indicate the connection relation of network structure interior joint and link with the incidence matrix R of m × n, the one of matrix R A network node in row corresponding network, a row of R indicate the value of the relating attribute of network node and corresponding sides, each in R The value of element is 0 or 1, wherein 0 represents link and is not associated with network node, 1 represents link is associated with network node;For example, If the element that m rows n-th arrange in R is 1, m-th of network node and nth bar link association are represented;

B. minimum spanning tree module 12:

It is represented with (i, j) and connects network node V in non-directed graph GiWith network node VjLink, ω (Vi, Vj) represent this chain The weight on road, if there are the T subsets for being E and being no cycle figure so that ω (T) is minimum, T is just known as to the minimum spanning tree of G, then Minimum spanning tree sum τ (G)=det (RR in GT), wherein det () represents determinant generating function,;

C. diversity module 13:

Node V is obtained by following formulaiImportance values riWherein τ (G) is to be generated by minimum The minimum spanning tree sum that tree computing module obtains;K is the quantity of the i-th row nonzero element in incidence matrix R, and Z is remove R the The new matrix obtained after the nonzero element column of i rows and the i-th row, det (Zi) represent the determinant of Z;riValue it is bigger, I.e. node shows higher importance, works as riValue when take 1, then it represents that ViIt is most important network node in the network, Once the connectivity that the network node is destroyed figure will be dramatically destroyed, to cause network communication to interrupt;By with Upper method calculates separately the importance values of all-network node, concurrently sets classification thresholds T1, T2, T3, and T1 > T2 > T3, such as Fruit riThe network node is then labeled as important node, if T1 > r by > T1i> T2, then by the network node labeled as time weight Node is wanted, if T2 > riThe network node is then labeled as intermediate node, if r by > T3iLess than T3, then by the network node It is denoted as respectively labeled as fringe node, and by the safe class of important node, secondary important node, intermediate node and fringe node Grade 1, grade 2, grade 3 and class 4;T3=0.28, fringe node number do not exceed the 27% of overall network number of nodes;

D. substitute module 14:

When changing network node quantity or node location, the important of each network node is recalculated automatically Property value, and re-start safety classification and label;

(2) security protection configuration subsystem 20:Between the identical network node of safe class, using based on network layer Secure Internet Protocol IPSec carries out information exchange, provides the protecting information safety of channel level, ipsec protocol answers cryptographic technique For network layer, provide point-to-point data transmission includes safety certification, data encryption, access control, the peace of integrality discriminating Full service;Using being operated in application layer protocol on network layer protocol into row information between the network node of different safety class Interaction, the safety of application layer is based on PKI system, the safety for being ensured information file transfer with cryptographic technique, being shared and being used, Specifically it is encrypted using cipher mode below:

A. for safe class be n1 network node A and safe class be n2 network node B, when A will to B transmit believe It when ceasing MES, sends ask from A to B first, B returns to Shu n1-n2 Shu random number Rs D1, B and retains RD1;

B.A is digitally signed with each RD1 of pre-assigned secret key pair, and generates Shu corresponding random numbers of Shu n1-n2 RD2;The matrix that RD1 and RD2 is formed to Shu n1-n2 Shu × Shu n1-n2 Shu rank carries out information MES using matrix encryption technology Encryption, B is sent to by encrypted result;Since the value range of n1 and n2 is 1-4, it is easy to know the net for different safety class For network node, which is up to 3 × 3 rank matrixes, minimum 1 × 1 matrix, and for the identical network node of safe class For, n1-n2=0, i.e., without the encrypted operation of matrix;When safe class is bypassed the immediate leadership, transmission series are higher, and Shu n1-n2 Shu are got over Greatly, then the exponent number of scrambled matrix is bigger, and cryptographic security is better, and for peer or when bypassing the immediate leadership little, Encryption Algorithm Calculation amount accordingly reduces, and has stronger adaptivity.

C.B call decryption function encrypted information is decrypted, obtain RD1 ' and information MES, by RD1 and RD1 ' into Row comparison match receives if successful match and retains MES, and MES is returned A if inconsistent or is abandoned;

(3) network security monitoring subsystem 30 is used for monitoring network number of nodes and network node location comprising perception mould Block and transmission module:

The sensing module around network node by disposing a large amount of wireless sensors realizations, not due to network node Know self-position, the wireless sensor is by receiving network node wireless signal, in conjunction with itself and other sensors position Relationship positions network node location;

(4) cloud service subsystem 40, including cloud storage module and cloud computing module:

The cloud storage module includes public cloud sub-module stored and private cloud storage submodule, publicly-owned storage cloud Module mainly stores network node ranked data, and the storage content external world can carry out free access, the private cloud storage submodule Block mainly stores secret key and decryption function, can only be accessed by the personnel of authentication;

The cloud computing module is realized by disposing SOA servers, including public cloud computational submodule and privately owned cloud computing Submodule, the public cloud computational submodule is classified subsystem for cloud network node security and network security monitoring subsystem provides Support is calculated, the private clound computational submodule provides calculating support for security protection configuration subsystem, and all types of user passes through end Program is held to obtain high in the clouds data.

In this embodiment:Using the photographic device and the equipment such as wireless singlechip on each automobile, realize The independent monitoring of every automobile, while support whole system using cloud network calculates storage, greatly reduces local clothes Be engaged in device input, and can be by mobile phone remote monitoring oneself automobile the case where;Network system node security classification system 10 Calculated using the node importance based on minimum spanning tree, can relatively accurate, calculation amount calculate the important of network node smaller Property, and safety classification, T3=0.28 are carried out to the node in network on this basis, fringe node number does not exceed overall network section The 27% of points;Information of the security protection configuration subsystem 20 between the network node of different safety class is transmitted using different Encryption policy, and when safe class bypass the immediate leadership transmit higher (when Shu n1-n2 Shu are bigger), then the exponent number of scrambled matrix is bigger, adds Close safety is better, and for peer or when bypassing the immediate leadership little, the calculation amount of Encryption Algorithm accordingly reduces, and has stronger adaptive Ying Xing;Cloud service module is set, memory space can be saved, improves calculating speed, saves time cost.

Preferably, the specific positioning operation of network node is as follows in the network security monitoring subsystem:

Using network node as the center of circle, r draws circle for radius, and the wireless sensor quantity fallen in circle is n, i-th of wireless biography The signal strength that sensor receives the network node corresponds to qi, i=1,2 ..., n;

The position (x, y) of network node is as follows:

The transmission module is used to the monitoring result of sensing module being transferred to cloud service subsystem 40.

Network security monitoring subsystem is set in this embodiment, network node data, accurate positioning can be acquired in time.

Application scenarios 3:

A kind of distributed high safety automotive theft proof system as shown in Figure 1, including it is camera 1, wireless singlechip 2, wireless Transmitter 3, thermal sensor 4, burglar alarm 5, cloud network 6 and security protection system 7;The camera on automobile The image taken is transmitted to wireless singlechip 2 by 1, and is sent to cloud network 6 by wireless transmitter 3;The thermal sensor 4 Burglar alarm 5 is concatenated, other than local burglar alarm is provided, the warning message sensed is also sent to wireless singlechip 2, And cloud network 6 is sent to by wireless transmitter 3;The information that the cloud network 6 sends wireless transmitter 3 is analyzed, is located Reason and storage, and send the result in the cell phone application of designated user.

The present invention utilizes the equipment such as the photographic device being mounted on each automobile and wireless singlechip, realizes every automobile Independent monitoring, while support whole system using cloud network calculates storage, greatly reduces the throwing of local server Enter, and can be by mobile phone remote monitoring oneself automobile the case where.

Preferably, when someone is close to the thermal sensor, start alarm automatically, and send to the cell phone application of user Pre-warning signal;The wireless singlechip 2 is also communicated with the electronic safety lock being arranged on arrangements for automotive doors, when thermal sensor 4 is touched Hair electronic safety lock without electronic control and when being opened simultaneously, wireless singlechip 2 is automatically by cloud network 6 to the mobile phone of user APP sends the signal that car door is illegally opened.

Preferably, the burglar alarm 5 is audible-visual annunciator.

Preferably, as shown in Fig. 2, security protection system 7, for providing security protection for the cloud network comprising cloud Network node safety classification subsystem 10, security protection configuration subsystem 20, network security monitoring subsystem 30 and cloud service Network node is divided into 4 by system 40, the network node security classification system 10 by calculating the importance values of network node Different safe classes, the security protection configuration subsystem 20 are classified the classification knot of subsystem 10 according to cloud network node security Fruit, the link between the network node and node of different safety class provide different secure cryptographic services;The network Safety monitoring subsystem 30 is used for monitoring network node state, and the cloud service subsystem 40 is that entire security protection cloud system carries It is supported for cloud.

(1) cloud network node security classification subsystem 10 include incidence matrix generation module 11, minimum spanning tree module 12, Diversity module 13 and replacement module 14:

The importance values acquisition of cloud network node security classification subsystem 10 is based primarily upon following theory:It is to be measured by removing Node assesses status of the node in the network, specifically, if after node to be measured is removed, it is raw in obtained new figure The number of Cheng Shu is fewer, then the importance values of the node are bigger.

A, incidence matrix generation module 11:

A non-directed graph with m network node V and n link E, wherein V={ V are indicated with G1, V2... Vm, E= {E1, E2... En, indicate the connection relation of network structure interior joint and link with the incidence matrix R of m × n, the one of matrix R A network node in row corresponding network, a row of R indicate the value of the relating attribute of network node and corresponding sides, each in R The value of element is 0 or 1, wherein 0 represents link and is not associated with network node, 1 represents link is associated with network node;For example, If the element that m rows n-th arrange in R is 1, m-th of network node and nth bar link association are represented;

B. minimum spanning tree module 12:

It is represented with (i, j) and connects network node V in non-directed graph GiWith network node VjLink, ω (Vi, Vj) represent this chain The weight on road, if there are the T subsets for being E and being no cycle figure so that ω (T) is minimum, T is just known as to the minimum spanning tree of G, then Minimum spanning tree sum τ (G)=det (RR in GT), wherein det () represents determinant generating function,;

C. diversity module 13:

Node V is obtained by following formulaiImportance values riWherein τ (G) is to be generated by minimum The minimum spanning tree sum that tree computing module obtains;K is the quantity of the i-th row nonzero element in incidence matrix R, and Z is remove R the The new matrix obtained after the nonzero element column of i rows and the i-th row, det (Zi) represent the determinant of Z;riValue it is bigger, I.e. node shows higher importance, works as riValue when take 1, then it represents that ViIt is most important network node in the network, Once the connectivity that the network node is destroyed figure will be dramatically destroyed, to cause network communication to interrupt;By with Upper method calculates separately the importance values of all-network node, concurrently sets classification thresholds T1, T2, T3, and T1 > T2 > T3, such as Fruit riThe network node is then labeled as important node, if T1 > r by > T1i> T2, then by the network node labeled as time weight Node is wanted, if T2 > riThe network node is then labeled as intermediate node, if r by > T3iLess than T3, then by the network node It is denoted as respectively labeled as fringe node, and by the safe class of important node, secondary important node, intermediate node and fringe node Grade 1, grade 2, grade 3 and class 4;T3=0.30, fringe node number do not exceed the 32% of overall network number of nodes;

D. substitute module 14:

When changing network node quantity or node location, the important of each network node is recalculated automatically Property value, and re-start safety classification and label;

(2) security protection configuration subsystem 20:Between the identical network node of safe class, using based on network layer Secure Internet Protocol IPSec carries out information exchange, provides the protecting information safety of channel level, ipsec protocol answers cryptographic technique For network layer, provide point-to-point data transmission includes safety certification, data encryption, access control, the peace of integrality discriminating Full service;Using being operated in application layer protocol on network layer protocol into row information between the network node of different safety class Interaction, the safety of application layer is based on PKI system, the safety for being ensured information file transfer with cryptographic technique, being shared and being used, Specifically it is encrypted using cipher mode below:

A. for safe class be n1 network node A and safe class be n2 network node B, when A will to B transmit believe It when ceasing MES, sends ask from A to B first, B returns to Shu n1-n2 Shu random number Rs D1, B and retains RD1;

B.A is digitally signed with each RD1 of pre-assigned secret key pair, and generates Shu corresponding random numbers of Shu n1-n2 RD2;The matrix that RD1 and RD2 is formed to Shu n1-n2 Shu × Shu n1-n2 Shu rank carries out information MES using matrix encryption technology Encryption, B is sent to by encrypted result;Since the value range of n1 and n2 is 1-4, it is easy to know the net for different safety class For network node, which is up to 3 × 3 rank matrixes, minimum 1 × 1 matrix, and for the identical network node of safe class For, n1-n2=0, i.e., without the encrypted operation of matrix;When safe class is bypassed the immediate leadership, transmission series are higher, and Shu n1-n2 Shu are got over Greatly, then the exponent number of scrambled matrix is bigger, and cryptographic security is better, and for peer or when bypassing the immediate leadership little, Encryption Algorithm Calculation amount accordingly reduces, and has stronger adaptivity.

C.B call decryption function encrypted information is decrypted, obtain RD1 ' and information MES, by RD1 and RD1 ' into Row comparison match receives if successful match and retains MES, and MES is returned A if inconsistent or is abandoned;

(3) network security monitoring subsystem 30 is used for monitoring network number of nodes and network node location comprising perception mould Block and transmission module:

The sensing module around network node by disposing a large amount of wireless sensors realizations, not due to network node Know self-position, the wireless sensor is by receiving network node wireless signal, in conjunction with itself and other sensors position Relationship positions network node location;

(4) cloud service subsystem 40, including cloud storage module and cloud computing module:

The cloud storage module includes public cloud sub-module stored and private cloud storage submodule, publicly-owned storage cloud Module mainly stores network node ranked data, and the storage content external world can carry out free access, the private cloud storage submodule Block mainly stores secret key and decryption function, can only be accessed by the personnel of authentication;

The cloud computing module is realized by disposing SOA servers, including public cloud computational submodule and privately owned cloud computing Submodule, the public cloud computational submodule is classified subsystem for cloud network node security and network security monitoring subsystem provides Support is calculated, the private clound computational submodule provides calculating support for security protection configuration subsystem, and all types of user passes through end Program is held to obtain high in the clouds data.

In this embodiment:Using the photographic device and the equipment such as wireless singlechip on each automobile, realize The independent monitoring of every automobile, while support whole system using cloud network calculates storage, greatly reduces local clothes Be engaged in device input, and can be by mobile phone remote monitoring oneself automobile the case where;Network system node security classification system 10 Calculated using the node importance based on minimum spanning tree, can relatively accurate, calculation amount calculate the important of network node smaller Property, and safety classification, T3=0.30 are carried out to the node in network on this basis, fringe node number does not exceed overall network section The 32% of points;Information of the security protection configuration subsystem 20 between the network node of different safety class is transmitted using different Encryption policy, and when safe class bypass the immediate leadership transmit higher (when Shu n1-n2 Shu are bigger), then the exponent number of scrambled matrix is bigger, adds Close safety is better, and for peer or when bypassing the immediate leadership little, the calculation amount of Encryption Algorithm accordingly reduces, and has stronger adaptive Ying Xing;Cloud service module is set, memory space can be saved, improves calculating speed, saves time cost.

Preferably, the specific positioning operation of network node is as follows in the network security monitoring subsystem:

Using network node as the center of circle, r draws circle for radius, and the wireless sensor quantity fallen in circle is n, i-th of wireless biography The signal strength that sensor receives the network node corresponds to qi, i=1,2 ..., n;

The position (x, y) of network node is as follows:

The transmission module is used to the monitoring result of sensing module being transferred to cloud service subsystem 40.

Network security monitoring subsystem is set in this embodiment, network node data, accurate positioning can be acquired in time.

Application scenarios 4:

A kind of distributed high safety automotive theft proof system as shown in Figure 1, including it is camera 1, wireless singlechip 2, wireless Transmitter 3, thermal sensor 4, burglar alarm 5, cloud network 6 and security protection system 7;The camera on automobile The image taken is transmitted to wireless singlechip 2 by 1, and is sent to cloud network 6 by wireless transmitter 3;The thermal sensor 4 Burglar alarm 5 is concatenated, other than local burglar alarm is provided, the warning message sensed is also sent to wireless singlechip 2, And cloud network 6 is sent to by wireless transmitter 3;The information that the cloud network 6 sends wireless transmitter 3 is analyzed, is located Reason and storage, and send the result in the cell phone application of designated user.

The present invention utilizes the equipment such as the photographic device being mounted on each automobile and wireless singlechip, realizes every automobile Independent monitoring, while support whole system using cloud network calculates storage, greatly reduces the throwing of local server Enter, and can be by mobile phone remote monitoring oneself automobile the case where.

Preferably, when someone is close to the thermal sensor, start alarm automatically, and send to the cell phone application of user Pre-warning signal;The wireless singlechip 2 is also communicated with the electronic safety lock being arranged on arrangements for automotive doors, when thermal sensor 4 is touched Hair electronic safety lock without electronic control and when being opened simultaneously, wireless singlechip 2 is automatically by cloud network 6 to the mobile phone of user APP sends the signal that car door is illegally opened.

Preferably, the burglar alarm 5 is audible-visual annunciator.

Preferably, as shown in Fig. 2, security protection system 7, for providing security protection for the cloud network comprising cloud Network node safety classification subsystem 10, security protection configuration subsystem 20, network security monitoring subsystem 30 and cloud service Network node is divided into 4 by system 40, the network node security classification system 10 by calculating the importance values of network node Different safe classes, the security protection configuration subsystem 20 are classified the classification knot of subsystem 10 according to cloud network node security Fruit, the link between the network node and node of different safety class provide different secure cryptographic services;The network Safety monitoring subsystem 30 is used for monitoring network node state, and the cloud service subsystem 40 is that entire security protection cloud system carries It is supported for cloud.

(1) cloud network node security classification subsystem 10 include incidence matrix generation module 11, minimum spanning tree module 12, Diversity module 13 and replacement module 14:

The importance values acquisition of cloud network node security classification subsystem 10 is based primarily upon following theory:It is to be measured by removing Node assesses status of the node in the network, specifically, if after node to be measured is removed, it is raw in obtained new figure The number of Cheng Shu is fewer, then the importance values of the node are bigger.

A, incidence matrix generation module 11:

A non-directed graph with m network node V and n link E, wherein V={ V are indicated with G1, V2... Vm, E= {E1, EE... En, indicate the connection relation of network structure interior joint and link with the incidence matrix R of m × n, the one of matrix R A network node in row corresponding network, a row of R indicate the value of the relating attribute of network node and corresponding sides, each in R The value of element is 0 or 1, wherein 0 represents link and is not associated with network node, 1 represents link is associated with network node;For example, If the element that m rows n-th arrange in R is 1, m-th of network node and nth bar link association are represented;

B. minimum spanning tree module 12:

It is represented with (i, j) and connects network node V in non-directed graph GiWith network node VjLink, ω (Vi, Vj) represent this chain The weight on road, if there are the T subsets for being E and being no cycle figure so that ω (T) is minimum, T is just known as to the minimum spanning tree of G, then Minimum spanning tree sum τ (G)=det (RR in GT), wherein det () represents determinant generating function,;

C. diversity module 13:

Node V is obtained by following formulaiImportance values riWherein τ (G) is to be generated by minimum The minimum spanning tree sum that tree computing module obtains;K is the quantity of the i-th row nonzero element in incidence matrix R, and Z is remove R the The new matrix obtained after the nonzero element column of i rows and the i-th row, det (Zi) represent the determinant of Z;riValue it is bigger, I.e. node shows higher importance, works as riValue when take 1, then it represents that ViIt is most important network node in the network, Once the connectivity that the network node is destroyed figure will be dramatically destroyed, to cause network communication to interrupt;By with Upper method calculates separately the importance values of all-network node, concurrently sets classification thresholds T1, T2, T3, and T1 > T2 > T3, such as Fruit riThe network node is then labeled as important node, if T1 > r by > T1i> T2, then by the network node labeled as time weight Node is wanted, if T2 > riThe network node is then labeled as intermediate node, if r by > T3iLess than T3, then by the network node It is denoted as respectively labeled as fringe node, and by the safe class of important node, secondary important node, intermediate node and fringe node Grade 1, grade 2, grade 3 and class 4;T3=0.33, fringe node number do not exceed the 35% of overall network number of nodes;

D. substitute module 14:

When changing network node quantity or node location, the important of each network node is recalculated automatically Property value, and re-start safety classification and label;

(2) security protection configuration subsystem 20:Between the identical network node of safe class, using based on network layer Secure Internet Protocol IPSec carries out information exchange, provides the protecting information safety of channel level, ipsec protocol answers cryptographic technique For network layer, provide point-to-point data transmission includes safety certification, data encryption, access control, the peace of integrality discriminating Full service;Using being operated in application layer protocol on network layer protocol into row information between the network node of different safety class Interaction, the safety of application layer is based on PKI system, the safety for being ensured information file transfer with cryptographic technique, being shared and being used, Specifically it is encrypted using cipher mode below:

A. for safe class be n1 network node A and safe class be n2 network node B, when A will to B transmit believe It when ceasing MES, sends ask from A to B first, B returns to Shu n1-n2 Shu random number Rs D1, B and retains RD1;

B.A is digitally signed with each RD1 of pre-assigned secret key pair, and generates Shu corresponding random numbers of Shu n1-n2 RD2;The matrix that RD1 and RD2 is formed to Shu n1-n2 Shu × Shu n1-n2 Shu rank carries out information MES using matrix encryption technology Encryption, B is sent to by encrypted result;Since the value range of n1 and n2 is 1-4, it is easy to know the net for different safety class For network node, which is up to 3 × 3 rank matrixes, minimum 1 × 1 matrix, and for the identical network node of safe class For, n1-n2=0, i.e., without the encrypted operation of matrix;When safe class is bypassed the immediate leadership, transmission series are higher, and Shu n1-n2 Shu are got over Greatly, then the exponent number of scrambled matrix is bigger, and cryptographic security is better, and for peer or when bypassing the immediate leadership little, Encryption Algorithm Calculation amount accordingly reduces, and has stronger adaptivity.

C.B call decryption function encrypted information is decrypted, obtain RD1 ' and information MES, by RD1 and RD1 ' into Row comparison match receives if successful match and retains MES, and MES is returned A if inconsistent or is abandoned;

(3) network security monitoring subsystem 30 is used for monitoring network number of nodes and network node location comprising perception mould Block and transmission module:

The sensing module around network node by disposing a large amount of wireless sensors realizations, not due to network node Know self-position, the wireless sensor is by receiving network node wireless signal, in conjunction with itself and other sensors position Relationship positions network node location;

(4) cloud service subsystem 40, including cloud storage module and cloud computing module:

The cloud storage module includes public cloud sub-module stored and private cloud storage submodule, publicly-owned storage cloud Module mainly stores network node ranked data, and the storage content external world can carry out free access, the private cloud storage submodule Block mainly stores secret key and decryption function, can only be accessed by the personnel of authentication;

The cloud computing module is realized by disposing SOA servers, including public cloud computational submodule and privately owned cloud computing Submodule, the public cloud computational submodule is classified subsystem for cloud network node security and network security monitoring subsystem provides Support is calculated, the private clound computational submodule provides calculating support for security protection configuration subsystem, and all types of user passes through end Program is held to obtain high in the clouds data.

In this embodiment:Using the photographic device and the equipment such as wireless singlechip on each automobile, realize The independent monitoring of every automobile, while support whole system using cloud network calculates storage, greatly reduces local clothes Be engaged in device input, and can be by mobile phone remote monitoring oneself automobile the case where;Network system node security classification system 10 Calculated using the node importance based on minimum spanning tree, can relatively accurate, calculation amount calculate the important of network node smaller Property, and safety classification, T3=0.33 are carried out to the node in network on this basis, fringe node number does not exceed overall network section The 35% of points;Information of the security protection configuration subsystem 20 between the network node of different safety class is transmitted using different Encryption policy, and when safe class bypass the immediate leadership transmit higher (when Shu n1-n2 Shu are bigger), then the exponent number of scrambled matrix is bigger, adds Close safety is better, and for peer or when bypassing the immediate leadership little, the calculation amount of Encryption Algorithm accordingly reduces, and has stronger adaptive Ying Xing;Cloud service module is set, memory space can be saved, improves calculating speed, saves time cost.

Preferably, the specific positioning operation of network node is as follows in the network security monitoring subsystem:

Using network node as the center of circle, r draws circle for radius, and the wireless sensor quantity fallen in circle is n, i-th of wireless biography The signal strength that sensor receives the network node corresponds to qi, i=1,2 ..., n;

The position (x, y) of network node is as follows:

The transmission module is used to the monitoring result of sensing module being transferred to cloud service subsystem 40.

Network security monitoring subsystem is set in this embodiment, network node data, accurate positioning can be acquired in time.

Application scenarios 5:

A kind of distributed high safety automotive theft proof system as shown in Figure 1, including it is camera 1, wireless singlechip 2, wireless Transmitter 3, thermal sensor 4, burglar alarm 5, cloud network 6 and security protection system 7;The camera on automobile The image taken is transmitted to wireless singlechip 2 by 1, and is sent to cloud network 6 by wireless transmitter 3;The thermal sensor 4 Burglar alarm 5 is concatenated, other than local burglar alarm is provided, the warning message sensed is also sent to wireless singlechip 2, And cloud network 6 is sent to by wireless transmitter 3;The information that the cloud network 6 sends wireless transmitter 3 is analyzed, is located Reason and storage, and send the result in the cell phone application of designated user.

The present invention utilizes the equipment such as the photographic device being mounted on each automobile and wireless singlechip, realizes every automobile Independent monitoring, while support whole system using cloud network calculates storage, greatly reduces the throwing of local server Enter, and can be by mobile phone remote monitoring oneself automobile the case where.

Preferably, when someone is close to the thermal sensor, start alarm automatically, and send to the cell phone application of user Pre-warning signal;The wireless singlechip 2 is also communicated with the electronic safety lock being arranged on arrangements for automotive doors, when thermal sensor 4 is touched Hair electronic safety lock without electronic control and when being opened simultaneously, wireless singlechip 2 is automatically by cloud network 6 to the mobile phone of user APP sends the signal that car door is illegally opened.

Preferably, the burglar alarm 5 is audible-visual annunciator.

Preferably, as shown in Fig. 2, security protection system 7, for providing security protection for the cloud network comprising cloud Network node safety classification subsystem 10, security protection configuration subsystem 20, network security monitoring subsystem 30 and cloud service Network node is divided into 4 by system 40, the network node security classification system 10 by calculating the importance values of network node Different safe classes, the security protection configuration subsystem 20 are classified the classification knot of subsystem 10 according to cloud network node security Fruit, the link between the network node and node of different safety class provide different secure cryptographic services;The network Safety monitoring subsystem 30 is used for monitoring network node state, and the cloud service subsystem 40 is that entire security protection cloud system carries It is supported for cloud.

(1) cloud network node security classification subsystem 10 include incidence matrix generation module 11, minimum spanning tree module 12, Diversity module 13 and replacement module 14:

The importance values acquisition of cloud network node security classification subsystem 10 is based primarily upon following theory:It is to be measured by removing Node assesses status of the node in the network, specifically, if after node to be measured is removed, it is raw in obtained new figure The number of Cheng Shu is fewer, then the importance values of the node are bigger.

A, incidence matrix generation module 11:

A non-directed graph with m network node V and n link E, wherein V={ V are indicated with G1, V2... Vm, E= {E1, E2... En, indicate the connection relation of network structure interior joint and link with the incidence matrix R of m × n, the one of matrix R A network node in row corresponding network, a row of R indicate the value of the relating attribute of network node and corresponding sides, each in R The value of element is 0 or 1, wherein 0 represents link and is not associated with network node, 1 represents link is associated with network node;For example, If the element that m rows n-th arrange in R is 1, m-th of network node and nth bar link association are represented;

B. minimum spanning tree module 12:

It is represented with (i, j) and connects network node V in non-directed graph GiWith network node VjLink, ω (Vi, Vj) represent this chain The weight on road, if there are the T subsets for being E and being no cycle figure so that ω (T) is minimum, T is just known as to the minimum spanning tree of G, then Minimum spanning tree sum τ (G)=det (RR in GT), wherein det () represents determinant generating function,;

C. diversity module 13:

Node V is obtained by following formulaiImportance values riWherein τ (G) is to be generated by minimum The minimum spanning tree sum that tree computing module obtains;K is the quantity of the i-th row nonzero element in incidence matrix R, and Z is remove R the The new matrix obtained after the nonzero element column of i rows and the i-th row, det (Zi) represent the determinant of Z;riValue it is bigger, I.e. node shows higher importance, works as riValue when take 1, then it represents that ViIt is most important network node in the network, Once the connectivity that the network node is destroyed figure will be dramatically destroyed, to cause network communication to interrupt;By with Upper method calculates separately the importance values of all-network node, concurrently sets classification thresholds T1, T2, T3, and T1 > T2 > T3, such as Fruit riThe network node is then labeled as important node, if T1 > r by > T1i> T2, then by the network node labeled as time weight Node is wanted, if T2 > riThe network node is then labeled as intermediate node, if r by > T3iLess than T3, then by the network node It is denoted as respectively labeled as fringe node, and by the safe class of important node, secondary important node, intermediate node and fringe node Grade 1, grade 2, grade 3 and class 4;T3=0.35, fringe node number do not exceed the 37% of overall network number of nodes;

D. substitute module 14:

When changing network node quantity or node location, the important of each network node is recalculated automatically Property value, and re-start safety classification and label;

(2) security protection configuration subsystem 20:Between the identical network node of safe class, using based on network layer Secure Internet Protocol IPSec carries out information exchange, provides the protecting information safety of channel level, ipsec protocol answers cryptographic technique For network layer, provide point-to-point data transmission includes safety certification, data encryption, access control, the peace of integrality discriminating Full service;Using being operated in application layer protocol on network layer protocol into row information between the network node of different safety class Interaction, the safety of application layer is based on PKI system, the safety for being ensured information file transfer with cryptographic technique, being shared and being used, Specifically it is encrypted using cipher mode below:

A. for safe class be n1 network node A and safe class be n2 network node B, when A will to B transmit believe It when ceasing MES, sends ask from A to B first, B returns to Shu n1-n2 Shu random number Rs D1, B and retains RD1;

B.A is digitally signed with each RD1 of pre-assigned secret key pair, and generates Shu corresponding random numbers of Shu n1-n2 RD2;The matrix that RD1 and RD2 is formed to Shu n1-n2 Shu × Shu n1-n2 Shu rank carries out information MES using matrix encryption technology Encryption, B is sent to by encrypted result;Since the value range of n1 and n2 is 1-4, it is easy to know the net for different safety class For network node, which is up to 3 × 3 rank matrixes, minimum 1 × 1 matrix, and for the identical network node of safe class For, n1-n2=0, i.e., without the encrypted operation of matrix;When safe class is bypassed the immediate leadership, transmission series are higher, and Shu n1-n2 Shu are got over Greatly, then the exponent number of scrambled matrix is bigger, and cryptographic security is better, and for peer or when bypassing the immediate leadership little, Encryption Algorithm Calculation amount accordingly reduces, and has stronger adaptivity.

C.B call decryption function encrypted information is decrypted, obtain RD1 ' and information MES, by RD1 and RD1 ' into Row comparison match receives if successful match and retains MES, and MES is returned A if inconsistent or is abandoned;

(3) network security monitoring subsystem 30 is used for monitoring network number of nodes and network node location comprising perception mould Block and transmission module:

The sensing module around network node by disposing a large amount of wireless sensors realizations, not due to network node Know self-position, the wireless sensor is by receiving network node wireless signal, in conjunction with itself and other sensors position Relationship positions network node location;

(4) cloud service subsystem 40, including cloud storage module and cloud computing module:

The cloud storage module includes public cloud sub-module stored and private cloud storage submodule, publicly-owned storage cloud Module mainly stores network node ranked data, and the storage content external world can carry out free access, the private cloud storage submodule Block mainly stores secret key and decryption function, can only be accessed by the personnel of authentication;

The cloud computing module is realized by disposing SOA servers, including public cloud computational submodule and privately owned cloud computing Submodule, the public cloud computational submodule is classified subsystem for cloud network node security and network security monitoring subsystem provides Support is calculated, the private clound computational submodule provides calculating support for security protection configuration subsystem, and all types of user passes through end Program is held to obtain high in the clouds data.

In this embodiment:Using the photographic device and the equipment such as wireless singlechip on each automobile, realize The independent monitoring of every automobile, while support whole system using cloud network calculates storage, greatly reduces local clothes Be engaged in device input, and can be by mobile phone remote monitoring oneself automobile the case where;Network system node security classification system 10 Calculated using the node importance based on minimum spanning tree, can relatively accurate, calculation amount calculate the important of network node smaller Property, and safety classification, T3=0.35 are carried out to the node in network on this basis, fringe node number does not exceed overall network section The 37% of points;Information of the security protection configuration subsystem 20 between the network node of different safety class is transmitted using different Encryption policy, and when safe class bypass the immediate leadership transmit higher (when Shu n1-n2 Shu are bigger), then the exponent number of scrambled matrix is bigger, adds Close safety is better, and for peer or when bypassing the immediate leadership little, the calculation amount of Encryption Algorithm accordingly reduces, and has stronger adaptive Ying Xing;Cloud service module is set, memory space can be saved, improves calculating speed, saves time cost.

Preferably, the specific positioning operation of network node is as follows in the network security monitoring subsystem:

Using network node as the center of circle, r draws circle for radius, and the wireless sensor quantity fallen in circle is n, i-th of wireless biography The signal strength that sensor receives the network node corresponds to qi, i=1,2 ..., n;

The position (x, y) of network node is as follows:

The transmission module is used to the monitoring result of sensing module being transferred to cloud service subsystem 40.

Network security monitoring subsystem is set in this embodiment, network node data, accurate positioning can be acquired in time.

Finally it should be noted that the above embodiments are merely illustrative of the technical solutions of the present invention, rather than the present invention is protected The limitation of range is protected, although being explained in detail to the present invention with reference to preferred embodiment, those skilled in the art answer Work as understanding, technical scheme of the present invention can be modified or replaced equivalently, without departing from the reality of technical solution of the present invention Matter and range.

Claims (3)

1. a kind of distribution high safety automotive theft proof system, characterized in that including camera, wireless singlechip, wireless transmitter, Thermal sensor, burglar alarm, cloud network and security protection system;The figure that the camera on automobile will take As being transmitted to wireless singlechip, and cloud network is sent to by wireless transmitter;The thermal sensor concatenates burglar alarm, removes It provides outside local burglar alarm, the warning message sensed is also sent to wireless singlechip, and send out by wireless transmitter It send to cloud network;The cloud network is analyzed the information that wireless transmitter is sent, handled and is stored, and sends the result to In the cell phone application of designated user;
The security protection system, for providing security protection for the cloud network comprising cloud network node security classification System, security protection configuration subsystem, network security monitoring subsystem and cloud service subsystem, the cloud network node security point Network node is divided into 4 different safe classes by grade subsystem by calculating the importance values of network node, and the safety is anti- Protect configuration subsystem according to cloud network node security be classified subsystem classification results, be different safety class network node with And the link between node provides different secure cryptographic services;The network security monitoring subsystem is used for monitoring network node State, the cloud service subsystem provide cloud support for entire security protection cloud system;
Cloud network node security classification subsystem includes incidence matrix generation module, minimum spanning tree module, diversity module and more For module:
The importance values acquisition of cloud network node security classification subsystem is based primarily upon following theory:By remove node to be measured come Assess status of the node in the network, specifically, if node to be measured be removed after, spanning tree in obtained new figure Number is fewer, then the importance values of the node are bigger;
Incidence matrix generation module:
A non-directed graph with m network node V and n link E, wherein V={ V are indicated with G1, V2... Vm, E={ E1, E2... En, the connection relation of network structure interior joint and link, a line pair of matrix R are indicated with the incidence matrix R of a m × n Answer a network node in network, a row of R indicate the value of network node and the relating attribute of corresponding sides, each element in R Value be 0 or 1, wherein 0 represents link and is not associated with network node, 1 represents link is associated with network node;
Minimum spanning tree module:
It is represented with (i, j) and connects network node V in non-directed graph GiWith network node VjLink, ω (Vi, Vj) represent this link Weight, if there are the T subsets for being E and being no cycle figure so that ω (T) is minimum, T is just known as to the minimum spanning tree of G, then in G Minimum spanning tree sum τ (G)=det (RRT), wherein det () represents determinant generating function;
Diversity module:
Node V is obtained by following formulaiImportance values riWherein τ (G) is to be calculated by minimum spanning tree The minimum spanning tree sum that module obtains;K be incidence matrix R in the i-th row nonzero element quantity, Z be remove R the i-th row and The new matrix obtained after the nonzero element column of i-th row, det (Zi) represent the determinant of Z;riValue it is bigger, i.e. node It shows higher importance, works as riValue when take 1, then it represents that ViIt is most important network node in the network, once it should The connectivity that network node is destroyed figure will be dramatically destroyed, to cause network communication to interrupt;By the above process The importance values for calculating separately all-network node concurrently set classification thresholds T1, T2, T3, and T1 > T2 > T3, if ri> The network node is then labeled as important node, if T1 > r by T1iThe network node is then labeled as time important section by > T2 Point, if T2 > riThe network node is then labeled as intermediate node, if r by > T3iLess than T3, then the network node is marked For fringe node, and the safe class of important node, secondary important node, intermediate node and fringe node is denoted as grade respectively 1, grade 2, grade 3 and class 4;Wherein T3 ∈ [0.25,0.35];
Substitute module:
When changing network node quantity or node location, the importance of each network node is recalculated automatically Value, and re-start safety classification and label;
Security protection configuration subsystem:It is internet using the safety based on network layer between the identical network node of safe class Protocol IP Sec carries out information exchange, provides the protecting information safety of channel level, ipsec protocol is by cryptographic applications in network Layer provides the security service of point-to-point data transmission differentiated including safety certification, data encryption, access control, integrality;No Information exchange, application are carried out using the application layer protocol being operated on network layer protocol between the network node of safe class The safety of layer is based on PKI system, the safety for being ensured information file transfer with cryptographic technique, being shared and being used, specifically It is encrypted using cipher mode below:
For safe class be n1 network node A and safe class be n2 network node B, when A will transmit information MES to B When, it sends ask from A to B first, B returns to Shu n1-n2 Shu random number Rs D1, B and retains RD1;
It is digitally signed with each RD1 of pre-assigned secret key pair, and generates Shu corresponding random number R D2 of Shu n1-n2;It will RD1 and RD2 forms the matrix of Shu n1-n2 Shu × Shu n1-n2 Shu rank, and information MES is encrypted using matrix encryption technology, will Encrypted result is sent to B;Since the value range of n1 and n2 is 1-4, it is easy to know the network node for different safety class For, which is up to 3 × 3 rank matrixes, minimum 1 × 1 matrix, and for the identical network node of safe class, N1-n2=0, i.e., without the encrypted operation of matrix;When safe class is bypassed the immediate leadership, transmission series are higher, and Shu n1-n2 Shu are bigger, then add Close order of matrix number is bigger, and cryptographic security is better, and for peer or when bypassing the immediate leadership little, the calculation amount phase of Encryption Algorithm It should reduce, there is stronger adaptivity;
It calls decryption function that encrypted information is decrypted, obtains RD1 ' and information MES, RD1 and RD1 ' is compared Matching, receives if successful match and retains MES, and MES is returned A if inconsistent or is abandoned;
Network security monitoring subsystem is used for monitoring network number of nodes and network node location comprising sensing module and transmission Module:
The sensing module is realized by disposing a large amount of wireless sensors around network node, since network node is not aware that Self-position, the wireless sensor is by receiving network node wireless signal, in conjunction with itself and other sensors position relationship, Network node location is positioned;
Cloud service subsystem, including cloud storage module and cloud computing module:
The cloud storage module includes public cloud sub-module stored and private cloud storage submodule, the publicly-owned storage cloud submodule Main storage network node ranked data, the storage content external world can carry out free access, the private cloud storage submodule master Secret key and decryption function are stored, can only be accessed by the personnel of authentication;
The cloud computing module is realized by disposing SOA servers, including public cloud computational submodule and privately owned cloud computing submodule Block, the public cloud computational submodule is classified subsystem for cloud network node security and network security monitoring subsystem provides calculating Support, the private clound computational submodule provide calculating support for security protection configuration subsystem, and all types of user passes through terminal journey Sequence obtains high in the clouds data.
2. a kind of distributed high safety automotive theft proof system according to claim 1, characterized in that when someone is described in When thermal sensor, start alarm automatically, and pre-warning signal is sent to the cell phone application of user;The wireless singlechip also with set Set on arrangements for automotive doors electronic safety lock communication, when thermal sensor be triggered and meanwhile electronic safety lock without electronic control and by When opening, wireless singlechip sends the signal that car door is illegally opened automatically by cloud network to the cell phone application of user.
3. a kind of distributed high safety automotive theft proof system according to claim 2, characterized in that the burglar alarm For audible-visual annunciator.
CN201610556798.7A 2016-07-13 2016-07-13 A kind of distribution high safety automotive theft proof system CN106114453B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610556798.7A CN106114453B (en) 2016-07-13 2016-07-13 A kind of distribution high safety automotive theft proof system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610556798.7A CN106114453B (en) 2016-07-13 2016-07-13 A kind of distribution high safety automotive theft proof system

Publications (2)

Publication Number Publication Date
CN106114453A CN106114453A (en) 2016-11-16
CN106114453B true CN106114453B (en) 2018-09-21

Family

ID=57283427

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610556798.7A CN106114453B (en) 2016-07-13 2016-07-13 A kind of distribution high safety automotive theft proof system

Country Status (1)

Country Link
CN (1) CN106114453B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107885148A (en) * 2017-11-22 2018-04-06 姜齐 A kind of vehicle-mounted internet long-range control method

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103057518B (en) * 2013-01-29 2016-01-06 阿坝师范高等专科学校 Automotive anti-theft alarming system
CN103395404A (en) * 2013-08-08 2013-11-20 浙江大学 Remote video monitoring system for vehicle and vehicle remote video monitoring method
US9227595B2 (en) * 2013-10-31 2016-01-05 GM Global Technology Operations LLC Methods, systems and apparatus for providing notification that a vehicle has been accessed
CN104527580A (en) * 2014-12-31 2015-04-22 深圳天邦达科技有限公司 Intelligent positioning and tracking system for electric vehicle
CN104670155B (en) * 2015-02-09 2017-08-01 上海交通大学 Anti-theft alarm system for vehicles based on high in the clouds car networking
CN204641669U (en) * 2015-04-20 2015-09-16 重庆文理学院 Based on the security system for vehicles of mobile radio communication
CN105329208B (en) * 2015-11-13 2018-01-16 上海斐讯数据通信技术有限公司 A kind of automobile burglar monitoring system

Also Published As

Publication number Publication date
CN106114453A (en) 2016-11-16

Similar Documents

Publication Publication Date Title
Mahmoud et al. Internet of things (IoT) security: Current status, challenges and prospective measures
Zhou et al. Security and privacy for cloud-based IoT: Challenges
Al Omar et al. Medibchain: A blockchain based privacy preserving platform for healthcare data
CN103391185B (en) A kind of cloud security storage of track traffic Monitoring Data and processing method and system
Xiaohui Study on security problems and key technologies of the internet of things
Shim ${\cal CPAS} $: an efficient conditional privacy-preserving authentication scheme for vehicular sensor networks
Vidgren et al. Security threats in ZigBee-enabled systems: vulnerability evaluation, practical experiments, countermeasures, and lessons learned
Hassija et al. A survey on IoT security: application areas, security threats, and solution architectures
US20160366179A1 (en) Authenticated Sensor Interface Device
US8972730B2 (en) System and method of using a signed GUID
CN102077545B (en) Personal security manager for ubiquitous patient monitoring
US10297094B2 (en) Challenge-response access control using context-based proof
US9246691B2 (en) System, method and apparata for secure communications using an electrical grid network
CN105812369B (en) A kind of traceable anonymous authentication method based on elliptic curve
CN103283202B (en) System and Method for Network Level Protection Against Malicious Software
US8429720B2 (en) Method and apparatus for camouflaging of data, information and functional transformations
US20160173530A1 (en) Vehicle-Mounted Network System
Baig et al. Future challenges for smart cities: Cyber-security and digital forensics
Vashi et al. Internet of Things (IoT): A vision, architectural elements, and security issues
Yu et al. A view about cloud data security from data life cycle
Pateriya et al. The evolution of RFID security and privacy: a research survey
Jain et al. Security solutions for wireless sensor networks
US7454782B2 (en) Method and system for camouflaging access-controlled data
CN105205898B (en) A kind of electronic cipher Rights Management System of smart lock
US9576412B2 (en) Network-assisted remote access portal

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20180806

Address after: 510700 No. 1, Guang Ben Road, Whampoa District, Guangzhou, Guangdong.

Applicant after: Guangqi Honda Automobile Co., Ltd.

Address before: 315200 No. 555 north tunnel road, Zhenhai District, Ningbo, Zhejiang

Applicant before: Yang Lin

GR01 Patent grant
GR01 Patent grant