CN111866808A - Identity authentication method, device and storage medium - Google Patents

Identity authentication method, device and storage medium Download PDF

Info

Publication number
CN111866808A
CN111866808A CN202010713768.9A CN202010713768A CN111866808A CN 111866808 A CN111866808 A CN 111866808A CN 202010713768 A CN202010713768 A CN 202010713768A CN 111866808 A CN111866808 A CN 111866808A
Authority
CN
China
Prior art keywords
node
identity
vehicle node
verification
access vehicle
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202010713768.9A
Other languages
Chinese (zh)
Other versions
CN111866808B (en
Inventor
魏星
刘平宇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China United Network Communications Group Co Ltd
Original Assignee
China United Network Communications Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China United Network Communications Group Co Ltd filed Critical China United Network Communications Group Co Ltd
Priority to CN202010713768.9A priority Critical patent/CN111866808B/en
Publication of CN111866808A publication Critical patent/CN111866808A/en
Application granted granted Critical
Publication of CN111866808B publication Critical patent/CN111866808B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/44Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for communication between vehicles and infrastructures, e.g. vehicle-to-cloud [V2C] or vehicle-to-home [V2H]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/46Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for vehicle-to-vehicle communication [V2V]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The application discloses an identity authentication method, an identity authentication device and a storage medium, relates to the technical field of information security, and is beneficial to improving the identity authentication efficiency of a vehicle networking to newly added vehicle nodes. The method comprises the steps of receiving an identity authentication request information data packet and n primary authentication results; the primary verification result is a result that the identity verification request information data packet is verified after the identity verification request information data packet sent by the access vehicle node is received by the primary verification node; the initial node is a vehicle node or a roadside device node within the communication range of the accessed vehicle node in the Internet of vehicles; determining the proportion of the target verification result in the n primary verification results, wherein the target verification result is the primary verification result which is used for indicating that the verification is passed in the n primary verification results; if the occupation ratio is smaller than the threshold value, determining that the identity of the access vehicle node is illegal; and if the occupation ratio is larger than or equal to the threshold value, determining whether the identity of the accessed vehicle node is legal or not according to the pre-stored real information of the accessed vehicle node.

Description

Identity authentication method, device and storage medium
Technical Field
The present application relates to the field of information security technologies, and in particular, to an authentication method, an authentication device, and a storage medium.
Background
Currently, a block chain based internet of vehicles includes vehicle nodes, Road Side Units (RSUs), and Trusted Authorities (TAs). And the newly added vehicle nodes need authentication when joining the Internet of vehicles.
In the block chain-based Internet of vehicles, the newly added vehicle nodes are subjected to identity verification by the following method: the newly added vehicle node sends a message to the nearest vehicle node; the vehicle node (hereinafter referred to as an access vehicle node) receiving the message packages the message and the identity information of the newly added vehicle node into a request authentication data packet, and sends the request authentication data packet to an RSU (hereinafter referred to as an access RSU); the access RSU and the access vehicle node carry out identity mutual authentication; if the identities pass the mutual authentication, the access RSU forwards the received request authentication data packet to the TA; and the TA verifies the request authentication data packet according to a common identification mechanism to judge the validity of the identity of the newly added vehicle node.
In the method, the identity authentication of the newly added vehicle node depends on the accessed vehicle node and the accessed RSU, and if the identities of the accessed vehicle node and the accessed RSU are not authenticated mutually, the problem that the identity authentication of the newly added vehicle node with a legal identity is not passed is caused.
Disclosure of Invention
The application provides a method and a device for verifying the identity of a newly added node in the Internet of vehicles and a storage medium, which are beneficial to improving the efficiency of verifying the identity of the newly added node in the Internet of vehicles based on a block chain.
In a first aspect, an identity authentication method is provided, which is applied to a trusted unit, and includes: receiving an identity authentication request information data packet and n primary authentication results; each of the n primary verification results is a result of verification of the identity verification request information data packet by one primary node after receiving the identity verification request information data packet sent by the access vehicle node; one of the first-test nodes is a vehicle node or a roadside device node in the Internet of vehicles within the communication range of the accessed vehicle node; determining the proportion of the target verification result in the n primary verification results, wherein the target verification result is the primary verification result which is used for indicating that the verification is passed in the n primary verification results; if the occupation ratio is smaller than the threshold value, determining that the identity of the access vehicle node is illegal; and if the occupation ratio is larger than or equal to the threshold value, determining whether the identity of the accessed vehicle node is legal or not according to the pre-stored real information of the accessed vehicle node.
Therefore, the credible unit determines whether the identity of the access vehicle node is legal or not according to the plurality of preliminary verification results, and the problem that the identity verification of the access vehicle node with the legal identity (namely, a newly added vehicle node) cannot pass due to the judgment error of one preliminary verification node is solved. The authentication efficiency of the vehicle networking to the newly-added vehicle node is improved.
In a possible implementation manner, if the identity of the access vehicle node is determined to be legal, first indication information is sent to each first-check node; the first indication information is used for informing that the identity of the vehicle access node of the first inspection node is legal; if the identity of the access vehicle node is determined to be illegal, sending second indication information to each primary verification node; the second indication information is used for informing the first-check node that the identity of the access vehicle node is illegal.
In another possible implementation, a target first-pass node is determined; the target experience node is any one experience node in the communication range of the accessed vehicle nodes in the Internet of vehicles; sending third indication information to the target first-check node; the third indication information is used for indicating the target first-check node to send the verification result of the identity verification request information data packet to the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result includes an identity of the access vehicle node being illegal.
In a second aspect, an identity authentication method is provided, which is applied to an access vehicle node, and includes: sending an identity authentication request information data packet to a primary node in a communication range of an access vehicle node; the initial test node is a vehicle node or a roadside device node except the access vehicle node in the Internet of vehicles; receiving a verification result sent by a target first-check node; the target first-test node is a first-test node accessed into the communication range of the vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result includes an improper identity of the access vehicle node.
Therefore, the plurality of the first-check nodes participate in the authentication of the identity of the access vehicle node, and the problem that the identity authentication of the legal-identity access vehicle node (namely, the newly-added vehicle node) cannot pass due to the judgment error of one first-check node is solved. The authentication efficiency of the vehicle networking to the newly-added vehicle node is improved.
In one possible implementation, the authentication request information packet includes encrypted identity information of the access vehicle node; the encrypted identity information of the access vehicle node is obtained by encrypting the identity information of the access vehicle node according to a pre-stored private key and an encryption algorithm.
In a third aspect, an identity authentication method is provided, which is applied to an initial node, and the method includes: receiving an identity authentication request information data packet sent by an access vehicle node; acquiring a preliminary verification result of the identity verification request information data packet according to a prestored public key and a verification algorithm; sending a preliminary verification result and an identity verification request information data packet to a trusted unit; the preliminary verification result and the identity verification request information data packet are used for the trusted unit to determine whether the identity of the access vehicle node is legal or not.
In one possible implementation, the method further includes: receiving fourth indication information; storing the identity authentication request information data packet according to the fourth indication information; or, the authentication request information data packet is discarded according to the fourth indication information.
In another possible implementation manner, the method further includes: sending the verification result of the identity verification request information data packet to the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result includes an improper identity of the access vehicle node.
In a fourth aspect, the present application provides a trusted unit operable to perform any one of the methods provided in any one of the possible implementations of the first aspect.
According to a fourth aspect, in a first possible implementation manner of the fourth aspect, the trusted unit includes several functional modules, and the several functional modules are respectively configured to execute corresponding steps in any one of the methods provided by the first aspect.
According to a fourth aspect, in a second possible implementation manner of the fourth aspect, the trusted unit may include a processor configured to execute any one of the methods provided in any one of the possible implementation manners of the first aspect to the first aspect. The trusted unit may further comprise a memory for storing a computer program for enabling the processor to invoke the computer program for performing any of the methods provided in any of the possible implementations of the first aspect through the first aspect described above.
In a fifth aspect, the present application provides an access vehicle node operable to perform any of the methods provided in any of the possible implementations of the second aspect through the second aspect described above.
According to a fifth aspect, in a first possible implementation manner of the fifth aspect, the access vehicle node comprises several functional modules, each for performing a corresponding step of any one of the methods provided by the second aspect.
According to a fifth aspect, in a second possible implementation of the fifth aspect, the access vehicle node may comprise a processor configured to perform any one of the methods provided in any one of the possible implementations of the second aspect to the second aspect. The access vehicle node may further comprise a memory for storing a computer program for enabling the processor to invoke the computer program for performing any of the methods provided in any of the possible implementations of the second aspect to the second aspect described above.
In a sixth aspect, the present application provides a first-pass node, which may be configured to perform any one of the methods provided in any one of the possible implementation manners of the third aspect to the third aspect.
According to a sixth aspect, in a first possible implementation manner of the sixth aspect, the first experience node includes several functional modules, and the several functional modules are respectively configured to execute corresponding steps in any one of the methods provided by the third aspect.
According to a sixth aspect, in a second possible implementation manner of the sixth aspect, the first experience node may include a processor configured to execute any one of the methods provided in any one of the possible implementation manners of the third aspect to the third aspect. The first-check node may further comprise a memory for storing a computer program for enabling the processor to invoke the computer program for performing any of the methods provided in any of the possible implementations of the third aspect through the fourth aspect described above.
In a seventh aspect, the present application provides a computer device comprising a memory and a processor. The memory is coupled to the processor. The memory is for storing computer program code comprising computer instructions. When the computer instructions are executed by a processor, the computer device performs the method according to any one of the possible implementations of the first aspect to the first aspect, or performs the method according to any one of the possible implementations of the second aspect to the second aspect, or performs the method according to any one of the possible implementations of the third aspect to the third aspect.
In an eighth aspect, the present application provides a chip system applied to a computer device, the chip system including one or more interface circuits and one or more processors. The interface circuit and the processor are interconnected through a line; the interface circuit is to receive signals from a memory of the computer device and to send the signals to the processor, the signals including computer instructions stored in the memory. When the processor executes the computer instructions, the computer device performs the method according to any one of the possible implementations of the first aspect to the first aspect, or performs the method according to any one of the possible implementations of the second aspect to the second aspect, or performs the method according to any one of the possible implementations of the third aspect to the third aspect.
In a ninth aspect, the present application provides a computer-readable storage medium comprising computer instructions which, when executed on a computer device, cause the computer device to perform the method according to any one of the possible implementations of the first aspect to the first aspect, or perform the method according to any one of the possible implementations of the second aspect to the second aspect, or perform the method according to any one of the possible implementations of the third aspect to the third aspect.
In a tenth aspect, the present application provides a computer program product comprising computer instructions that, when run on a computer device, cause the computer device to perform the method according to any one of the possible implementations of the first aspect to the first aspect, or perform the method according to any one of the possible implementations of the second aspect to the second aspect, or perform the method according to any one of the possible implementations of the third aspect to the third aspect.
It is understood that any one of the trusted units, the access vehicle node, the first-experience node, the computer-readable storage medium, the computer program product or the chip provided above may be applied to the corresponding method provided above, and therefore, the beneficial effects achieved by the trusted units, the access vehicle node, the first-experience node, the computer-readable storage medium, the computer program product or the chip may refer to the beneficial effects in the corresponding method, and are not described herein again.
These and other aspects of the present application will be more readily apparent from the following description.
Drawings
Fig. 1 is a schematic view of a car networking structure to which the technical solution provided by the embodiment of the present application is applied;
fig. 2 is a schematic structural diagram of a communication device to which the technical solution provided in the embodiment of the present application is applied;
fig. 3 is a schematic flowchart of an identity authentication method according to an embodiment of the present application;
fig. 4 is a schematic structural diagram of a trusted unit according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of an access vehicle node according to an embodiment of the present disclosure;
fig. 6 is a schematic structural diagram of an initial node according to an embodiment of the present application.
Detailed Description
In the embodiments of the present application, words such as "exemplary" or "for example" are used to mean serving as an example, instance, or illustration. Any embodiment or design described herein as "exemplary" or "e.g.," is not necessarily to be construed as preferred or advantageous over other embodiments or designs. Rather, use of the word "exemplary" or "such as" is intended to present concepts related in a concrete fashion.
In the embodiments of the present application, "at least one" means one or more. "plurality" means two or more.
In the embodiment of the present application, "and/or" is only one kind of association relationship describing an association object, and indicates that three relationships may exist, for example, a and/or B may indicate: a exists alone, A and B exist simultaneously, and B exists alone. In addition, the character "/" herein generally indicates that the former and latter related objects are in an "or" relationship.
In an embodiment of the application, a combination comprises one or more objects.
The identity authentication method provided by the embodiment of the application can be applied to the car networking structure shown in figure 1. The vehicle networking architecture comprises a trusted unit 10, a plurality of experience nodes 20 and an access vehicle node 30. Fig. 1 illustrates four first-experience nodes as an example. The trusted unit 10 and each of the first-test nodes 20 are connected through a network, and the access vehicle node 30 and the first-test nodes 20 are connected through a network.
The trusted unit 10, as a unique secure trusted authority that has an authority to know the true identity of a user and is not attacked by external attackers, is mainly responsible for registering users accessing the internet of vehicles, checking identity information of the users (such as resident identification cards, drivers licenses and the like), generating keys for vehicle nodes with legitimate identities, and for revocation, updating of keys and other administrative matters.
The experience nodes 20 include nodes that access the internet of vehicles within communication range of the vehicle nodes. The nodes of the internet of vehicles comprise vehicle nodes, road side equipment nodes (RSUs) and other nodes in the internet of vehicles. The vehicle node refers to a vehicle which has communication capacity and is internally provided with a communication unit. The communication unit has functions of sensing, calculation processing, wireless communication and the like. The roadside device nodes are mainly laid on two sides of an urban road or an expressway, are devices with sensing functions, computing functions and wireless access communication, and are mainly responsible for verifying signature information sent by access vehicle nodes, gathering received information and sending the gathered information to related infrastructure such as a trusted unit 10. The other nodes refer to other mobile or non-mobile equipment nodes with communication capacity, computing capacity and the like besides the road side equipment nodes and the vehicle nodes.
The access vehicle node 30 is a vehicle node to join the internet of vehicles.
The trusted unit 10, the first-experience node 20 and the access vehicle node 30 may all be implemented by communication devices as shown in fig. 2. Fig. 2 is a schematic structural diagram of a communication device to which the technical solution provided in the embodiment of the present application is applied. The communication device 20 in fig. 2 includes, but is not limited to: the communication device 20 may include at least one processor 301, communication lines 302, memory 303, and at least one communication interface 304.
The processor 301 may be a general purpose Central Processing Unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more ics for controlling the execution of programs in accordance with the present invention.
The communication link 302 may include a path for communicating information between the aforementioned components (e.g., the at least one processor 301, the communication link 302, the memory 303, and the at least one communication interface 304).
The communication interface 304 may be any device, such as a transceiver, for communicating with other devices or communication networks, such as Wide Area Networks (WAN), Local Area Networks (LAN), etc.
The memory 303 may be, but is not limited to, a read-only memory (ROM) or other type of static storage device that may store static information and instructions, a Random Access Memory (RAM) or other type of dynamic storage device that may store information and instructions, an electrically erasable programmable read-only memory (EEPROM), a compact disc read-only memory (CD-ROM) or other optical disk storage, optical disk storage (including compact disc, laser disc, optical disc, digital versatile disc, blu-ray disc, etc.), magnetic disk storage media or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. The memory 303, which may be separate, is coupled to the processor 301 via the communication line 302. The memory 303 may also be integrated with the processor 301. The memory 303 provided by the embodiments of the present application may generally have a nonvolatile property. The memory 303 is used for storing computer instructions for executing the present application, and is controlled by the processor 301. The processor 301 is configured to execute computer instructions stored in the memory 303, thereby implementing the methods provided by the embodiments described below.
Optionally, the computer instructions in the embodiments of the present application may also be referred to as application program codes, which are not specifically limited in the embodiments of the present application.
In one embodiment, the communication device 20 may include a plurality of processors, and each of the processors may be a single-core (single-CPU) processor or a multi-core (multi-CPU) processor. A processor herein may refer to one or more devices, circuits, and/or processing cores for processing data (e.g., computer program instructions).
In particular implementations, communication device 20 may also include an output device 305 and/or an input device 306, as one embodiment. The output device 305 is in communication with the processor 301 and may display information in a variety of ways. For example, the output device 305 may be a Liquid Crystal Display (LCD), a Light Emitting Diode (LED) display device, a Cathode Ray Tube (CRT) display device, a projector (projector), or the like. The input device 306 is in communication with the processor 301 and may receive user input in a variety of ways. For example, the input device 306 may be a mouse, a keyboard, a touch screen device, or a sensing device, among others.
The technical solutions in the embodiments of the present application will be clearly and completely described below with reference to the drawings in the embodiments of the present application, and it is obvious that the described embodiments are only a part of the embodiments of the present application, and not all of the embodiments.
The technical scheme provided by the embodiment of the application comprises the following steps: an initialization phase and an authentication phase. These two stages are explained below:
initialization phase
Before a vehicle node joins any internet of vehicles, the trusted unit 10 stores the true identity information (such as a vehicle driving license) of the vehicle node in advance, and the vehicle node registered with the true identity information of the vehicle node in the trusted unit is configured with a communication key, an encryption algorithm and an authentication algorithm. The communication key, the encryption algorithm and the verification algorithm are used for communication among the nodes of the internet of vehicles managed by the trusted unit.
Authentication phase
Fig. 3 shows a schematic flowchart of an identity verification method provided in an embodiment of the present application. As shown in fig. 3, the method may include the steps of:
s100: and the access vehicle node sends an authentication request information data packet to the primary node in the communication range of the access vehicle node. The initial node is a vehicle node, a road side equipment node or other nodes except the access vehicle node in the Internet of vehicles.
In one possible implementation, the access vehicle node broadcasts an authentication request information packet within its communication range.
In another possible implementation, the access vehicle node sends an authentication request information packet to each of the naive nodes within its communication range.
Optionally, the identity authentication request information data packet includes the identity information of the access vehicle node, the message content, and the encrypted identity information of the access vehicle node. The message content comprises information such as the self speed, the position or the initial reputation value of the access vehicle node. The encrypted identity information of the access vehicle node is obtained by encrypting the identity information of the access vehicle node by using an encryption algorithm according to a pre-stored private key used for the internet of vehicles communication.
Optionally, the authentication request information packet further includes identification information of a private key.
In one example, the private key is key1, the encryption algorithm is F1, and the "access vehicle node encrypts the identity information, init, of the access vehicle node using F1 according to key 1" may be denoted as F1(key1, init, soutid). Wherein the soutid is the encrypted init. The authentication request information packet includes an init and a voutid.
It is understood that the access vehicle node includes a plurality of the first-experience nodes within the communication range, and only three first-experience nodes are illustrated in fig. 3 as an example.
For each of the first-experience nodes within the communication range of the access vehicle node, the following steps are performed: s101 to S102.
S101: and the primary verification node acquires a primary verification result of the identity verification request information data packet according to a pre-stored public key and a verification algorithm. The public key is a public key for decryption corresponding to the private key of the access vehicle node. The preliminary verification result is used for indicating that the access vehicle node passes the authentication, or the preliminary verification result is used for indicating that the access vehicle node fails the authentication.
Optionally, the first-check node stores a corresponding relationship between a plurality of private key identifications and public keys. And the primary check node acquires a public key corresponding to the private key identification included in the identity verification request information data packet according to the corresponding relation.
Based on the example in S100, assuming that the verification algorithm is V1 and the obtained public key is key2, the "obtaining the preliminary verification result of the authentication request information packet by the first verification node according to the public key and the verification algorithm" may be represented as: v1(key2, soutid, init, preliminary verification result).
S102: and the primary verification node sends a primary verification result and an identity verification request information data packet to the trusted unit.
S103: the trusted unit determines the ratio of a target verification result in the received n primary verification results, wherein the target verification result is a primary verification result which is used for indicating that the verification is passed in the n primary verification results; wherein n is a positive integer greater than 1.
In one example, the trusted unit receives 10 preliminary verification results, where 8 preliminary verification results indicate that the verification passed. Then the percentage of the target verification result in the received n preliminary verification results is 80%.
S104: if the occupation ratio is smaller than the threshold value, the trusted unit determines that the identity of the access vehicle node is illegal, and S107 is executed; if the occupancy is greater than or equal to the threshold, S105 is performed.
Specifically, if the occupation ratio is greater than or equal to the threshold value, the trusted unit determines whether the identity information of the access vehicle node exists in the pre-stored real information of the access vehicle node according to the pre-stored real information of the access vehicle node, if so, the trusted unit determines that the identity of the access vehicle node is legal, and if not, the identity of the access vehicle node is illegal.
In one example, the threshold is assumed to be 75%. Then based on the example in S103, if the percentage 80% is greater than the threshold, the trusted unit determines from the pre-stored authenticity information of the access vehicle node whether the identity of the access vehicle node is present in the pre-stored authenticity information of the access vehicle node. If the identity information of the access vehicle node is id12345 and the trusted unit stores the identity information id12345, the trusted unit determines that the identity of the access vehicle node is legal.
S105: and the trusted unit determines whether the identity of the access vehicle node is legal or not according to the pre-stored real information of the access vehicle node.
If the identity of the access vehicle node is determined to be legal, S106 is executed, and if the identity of the access vehicle node is determined to be illegal, S107 is executed.
Optionally, S106, the trusted unit sends first indication information to each of the first-test nodes; the first indication information is used for informing the first verification node that the identity of the access vehicle node is legal.
Optionally, S107: the trusted unit sends second indication information to each first-check node; the second indication information is used for informing the first verification node that the identity of the access vehicle node is illegal.
Optionally, S108: the trusted unit determines a target experience node, wherein the target experience node is any one of experience nodes in the communication range of the access vehicle node in the Internet of vehicles.
In one possible implementation manner, the trusted unit randomly selects one of the n sender naive nodes of the preliminary verification result as the target naive node.
S109: the trusted unit sends third indication information to the target first-check node; the third indication information is used for indicating the target first-check node to send the verification result of the identity verification request information data packet to the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result includes that the identity of the access vehicle node is not legitimate.
It is understood that the functions of S106 to S107 may be broadcasted by the target first-experience node to each node in the internet after the trusted unit sends the third indication information to the target first-experience node in S109. The function of S108 described above may also be replaced as follows: after executing S106 and S107, any one of the experience nodes in the vehicle-linked network determines itself as the target experience node, and broadcasts to other nodes in the vehicle-linked network.
S110: and the target first-check node sends the verification result of the identity verification request information data packet to the access vehicle node.
Subsequently, if the access vehicle node receives the information that the verification result includes that the identity of the access vehicle node is legal, the access vehicle node can establish a session with the nodes in the internet of vehicles and perform data transmission.
In the embodiment of the application, the access vehicle node broadcasts the identity verification request information data packets to the plurality of the preliminary verification nodes, each data packet is used for preliminarily verifying the identity of the access vehicle node by the received preliminary verification node to obtain a preliminary verification result, and the preliminary verification result is sent to the credible unit. Finally, the trusted unit determines whether the identity of the access vehicle node is legal or not according to the plurality of preliminary verification results, and the problem that the identity verification of the access vehicle node with the legal identity (namely, a newly added vehicle node) cannot pass due to the fact that the judgment of one preliminary verification node is wrong is solved. The authentication efficiency of the vehicle networking to the newly-added vehicle node is improved.
The scheme provided by the embodiment of the application is mainly introduced from the perspective of a method. To implement the above functions, it includes hardware structures and/or software modules for performing the respective functions. Those of skill in the art will readily appreciate that the present application is capable of hardware or a combination of hardware and computer software implementing the exemplary method steps described in connection with the embodiments disclosed herein. Whether a function is performed as hardware or computer software drives hardware depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiment of the present application, the trusted unit 10 may be divided into functional modules according to the above method example, for example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. It should be noted that, in the embodiment of the present application, the division of the module is schematic, and is only one logic function division, and there may be another division manner in actual implementation.
Fig. 4 is a schematic structural diagram of a trusted unit according to an embodiment of the present application. The trusted unit 40 may be used to perform the functions performed by the trusted unit in any of the embodiments described above (e.g., the embodiment shown in fig. 3). The trusted unit 40 includes: a receiving unit 401 and a determining unit 402. Wherein, the receiving unit 401: the system comprises a data receiving module, a data transmitting module, a data receiving module, a data transmitting module and a data receiving module, wherein the data receiving module is used for receiving an identity authentication request information data packet and n primary authentication results; n is a positive integer greater than 1; each of the n primary verification results is a result of verification of the identity verification request information data packet by one primary node after receiving the identity verification request information data packet sent by the access vehicle node; one of the first-test nodes is a vehicle node or a roadside device node in the Internet of vehicles within the communication range of the access vehicle node; a determining unit 402, configured to determine a ratio of a target verification result to n preliminary verification results, where the target verification result is a preliminary verification result that indicates that verification passes among the n preliminary verification results; a determining unit 402, configured to determine that the identity of the access vehicle node is illegal if the duty ratio is smaller than the threshold; and if the occupation ratio is larger than or equal to the threshold value, determining whether the identity of the accessed vehicle node is legal or not according to the pre-stored real information of the accessed vehicle node. For example, in conjunction with fig. 3, the receiving unit 401 may be configured to perform the receiving step in S102. The determination unit 402 may be configured to execute S103 to S105, S108.
Optionally, the trusted unit 40 further includes a sending unit 403. A sending unit 403, configured to store the identity authentication request information packet and send first indication information to each first-check node if it is determined that the identity of the access vehicle node is legal; the first indication information is used for informing that the identity of the vehicle access node of the first inspection node is legal; if the identity of the access vehicle node is determined to be illegal, discarding the identity authentication request information data packet and sending second indication information to each primary verification node; the second indication information is used for informing the first-check node that the identity of the access vehicle node is illegal.
Optionally, the determining unit 402 is further configured to: determining a target first-check node; the target experience node is any experience node in the communication range of the access vehicle node in the Internet of vehicles; the sending unit 403 is further configured to send third indication information to the target first-experience node; the third indication information is used for indicating the target first-check node to send the verification result of the identity verification request information data packet to the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result includes an improper identity of the access vehicle node.
In one example, referring to fig. 2, the receiving unit 401 and the sending unit 403 may be implemented by the communication interface 304 in fig. 2. The determination unit 402 may be implemented by the processor 301 in fig. 2 calling a computer program stored in the memory 303.
For the detailed description of the above alternative modes, reference is made to the foregoing method embodiments, which are not described herein again. In addition, for any explanation and description of beneficial effects of the trusted unit 40, reference may be made to the corresponding method embodiment, and details are not repeated.
It should be noted that the actions performed by the modules are only specific examples, and the actions actually performed by the units refer to the actions or steps mentioned in the description of the embodiment based on fig. 3.
In the embodiment of the present application, the access vehicle node 30 may be divided into functional modules according to the above method example, for example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. It should be noted that, in the embodiment of the present application, the division of the module is schematic, and is only one logic function division, and there may be another division manner in actual implementation.
Fig. 5 is a schematic structural diagram of an access vehicle node according to an embodiment of the present application. The access vehicle node 50 may be used to perform the functions performed by the access vehicle node in any of the embodiments described above (e.g., the embodiment shown in fig. 3). The access vehicle node 50 includes: a transmitting unit 501 and a receiving unit 502. Among them, the transmitting unit 501: the identity authentication request information data packet is sent to the first-check node accessed into the communication range of the vehicle node; the initial test node is a vehicle node or a roadside device node except the access vehicle node in the Internet of vehicles; a receiving unit 502, configured to receive a verification result sent by a target first-check node; the target first-test node is a first-test node accessed into the communication range of the vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result includes an improper identity of the access vehicle node. For example, in conjunction with fig. 3, the transmitting unit 501 may be configured to perform the transmitting step in S100. The receiving unit 502 may be configured to perform the receiving step in S110.
Optionally, the identity authentication request information data packet includes encrypted identity information of the access vehicle node; the encrypted identity information of the access vehicle node is obtained by encrypting the identity information of the access vehicle node according to a pre-stored private key and an encryption algorithm.
In one example, referring to fig. 2, the sending unit 501 and the receiving unit 502 may be implemented by the communication interface 304 in fig. 2.
For the detailed description of the above alternative modes, reference is made to the foregoing method embodiments, which are not described herein again. In addition, for any explanation and beneficial effect description of the access vehicle node 50 provided above, reference may be made to the corresponding method embodiment described above, and details are not repeated.
It should be noted that the actions performed by the modules are only specific examples, and the actions actually performed by the units refer to the actions or steps mentioned in the description of the embodiment based on fig. 3.
In the embodiment of the present application, the function modules may be divided into the first-check nodes 20 according to the above method example, for example, each function module may be divided into corresponding functions, or two or more functions may be integrated into one processing module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional module mode. It should be noted that, in the embodiment of the present application, the division of the module is schematic, and is only one logic function division, and there may be another division manner in actual implementation.
Fig. 6 is a schematic structural diagram of an initial node according to an embodiment of the present disclosure. The first-experience node 60 may be used to perform the functions performed by the access vehicle node in any of the embodiments described above (e.g., the embodiment shown in fig. 3). The first-pass node 60 includes: a receiving unit 601, an acquiring unit 602, and a transmitting unit 603. Wherein, the receiving unit 601: the system comprises a vehicle access node, a vehicle access node and a vehicle access control node, wherein the vehicle access node is used for accessing a vehicle; the obtaining unit 602 is configured to obtain a preliminary verification result of the identity verification request information packet according to a pre-stored public key and a verification algorithm; a sending unit 603, configured to send a preliminary authentication result and an authentication request information packet to the trusted unit; the preliminary verification result and the identity verification request information data packet are used for the trusted unit to determine whether the identity of the access vehicle node is legal or not. For example, in conjunction with fig. 3, the receiving unit 601 may be configured to perform the receiving step in S100. The obtaining unit 602 may be configured to execute S101. The transmitting unit 603 may be configured to perform the transmitting step in S102. Alternatively, the receiving unit 601 may be configured to perform the receiving steps in S106, S107, and S109.
Optionally, the receiving unit 601 is further configured to receive fourth indication information; the first verification node 60 further includes a storage unit 604 for storing the authentication request information packet according to the fourth indication information; or, the authentication request information data packet is discarded according to the fourth indication information.
Optionally, the sending unit 603: the authentication result is used for sending the authentication request information data packet to the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result includes an improper identity of the access vehicle node. In one example, referring to fig. 2, the transmitting unit 603 and the receiving unit 601 may be implemented by the communication interface 304 in fig. 2. The storage unit 604 and the acquisition unit 602 may be implemented by the processor 301 in fig. 2 calling a computer program in the memory 303.
For the detailed description of the above alternative modes, reference is made to the foregoing method embodiments, which are not described herein again. In addition, for any explanation and beneficial effect description of the first-check node 60, reference may be made to the corresponding method embodiment, which is not repeated herein.
It should be noted that the actions performed by the modules are only specific examples, and the actions actually performed by the units refer to the actions or steps mentioned in the description of the embodiment based on fig. 3.
An embodiment of the present application further provides a computer device, including: a memory and a processor; the memory is for storing a computer program, and the processor is for invoking the computer program to perform the actions or steps mentioned in any of the embodiments provided above.
Embodiments of the present application also provide a computer-readable storage medium, which stores a computer program, and when the computer program runs on a computer, the computer program causes the computer to execute the actions or steps mentioned in any of the embodiments provided above.
The embodiment of the application also provides a chip. The chip integrates a circuit and one or more interfaces for implementing the functions of the trusted unit, the access vehicle node or the first-check node. Optionally, the functions supported by the chip may include processing actions in the embodiment described based on fig. 3, which is not described herein again. Those skilled in the art will appreciate that all or part of the steps for implementing the above embodiments may be implemented by a program instructing the associated hardware to perform the steps. The program may be stored in a computer-readable storage medium. The above-mentioned storage medium may be a read-only memory, a random access memory, or the like. The processing unit or processor may be a central processing unit, a general purpose processor, an Application Specific Integrated Circuit (ASIC), a microprocessor (DSP), a Field Programmable Gate Array (FPGA) or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof.
The embodiments of the present application also provide a computer program product containing instructions, which when executed on a computer, cause the computer to execute any one of the methods in the above embodiments. The computer program product includes one or more computer instructions. The procedures or functions described in accordance with the embodiments of the present application are all or partially generated upon loading and execution of computer program instructions on a computer. The computer may be a general purpose computer, a special purpose computer, a network of computers, or other programmable device. The computer instructions may be stored on a computer readable storage medium or transmitted from one computer readable storage medium to another, for example, the computer instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center via wire (e.g., coaxial cable, fiber optic, Digital Subscriber Line (DSL)) or wireless (e.g., infrared, wireless, microwave, etc.). Computer-readable storage media can be any available media that can be accessed by a computer or can comprise one or more data storage devices, such as servers, data centers, and the like, that can be integrated with the media. The usable medium may be a magnetic medium (e.g., floppy disk, hard disk, magnetic tape), an optical medium (e.g., DVD), or a semiconductor medium (e.g., Solid State Disk (SSD)), among others.
It should be noted that the above devices for storing computer instructions or computer programs provided in the embodiments of the present application, such as, but not limited to, the above memories, computer readable storage media, communication chips, and the like, are all nonvolatile (non-volatile).
Other variations to the disclosed embodiments can be understood and effected by those skilled in the art in practicing the claimed application, from a review of the drawings, the disclosure, and the appended claims. In the claims, the word "comprising" does not exclude other elements or steps, and the word "a" or "an" does not exclude a plurality. A single processor or other unit may fulfill the functions of several items recited in the claims. The mere fact that certain measures are recited in mutually different dependent claims does not indicate that a combination of these measures cannot be used to advantage.
Although the present application has been described in conjunction with specific features and embodiments thereof, various modifications and combinations can be made thereto without departing from the spirit and scope of the application. Accordingly, the specification and figures are merely exemplary of the present application as defined in the appended claims and are intended to cover any and all modifications, variations, combinations, or equivalents within the scope of the present application.

Claims (18)

1. An identity verification method applied to a trusted unit, the method comprising:
receiving an identity authentication request information data packet and n primary authentication results; n is a positive integer greater than 1; each of the n primary verification results is a result of verification of the identity verification request information data packet by one primary node after receiving the identity verification request information data packet sent by the access vehicle node; the first-test node is a vehicle node or a roadside device node in the Internet of vehicles within the communication range of the access vehicle node;
determining the proportion of a target verification result in the n primary verification results, wherein the target verification result is a primary verification result which is used for indicating that the verification is passed in the n primary verification results;
if the duty ratio is smaller than a threshold value, determining that the identity of the access vehicle node is illegal; and if the occupation ratio is larger than or equal to the threshold value, determining whether the identity of the access vehicle node is legal or not according to the pre-stored real information of the access vehicle node.
2. The method of identity verification according to claim 1, the method further comprising:
if the identity of the access vehicle node is determined to be legal, first indication information is sent to each first-check node; the first indication information is used for informing the identity of the access vehicle node of the first verification node to be legal;
if the identity of the access vehicle node is determined to be illegal, sending second indication information to each primary verification node; the second indication information is used for indicating that the identity of the access vehicle node of the first verification node is illegal.
3. The identity verification method according to claim 1 or 2, wherein the method further comprises:
determining a target first-check node; the target experience node is any experience node in the communication range of the access vehicle node in the Internet of vehicles;
sending third indication information to the target first-check node; the third indication information is used for indicating the target first-test node to send the verification result of the identity verification request information data packet to the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result comprises that the identity of the access vehicle node is not legitimate.
4. An identity verification method applied to an access vehicle node, the method comprising:
sending an identity verification request information data packet to a primary node in the communication range of the access vehicle node; the initial test node is a vehicle node or a roadside device node in the Internet of vehicles except the access vehicle node;
receiving a verification result sent by a target first-check node; the target first-test node is a first-test node in the communication range of the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result comprises that the identity of the access vehicle node is not legitimate.
5. The authentication method according to claim 4, wherein the authentication request information packet includes encrypted identity information of the access vehicle node;
and the encrypted identity information of the access vehicle node is obtained by encrypting the identity information of the access vehicle node according to a prestored private key and an encryption algorithm.
6. An identity authentication method is applied to a first check node, and comprises the following steps:
receiving an identity authentication request information data packet sent by an access vehicle node;
acquiring a preliminary verification result of the identity verification request information data packet according to a prestored public key and a verification algorithm;
sending the preliminary verification result and the identity verification request information data packet to a trusted unit; the preliminary verification result and the identity verification request information data packet are used for the trusted unit to determine whether the identity of the access vehicle node is legal or not.
7. The method of authenticating according to claim 6, the method further comprising:
receiving fourth indication information;
storing the identity authentication request information data packet according to the fourth indication information; or, the authentication request information data packet is discarded according to the fourth indication information.
8. The identity verification method according to claim 6 or 7, wherein the method further comprises:
sending the verification result of the identity verification request information data packet to the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result comprises that the identity of the access vehicle node is not legitimate.
9. A trusted unit, comprising:
the receiving unit is used for receiving the identity authentication request information data packet and n primary authentication results; n is a positive integer greater than 1; each of the n primary verification results is a result of verification of the identity verification request information data packet by one primary node after receiving the identity verification request information data packet sent by the access vehicle node; the first-test node is a vehicle node or a roadside device node in the Internet of vehicles within the communication range of the access vehicle node;
a determining unit, configured to determine a ratio of a target verification result in the n preliminary verification results, where the target verification result is a preliminary verification result that indicates that verification passes in the n preliminary verification results;
the determining unit is further used for determining that the identity of the access vehicle node is illegal if the ratio is smaller than a threshold value; and if the occupation ratio is larger than or equal to the threshold value, determining whether the identity of the access vehicle node is legal or not according to the pre-stored real information of the access vehicle node.
10. The trusted unit of claim 9, wherein the trusted unit further comprises:
the sending unit is used for sending first indication information to each primary check node if the identity of the access vehicle node is determined to be legal; the first indication information is used for informing the identity of the access vehicle node of the first verification node to be legal; if the identity of the access vehicle node is determined to be illegal, sending second indication information to each primary verification node; the second indication information is used for indicating that the identity of the access vehicle node of the first verification node is illegal.
11. The trusted unit of claim 10,
the determination unit is further configured to: determining a target first-check node; the target experience node is any experience node in the communication range of the access vehicle node in the Internet of vehicles;
the sending unit is further configured to send third indication information to the target first-check node; the third indication information is used for indicating the target first-test node to send the verification result of the identity verification request information data packet to the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result comprises that the identity of the access vehicle node is not legitimate.
12. An access vehicle node, comprising:
the sending unit is used for sending an identity authentication request information data packet to the first-check node in the communication range of the access vehicle node; the initial test node is a vehicle node or a roadside device node in the Internet of vehicles except the access vehicle node;
the receiving unit is used for receiving the verification result sent by the target first-check node; the target first-test node is a first-test node in the communication range of the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result comprises that the identity of the access vehicle node is not legitimate.
13. The access vehicle node of claim 12, wherein the authentication request information packet includes encrypted identity information of the access vehicle node;
and the encrypted identity information of the access vehicle node is obtained by encrypting the identity information of the access vehicle node according to a prestored private key and an encryption algorithm.
14. A first experience node, comprising:
the receiving unit is used for receiving an identity authentication request information data packet sent by an access vehicle node;
the obtaining unit is used for obtaining a preliminary verification result of the identity verification request information data packet according to a prestored public key and a verification algorithm;
the sending unit is used for sending the preliminary verification result and the identity verification request information data packet to a trusted unit; the preliminary verification result and the identity verification request information data packet are used for the trusted unit to determine whether the identity of the access vehicle node is legal or not.
15. A naive node as in claim 14, wherein said receiving unit is further configured to:
receiving fourth indication information;
the first check node further comprises a storage unit, which is used for storing the identity authentication request information data packet according to the fourth indication information; or, the authentication request information data packet is discarded according to the fourth indication information.
16. A naive node as in claim 14 or 15, wherein said sending unit:
a verification result for sending the authentication request information packet to the access vehicle node; the verification result comprises that the identity of the access vehicle node is legal; alternatively, the verification result comprises that the identity of the access vehicle node is not legitimate.
17. A computer device, comprising: a memory for storing a computer program and a processor for executing the computer program to perform the method of any of claims 1-3, or to perform the method of any of claims 6-8, or to perform the method of claim 4 or 5.
18. A computer-readable storage medium, having stored thereon a computer program which, when run on a computer, causes the computer to perform the method of any of claims 1-3, or to perform the method of any of claims 6-8, or to perform the method of claim 4 or 5.
CN202010713768.9A 2020-07-22 2020-07-22 Identity authentication method, device and storage medium Active CN111866808B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010713768.9A CN111866808B (en) 2020-07-22 2020-07-22 Identity authentication method, device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010713768.9A CN111866808B (en) 2020-07-22 2020-07-22 Identity authentication method, device and storage medium

Publications (2)

Publication Number Publication Date
CN111866808A true CN111866808A (en) 2020-10-30
CN111866808B CN111866808B (en) 2023-03-24

Family

ID=72949606

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010713768.9A Active CN111866808B (en) 2020-07-22 2020-07-22 Identity authentication method, device and storage medium

Country Status (1)

Country Link
CN (1) CN111866808B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113868665A (en) * 2021-09-26 2021-12-31 中国联合网络通信集团有限公司 Identity authentication method, device and storage medium

Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140081848A1 (en) * 2012-09-17 2014-03-20 Kapsch Trafficcom Ag Method for electronically processing a traffic offense and onboard-unit therefor
CN105792207A (en) * 2016-04-29 2016-07-20 北京航空航天大学 Vehicle networking authentication method facing vehicle differentiation
CN105813073A (en) * 2014-12-30 2016-07-27 浙江高鸿电子技术有限公司 Road side node verifiable threshold signature method based on vehicle-mounted short distance communication network
CN109067525A (en) * 2018-08-01 2018-12-21 安徽大学 Message authentication method based on half credible administrative center in car networking
CN110602705A (en) * 2019-09-20 2019-12-20 浙江树人学院(浙江树人大学) Improved PBFT consensus method suitable for Internet of vehicles environment
CN110831004A (en) * 2019-10-16 2020-02-21 上海交通大学 Node identity authentication method and system suitable for Internet of vehicles
CN111083156A (en) * 2019-12-25 2020-04-28 中国联合网络通信集团有限公司 Authentication method, authentication device, electronic equipment and storage medium
CN111372220A (en) * 2020-02-28 2020-07-03 长安大学 Block chain consensus method applied to Internet of vehicles
CN111372248A (en) * 2020-02-27 2020-07-03 南通大学 Efficient anonymous identity authentication method in Internet of vehicles environment
CN111405011A (en) * 2020-03-07 2020-07-10 北京工业大学 Block chain based trusted node joining method in VANET

Patent Citations (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20140081848A1 (en) * 2012-09-17 2014-03-20 Kapsch Trafficcom Ag Method for electronically processing a traffic offense and onboard-unit therefor
CN105813073A (en) * 2014-12-30 2016-07-27 浙江高鸿电子技术有限公司 Road side node verifiable threshold signature method based on vehicle-mounted short distance communication network
CN105792207A (en) * 2016-04-29 2016-07-20 北京航空航天大学 Vehicle networking authentication method facing vehicle differentiation
CN109067525A (en) * 2018-08-01 2018-12-21 安徽大学 Message authentication method based on half credible administrative center in car networking
CN110602705A (en) * 2019-09-20 2019-12-20 浙江树人学院(浙江树人大学) Improved PBFT consensus method suitable for Internet of vehicles environment
CN110831004A (en) * 2019-10-16 2020-02-21 上海交通大学 Node identity authentication method and system suitable for Internet of vehicles
CN111083156A (en) * 2019-12-25 2020-04-28 中国联合网络通信集团有限公司 Authentication method, authentication device, electronic equipment and storage medium
CN111372248A (en) * 2020-02-27 2020-07-03 南通大学 Efficient anonymous identity authentication method in Internet of vehicles environment
CN111372220A (en) * 2020-02-28 2020-07-03 长安大学 Block chain consensus method applied to Internet of vehicles
CN111405011A (en) * 2020-03-07 2020-07-10 北京工业大学 Block chain based trusted node joining method in VANET

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113868665A (en) * 2021-09-26 2021-12-31 中国联合网络通信集团有限公司 Identity authentication method, device and storage medium
CN113868665B (en) * 2021-09-26 2023-01-24 中国联合网络通信集团有限公司 Identity authentication method, device and storage medium

Also Published As

Publication number Publication date
CN111866808B (en) 2023-03-24

Similar Documents

Publication Publication Date Title
WO2020224621A1 (en) Method for applying for digital certificate
CN112435028B (en) Block chain-based Internet of things data sharing method and device
KR101421329B1 (en) A method for authenticating a trusted platform based on the tri-element peer authentication(tepa)
WO2021168864A1 (en) Fault diagnostic method and apparatus, and vehicle
US20150113618A1 (en) Verifying the security of a remote server
US20140245417A1 (en) Centralized secure management method of third-party application, system and corresponding communication system
CN108259438A (en) A kind of method and apparatus of the certification based on block chain technology
CN112651037B (en) Out-of-chain data access method and system for block chain system
TW201525755A (en) Method for verifying legitimacy, middle server and computer-readable storage medium
CN101262342A (en) Distributed authorization and validation method, device and system
KR20140127303A (en) Multi-factor certificate authority
WO2020259169A1 (en) Authentication method, device, and system
US20070179907A1 (en) Security bootstrapping for distributed architecture devices
CN110545252A (en) Authentication and information protection method, terminal, control function entity and application server
CN111414640B (en) Key access control method and device
CN115499119A (en) PUF-based vehicle authentication method with privacy protection function
CN111866808B (en) Identity authentication method, device and storage medium
CN102045310B (en) Industrial Internet intrusion detection as well as defense method and device
CN111614731A (en) Method and system for accessing block chain to Internet of things equipment, aggregation gateway and storage medium
CN113472541B (en) Certificate switching method and device
CN113612616A (en) Vehicle communication method and device based on block chain
CN111866993B (en) Wireless local area network connection management method, device, software program and storage medium
KR102377045B1 (en) SYSTEMS AND METHODS FOR AUTHENTICATING IoT DEVICE THROUGH CLOUD USING HARDWARE SECURITY MODULE
CN116707983A (en) Authorization authentication method and device, access authentication method and device, equipment and medium
KR102673331B1 (en) Distribution of software updates to vehicles through V2V communication and verification by the vehicle community

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant