CN110430266B - Edge cloud cooperative data transmission method, device, equipment and storage medium - Google Patents

Edge cloud cooperative data transmission method, device, equipment and storage medium Download PDF

Info

Publication number
CN110430266B
CN110430266B CN201910722229.9A CN201910722229A CN110430266B CN 110430266 B CN110430266 B CN 110430266B CN 201910722229 A CN201910722229 A CN 201910722229A CN 110430266 B CN110430266 B CN 110430266B
Authority
CN
China
Prior art keywords
vehicle terminal
key
message
terminal
distribution node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910722229.9A
Other languages
Chinese (zh)
Other versions
CN110430266A (en
Inventor
王涛
张云飞
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Tencent Technology Shenzhen Co Ltd
Original Assignee
Tencent Technology Shenzhen Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tencent Technology Shenzhen Co Ltd filed Critical Tencent Technology Shenzhen Co Ltd
Priority to CN201910722229.9A priority Critical patent/CN110430266B/en
Publication of CN110430266A publication Critical patent/CN110430266A/en
Application granted granted Critical
Publication of CN110430266B publication Critical patent/CN110430266B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/52Network services specially adapted for the location of the user terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/50Network services
    • H04L67/60Scheduling or organising the servicing of application requests, e.g. requests for application data transmissions using the analysis and optimisation of the required network resources
    • H04L67/63Routing a service request depending on the request content or context
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)
  • Traffic Control Systems (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The embodiment of the application discloses a method, a device, equipment and a storage medium for edge cloud cooperative data transmission, wherein the method comprises the following steps: the method comprises the steps that a vehicle terminal sends a first request message carrying a self identification and self current driving data to a control node in a center cloud, and receives a first response message returned by the control node aiming at the first request message, wherein the first response message comprises routing information of a message distribution node of a target edge cloud distributed for the vehicle terminal; and the vehicle terminal and the message distribution node in the target edge cloud distributed to the vehicle terminal negotiate to generate a shared key, and the shared key is used for carrying out encryption transmission on the interactive driving data and service information of the vehicle terminal and the target edge cloud. The method can improve the safety and reliability of data transmission in the edge cloud coordination system and reduce the delay of data transmission in the edge cloud coordination system.

Description

Edge cloud cooperative data transmission method, device, equipment and storage medium
Technical Field
The present application relates to the field of network communication technologies, and in particular, to a method, an apparatus, a device, and a storage medium for edge cloud collaborative data transmission.
Background
The edge calculation is a distributed open platform which integrates network, calculation, storage and application core capabilities at the edge side of a network close to an object or a data source, so that edge intelligent service is provided nearby, and the key requirements of industry digitization on agile connection, real-time service, data optimization, application intelligence, safety, privacy protection and the like are met. It can be used as a bridge to connect the physical and digital worlds, enabling intelligent systems and intelligent services.
Traditional intelligent systems such as traditional intelligent transportation systems are based on central cloud computing, data are uploaded to a cloud end under the condition that real-time data acquisition is achieved at a front end, computing is achieved on the cloud end, results are issued to an intersection annunciator and a mobile terminal, and strategic control and intersection coordination control of a signal lamp system of the cloud end are achieved. However, with the advance of the vehicle-road cooperative system, massive real-time data needs to be processed, and the vehicle driving safety service needs to inform a driver or control a vehicle to take measures under the condition of millisecond-level delay, so that the original central calculation mode cannot guarantee the timeliness of vehicle-road cooperation.
And the edge computing can integrate the computing load of the cloud to the edge layer, most of computing is completed at the edge computing node, and the result is sent to the vehicle provided with the vehicle-mounted unit in real time through transmission means such as a road side unit, so that the requirement of vehicle-road cooperation is met. Therefore, the vehicle-road coordination system needs to implement edge cloud coordination, which is called edge cloud coordination for short, and certainly, other intelligent systems such as an intelligent home system need to complete data processing through edge cloud coordination besides the vehicle-road coordination system needing to perform edge cloud coordination.
How to realize edge cloud cooperative data transmission to ensure safe and reliable data distribution and reduce data transmission delay is a technical difficulty which needs to be solved urgently at present.
Disclosure of Invention
The embodiment of the application provides a method, a device, equipment and a storage medium for edge cloud collaborative data transmission, which can ensure that data in an edge cloud collaborative system is safely and reliably distributed, and effectively reduce data transmission delay.
In view of this, a first aspect of the present application provides a method for edge cloud collaborative data transmission, including:
sending a first request message to a control node in a center cloud, wherein the first request message at least comprises an identifier of a vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least comprises current position information of the vehicle terminal;
receiving a first response message sent by the control node in response to the first request message, wherein the first response message at least comprises routing information of a message distribution node in a target edge cloud distributed for the vehicle terminal;
generating a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal, and generating a shared key according to the first key exchange parameter and the second private key;
encrypting the current driving data of the vehicle terminal by using the shared key to obtain a vehicle terminal driving data cipher text, and sending a second request message to the message distribution node according to the routing information, wherein the second request message comprises the vehicle terminal driving data cipher text and the second key exchange parameter, so that the message distribution node generates the shared key based on a first private key corresponding to the first key exchange parameter and the second key exchange parameter;
receiving a second response message sent by the message distribution node in response to the second request message, wherein the second response message comprises a first target service information ciphertext, the first target service information ciphertext is generated by the message distribution node encrypting first target service information by using the shared key, and the first target service information is vehicle-road cooperative sensing information matched with the vehicle terminal by using current driving data of the vehicle terminal;
and decrypting the first target service information ciphertext by using the shared secret key to obtain the first target service information.
The application in a second aspect provides a side cloud cooperative data transmission method, which is applied to a cloud system, wherein the cloud system comprises a center cloud and an edge cloud, and the method comprises the following steps:
a control node in a center cloud receives a first request message sent by a vehicle terminal, wherein the first request message at least comprises an identifier of the vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least comprises current position information of the vehicle terminal;
the control node responds to the first request message, allocates a target edge cloud to the vehicle terminal according to current driving data of the vehicle terminal, and sends a first response message to the vehicle terminal, wherein the first response message at least comprises routing information of a message distribution node in the target edge cloud;
the control node sends a task allocation notification message to the message distribution node, wherein the task allocation notification message at least comprises an identifier of the vehicle terminal;
the message distribution node receives a second request message sent by the vehicle terminal, wherein the second request message comprises a vehicle terminal driving data ciphertext of the vehicle terminal and a second key exchange parameter generated by the vehicle terminal for negotiating a shared key, and the vehicle terminal driving data ciphertext is generated by the vehicle terminal encrypting current driving data of the vehicle terminal according to the shared key negotiated with the message distribution node;
the message distribution node generates the shared key according to the second key exchange parameter and a first private key corresponding to the first key exchange parameter, wherein the first key exchange parameter and the first private key corresponding to the first key exchange parameter are generated by the message distribution node or the control node;
the message distribution node decrypts the vehicle terminal running data ciphertext by using the shared secret key to obtain current running data of the vehicle terminal, matches vehicle and road cooperative sensing information for the vehicle terminal according to the current running data of the vehicle terminal to obtain first target service information, and encrypts the first target service information by using the shared secret key to obtain a first target service information ciphertext;
and the message distribution node sends a second response message to the vehicle terminal, wherein the second response message comprises the first target service information ciphertext.
A third aspect of the present application provides a method for transmitting edge cloud cooperative data, including:
sending a first request message to a control node in a central cloud, wherein the first request message at least comprises an identifier of a terminal and current attribute data of the terminal, and the current attribute data of the terminal at least comprises current position information of the terminal;
receiving a first response message sent by the control node in response to the first request message, wherein the first response message at least comprises routing information of a message distribution node in a target edge cloud allocated to the terminal;
generating a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal, and generating a shared key according to the first key exchange parameter and the second private key;
encrypting the current attribute data of the terminal by using the shared key to obtain a terminal attribute data ciphertext, and sending a second request message to the message distribution node according to the routing information, wherein the second request message comprises the terminal attribute data ciphertext and the second key exchange parameter, so that the message distribution node generates the shared key based on a first private key corresponding to the first key exchange parameter and the second key exchange parameter;
receiving a second response message sent by the message distribution node in response to the second request message, wherein the second response message comprises a first target service information ciphertext, the first target service information ciphertext is generated by the message distribution node encrypting first target service information by using the shared key, and the first target service information is service information matched with the terminal by using current attribute data of the terminal;
and decrypting the first target service information ciphertext by using the shared secret key to obtain the first target service information.
The fourth aspect of the present application provides a side cloud cooperative data transmission method, which is applied to a cloud system, where the cloud system includes a center cloud and an edge cloud, and the method includes:
a control node in a center cloud receives a first request message sent by a vehicle terminal, wherein the first request message at least comprises an identifier of the terminal and current attribute data of the terminal, and the current attribute data of the terminal at least comprises current position information of the terminal;
the control node responds to the first request message, allocates a target edge cloud to the terminal according to the current driving data of the terminal, and sends a first response message to the terminal, wherein the first response message at least comprises the routing information of a message distribution node in the target edge cloud;
the control node sends a task allocation notification message to the message distribution node, wherein the task allocation notification message at least comprises the identifier of the terminal;
the message distribution node receives a second request message sent by the terminal, wherein the second request message comprises a terminal attribute data ciphertext of the terminal and a second key exchange parameter generated by the terminal for negotiating a shared key, and the terminal attribute data ciphertext is generated by the terminal according to the current attribute data of the terminal encrypted by the shared key negotiated with the message distribution node;
the message distribution node generates the shared key according to the second key exchange parameter and a first private key corresponding to a first message exchange parameter, wherein the first exchange parameter and the first private key corresponding to the first exchange parameter are generated by the message distribution node or the control node;
the message distribution node decrypts the terminal attribute data ciphertext by using the shared key to obtain the current attribute data of the terminal, matches service information for the terminal according to the current attribute data of the terminal to obtain first target service information, and encrypts the first target service information by using the shared key to obtain a first target service information ciphertext;
and the message distribution node sends a second response message to the terminal, wherein the second response message comprises the first target service information ciphertext.
The fifth aspect of the present application provides a device for edge cloud collaborative data transmission, including:
the system comprises a first sending module and a second sending module, wherein the first sending module is used for sending a first request message to a control node in a center cloud, the first request message at least comprises an identifier of a vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least comprises current position information of the vehicle terminal;
a first receiving module, configured to receive a first response message sent by the control node in response to the first request message, where the first response message at least includes routing information of a message distribution node in a target edge cloud allocated to the vehicle terminal;
the shared key establishing module is used for generating a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal, and generating a shared key according to the first key exchange parameter and the second private key;
a second sending module, configured to encrypt current driving data of the vehicle terminal by using the shared key to obtain a vehicle terminal driving data cipher text, and send a second request message to the message distribution node according to the routing information, where the second request message includes the vehicle terminal driving data cipher text and the second key exchange parameter, so that the message distribution node generates the shared key based on a first private key corresponding to the first key exchange parameter and the second key exchange parameter;
a second receiving module, configured to receive a second response message sent by the message distribution node in response to the second request message, where the second response message includes a first target service information ciphertext, the first target service information ciphertext is generated by the message distribution node encrypting first target service information by using the shared key, and the first target service information is vehicle-road cooperative sensing information that is matched with the vehicle terminal by using current driving data of the vehicle terminal;
and the decryption module is used for decrypting the first target service information ciphertext by using the shared secret key to obtain the first target service information.
A sixth aspect of the present application provides a side cloud collaborative data transmission system, including: the system comprises a central cloud and an edge cloud, wherein the central cloud at least comprises a control node, and the edge cloud at least comprises a message distribution node; wherein the content of the first and second substances,
the control node is configured to receive a first request message sent by a vehicle terminal, where the first request message at least includes an identifier of the vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least includes current location information of the vehicle terminal;
the control node is further configured to respond to the first request message, allocate a target edge cloud to the vehicle terminal according to current driving data of the vehicle terminal, and send a first response message to the vehicle terminal, where the first response message at least includes routing information of a message distribution node in the target edge cloud;
the control node is further configured to send a task allocation notification message to the message distribution node, where the task allocation notification message at least includes an identifier of the vehicle terminal;
the message distribution node is configured to receive a second request message sent by the vehicle terminal, where the second request message includes a vehicle terminal driving data cipher text of the vehicle terminal and a second key exchange parameter generated by the vehicle terminal for negotiating a shared key, where the vehicle terminal driving data cipher text is generated by the vehicle terminal encrypting current driving data of the vehicle terminal according to the shared key negotiated with the message distribution node;
the message distribution node is further configured to generate the shared key according to the second key exchange parameter and a first private key corresponding to a first message exchange parameter, where the first exchange parameter and the first private key corresponding to the first exchange parameter are generated by the message distribution node or the control node;
the message distribution node is further configured to decrypt the vehicle terminal driving data cipher text by using the shared key to obtain current driving data of the vehicle terminal, match vehicle cooperative sensing information for the vehicle terminal according to the current driving data of the vehicle terminal to obtain first target service information, and encrypt the first target service information by using the shared key to obtain a first target service information cipher text;
the message distribution node is further configured to send a second response message to the vehicle terminal, where the second response message includes the first target service information ciphertext.
A seventh aspect of the present application provides an apparatus comprising a processor and a memory:
the memory is used for storing a computer program and transmitting the computer program to the processor;
the processor is configured to execute the steps of the edge cloud collaborative data transmission method according to the first aspect to the fourth aspect.
An eighth aspect of the present application provides a computer-readable storage medium, where the computer-readable storage medium is used to store a computer program, where the computer program is used to execute the steps of the edge cloud collaborative data transmission method according to the first aspect to the fourth aspect.
A ninth aspect of the present application provides a computer program product comprising instructions, which when run on a computer, causes the computer to perform the steps of the edge cloud cooperative data transmission method according to the first to fourth aspects.
According to the technical scheme, the embodiment of the application has the following advantages:
the embodiment of the application provides a side cloud cooperative data transmission method, which is based on the technical idea of a quick (quick UDP Internet connection) protocol, provides a data transmission mechanism suitable for a vehicle road cooperative system, simplifies the link establishment process of a vehicle terminal and a cloud, and directly sends data without handshaking between the vehicle terminal and the cloud, so that the design can quickly establish a link and transmit the data, and can obviously reduce delay; and the vehicle terminal and the message distribution node in the target edge cloud distributed to the vehicle terminal negotiate to generate a shared key, and the shared key is used for carrying out encryption transmission on the interactive driving data and service information of the vehicle terminal and the target edge cloud. Moreover, a key negotiation mechanism that the vehicle terminal and the cloud end establish a shared key in real time according to transmission requirements is provided in the method, and the vehicle terminal and the cloud end adopt an encryption mode to transmit data to be encrypted when the data are transmitted based on the key negotiation mechanism so as to ensure the safety and reliability of data transmission. It should be understood that the edge cloud cooperative data transmission method provided by the embodiment of the application can be applied to other scenes of the internet of things besides the scene of the internet of vehicles; when the data transmission method of the edge cloud system provided by the embodiment of the application is applied to other scenes, the data can be safely and reliably distributed, and the delay of data transmission is reduced.
Drawings
Fig. 1 is a schematic structural diagram of a vehicle-road coordination system according to an embodiment of the present disclosure;
fig. 2 is a schematic flowchart of a method for transmitting side cloud cooperative data at a vehicle terminal side according to an embodiment of the present application;
fig. 3 is a schematic diagram of negotiating a shared key according to an embodiment of the present application;
fig. 4 is a schematic flowchart of a method for edge cloud cooperative data transmission at a cloud system side according to an embodiment of the present application;
fig. 5 is an interaction signaling diagram of a method for edge cloud cooperative data transmission according to an embodiment of the present application;
fig. 6 is an interaction signaling diagram of another edge cloud cooperative data transmission method according to an embodiment of the present application;
fig. 7 is a schematic flowchart of a method for transmitting edge cloud cooperative data at a terminal side according to an embodiment of the present application;
fig. 8 is a schematic flowchart of another method for edge cloud cooperative data transmission on a cloud system side according to the embodiment of the present application;
fig. 9 is a schematic structural diagram of a first vehicle terminal-side edge cloud cooperative data transmission device according to an embodiment of the present application;
fig. 10 is a schematic structural diagram of a second vehicle terminal-side edge cloud cooperative data transmission device according to an embodiment of the present application;
fig. 11 is a schematic structural diagram of a third vehicle terminal-side edge cloud cooperative data transmission device according to an embodiment of the present application;
fig. 12 is a schematic structural diagram of a fourth vehicle terminal-side edge cloud cooperative data transmission device according to an embodiment of the present application;
fig. 13 is a schematic structural diagram of a side cloud cooperative data transmission system according to an embodiment of the present application;
fig. 14 is a schematic structural diagram of a terminal-side edge cloud cooperative data transmission apparatus according to an embodiment of the present application;
fig. 15 is a schematic structural diagram of another edge cloud cooperative data transmission system according to an embodiment of the present application;
FIG. 16 is a schematic structural diagram of a vehicle terminal according to an embodiment of the present disclosure;
fig. 17 is a schematic structural diagram of a server according to an embodiment of the present application.
Detailed Description
In order to make the technical solutions of the present application better understood, the technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The terms "first," "second," "third," "fourth," and the like in the description and in the claims of the present application and in the drawings described above, if any, are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used is interchangeable under appropriate circumstances such that the embodiments of the application described herein are capable of operation in sequences other than those illustrated or described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed, but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
In order to solve the technical problems of how to realize safe and reliable data distribution and reduce data transmission delay in a side cloud collaborative data transmission scene, the embodiment of the application provides a side cloud collaborative data transmission method, and the method provides a link establishment and data transmission mechanism which is adapted to a vehicle road collaborative system based on the core idea of a Quic protocol, so that links between a vehicle terminal and a center cloud and between a vehicle terminal and a target edge cloud can be established more quickly, and the data transmission delay can be reduced remarkably; the method also provides a data confidentiality mechanism for realizing data encryption transmission by real-time negotiation of the shared key between the vehicle terminal and the edge cloud cooperative system based on the shared key, so that the safety and reliability of data transmission in the edge cloud cooperative system can be ensured.
In order to facilitate understanding of the edge cloud collaborative data transmission method provided in the embodiment of the present application, a vehicle-road collaborative system to which the edge cloud collaborative data transmission method provided in the embodiment of the present application is applied is introduced first below.
Referring to fig. 1, fig. 1 is a schematic structural diagram of a vehicle-road coordination system provided in the embodiment of the present application. As shown in fig. 1, the vehicle-road cooperation system includes: the system comprises a vehicle terminal 110, a 4G/5G base station 120, an edge cloud 130, a 4G/5G core network 140 and a center cloud 150; the edge cloud 130 is deployed with a message distribution node 131, and the center cloud 150 is deployed with a control node 151.
The vehicle terminal 110 is also commonly referred to as an in-vehicle terminal, and is a front-end device in a vehicle monitoring management system, and generally integrates multiple functions such as positioning, communication, and vehicle driving record. The central cloud and the edge cloud are servers deployed at the cloud, and are generally deployed in a server cluster manner, although the central cloud and the edge cloud may also be deployed based on independent servers respectively; in particular, the edge cloud may be deployed in a mobile communication network, particularly between a base station and a core network, while the central cloud is typically deployed independently of the mobile communication network.
The 4G/5G base station 120 and the 4G/5G core network 140 in fig. 1 are general terms of main network elements on the mobile communication network side, and in practical applications, the vehicle-road coordination system may perform data communication based on a 4G/5G mobile communication network, and may also perform data communication based on other types of mobile communication networks, where no limitation is made on the type of network on which the vehicle-road coordination system performs data communication.
Fig. 1 is only for illustrating a system structure, in an actual application, in a vehicle cooperation system, data distribution is generally implemented based on a plurality of center clouds 150 and a plurality of edge clouds 130, the number of the center clouds is generally greater than that of the edge clouds, functions of each center cloud are similar, specifically, one center cloud selects an adapted edge cloud for a vehicle terminal from the plurality of edge clouds as a target edge cloud according to an actual situation of the vehicle terminal, and then notifies the target edge cloud to provide a data distribution service for the vehicle terminal. Of course, the implementation of the present application does not limit the specific number of center clouds and edge clouds.
Generally, a plurality of functional nodes may be deployed in the central cloud 150, where at least one of the functional nodes is used to implement processing such as identity validity authentication of a vehicle terminal and selection of an edge cloud for the vehicle terminal. Similarly, a plurality of functional nodes may be deployed in the edge cloud 130, where at least one of the functional nodes is a message distribution node, and the edge cloud 130 may obtain drive test sensing information, and generate, in real time, vehicle-road system sensing information such as road condition information (including information such as positions, speeds, and directions of vehicles and pedestrians on a current road), road scene information (including information such as road congestion, abnormal vehicle lifting on a road, and lane changing) based on the obtained drive test sensing information, and when the vehicle-road system sensing information is specifically implemented, a secure communication link is established between the message distribution node and a vehicle terminal, and relevant vehicle-road cooperative sensing information is issued to the vehicle terminal in a data encryption manner.
For the vehicle terminal 110, after establishing a communication link with the center cloud 150 and the edge cloud 130, the vehicle terminal receives the vehicle path cooperative sensing information issued by the message distribution node in the target edge cloud for controlling the vehicle to further operate, such as performing road condition early warning, automatic driving assistance and other processing;
it should be understood that the vehicle-road cooperative system shown in fig. 1 is only an exemplary scenario to which the edge-cloud cooperative data transmission method provided in the embodiment of the present application is applicable, and in practical applications, the edge-cloud cooperative data transmission method provided in the embodiment of the present application may also be applicable to other service scenarios that require an edge-cloud system, such as cloud game applications or internet of things applications, and no limitation is made to an application scenario to which the edge-cloud cooperative data transmission method provided in the embodiment of the present application is applicable.
The method for transmitting the edge cloud coordination data at the vehicle terminal side provided by the present application is described below by an embodiment.
Referring to fig. 2, fig. 2 is a schematic flowchart of a method for transmitting side cloud cooperative data at a vehicle terminal side according to an embodiment of the present application. As shown in fig. 2, the method comprises the steps of:
step 201: the method comprises the steps of sending a first request message to a control node in a center cloud, wherein the first request message at least comprises an identification of a vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least comprises current position information of the vehicle terminal.
When the vehicle terminal needs to request the vehicle-road coordination system to provide relevant services for the vehicle terminal, the vehicle terminal may send a first request message to a control node of a center cloud in the vehicle-road coordination system, so as to request the control node to allocate a target edge cloud to the vehicle terminal, and establish connection with a message distribution node of the target edge cloud. The first request message carries an identifier of the vehicle terminal and current driving data of the vehicle terminal; the identification of the vehicle terminal is an identification capable of uniquely representing the identity of the vehicle terminal, such as an ID of the vehicle terminal; the current driving data of the vehicle terminal at least includes current position information of the vehicle terminal, and the current position information may be position information obtained by the vehicle terminal through a Global Positioning System (GPS).
It should be noted that, in order to facilitate the control node to more reasonably allocate the target edge cloud to the vehicle terminal, the current driving data sent by the vehicle terminal to the control node may further include related driving information such as a current driving speed and a current driving direction, and no limitation is made to information included in the current driving data of the vehicle terminal.
Step 202: and receiving a first response message sent by the control node in response to the first request message, wherein the first response message at least comprises the routing information of the message distribution node in the target edge cloud distributed for the vehicle terminal.
After receiving the first request message, the control node may allocate a target edge cloud to the vehicle terminal according to current driving data of the vehicle terminal, for example, select an edge cloud closest to a current position of the vehicle terminal as the target edge cloud according to current position information of the vehicle terminal. After the control node completes the allocation of the target edge cloud for the vehicle terminal, the control node adds the routing information (namely the network address of the message distribution node) of the message distribution node in the target edge cloud allocated for the vehicle terminal to the first response message, and sends the first response message to the vehicle terminal.
It should be understood that, when the current driving data of the vehicle terminal further includes other driving information, the control node in the center cloud may combine the current location information of the vehicle terminal with the other driving information, and accordingly allocate a target edge cloud to the vehicle terminal, where no limitation is made on the manner in which the control node allocates the target edge cloud.
It should be noted that, after the control node completes the allocation of the target edge cloud for the vehicle terminal, it also issues a task allocation notification message to the message distribution node in the target edge cloud, where the task allocation notification message at least includes the identifier of the vehicle terminal, so as to notify the message distribution node in the target edge cloud of its subsequent service object, that is, notify the message distribution node to subsequently provide the relevant service information for the vehicle terminal.
Step 203: and generating a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal, and generating a shared key according to the first key exchange parameter and the second private key.
After receiving the first response message returned by the control node, the vehicle terminal can correspondingly establish a data transmission link with the message distribution node according to the routing information of the message distribution node of the target edge cloud in the first response message, and perform data interaction. In order to ensure the safety and reliability of data transmission, the vehicle terminal and the message distribution node need to negotiate a shared key in advance, so that the transmitted data is encrypted and decrypted based on the shared key in the subsequent data interaction process, and the data is prevented from being stolen and stolen by lawbreakers in the transmission process.
Specifically, when negotiating a shared key, the vehicle terminal may generate the shared key according to a first key exchange parameter issued by the control node or the message distribution node and a second private key generated by itself, and generate a second key exchange parameter according to the first key exchange parameter and the second private key generated by itself; and sending the second key exchange parameter to a message distribution node of the target edge cloud, wherein the message distribution node can generate a shared key based on the second key exchange parameter and the first key exchange parameter received or generated by the message distribution node.
In one possible implementation, the vehicle terminal may negotiate a shared key with the message distribution node based on a Diffie-Hellman (DH) key agreement algorithm. Specifically, the first key exchange parameter issued by the control node or the message distribution node may include a prime number, a primitive root corresponding to the prime number, and a first public key generated according to the prime number, the primitive root, and the first private key; the vehicle terminal can generate a first random number as a second private key, generate a second public key corresponding to the second private key according to the prime number, the primitive root and the second private key, and use the second public key as a second key exchange parameter; and calculating to obtain a shared key through a key negotiation algorithm according to the prime number, the first public key and the second private key.
To facilitate understanding of the above-mentioned process of generating the shared key and the second key exchange parameter by the vehicle terminal, the implementation process is described below with reference to fig. 3. As shown in fig. 3, the control node or the message distribution node may generate a group of larger prime numbers p and corresponding primitive roots g based on a DH key agreement algorithm, generate a first public key a according to p, g and a first private key a (a randomly generated number), and send p, g and a as first key exchange parameters to the vehicle terminal; the vehicle terminal generates a first random number B as a second private key, and a second public key B corresponding to the second private key is obtained through calculation according to p, g and B and serves as a second key exchange parameter; and the vehicle terminal calculates a shared key K through a key negotiation algorithm according to p, b and A.
It should be understood that, in practical applications, the vehicle terminal and the message distribution node may negotiate the shared key through a DH key negotiation algorithm, and may also negotiate the shared key through another key negotiation algorithm, where no limitation is imposed on the key negotiation algorithm used in negotiating the shared key.
As can be seen from the above description, the key agreement process in the vehicle-road cooperation system may be controlled by the central cloud in the cloud system (that is, the control node in the central cloud provides the first key exchange parameter to the vehicle terminal), or may be controlled by the target edge cloud in the cloud system (that is, the message distribution node in the target edge cloud provides the first key exchange parameter to the vehicle terminal), and these two cases are described below respectively.
When the key agreement process is controlled by the central cloud, the first response message received by the vehicle terminal from the control node in step 202 further includes: the control node is a first key exchange parameter generated by the vehicle terminal and the message distribution node negotiating the shared key, and accordingly, after receiving the first response message, the vehicle terminal extracts the first key exchange parameter from the first response message, and further generates the shared key and a second key exchange parameter based on the above-introduced shared key negotiation method.
In this case, the task allocation notification message sent by the control node to the message distribution node further includes: the control node negotiates a first key exchange parameter generated by a shared key and a first private key corresponding to the first key exchange parameter for the vehicle terminal and the message distribution node, correspondingly, after receiving the task distribution notification message, the message distribution node extracts the first key exchange parameter and the first private key corresponding to the first key exchange parameter from the task distribution notification message, and after receiving a second key exchange parameter sent by the vehicle terminal, calculates the shared key based on the first key exchange parameter, the second key exchange parameter and the first private key, and the process of calculating the shared key by the message distribution node will be described in detail below.
When the key negotiation process is controlled by a target edge cloud, after receiving a first response message sent by a control node, the vehicle terminal can send a third request message to the message distribution node according to the routing information in the first response message, wherein the third request message comprises the identifier of the vehicle terminal; then, receiving a third response message sent by the message distribution node in response to the third request message, wherein the third response message comprises a first key exchange parameter generated by the message distribution node for key agreement; furthermore, the first key exchange parameter is obtained from the third response message, and the second key exchange parameter and the shared key are generated based on the shared key negotiation method described above.
Specifically, the vehicle terminal may add its own identifier to the third request message and send the third request message to the message distribution node, and since the control node sends the identifier of the vehicle terminal to the message distribution node through the task distribution notification message after completing the distribution of the target edge cloud to the vehicle terminal, after receiving the third request message, the message distribution node may first verify the identifier of the vehicle terminal therein, that is, verify whether the vehicle terminal has the authority to perform data interaction with itself; after the identity authentication of the vehicle terminal is passed, the message distribution node may generate a first key exchange parameter based on a DH key negotiation algorithm, and send the generated first key exchange parameter to the vehicle terminal in a third response message.
Step 204: and encrypting the current driving data of the vehicle terminal by using the shared key to obtain a vehicle terminal driving data ciphertext, and sending a second request message to the message distribution node according to the routing information, wherein the second request message comprises the vehicle terminal driving data ciphertext and the second key exchange parameter, so that the message distribution node generates the shared key based on a first private key corresponding to the first key exchange parameter and the second key exchange parameter.
After the vehicle terminal generates the shared key by calculation, the current driving data of the vehicle terminal can be encrypted by using the shared key to obtain a driving data ciphertext of the vehicle terminal; it should be understood that the current driving data of the vehicle terminal herein may specifically include any one or more of the following data: current position information of the vehicle terminal, a current traveling speed of the vehicle terminal, a current traveling direction of the vehicle terminal, and the like.
Further, the vehicle terminal adds the vehicle terminal driving data cipher text and the second key exchange parameter calculated and generated in step 203 to the second request message; the second request message is sent to the message distribution node in the target edge cloud according to the routing information of the message distribution node in the first response message received by the message distribution node in step 202, so that the message distribution node can calculate and generate the shared key according to the second key exchange parameter and the first private key corresponding to the first key exchange parameter received or generated by the message distribution node, and the process of calculating the shared key by the message distribution node will be described in detail below.
Step 205: and receiving a second response message sent by the message distribution node in response to the second request message, wherein the second response message comprises a first target service information ciphertext, the first target service information ciphertext is generated by the message distribution node encrypting first target service information by using the shared key, and the first target service information is vehicle-road cooperative sensing information matched with the vehicle terminal by using current driving data of the vehicle terminal.
And after the message distribution node generates the shared key, decrypting the vehicle driving data ciphertext in the second request message by using the shared key to obtain the current driving data of the vehicle terminal. Furthermore, the message distribution node may match the vehicle terminal with the vehicle-road cooperative sensing information by using the current driving data of the vehicle terminal, for example, the message distribution node may match the vehicle terminal with the road condition information corresponding to the current location of the vehicle terminal based on the current location information of the vehicle terminal. And taking the matched vehicle-road cooperative sensing information as first target service information, encrypting the first target service information by using a shared key generated by the vehicle-road cooperative sensing information to obtain a first target service information ciphertext, adding the first target service information ciphertext into a second response message, and returning the second response message to the vehicle terminal.
Step 206: and decrypting the first target service information ciphertext by using the shared secret key to obtain the first target service information.
And after receiving the second response message, the vehicle terminal decrypts the first target service information ciphertext in the second response message by using the generated shared secret key to obtain the first target service information, and then the vehicle terminal correspondingly provides the functions of road condition early warning, automatic driving assistance and the like for the vehicle based on the first target service message.
In order to further reduce data transmission delay and ensure that the vehicle terminal can timely acquire the service information sent by the message distribution node, the message distribution node can send the service information to the vehicle terminal based on a mechanism of requesting for multiple responses.
Specifically, the vehicle terminal may receive an updated second response message sent by the message distribution node in response to the second request message, where the updated second response message includes a second target service information ciphertext, the second target service information ciphertext is generated by the message distribution node encrypting the second target service information by using the shared key, and the second target service information is the vehicle-road cooperative sensing information that is matched with the vehicle terminal by using the predicted travel data of the vehicle terminal predicted in the current period; and then, the vehicle terminal decrypts the second target service information ciphertext by using the shared secret key to obtain second target service information.
That is, after receiving the second request message sent by the vehicle terminal, the message distribution node may automatically and periodically predict the driving data of the vehicle terminal, match the vehicle road cooperative sensing information for the vehicle terminal based on the predicted driving data of the vehicle terminal, and serve as the second target service information, further encrypt the second target service information by using the shared key to obtain a second target service information ciphertext, generate a second response message based on the second target service information ciphertext, and send the second response message to the vehicle terminal. Therefore, after the message distribution node receives the request message sent by the vehicle terminal once, the message distribution node can automatically and periodically feed back the vehicle-road cooperative sensing message to the vehicle terminal, so that the vehicle terminal can timely adjust the driving strategy of the vehicle terminal.
In the edge cloud cooperative data transmission method, the center cloud correspondingly distributes the target edge cloud to the vehicle terminal based on the current driving data of the vehicle terminal, the vehicle terminal and the target edge cloud generate a shared key through negotiation, and the shared key is used for encrypting and decrypting data interacted between the vehicle terminal and the target edge cloud, so that the safety and reliability of data transmission in the edge cloud system are ensured. In addition, the Quic protocol has the characteristics of directly establishing a link without handshaking, performing data transmission by using UDP (user datagram protocol), and the like, so that the link between the vehicle terminal and the center cloud and the link between the vehicle terminal and the target edge cloud can be established more quickly, and the delay of data transmission can be reduced remarkably.
Next, a method for transmitting edge cloud cooperative data at a cloud system side provided by the present application is introduced through an embodiment, where the cloud system includes a center cloud and an edge cloud.
Referring to fig. 4, fig. 4 is a schematic flowchart of a method for edge cloud cooperative data transmission at a cloud system side according to an embodiment of the present disclosure. As shown in fig. 4, the method comprises the steps of:
step 401: the method comprises the steps that a control node in a center cloud receives a first request message sent by a vehicle terminal, wherein the first request message at least comprises an identifier of the vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least comprises current position information of the vehicle terminal.
When the vehicle terminal needs a cloud system in the vehicle-road coordination system to provide relevant services for the vehicle terminal, the vehicle terminal may first send a first request message to a control node of a central cloud in the cloud system, where the first request message at least includes a vehicle terminal identifier and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least includes current location information of the vehicle terminal.
It should be understood that, in practical applications, the current driving data of the vehicle terminal may also include data such as a current driving speed of the vehicle terminal, a current driving direction of the vehicle terminal, and the like, and a type of data included in the current driving data of the vehicle terminal is not specifically limited herein.
Optionally, after receiving the first request message sent by the vehicle terminal, the control node may verify the identity of the vehicle terminal according to the identifier of the vehicle terminal. Specifically, the control node may call a legal vehicle terminal identification record table, where the legal vehicle terminal identification record table stores all the identifications of the successfully registered vehicle terminals; and then, judging whether the identifier of the vehicle terminal carried in the first request message is stored in the legal vehicle terminal identifier record table, if so, indicating that the vehicle terminal is successfully registered and has the authority to obtain the service provided by the vehicle-road cooperative system, otherwise, indicating that the vehicle terminal is not successfully registered and has no authority to obtain the service provided by the vehicle cooperative system, and discarding the first request message by the control node to give up executing the subsequent operation.
It should be understood that the above authentication manner is only an example, and in practical application, the control node in the central cloud may also authenticate the identity of the vehicle terminal by using other authentication manners, and the authentication manner used by the central cloud is not limited at all.
Step 402: the control node responds to the first request message, allocates a target edge cloud to the vehicle terminal according to the current driving data of the vehicle terminal, and sends a first response message to the vehicle terminal, wherein the first response message at least comprises the routing information of the message distribution node in the target edge cloud.
After the control node passes the identity verification of the vehicle terminal, responding to a first request message sent by the vehicle terminal, and distributing a target edge cloud to the vehicle terminal according to the current driving data of the vehicle terminal; for example, according to the current position information of the vehicle terminal, the edge cloud closest to the vehicle terminal is allocated to the vehicle terminal as the target edge cloud. After the control node completes the distribution of the target edge cloud aiming at the vehicle terminal, the routing information of the information distribution node in the target edge cloud is sent to the vehicle terminal through the first response message.
It should be understood that, if the current driving data of the vehicle terminal further includes other reference data, the control node may combine the current location information of the vehicle terminal with the other reference data, and accordingly allocate the target edge cloud to the vehicle terminal, where no limitation is made on the manner in which the control node allocates the target edge cloud.
Step 403: and the control node sends a task distribution notification message to the message distribution node, wherein the task distribution notification message at least comprises the identification of the vehicle terminal.
The control node sends the first response message to the vehicle terminal, and simultaneously needs to send a task allocation notification message to the message distribution node of the target edge cloud to notify the target edge cloud that the target edge cloud subsequently needs to provide relevant service information for the vehicle terminal, wherein the task allocation notification message at least comprises an identifier of the vehicle terminal.
It should be noted that, after the vehicle terminal receives the first response message and the message distribution node receives the task allocation notification message, the vehicle terminal and the message distribution node may accordingly establish a data transmission link for data interaction. In order to ensure the safety and reliability of data transmission in the data interaction process, the vehicle terminal and the message distribution node need to negotiate a shared key in advance, so that the transmitted data is encrypted and decrypted based on the shared key in the subsequent data interaction process, and the data is prevented from being stolen by lawbreakers in the transmission process.
Specifically, when the shared key is negotiated, the central cloud in the cloud system may control the negotiation process of the shared key (that is, the control node generates a parameter required for negotiating the shared key and issues the parameter to the vehicle terminal and the message distribution node), or the target edge cloud in the cloud system may control the negotiation process of the shared key (that is, the message distribution node generates a parameter required for negotiating the shared key and sends the parameter to the vehicle terminal), and these two cases are introduced below.
When the negotiation process of the shared key is controlled by the central cloud, the control node negotiates the shared key for the vehicle terminal and the message distribution node to generate a first key exchange parameter and a first private key corresponding to the first key exchange parameter after the control node completes the distribution of the target edge cloud for the vehicle terminal; and adding the first key exchange parameter into the first response message and sending the first response message to the vehicle terminal, adding the first key exchange parameter and the corresponding first private key into the task distribution notification message and sending the task distribution notification message to the message distribution node.
When the negotiation process of the shared key is controlled by a target edge cloud, after receiving a first response message sent by a control node, the vehicle terminal sends a third request message comprising the identifier of the vehicle terminal to a message distribution node according to the routing information in the first response message; and after confirming that the identifier of the vehicle terminal in the third request message is matched with the identifier of the vehicle terminal in the task allocation notification message, the message distribution node generates a first key exchange parameter and a first private key corresponding to the first key exchange parameter for negotiating the shared key, and sends the first key exchange parameter to the vehicle terminal through a third response message.
Step 404: the message distribution node receives a second request message sent by the vehicle terminal, wherein the second request message comprises a vehicle terminal driving data ciphertext of the vehicle terminal and a second key exchange parameter generated by the vehicle terminal for negotiating a shared key, and the vehicle terminal driving data ciphertext is generated by the vehicle terminal encrypting current driving data of the vehicle terminal according to the shared key negotiated with the message distribution node.
After receiving the first key exchange parameter from the control node or the message distribution node, the vehicle terminal may generate the shared key and the second key exchange parameter by using the first key exchange parameter and the second private key generated by the vehicle terminal, where the process of specifically generating the shared key and the second key exchange parameter by the vehicle terminal is described in detail in the embodiment shown in fig. 2, and is not described here again. And then, the vehicle terminal encrypts the current driving data of the vehicle terminal by using the generated shared key to obtain a vehicle terminal driving data ciphertext, adds the vehicle terminal driving data ciphertext and a second key exchange parameter to a second request message, and sends the second request message to a message distribution node of the target edge cloud.
Step 405: the message distribution node generates the shared key according to the second key exchange parameter and a first private key corresponding to the first message exchange parameter, and the first key exchange parameter and a first private key corresponding to the first key exchange parameter are generated by the message distribution node or the control node.
And after receiving the second request message, the message distribution node extracts a second key exchange parameter from the second request message, and then calculates the shared key by using the second key exchange parameter, the first key exchange parameter received or generated by the message distribution node and the first private key.
It should be understood that when the negotiation process of the shared key is controlled by the central cloud, the first key exchange parameter and the first private key based on which the message distribution node calculates the shared key are extracted from the task allocation notification message sent by the control node; when the negotiation process of the shared key is controlled by the target edge cloud, the first key exchange parameter and the first private key which are based when the message distribution node calculates the shared key are generated by the message distribution node in response to the third request message sent by the vehicle terminal.
In one possible implementation, the message distribution node may perform shared key negotiation with the vehicle terminal based on a DH key negotiation algorithm. At this time, the first key exchange parameter includes a prime number, an original root corresponding to the prime number, and a first public key generated according to the prime number, the original root, and the first private key; the second key exchange parameter is a second public key (corresponding to the second private key) generated by the vehicle terminal according to the prime number, the primitive root and the second private key; the message distribution node may calculate the shared key through a key agreement algorithm according to the prime number, the second public key, and the first private key.
To facilitate understanding of the above-described process of generating a shared key by a message distribution node, the above-described implementation process is described below with reference to fig. 3. As shown in fig. 3, when the control node or the message distribution node generates the first key exchange parameter, a group of larger prime numbers p and their primitive roots g may be generated by using a DH key negotiation algorithm, and then a first public key a is obtained by calculation according to p, g and a number a (i.e., a first private key) randomly generated by itself; further, p, g and A are used as first key exchange parameters to be sent to the vehicle terminal; the vehicle terminal generates a random number B as a second private key, calculates a second public key B (second key exchange parameter) corresponding to the second private key according to p, g and B, and sends the second key exchange parameter B to the message distribution node; upon receipt of B, the message distributing node calculates B, a the shared secret K with p.
It should be understood that, in practical applications, the vehicle terminal and the message distribution node may negotiate the shared key through a DH key negotiation algorithm, and may also negotiate the shared key through another key negotiation algorithm, where no limitation is imposed on the key negotiation algorithm used in negotiating the shared key.
Step 406: the message distribution node decrypts the vehicle terminal running data ciphertext by using the shared secret key to obtain the current running data of the vehicle terminal, matches vehicle cooperative sensing information for the vehicle terminal according to the current running data of the vehicle terminal to obtain first target service information, and encrypts the first target service information by using the shared secret key to obtain a first target service information ciphertext.
After the message distribution node calculates the shared key, the vehicle terminal driving data ciphertext in the second request message can be decrypted by using the calculated shared key, and the current driving data of the vehicle terminal can be obtained; furthermore, the vehicle terminal is matched with the vehicle cooperative sensing information according to the current driving data of the vehicle terminal, for example, the message distribution node may match the vehicle terminal with road condition information corresponding to the current position of the vehicle terminal based on the current position information of the vehicle terminal. And taking the vehicle-road cooperative sensing information obtained by matching as first target service information, and encrypting the first target service information by using a shared key generated by the vehicle-road cooperative sensing information to obtain a first target service information ciphertext.
It should be noted that the current driving data of the vehicle terminal may further include reference data such as a current driving speed of the vehicle terminal, a current driving direction of the vehicle terminal, and the like, and accordingly, the message distribution node may perform matching of the vehicle cooperative sensing information based on the reference data by using a corresponding policy, where no limitation is made on a manner in which the message distribution node matches the vehicle cooperative sensing information.
Step 407: and the message distribution node sends a second response message to the vehicle terminal, wherein the second response message comprises the first target service information ciphertext.
After the message distribution node obtains the vehicle cooperative sensing information based on the current driving data matching of the vehicle terminal, namely the message distribution node determines the first target service information, the message distribution node encrypts the first target service information by using the self-generated shared key to obtain a first target service information ciphertext, and then the first target service information ciphertext is added into the second response message to be sent to the vehicle terminal.
In order to ensure that the vehicle terminal can timely acquire the service information sent by the message distribution node, the message distribution node can send the service information to the vehicle terminal based on a mechanism of requesting multiple responses, namely the message distribution node can predict the running data of the vehicle terminal in a high frequency mode based on the current running data sent by the vehicle terminal, match the vehicle and road cooperative sensing information for the vehicle terminal based on the predicted running data, and continuously send the matched vehicle and road cooperative sensing information to the vehicle terminal.
Specifically, the message distribution node predicts the predicted driving data of the vehicle terminal at the next period time point according to the current driving data of the vehicle terminal in the second request message, matches the vehicle road cooperative sensing information for the vehicle terminal according to the predicted driving data of the vehicle terminal so as to obtain second target service information, and encrypts the second target service information by using a shared key so as to obtain a second target service information ciphertext; and then, the message distribution node sends an updated second response message to the vehicle terminal, wherein the second response message comprises a second target service information ciphertext.
That is, after receiving the second request message sent by the vehicle terminal, the message distribution node may automatically and periodically predict the driving data of the vehicle terminal, match the vehicle road cooperative sensing information for the vehicle terminal based on the predicted driving data of the vehicle terminal, and serve as the second target service information, further encrypt the second target service information by using the shared key to obtain a second target service information ciphertext, generate a second response message based on the second target service information ciphertext, and send the second response message to the vehicle terminal. Therefore, after the message distribution node receives the request message sent by the vehicle terminal once, the message distribution node can automatically and periodically feed back the vehicle-road cooperative sensing message to the vehicle terminal, so that the vehicle terminal can timely adjust the driving strategy of the vehicle terminal.
In order to ensure that the cloud system can continuously and stably provide relevant service information for the vehicle terminal, the message distribution node in the target edge cloud can also timely inform the control node of switching to the target edge cloud providing the service information for the vehicle terminal according to the driving condition of the vehicle terminal.
Specifically, when the message distribution node determines that the vehicle terminal is about to drive away from the service range of the message distribution node, the message distribution node sends an edge cloud switching request to the control node, wherein the edge cloud switching request at least comprises an identifier of the vehicle terminal and current driving data of the vehicle terminal; correspondingly, the control node responds to the edge cloud switching request, allocates another target edge cloud for the vehicle terminal, and instructs the vehicle terminal to perform edge cloud switching.
That is, the message distribution node may determine a driving trend of the vehicle terminal according to data such as position information, driving speed, driving direction and the like of the vehicle terminal, and when the driving trend of the vehicle terminal indicates that the vehicle terminal is about to drive away from a service range of the message distribution node, the message distribution node sends an edge cloud switching request to the control node, where the edge cloud switching request at least includes an identifier of the vehicle terminal and current driving data of the vehicle terminal, so that the control node reallocates a new target edge cloud to the control node based on the current driving data of the vehicle terminal; after the control node completes the distribution of the new target edge cloud for the vehicle terminal, the control node issues the routing information of the message distribution node in the new target edge cloud to the vehicle terminal so as to instruct the vehicle terminal to switch the edge cloud. Therefore, the cloud system can switch the target edge cloud for the vehicle terminal in time according to the driving condition of the vehicle terminal, so that the vehicle terminal can continuously and stably obtain the service information from the target edge cloud, and the driving experience of the vehicle terminal is improved.
In the edge cloud cooperative data transmission method, the center cloud correspondingly distributes the target edge cloud to the vehicle terminal based on the current driving data of the vehicle terminal, the vehicle terminal and the target edge cloud generate a shared key through negotiation, and the shared key is used for encrypting and decrypting data interacted between the vehicle terminal and the target edge cloud, so that the safety and reliability of data transmission in the edge cloud system are ensured. In addition, the Quic protocol has the characteristics of directly establishing a link without handshaking, performing data transmission by using UDP (user datagram protocol), and the like, so that the link between the vehicle terminal and the center cloud and the link between the vehicle terminal and the target edge cloud can be established more quickly, and the delay of data transmission can be reduced remarkably.
In order to further understand the edge cloud cooperative data transmission method provided in the embodiment of the present application, from the perspective of performing data interaction between the vehicle terminal and the cloud system, an edge cloud cooperative data transmission method in which a key agreement process is controlled by a center cloud and an edge cloud cooperative data transmission method in which a key agreement process is controlled by a target edge cloud are introduced below.
Referring to fig. 5, fig. 5 is an interaction signaling diagram of a side cloud cooperative data transmission method provided in an embodiment of the present application, where the interaction signaling diagram shown in fig. 5 corresponds to a side cloud cooperative data transmission method in which a central cloud controls a key negotiation process.
As shown in fig. 5, the vehicle terminal sends a secure transmission link request message to the control node in the central cloud, where the secure transmission link request message is the above first request message, and the message carries an identifier of the vehicle terminal and current driving data of the vehicle terminal. The control node responds to the safe transmission link request message and sends a safe link response message to the vehicle terminal, wherein the safe link response message is the first response message in the text, and the message carries the routing information of the message distribution node of the target edge cloud 1 distributed by the control node for the vehicle terminal and the first key exchange parameter; meanwhile, the control node also sends a task distribution notification message to the message distribution node of the target edge cloud 1, wherein the task distribution notification message carries the identifier of the vehicle terminal, the first key exchange parameter and the first private key. After receiving the secure link response message, the vehicle terminal generates a shared key and a second key exchange parameter based on a first key exchange parameter and a second private key generated by the vehicle terminal, encrypts current driving data of the vehicle terminal by using the shared key to obtain a vehicle terminal driving data ciphertext, adds the vehicle terminal driving data ciphertext and the second key exchange parameter to a terminal initial request message, and sends the vehicle terminal driving data ciphertext and the second key exchange parameter to a message distribution node of the target edge cloud 1. After receiving the terminal initial request message, the message distribution node of the target edge cloud 1 calculates a shared key based on a second key exchange parameter, a first key exchange parameter and a first private key which are received in advance, decrypts a vehicle terminal driving data ciphertext by using the shared key to obtain current driving data of the vehicle terminal, matches the vehicle and road cooperative sensing information based on the driving data, and encrypts the vehicle and road cooperative sensing information obtained by matching by using the shared key to send to the vehicle terminal; in addition, the information distribution node continuously predicts the running data of the vehicle terminal, matches the vehicle-road cooperative sensing information based on the predicted running data, and further continuously encrypts and transmits the vehicle-road cooperative sensing information obtained by matching to the vehicle terminal.
When the message distribution node of the target edge cloud 1 finds that the vehicle terminal is about to drive away from the service range of the target edge cloud 1, the message distribution node of the target edge cloud 1 sends an edge cloud switching request to the control node, and the edge cloud switching request carries the identifier of the vehicle terminal and the current driving data of the vehicle terminal. Further, the control node redistributes the target edge cloud 2 to the vehicle terminal correspondingly, and sends the routing information of the message distribution node of the target edge cloud 2 to the vehicle terminal through the safe link response message; meanwhile, the control node also sends a task distribution notification message to the message distribution node of the target edge cloud 2, wherein the task distribution notification message carries the identifier of the vehicle terminal, the first key exchange parameter and the first private key. Then, the vehicle terminal and the message distribution node of the target edge cloud 2 can negotiate a shared key in the data interaction mode, and upload the driving data and issue the perception information.
Referring to fig. 6, fig. 6 is an interaction signaling diagram of a side cloud cooperative data transmission method provided in an embodiment of the present application, where the interaction signaling diagram shown in fig. 6 corresponds to a side cloud cooperative data transmission method in which a target edge cloud controls a key negotiation process.
As shown in fig. 6, the vehicle terminal sends a vehicle-road coordination service request message to the control node in the center cloud, where the vehicle-road coordination service request message is the above first request message, and the message carries an identifier of the vehicle terminal and current driving data of the vehicle terminal. The control node responds to the vehicle-road cooperative service request message, and sends a response message of edge cloud information to the vehicle terminal, wherein the response message of the edge cloud information is the first response message in the text, and the message carries routing information of a message distribution node of a target edge cloud 1 distributed by the control node for the vehicle terminal; meanwhile, the control node also sends a task allocation notification message to the message distribution node of the target edge cloud 1, wherein the task allocation notification message carries the identifier of the vehicle terminal. After receiving the response message of the edge cloud information, the vehicle terminal correspondingly sends a secure link transmission request message to the message distribution node of the target edge cloud 1, where the secure link transmission request message is the third request message in the above, and the message carries the identifier of the vehicle terminal. And after the identity verification of the vehicle terminal is passed by the message distribution node based on the identification of the vehicle terminal, returning a safe link transmission response message to the vehicle terminal, wherein the safe link transmission response message is the third response message in the above, and the message carries the first key exchange parameter generated by the message distribution node. The vehicle terminal generates a shared key and a second key exchange parameter based on the first key exchange parameter and a second private key generated by the vehicle terminal, encrypts current driving data of the vehicle terminal by using the shared key to obtain a driving data ciphertext of the vehicle terminal, adds the driving data ciphertext of the vehicle terminal and the second key exchange parameter to a terminal initial request message, and sends the driving data ciphertext and the second key exchange parameter to a message distribution node of the target edge cloud 1. After receiving the terminal initial request message, the message distribution node of the target edge cloud 1 calculates a shared key based on a second key exchange parameter, a first key exchange parameter generated by the message distribution node and a first private key, decrypts a vehicle terminal driving data cipher text by using the shared key to obtain current driving data of the vehicle terminal, matches the vehicle-road cooperative sensing information based on the driving data, and encrypts the vehicle-road cooperative sensing information obtained by matching by using the shared key to send to the vehicle terminal; in addition, the information distribution node continuously predicts the running data of the vehicle terminal, matches the vehicle-road cooperative sensing information based on the predicted running data, and further continuously encrypts and transmits the vehicle-road cooperative sensing information obtained by matching to the vehicle terminal.
When the message distribution node of the target edge cloud 1 finds that the vehicle terminal is about to drive away from the service range of the target edge cloud 1, the message distribution node of the target edge cloud 1 sends an edge cloud switching request to the control node, and the edge cloud switching request carries the identifier of the vehicle terminal and the current driving data of the vehicle terminal. Further, the control node redistributes the target edge cloud 2 to the vehicle terminal correspondingly, and sends the routing information of the message distribution node of the target edge cloud 2 to the vehicle terminal through the response message of the edge cloud information; meanwhile, the control node also sends a task allocation notification message to the message distribution node of the target edge cloud 2, wherein the task allocation notification message carries the identifier of the vehicle terminal. Then, the vehicle terminal and the message distribution node of the target edge cloud 2 can negotiate a shared key in the data interaction mode, and upload the driving data and issue the perception information.
It should be noted that the side cloud collaborative data transmission method provided in the embodiment of the present application may be applied to other application scenarios besides the car-road collaborative scenario, such as a game cloud application scenario, and the side cloud collaborative data transmission method applied to other scenarios is described below.
It should be understood that the edge cloud collaborative data transmission method in the following embodiments is similar to a specific implementation process of the edge cloud collaborative data transmission method in the vehicle-road collaborative scene, and in order to avoid repetition, the following embodiments will omit descriptions for some repeated technical details.
Referring to fig. 7, fig. 7 is a schematic flowchart of a method for transmitting edge cloud coordination data at a terminal side according to an embodiment of the present application. As shown in fig. 7, the method comprises the steps of:
step 701: the method comprises the steps that a terminal sends a first request message to a control node in a center cloud, wherein the first request message at least comprises an identifier of the terminal and current attribute data of the terminal, and the current attribute data of the terminal at least comprises current position information of the terminal.
The identifier of the terminal can be specifically an ID capable of uniquely representing the identity of the terminal; the current attribute data of the terminal at least includes the current location information of the terminal, and in addition, the current attribute data of the terminal may also include other types of attribute data, such as operation data of a user, and the like, without any limitation on the data type included in the current attribute data of the terminal.
Step 702: and the terminal receives a first response message sent by the control node in response to the first request message, wherein the first response message at least comprises the routing information of the message distribution node in the target edge cloud distributed for the terminal.
Meanwhile, the control node also sends a task allocation notification message to the message distribution node in the target edge cloud, wherein the task allocation notification message at least comprises the identifier of the terminal.
Step 703: and the terminal generates a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal, and generates a shared key according to the first key exchange parameter and the second private key.
In order to ensure the security of data transmission, the terminal and the message distribution node need to negotiate a shared key in advance before data interaction is performed. Specifically, the terminal may perform key sharing negotiation with the message distribution node based on a DH key negotiation algorithm. At this time, the first key exchange parameter includes a prime number, an original root corresponding to the prime number, and a first public key generated according to the prime number, the original root, and the first private key; when the terminal negotiates a shared key, a first random number can be generated as a second private key, and a second public key corresponding to the second private key is generated as a second key exchange parameter according to the prime number, the primitive root and the second private key; and calculating to obtain a shared key through a key negotiation algorithm according to the prime number, the first public key and the second private key.
The negotiation process of the shared key can be specifically controlled by a central cloud in the cloud system, and can also be controlled by a target edge cloud in the cloud system.
When the terminal is controlled by the central cloud, the first response message received by the terminal further includes: the control node is a first key exchange parameter generated by the terminal and the message distribution node negotiating a shared key; and after receiving the first response message, extracting the first key exchange parameter from the response message.
When the target edge cloud controls the terminal, after receiving the first response message, the terminal sends a third request message to the message distribution node according to the routing information in the first response message, wherein the third request message comprises the identifier of the terminal; after determining that the terminal passes the authentication, the message distribution node responds to a third response message sent to the terminal in response to the third request message, wherein the third response message comprises a first key exchange parameter generated for key agreement; and after receiving the third response message, the terminal acquires the first key exchange parameter from the third response message.
Step 704: the terminal encrypts the current attribute data of the terminal by using the shared key to obtain a terminal attribute data ciphertext, and sends a second request message to the message distribution node according to the routing information, wherein the second request message comprises the terminal attribute data ciphertext and the second key exchange parameter, so that the message distribution node generates the shared key based on a first private key corresponding to the first key exchange parameter and the second key exchange parameter.
Step 705: and the terminal receives a second response message sent by the message distribution node in response to the second request message, wherein the second response message comprises a first target service information ciphertext, the first target service information ciphertext is generated by the message distribution node by encrypting first target service information by using the shared key, and the first target service information is service information matched with the terminal by using the current attribute data of the terminal.
Step 706: and decrypting the first target service information ciphertext by using the shared secret key to obtain the first target service information.
In order to ensure low delay of data transmission, the terminal and the message distribution node can perform data interaction based on a one-request multi-response mechanism. Specifically, the terminal receives an updated second response message sent by the message distribution node in response to the second request message, the updated second response message includes a second target service information ciphertext, the second target service information ciphertext is generated by the message distribution node encrypting the second target service information by using the shared key, and the second target service information is service information matched with the terminal by using the predicted attribute data of the terminal predicted in the current period; and then, decrypting a second target service information ciphertext by using the shared secret key to obtain second target service information.
In the edge cloud cooperative data transmission method, the center cloud correspondingly distributes the target edge cloud to the terminal based on the current attribute data of the terminal, the terminal and the target edge cloud generate a shared key through negotiation, and the shared key is used for encrypting and decrypting data interacted between the terminal and the target edge cloud, so that the safety and reliability of data transmission in the edge cloud system are ensured. In addition, the Quic protocol has the characteristics of directly establishing links without handshaking, performing data transmission by using UDP and the like, so that the edge cloud cooperative data transmission method can establish links between the terminal and the center cloud and between the terminal and the target edge cloud more quickly, and can remarkably reduce the delay of data transmission.
Referring to fig. 8, fig. 8 is a schematic flowchart of a method for edge cloud cooperative data transmission at a cloud system side according to an embodiment of the present disclosure, where the cloud system includes a center cloud and an edge cloud. As shown in fig. 8, the method comprises the steps of:
step 801: a control node in a center cloud receives a first request message sent by a terminal, wherein the first request message at least comprises an identifier of the terminal and current attribute data of the terminal, and the current attribute data of the terminal at least comprises current position information of the terminal.
Step 802: the control node responds to the first request message, allocates a target edge cloud to the terminal according to the current attribute data of the terminal, and sends a first response message to the terminal, wherein the first response message at least comprises the routing information of the message distribution node in the target edge cloud.
Step 803: and the control node sends a task allocation notification message to the message distribution node, wherein the task allocation notification message at least comprises the identifier of the terminal.
After the terminal receives the first response message and the message distribution node receives the task distribution notification message, the terminal and the message distribution node can negotiate a shared key. The process of negotiating the shared key may be specifically controlled by the central cloud, and may also be controlled by the target edge cloud.
When the negotiation process of the shared key is controlled by the central cloud, the control node responds to the first request message and generates a first key exchange parameter required by the negotiation of the shared key and a first private key corresponding to the first key exchange parameter for the terminal and the message distribution node; adding the first key exchange parameter into a first response message and sending the first key exchange parameter to the terminal; and adding the first key exchange parameter and the first private key into the task distribution notification message and sending the task distribution notification message to the message distribution node.
When the negotiation process of the shared key is controlled by a target edge cloud, the message distribution node receives a third request message sent by the terminal, wherein the third request message comprises the identifier of the terminal; and when the message distribution node determines that the third request message is matched with the terminal identifier in the task distribution notification message, responding to the third request message, negotiating a shared key for the terminal and the message distribution node to generate a first key exchange parameter and a first private key corresponding to the first key exchange parameter, and sending a third response message to the terminal, wherein the third response message comprises the first key exchange parameter.
Step 804: the message distribution node receives a second request message sent by the terminal, wherein the second request message comprises a terminal attribute data ciphertext of the terminal and a second key exchange parameter generated by the terminal for negotiating a shared key, and the terminal attribute data ciphertext is generated by the terminal according to the current attribute data of the terminal encrypted by the shared key negotiated with the message distribution node.
Step 805: the message distribution node generates the shared key according to the second key exchange parameter and a first private key corresponding to the first message exchange parameter, and the first exchange parameter and the first private key corresponding to the first exchange parameter are generated by the message distribution node or the control node.
When the message distribution node generates the shared key, the shared key may be generated based on a DH key agreement algorithm. At this time, the first key exchange parameter includes a prime number, an original root corresponding to the prime number, and a first public key generated according to the prime number, the original root, and the first private key; the second key exchange parameter is a second public key (corresponding to the second private key) generated by the terminal according to the prime number, the primitive root and the second private key; furthermore, the message distribution node may calculate the shared key through a key agreement algorithm according to the prime number, the second public key, and the first private key.
Step 806: the message distribution node decrypts the terminal attribute data ciphertext by using the shared key to obtain the current attribute data of the terminal, matches the service information for the terminal according to the current attribute data of the terminal to obtain first target service information, and encrypts the first target service information by using the shared key to obtain a first target service information ciphertext.
Step 807: and the message distribution node sends a second response message to the terminal, wherein the second response message comprises the first target service information ciphertext.
In order to ensure low delay of data transmission, the terminal and the message distribution node can perform data interaction based on a one-request multi-response mechanism. Specifically, after the message distribution node sends a response message to the terminal, the message distribution node predicts the predicted attribute data of the terminal at the time point of the next period according to the current attribute data of the terminal in the second request message, matches the service information for the terminal according to the predicted attribute data of the terminal to obtain second target service information, and encrypts the second target service information by using the shared key to obtain a second target service information ciphertext; and the message distribution node responds to the second request message and sends an updated second response message to the terminal, wherein the updated second response message comprises a second target service information ciphertext.
In addition, in order to ensure that the message distribution node can continuously and stably provide service information for the terminal, when the message distribution node determines that the terminal is not about to belong to the service range of the message distribution node, the message distribution node sends an edge cloud switching request to the control node, wherein the edge cloud switching request at least comprises the identification of the terminal and the current attribute data of the terminal; and the control node responds to the edge cloud switching request, allocates another target edge cloud for the terminal, and instructs the terminal to perform edge cloud switching so as to switch to another target edge cloud.
In the edge cloud cooperative data transmission method, the center cloud correspondingly distributes the target edge cloud to the terminal based on the current attribute data of the terminal, the terminal and the target edge cloud generate a shared key through negotiation, and the shared key is used for encrypting and decrypting data interacted between the terminal and the target edge cloud, so that the safety and reliability of data transmission in the edge cloud system are ensured. In addition, the Quic protocol has the characteristics of directly establishing links without handshaking, performing data transmission by using UDP and the like, so that the edge cloud cooperative data transmission method can establish links between the terminal and the center cloud and between the terminal and the target edge cloud more quickly, and can remarkably reduce the delay of data transmission.
Aiming at the edge cloud cooperative data transmission method described above, the application also provides a corresponding edge cloud cooperative data transmission device, so that the edge cloud cooperative data transmission method is applied and implemented in practice.
Referring to fig. 9, fig. 9 is a schematic structural diagram of a side cloud cooperative data transmission apparatus 900 corresponding to the side cloud cooperative data transmission method shown in fig. 2, where the side cloud cooperative data transmission apparatus 900 includes:
a first sending module 901, configured to send a first request message to a control node in a central cloud, where the first request message includes at least an identifier of a vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal includes at least current location information of the vehicle terminal;
a first receiving module 902, configured to receive a first response message sent by the control node in response to the first request message, where the first response message includes at least routing information of a message distribution node in a target edge cloud allocated to the vehicle terminal;
a shared key establishing module 903, configured to generate a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal, and generate a shared key according to the first key exchange parameter and the second private key;
a second sending module 904, configured to encrypt the current driving data of the vehicle terminal by using the shared key to obtain a vehicle terminal driving data ciphertext, and send a second request message to the message distribution node according to the routing information, where the second request message includes the vehicle terminal driving data ciphertext and the second key exchange parameter, so that the message distribution node generates the shared key based on the first private key corresponding to the first key exchange parameter and the second key exchange parameter;
a second receiving module 905, configured to receive a second response message sent by the message distribution node in response to the second request message, where the second response message includes a first target service information ciphertext, where the first target service information ciphertext is generated by the message distribution node encrypting first target service information by using the shared key, and the first target service information is vehicle-road cooperative sensing information that is matched with the vehicle terminal by using current driving data of the vehicle terminal;
a decryption module 906, configured to decrypt the first target service information ciphertext with the shared key to obtain the first target service information.
Optionally, on the basis of the edge cloud cooperative data transmission device shown in fig. 9, referring to fig. 10, fig. 10 is a schematic structural diagram of another edge cloud cooperative data transmission device provided in the embodiment of the present application. In this case, if the first response message further includes a first key exchange parameter generated by the control node for the vehicle terminal to negotiate the shared key with the message distribution node, the apparatus further includes:
a first extracting module 1001, configured to extract the first key exchange parameter from the first response message.
Optionally, on the basis of the edge cloud cooperative data transmission device shown in fig. 9, referring to fig. 11, fig. 11 is a schematic structural diagram of another edge cloud cooperative data transmission device provided in the embodiment of the present application. The device further comprises:
a third sending module 1101, configured to send a third request message to the message distribution node according to the routing information, where the third request message includes an identifier of the vehicle terminal;
a third receiving module 1102, configured to receive a third response message sent by the message distribution node in response to the third request message, where the third response message includes the first key exchange parameter generated by the message distribution node for key agreement;
a second extracting module 1103, configured to obtain the first key exchange parameter from the third response message.
Optionally, on the basis of the edge cloud cooperative data transmission device shown in fig. 9, referring to fig. 12, fig. 12 is a schematic structural diagram of another edge cloud cooperative data transmission device provided in the embodiment of the present application. The device further comprises:
a fourth receiving module 1201, configured to receive an updated second response message sent by the message distribution node in response to the second request message, where the updated second response message includes a second target service information ciphertext, the second target service information ciphertext is generated by the message distribution node encrypting the second target service information by using the shared key, and the second target service information is road coordination sensing information that is matched with the vehicle terminal by using predicted driving data of the vehicle terminal predicted in the current period;
the decryption module 906 is further configured to decrypt the second target service information ciphertext using the shared key to obtain the second target service information.
Optionally, on the basis of the edge cloud cooperative data transmission apparatus shown in fig. 9, the first key exchange parameter includes a prime number, an original root corresponding to the prime number, and the first public key generated according to the prime number, the original root, and the first private key; the shared key establishing module 903 is specifically configured to:
generating a first random number as the second private key, generating a second public key corresponding to the second private key according to the prime number, the primitive root and the second private key, and using the second public key as the second key exchange parameter;
and calculating to obtain a shared key through a key negotiation algorithm according to the prime number, the first public key and the second private key.
In the edge cloud cooperative data transmission device, the center cloud correspondingly distributes the target edge cloud to the vehicle terminal based on the current driving data of the vehicle terminal, the vehicle terminal and the target edge cloud generate a shared key through negotiation, and the shared key is used for encrypting and decrypting data interacted between the vehicle terminal and the target edge cloud, so that the safety and reliability of data transmission in the edge cloud system are ensured. In addition, the Quic protocol has the characteristics of directly establishing a link without handshaking, performing data transmission by using UDP (user datagram protocol), and the like, so that the link between the vehicle terminal and the center cloud and the link between the vehicle terminal and the target edge cloud can be established more quickly, and the delay of data transmission can be reduced remarkably.
Referring to fig. 13, fig. 13 is a schematic structural diagram of an edge cloud cooperative data transmission system 1300 corresponding to the edge cloud cooperative data transmission method shown in fig. 4, where the edge cloud cooperative data transmission system 1300 includes a center cloud and an edge cloud, the center cloud at least includes a control node 1301, and the edge cloud at least includes a message distribution node 1302.
The control node 1301 is configured to receive a first request message sent by a vehicle terminal, where the first request message at least includes an identifier of the vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least includes current location information of the vehicle terminal;
the control node 1301 is further configured to, in response to the first request message, allocate a target edge cloud to the vehicle terminal according to current driving data of the vehicle terminal, and send a first response message to the vehicle terminal, where the first response message at least includes routing information of a message distribution node in the target edge cloud;
the control node 1301 is further configured to send a task allocation notification message to the message distribution node, where the task allocation notification message at least includes an identifier of the vehicle terminal;
the message distribution node 1302 is configured to receive a second request message sent by the vehicle terminal, where the second request message includes a vehicle terminal driving data cipher text of the vehicle terminal and a second key exchange parameter generated by the vehicle terminal for negotiating a shared key, where the vehicle terminal driving data cipher text is generated by the vehicle terminal encrypting current driving data of the vehicle terminal according to the shared key negotiated with the message distribution node;
the message distribution node 1302 is further configured to generate the shared key according to the second key exchange parameter and a first private key corresponding to a first message exchange parameter, where the first exchange parameter and the first private key corresponding to the first exchange parameter are generated by the message distribution node or the control node;
the message distribution node 1302 is further configured to decrypt the vehicle terminal driving data ciphertext by using the shared key to obtain current driving data of the vehicle terminal, match vehicle cooperative sensing information for the vehicle terminal according to the current driving data of the vehicle terminal to obtain first target service information, and encrypt the first target service information by using the shared key to obtain a first target service information ciphertext;
the message distribution node 1302 is further configured to send a second response message to the vehicle terminal, where the second response message includes the first target service information ciphertext.
Optionally, on the basis of the edge cloud collaborative data transmission system shown in fig. 13, the message distribution node 1302 is further configured to predict predicted driving data of the vehicle terminal at a next period time point according to current driving data of the vehicle terminal in the second request message, match vehicle route collaborative awareness information for the vehicle terminal according to the predicted driving data of the vehicle terminal to obtain second target service information, and encrypt the second target service information by using the shared key to obtain a second target service information ciphertext; and responding to the second request message, and sending an updated second response message to the vehicle terminal, wherein the second response message comprises the second target service information ciphertext.
Optionally, on the basis of the edge cloud cooperative data transmission system shown in fig. 13, the message distribution node 1302 is further configured to send an edge cloud handover request to the control node when it is determined that the vehicle terminal is about to drive away from a service range of the message distribution node, where the edge cloud handover request at least includes an identifier of the vehicle terminal and current driving data of the vehicle terminal;
the control node 1301 is further configured to, in response to the edge cloud handover request, allocate another target edge cloud to the vehicle terminal, and instruct the vehicle terminal to perform edge cloud handover.
Optionally, on the basis of the edge cloud cooperative data transmission system shown in fig. 13, the control node 1301 is further configured to negotiate the shared key for the vehicle terminal and the message distribution node in response to the first request message, and generate the first key exchange parameter and a first private key corresponding to the first key exchange parameter; the first key exchange parameter is also included in the first response message; the task allocation notification message further includes the first key exchange parameter and the first private key.
Optionally, on the basis of the edge cloud cooperative data transmission system shown in fig. 13, the message distribution node 1302 is further configured to receive a third request message sent by the terminal device, where the third request message includes an identifier of the vehicle terminal; and when determining that the identifiers of the vehicle terminals in the third request message and the task allocation notification message are matched, responding to the third request message, negotiating the shared key for the vehicle terminals and the message distribution node to generate the first key exchange parameter and a first private key corresponding to the first key exchange parameter, and sending a third response message to the vehicle terminals, wherein the third response message comprises the first key exchange parameter.
Optionally, on the basis of the edge cloud cooperative data transmission system shown in fig. 13, the first key exchange parameter includes a prime number, a primitive root corresponding to the prime number, and the first public key generated according to the prime number, the primitive root, and the first private key; the second key exchange parameter is the second public key corresponding to the second private key generated by the vehicle terminal according to the prime number, the primitive root and the second private key;
the message distribution node 1302 is specifically configured to calculate a shared key through a key agreement algorithm according to the prime number, the second public key, and the first private key.
In the edge cloud cooperative data transmission device, the center cloud correspondingly distributes the target edge cloud to the vehicle terminal based on the current driving data of the vehicle terminal, the vehicle terminal and the target edge cloud generate a shared key through negotiation, and the shared key is used for encrypting and decrypting data interacted between the vehicle terminal and the target edge cloud, so that the safety and reliability of data transmission in the edge cloud system are ensured. In addition, the Quic protocol has the characteristics of directly establishing a link without handshaking, performing data transmission by using UDP (user datagram protocol), and the like, so that the link between the vehicle terminal and the center cloud and the link between the vehicle terminal and the target edge cloud can be established more quickly, and the delay of data transmission can be reduced remarkably.
Referring to fig. 14, fig. 14 is a schematic structural diagram of a side cloud cooperative data transmission apparatus 1400 corresponding to the side cloud cooperative data transmission method shown in fig. 7, where the side cloud cooperative data transmission apparatus 1400 includes:
a first sending module 1401, configured to send a first request message to a control node in a central cloud, where the first request message includes at least an identifier of a terminal and current attribute data of the terminal, and the current attribute data of the terminal includes at least current location information of the terminal;
a first receiving module 1402, configured to receive a first response message sent by the control node in response to the first request message, where the first response message at least includes routing information of a message distribution node in a target edge cloud allocated to the terminal;
a shared key establishing module 1403, configured to generate a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a second private key of the terminal, and generate a shared key according to the first key exchange parameter and the second private key;
a second sending module 1404, configured to encrypt the current attribute data of the terminal by using the shared key to obtain a terminal attribute data ciphertext, and send a second request message to the message distribution node according to the routing information, where the second request message includes the terminal attribute data ciphertext and the second key exchange parameter, so that the message distribution node generates the shared key based on the first private key corresponding to the first key exchange parameter and the second key exchange parameter;
a second receiving module 1405, configured to receive a second response message sent by the message distribution node in response to the second request message, where the second response message includes a first target service information ciphertext, where the first target service information ciphertext is generated by the message distribution node by encrypting first target service information using the shared key, and the first target service information is service information that is matched for the terminal by using current attribute data of the terminal;
a decryption module 1406, configured to decrypt the first target service information ciphertext using the shared key to obtain the first target service information.
Referring to fig. 15, fig. 15 is a schematic structural diagram of an edge cloud cooperative data transmission system 1500 corresponding to the edge cloud cooperative data transmission method shown in fig. 8, where the edge cloud cooperative data transmission system 1500 includes a center cloud and an edge cloud, the center cloud includes at least a control node 1501, and the edge cloud includes at least a message distribution node 1502.
The control node 1501 is configured to receive a first request message sent by a vehicle terminal, where the first request message at least includes an identifier of the terminal and current driving data of the terminal, and the current attribute data of the terminal at least includes current location information of the terminal;
the control node 1501 is further configured to respond to the first request message, allocate a target edge cloud to the terminal according to current driving data of the terminal, and send a first response message to the terminal, where the first response message at least includes routing information of a message distribution node in the target edge cloud;
the control node 1501 is further configured to send a task allocation notification message to the message distribution node, where the task allocation notification message at least includes an identifier of the terminal;
the message distribution node 1502 is configured to receive a second request message sent by the terminal, where the second request message includes a terminal attribute data ciphertext of the terminal and a second key exchange parameter generated by the terminal for negotiating a shared key, where the terminal attribute data ciphertext is generated by the terminal encrypting current attribute data of the terminal according to the shared key negotiated with the message distribution node;
the message distribution node 1502 is further configured to generate the shared key according to the second key exchange parameter and a first private key corresponding to a first message exchange parameter, where the first exchange parameter and the first private key corresponding to the first exchange parameter are generated by the message distribution node or the control node;
the message distribution node 1502 is further configured to decrypt the terminal attribute data ciphertext with the shared key to obtain current attribute data of the terminal, match service information for the terminal according to the current attribute data of the terminal to obtain first target service information, and encrypt the first target service information with the shared key to obtain a first target service information ciphertext;
the message distribution node 1502 is further configured to send a second response message to the terminal, where the second response message includes the first target service information ciphertext.
In the edge cloud cooperative data transmission device, the center cloud correspondingly allocates the target edge cloud to the terminal based on the current attribute data of the terminal, a shared key is generated between the terminal and the target edge cloud through negotiation, and the shared key is used for encrypting and decrypting data interacted between the terminal and the target edge cloud, so that the safety and reliability of data transmission in the edge cloud system are ensured. In addition, the Quic protocol has the characteristics of directly establishing links without handshaking, performing data transmission by using UDP and the like, so that the edge cloud cooperative data transmission method can establish links between the terminal and the center cloud and between the terminal and the target edge cloud more quickly, and can remarkably reduce the delay of data transmission.
The embodiment of the application also provides a vehicle terminal and a server for controlling the edge cloud to cooperatively transmit data, and the vehicle terminal and the server provided by the embodiment of the application are introduced from the perspective of hardware materialization.
Referring to fig. 16, a schematic structural diagram of a vehicle terminal according to an embodiment of the present application is provided. For convenience of explanation, only the parts related to the embodiments of the present application are shown, and details of the specific technology are not disclosed.
Fig. 16 is a block diagram showing a partial structure of a vehicle terminal provided in an embodiment of the present application. Referring to fig. 16, the vehicle terminal includes: radio Frequency (RF) circuitry 1610, memory 1620, input unit 1630, display unit 1640, sensor 1650, audio circuitry 1660, processor 1670, and power supply 1680. Those skilled in the art will appreciate that the handset configuration shown in fig. 16 is not intended to be limiting and may include more or fewer components than those shown, or some components may be combined, or a different arrangement of components.
The memory 1620 may be used for storing software programs and modules, and the processor 1670 executes various functional applications and data processing of the mobile phone by operating the software programs and modules stored in the memory 1620. The memory 1620 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program (such as a sound playing function, an image playing function, etc.) required by at least one function, and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the cellular phone, and the like. Further, the memory 1620 may comprise high speed random access memory, and may also comprise non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
The processor 1670 is a control center of the mobile phone, connects various parts of the entire mobile phone by using various interfaces and lines, and performs various functions of the mobile phone and processes data by operating or executing software programs and/or modules stored in the memory 1620 and calling data stored in the memory 1620, thereby monitoring the whole mobile phone. Optionally, processor 1670 may include one or more processing units; preferably, the processor 1670 may integrate an application processor, which primarily handles operating systems, user interfaces, application programs, etc., and a modem processor, which primarily handles wireless communications. It is to be appreciated that the modem processor described above may not be integrated into the processor 1670.
In this embodiment of the present application, a processor 1670 included in the terminal executes steps of any implementation manner of the method for transmitting the data in cooperation with the edge cloud at the vehicle terminal side provided in this embodiment of the present application.
Fig. 17 is a schematic structural diagram of a server provided in this embodiment, where the server 1700 may have a relatively large difference due to different configurations or performances, and may include one or more Central Processing Units (CPUs) 1722 (e.g., one or more processors) and a memory 1732, and one or more storage media 1730 (e.g., one or more mass storage devices) storing an application 1742 or data 1744. Memory 1732 and storage media 1730 may be transitory storage or persistent storage, among other things. The program stored in the storage medium 1730 may include one or more modules (not shown), each of which may include a sequence of instructions operating on a server. Further, the central processor 1722 may be configured to communicate with the storage medium 1730 to execute a series of instruction operations in the storage medium 1730 on the server 1700.
The server 1700 may also include one or more power supplies 1726, one or more wired or wireless network interfaces 1750, one or more input-output interfaces 1758, and/or one or more operating systems 1741 such as Windows Server, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM, etc.
The steps performed by the server in the above embodiment may be based on the server structure shown in fig. 17.
The CPU 1722 is configured to execute the steps of any implementation manner of the edge cloud cooperative data transmission method on the cloud system side in the embodiment of the present application.
An embodiment of the present application further provides a computer-readable storage medium, configured to store a computer program, where the computer program is configured to execute any one implementation manner of the edge cloud cooperative data transmission method described in the foregoing embodiments.
The embodiment of the present application further provides a computer program product including instructions, which when run on a computer, causes the computer to execute any one implementation manner of the edge cloud collaborative data transmission method described in the foregoing embodiments.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing computer programs.
The above embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions in the embodiments of the present application.

Claims (18)

1. A method for edge cloud cooperative data transmission is characterized by comprising the following steps:
sending a first request message to a control node in a center cloud, wherein the first request message at least comprises an identifier of a vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least comprises current position information of the vehicle terminal;
receiving a first response message sent by the control node in response to the first request message, wherein the first response message at least comprises: the control node distributes routing information of the node for the message in the target edge cloud distributed by the vehicle terminal according to the current running data of the vehicle terminal;
generating a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal, and generating a shared key according to the first key exchange parameter and the second private key;
encrypting the current driving data of the vehicle terminal by using the shared key to obtain a vehicle terminal driving data cipher text, and sending a second request message to the message distribution node according to the routing information, wherein the second request message comprises the vehicle terminal driving data cipher text and the second key exchange parameter, so that the message distribution node generates the shared key based on a first private key corresponding to the first key exchange parameter and the second key exchange parameter;
receiving a second response message sent by the message distribution node in response to the second request message, wherein the second response message comprises a first target service information ciphertext, the first target service information ciphertext is generated by the message distribution node encrypting first target service information by using the shared key, and the first target service information is vehicle-road cooperative sensing information matched with the vehicle terminal by using current driving data of the vehicle terminal;
and decrypting the first target service information ciphertext by using the shared secret key to obtain the first target service information.
2. The method according to claim 1, wherein the first response message further includes a first key exchange parameter generated by the control node for the vehicle terminal to negotiate the shared key with the message distribution node;
after said receiving said first response message, said method further comprises: extracting the first key exchange parameter from the first response message.
3. The method of claim 1, wherein after receiving the first response message, the method further comprises:
sending a third request message to the message distribution node according to the routing information, wherein the third request message comprises the identifier of the vehicle terminal;
receiving a third response message sent by the message distribution node in response to the third request message, wherein the third response message includes the first key exchange parameter generated by the message distribution node for key agreement;
and acquiring the first key exchange parameter from the third response message.
4. The method of claim 1, wherein after receiving a second response message sent by the message distribution node in response to the second request message, the method further comprises:
receiving an updated second response message sent by the message distribution node in response to the second request message, wherein the updated second response message includes a second target service information ciphertext, the second target service information ciphertext is generated by the message distribution node encrypting second target service information by using the shared key, and the second target service information is vehicle-road cooperative sensing information matched with the vehicle terminal by using predicted driving data of the vehicle terminal predicted in the current period;
and decrypting the second target service information ciphertext by using the shared secret key to obtain the second target service information.
5. The method of claim 1, wherein the first key exchange parameter comprises a prime number and a root corresponding to the prime number, and a first public key generated according to the prime number, the root, and the first private key;
the generating a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a first private key of the vehicle terminal, and generating a shared key according to the first key exchange parameter and the first private key includes:
generating a first random number as the second private key, generating a second public key corresponding to the second private key according to the prime number, the primitive root and the second private key, and using the second public key as the second key exchange parameter;
and calculating to obtain a shared key through a key negotiation algorithm according to the prime number, the first public key and the second private key.
6. A method for edge cloud cooperative data transmission is applied to a cloud system, wherein the cloud system comprises a center cloud and an edge cloud, and the method comprises the following steps:
a control node in a center cloud receives a first request message sent by a vehicle terminal, wherein the first request message at least comprises an identifier of the vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least comprises current position information of the vehicle terminal;
the control node responds to the first request message, allocates a target edge cloud to the vehicle terminal according to current driving data of the vehicle terminal, and sends a first response message to the vehicle terminal, wherein the first response message at least comprises routing information of a message distribution node in the target edge cloud;
the control node sends a task allocation notification message to the message distribution node, wherein the task allocation notification message at least comprises an identifier of the vehicle terminal;
the message distribution node receives a second request message sent by the vehicle terminal, wherein the second request message comprises a vehicle terminal driving data ciphertext of the vehicle terminal and a second key exchange parameter generated by the vehicle terminal for negotiating a shared key, and the vehicle terminal driving data ciphertext is generated by the vehicle terminal encrypting current driving data of the vehicle terminal according to the shared key negotiated with the message distribution node;
the message distribution node generates the shared key according to the second key exchange parameter and a first private key corresponding to the first key exchange parameter, wherein the first key exchange parameter and the first private key corresponding to the first key exchange parameter are generated by the message distribution node or the control node; the second key exchange parameter is generated by the vehicle terminal according to the first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal; the vehicle terminal generates the shared secret key according to the first secret key exchange parameter and the second secret key;
the message distribution node decrypts the vehicle terminal running data ciphertext by using the shared secret key to obtain current running data of the vehicle terminal, matches vehicle and road cooperative sensing information for the vehicle terminal according to the current running data of the vehicle terminal to obtain first target service information, and encrypts the first target service information by using the shared secret key to obtain a first target service information ciphertext;
and the message distribution node sends a second response message to the vehicle terminal, wherein the second response message comprises the first target service information ciphertext.
7. The method of claim 6, wherein after the message distribution node sends a response message to the vehicle terminal, the method further comprises:
the message distribution node predicts the predicted driving data of the vehicle terminal at the time point of the next period according to the current driving data of the vehicle terminal in the second request message, matches the vehicle road cooperative sensing information for the vehicle terminal according to the predicted driving data of the vehicle terminal to obtain second target service information, and encrypts the second target service information by using the shared secret key to obtain a second target service information ciphertext;
and the message distribution node responds to the second request message and sends an updated second response message to the vehicle terminal, wherein the second response message comprises the second target service information ciphertext.
8. The method of claim 6, further comprising:
when the message distribution node determines that the vehicle terminal is about to drive away from the service range of the message distribution node, the message distribution node sends an edge cloud switching request to the control node, wherein the edge cloud switching request at least comprises an identifier of the vehicle terminal and current driving data of the vehicle terminal;
and the control node responds to the edge cloud switching request, allocates another target edge cloud to the vehicle terminal and instructs the vehicle terminal to perform edge cloud switching.
9. The method of claim 6, further comprising:
the control node responds to the first request message, negotiates the shared key for the vehicle terminal and the message distribution node to generate the first key exchange parameter and a first private key corresponding to the first key exchange parameter;
the first response message further comprises the first key exchange parameter;
the task allocation notification message further includes the first key exchange parameter and the first private key.
10. The method of claim 6, further comprising:
the message distribution node receives a third request message sent by the terminal equipment, wherein the third request message comprises the identifier of the vehicle terminal;
and when the message distribution node determines that the identifiers of the vehicle terminals in the third request message and the task distribution notification message are matched, responding to the third request message, negotiating the shared key for the vehicle terminals and the message distribution node to generate the first key exchange parameter and a first private key corresponding to the first key exchange parameter, and sending a third response message to the vehicle terminals, wherein the third response message comprises the first key exchange parameter.
11. The method of claim 6, wherein the first key exchange parameter comprises a prime number and a root corresponding to the prime number, and a first public key generated according to the prime number, the root, and the first private key;
the second key exchange parameter is a second public key corresponding to the second private key generated by the vehicle terminal according to the prime number, the primitive root and the second private key;
the step of generating, by the message distribution node, the shared key according to the second key exchange parameter and the first private key corresponding to the first key exchange parameter includes:
and calculating to obtain a shared key through a key negotiation algorithm according to the prime number, the second public key and the first private key.
12. A method for edge cloud cooperative data transmission is characterized by comprising the following steps:
sending a first request message to a control node in a central cloud, wherein the first request message at least comprises an identifier of a terminal and current attribute data of the terminal, and the current attribute data of the terminal at least comprises current position information of the terminal;
receiving a first response message sent by the control node in response to the first request message, wherein the first response message at least comprises: the control node distributes routing information of a node for the message in the target edge cloud distributed by the terminal according to the current attribute data of the terminal;
generating a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a second private key of the terminal, and generating a shared key according to the first key exchange parameter and the second private key;
encrypting the current attribute data of the terminal by using the shared key to obtain a terminal attribute data ciphertext, and sending a second request message to the message distribution node according to the routing information, wherein the second request message comprises the terminal attribute data ciphertext and the second key exchange parameter, so that the message distribution node generates the shared key based on a first private key corresponding to the first key exchange parameter and the second key exchange parameter;
receiving a second response message sent by the message distribution node in response to the second request message, wherein the second response message comprises a first target service information ciphertext, the first target service information ciphertext is generated by the message distribution node encrypting first target service information by using the shared key, and the first target service information is service information matched with the terminal by using current attribute data of the terminal;
and decrypting the first target service information ciphertext by using the shared secret key to obtain the first target service information.
13. A method for edge cloud cooperative data transmission is applied to a cloud system, wherein the cloud system comprises a center cloud and an edge cloud, and the method comprises the following steps:
a control node in a center cloud receives a first request message sent by a vehicle terminal, wherein the first request message at least comprises an identifier of the terminal and current attribute data of the terminal, and the current attribute data of the terminal at least comprises current position information of the terminal;
the control node responds to the first request message, allocates a target edge cloud to the terminal according to the current attribute data of the terminal, and sends a first response message to the terminal, wherein the first response message at least comprises routing information of a message distribution node in the target edge cloud;
the control node sends a task allocation notification message to the message distribution node, wherein the task allocation notification message at least comprises the identifier of the terminal;
the message distribution node receives a second request message sent by the terminal, wherein the second request message comprises a terminal attribute data ciphertext of the terminal and a second key exchange parameter generated by the terminal for negotiating a shared key, and the terminal attribute data ciphertext is generated by the terminal according to the current attribute data of the terminal encrypted by the shared key negotiated with the message distribution node;
the message distribution node generates the shared key according to the second key exchange parameter and a first private key corresponding to the first key exchange parameter, wherein the first key exchange parameter and the first private key corresponding to the first key exchange parameter are generated by the message distribution node or the control node; the second key exchange parameter is generated by the terminal according to the first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal; the vehicle terminal generates the shared secret key according to the first secret key exchange parameter and the second secret key;
the message distribution node decrypts the terminal attribute data ciphertext by using the shared key to obtain the current attribute data of the terminal, matches service information for the terminal according to the current attribute data of the terminal to obtain first target service information, and encrypts the first target service information by using the shared key to obtain a first target service information ciphertext;
and the message distribution node sends a second response message to the terminal, wherein the second response message comprises the first target service information ciphertext.
14. A device for edge cloud cooperative data transmission, comprising:
the system comprises a first sending module and a second sending module, wherein the first sending module is used for sending a first request message to a control node in a center cloud, the first request message at least comprises an identifier of a vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least comprises current position information of the vehicle terminal;
a first receiving module, configured to receive a first response message sent by the control node in response to the first request message, where the first response message at least includes: the control node distributes routing information of the node for the message in the target edge cloud distributed by the vehicle terminal according to the current running data of the vehicle terminal;
the shared key establishing module is used for generating a second key exchange parameter according to a first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal, and generating a shared key according to the first key exchange parameter and the second private key;
a second sending module, configured to encrypt current driving data of the vehicle terminal by using the shared key to obtain a vehicle terminal driving data cipher text, and send a second request message to the message distribution node according to the routing information, where the second request message includes the vehicle terminal driving data cipher text and the second key exchange parameter, so that the message distribution node generates the shared key based on a first private key corresponding to the first key exchange parameter and the second key exchange parameter;
a second receiving module, configured to receive a second response message sent by the message distribution node in response to the second request message, where the second response message includes a first target service information ciphertext, the first target service information ciphertext is generated by the message distribution node encrypting first target service information by using the shared key, and the first target service information is vehicle-road cooperative sensing information that is matched with the vehicle terminal by using current driving data of the vehicle terminal;
and the decryption module is used for decrypting the first target service information ciphertext by using the shared secret key to obtain the first target service information.
15. A side cloud collaborative data transmission system, comprising: the system comprises a central cloud and an edge cloud, wherein the central cloud at least comprises a control node, and the edge cloud at least comprises a message distribution node; wherein the content of the first and second substances,
the control node is configured to receive a first request message sent by a vehicle terminal, where the first request message at least includes an identifier of the vehicle terminal and current driving data of the vehicle terminal, and the current driving data of the vehicle terminal at least includes current location information of the vehicle terminal;
the control node is further configured to respond to the first request message, allocate a target edge cloud to the vehicle terminal according to current driving data of the vehicle terminal, and send a first response message to the vehicle terminal, where the first response message at least includes routing information of a message distribution node in the target edge cloud;
the control node is further configured to send a task allocation notification message to the message distribution node, where the task allocation notification message at least includes an identifier of the vehicle terminal;
the message distribution node is configured to receive a second request message sent by the vehicle terminal, where the second request message includes a vehicle terminal driving data cipher text of the vehicle terminal and a second key exchange parameter generated by the vehicle terminal for negotiating a shared key, where the vehicle terminal driving data cipher text is generated by the vehicle terminal encrypting current driving data of the vehicle terminal according to the shared key negotiated with the message distribution node;
the message distribution node is further configured to generate the shared key according to the second key exchange parameter and a first private key corresponding to the first key exchange parameter, where the first key exchange parameter and a first private key corresponding to the first key exchange parameter are generated by the message distribution node or the control node; the second key exchange parameter is generated by the vehicle terminal according to the first key exchange parameter issued by the control node or the message distribution node and a second private key of the vehicle terminal; the vehicle terminal generates the shared secret key according to the first secret key exchange parameter and the second secret key;
the message distribution node is further configured to decrypt the vehicle terminal driving data cipher text by using the shared key to obtain current driving data of the vehicle terminal, match vehicle cooperative sensing information for the vehicle terminal according to the current driving data of the vehicle terminal to obtain first target service information, and encrypt the first target service information by using the shared key to obtain a first target service information cipher text;
the message distribution node is further configured to send a second response message to the vehicle terminal, where the second response message includes the first target service information ciphertext.
16. A vehicle terminal comprising a memory and a processor;
the memory is used for storing a software program;
the processor is used for running the software program to execute the edge cloud collaborative data transmission method according to any one of claims 1 to 5.
17. A server, comprising a memory and a processor;
the memory is used for storing a software program;
the processor is configured to run the software program to execute the edge cloud collaborative data transmission method according to any one of claims 6 to 11.
18. A computer-readable storage medium storing a computer program which, when executed on a computer, causes the computer to implement the edge cloud collaborative data transmission method according to any one of claims 1 to 13.
CN201910722229.9A 2019-08-06 2019-08-06 Edge cloud cooperative data transmission method, device, equipment and storage medium Active CN110430266B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910722229.9A CN110430266B (en) 2019-08-06 2019-08-06 Edge cloud cooperative data transmission method, device, equipment and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910722229.9A CN110430266B (en) 2019-08-06 2019-08-06 Edge cloud cooperative data transmission method, device, equipment and storage medium

Publications (2)

Publication Number Publication Date
CN110430266A CN110430266A (en) 2019-11-08
CN110430266B true CN110430266B (en) 2021-07-13

Family

ID=68412877

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910722229.9A Active CN110430266B (en) 2019-08-06 2019-08-06 Edge cloud cooperative data transmission method, device, equipment and storage medium

Country Status (1)

Country Link
CN (1) CN110430266B (en)

Families Citing this family (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111144715B (en) * 2019-12-11 2023-06-23 重庆邮电大学 Factory electric energy management and control system and method based on edge cloud cooperation
CN113079511B (en) * 2019-12-17 2023-11-03 中国移动通信集团河南有限公司 Method, device, vehicle and storage medium for sharing information between vehicles
CN112989894B (en) * 2019-12-18 2024-05-03 阿里巴巴集团控股有限公司 Target detection method, task processing method, device, equipment and storage medium
CN111506416B (en) * 2019-12-31 2023-09-12 远景智能国际私人投资有限公司 Computing method, scheduling method, related device and medium of edge gateway
CN111083671B (en) * 2020-01-14 2022-12-16 中国电子科技集团公司电子科学研究院 Deterministic network architecture-based vehicle road cloud collaborative networking architecture and method
CN111340456A (en) * 2020-03-06 2020-06-26 国网冀北电力有限公司 Edge cloud collaborative data processing method, device and equipment based on Internet of things
CN111371904B (en) * 2020-03-18 2020-11-10 交通运输部公路科学研究院 Cloud-side-end-coordinated highway cloud control system and control method
CN111565423B (en) * 2020-04-01 2023-05-30 中国联合网络通信集团有限公司 Traffic data processing method and device
CN111158612B (en) * 2020-04-02 2020-07-24 中国人民解放军国防科技大学 Edge storage acceleration method, device and equipment for cooperative mobile equipment
CN111629040B (en) * 2020-05-20 2023-04-07 中移雄安信息通信科技有限公司 Cloud edge coordination method, device, system, equipment and medium
CN112272231B (en) * 2020-10-23 2022-05-13 杭州卷积云科技有限公司 Edge cloud collaborative service arrangement method for intelligent manufacturing scene
CN113259846B (en) * 2021-06-28 2021-11-02 国汽智控(北京)科技有限公司 Container control method and program with automatic driving data processing and computing capability
CN113242319A (en) * 2021-07-09 2021-08-10 军事科学院系统工程研究院网络信息研究所 Cloud edge cooperative work method and system based on video cloud service architecture
CN113486373A (en) * 2021-07-13 2021-10-08 苏州医沃智控科技有限公司 eCTD universal technology document submission management method and system
CN114500536B (en) * 2022-01-27 2024-03-01 京东方科技集团股份有限公司 Cloud edge cooperation method, cloud edge cooperation system, cloud device, cloud platform equipment and cloud medium
CN115174267B (en) * 2022-09-02 2022-11-18 深圳星云智联科技有限公司 TLS protocol negotiation method, equipment and medium
CN116980122B (en) * 2023-07-31 2024-05-24 长春吉大正元信息技术股份有限公司 Quantum key distribution management system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102684817A (en) * 2011-03-10 2012-09-19 万鑫明 Digital fountain code based cloud storage system structure and service providing method
CN107959708A (en) * 2017-10-24 2018-04-24 北京邮电大学 A kind of car networking service collaboration computational methods and system based on high in the clouds-marginal end-car end
CN109688224A (en) * 2018-12-28 2019-04-26 国汽(北京)智能网联汽车研究院有限公司 A kind of intelligent network connection automobile cloud control platform architecture
CN109714421A (en) * 2018-12-28 2019-05-03 国汽(北京)智能网联汽车研究院有限公司 Intelligent network based on bus or train route collaboration joins automobilism system
CN109714730A (en) * 2019-02-01 2019-05-03 清华大学 For Che Che and bus or train route the cloud control plateform system cooperateed with and cooperative system and method
CN110022371A (en) * 2019-04-16 2019-07-16 山东超越数控电子股份有限公司 One kind managing platform and its working method towards the cloud security of " side Yun Xietong " Yun Zhongxin

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10382466B2 (en) * 2017-03-03 2019-08-13 Hitachi, Ltd. Cooperative cloud-edge vehicle anomaly detection
CN109377778B (en) * 2018-11-15 2021-04-06 浪潮集团有限公司 Collaborative automatic driving system and method based on multipath RDMA and V2X
CN109714344B (en) * 2018-12-28 2021-08-03 国汽(北京)智能网联汽车研究院有限公司 Intelligent networking automobile information safety platform based on' end-pipe-cloud

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102684817A (en) * 2011-03-10 2012-09-19 万鑫明 Digital fountain code based cloud storage system structure and service providing method
CN107959708A (en) * 2017-10-24 2018-04-24 北京邮电大学 A kind of car networking service collaboration computational methods and system based on high in the clouds-marginal end-car end
CN109688224A (en) * 2018-12-28 2019-04-26 国汽(北京)智能网联汽车研究院有限公司 A kind of intelligent network connection automobile cloud control platform architecture
CN109714421A (en) * 2018-12-28 2019-05-03 国汽(北京)智能网联汽车研究院有限公司 Intelligent network based on bus or train route collaboration joins automobilism system
CN109714730A (en) * 2019-02-01 2019-05-03 清华大学 For Che Che and bus or train route the cloud control plateform system cooperateed with and cooperative system and method
CN110022371A (en) * 2019-04-16 2019-07-16 山东超越数控电子股份有限公司 One kind managing platform and its working method towards the cloud security of " side Yun Xietong " Yun Zhongxin

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
智慧边缘计算安全综述;安星硕 等;《电信科学》;20180720;正文第4.4节 *

Also Published As

Publication number Publication date
CN110430266A (en) 2019-11-08

Similar Documents

Publication Publication Date Title
CN110430266B (en) Edge cloud cooperative data transmission method, device, equipment and storage medium
EP3340668B1 (en) Profile processing method, profile processing apparatus, user terminal and euicc
US10742418B2 (en) Authentication method, authentication apparatus, and authentication system
CN105264816B (en) The method and apparatus for executing the discovery communicated for equipment to equipment
US11683160B2 (en) Encrypted group communications
US8295488B2 (en) Exchange of key material
CN109951823A (en) Method and apparatus for vehicle-to-vehicle communication
CN108028748A (en) For handling the method, equipment and system of VXLAN messages
US20160080940A1 (en) Method, Apparatus, and System for Configuring Wireless Device
CN105493524A (en) End-to-end M2M service layer sessions
CN109413194B (en) User information cloud cooperative processing and transferring method for mobile communication system
CN106797335B (en) Data transmission method, data transmission device, electronic equipment and computer program product
CN110912852B (en) Method, device and system for obtaining secret key, storage medium and computer terminal
CN110741614B (en) Data communication system and method
CN112351431B (en) Security protection mode determining method and device
US11889307B2 (en) End-to-end security for roaming 5G-NR communications
US20150188699A1 (en) Method and apparatus for establishing secure session between client and server
WO2021227254A1 (en) Routing access method and apparatus, electronic device, and storage medium
JP2020501440A (en) Emergency number setting method, acquisition method and device
CN116321147A (en) Zero trust-based multi-attribute terminal identity authentication method and system
CN113726795A (en) Message forwarding method and device, electronic equipment and readable storage medium
CN116405192A (en) Certificate application method and equipment
CA3204279A1 (en) System and method for key establishment
US7969933B2 (en) System and method for facilitating a persistent application session with anonymity between a mobile host and a network host
CN114173328A (en) Key exchange method and device and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant