CN112839040B - Identity authentication method, device and medium - Google Patents
Identity authentication method, device and medium Download PDFInfo
- Publication number
- CN112839040B CN112839040B CN202110007496.5A CN202110007496A CN112839040B CN 112839040 B CN112839040 B CN 112839040B CN 202110007496 A CN202110007496 A CN 202110007496A CN 112839040 B CN112839040 B CN 112839040B
- Authority
- CN
- China
- Prior art keywords
- digital key
- terminal
- information
- sharing
- vehicle end
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Computer Security & Cryptography (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Lock And Its Accessories (AREA)
- Storage Device Security (AREA)
Abstract
The embodiment of the invention discloses an identity authentication method, a device and a medium, wherein the method is applied to a vehicle of a system consisting of a server, a terminal and the vehicle and comprises the following steps: receiving a sharing digital key sent by a sharing digital key holding terminal, wherein the sharing digital key is generated by a terminal where a main digital key is located according to the main digital key and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located; calculating hash values of vehicle end information and terminal identity information; if the hash value is in the white list, outputting permission control information to the sharing digital key holding terminal; before receiving the sharing digital key sent by the sharing digital key holding terminal, the method further comprises the following steps: acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal; and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list. The method solves the problem that the safety of the identity authentication method in the prior art is weak.
Description
Technical Field
The embodiment of the invention relates to the field of vehicle control, in particular to an identity authentication method, an identity authentication device and an identity authentication medium.
Background
With the high-speed development of technologies such as automobile sharing and unmanned technologies, great convenience is brought to our lives. However, technologies such as automobile sharing and unmanned operation are based on the Internet of vehicles, and intelligent and convenient system safety problems caused by intelligent automobiles are faced at the same time. The car networking takes 'cloud at two ends' as a main body, roadbed facilities are supplemented, objects such as intelligent network connected cars, mobile intelligent terminals, car networking service platforms and the like are included, five communication scenes of car-cloud communication, car-car communication, car-person communication, car-road communication and in-car communication are related, multifunctional car keys are popular, and signal relay and algorithm cracking threat is large. The Internet of vehicles service cloud platform faces the traditional cloud platform security problem, and the weak identity authentication enables the Internet of vehicles management platform to be exposed to an attacker and face network attack. The transmission and storage links have the risk of data theft, the excessive collection and the cross-border use of the data become the main problems of privacy protection, and the cross-border flow of the data become the potential hazards of the threat to the national security.
Based on this, the problem that the security of the identity authentication method in the prior art is weak needs to be solved at present, so as to effectively protect the user information.
Disclosure of Invention
The embodiment of the invention provides an identity authentication method, an identity authentication device and a medium, which solve the problem that the safety of the identity authentication method in the prior art is weak, so as to effectively protect user information.
In a first aspect, an embodiment of the present invention provides an identity authentication method applied to a vehicle of a system including a server, a terminal, and a vehicle, including:
the method comprises the steps of receiving a sharing digital key sent by a terminal held by the sharing digital key, wherein the sharing digital key is generated by a terminal where a main digital key is located according to the main digital key and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located;
calculating hash values of the vehicle-end information and the terminal identity information;
if the hash value is in the white list, outputting permission control information to the sharing digital key holding terminal;
before receiving the sharing digital key sent by the sharing digital key holding terminal, the method further comprises the following steps:
acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal;
and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to a white list.
In a second aspect, an embodiment of the present invention further provides an identity authentication device, which is disposed in a vehicle of a system including a server, a terminal, and a vehicle, and is characterized in that the identity authentication device includes:
the vehicle end receiving module is used for receiving a sharing digital key, wherein the sharing digital key is generated by a terminal according to a main digital key and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located;
the vehicle end computing module is used for computing hash values of the vehicle end information and the terminal identity information;
the vehicle end output module is used for outputting permission control information to the sharing digital key holding terminal if the hash value is in the white list;
the vehicle end sharing key module is used for acquiring sharing information fed back when the terminal where the main digital key is located sends the sharing digital key to the sharing digital key holding terminal before receiving the digital key sent by the terminal where the main digital key is located; and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to a white list.
In a third aspect, an embodiment of the present invention further provides an identity authentication method, which is applied to a terminal of a vehicle-to-vehicle system composed of a server, a terminal and a vehicle, and includes:
The method comprises the steps that a sharing digital key is sent to a vehicle end, wherein the sharing digital key is from a terminal where a main digital key is located and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located;
receiving permission control information returned by a vehicle end, wherein the permission control information is generated by the vehicle end when hash values corresponding to the vehicle end information and the terminal identity information are in a white list;
before a sharing digital key is sent to a vehicle end, a digital sharing key sent by a terminal where a main digital key is located is received, and the terminal sends sharing information to the vehicle end while sending the sharing digital key, so that the vehicle end adds a hash value corresponding to the sharing digital key to a white list, wherein the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information.
In a fourth aspect, an embodiment of the present invention further provides an identity authentication device, provided in a terminal of a system including a server, a terminal, and a vehicle, including:
the terminal sending module is used for sending a sharing digital key to the vehicle end, wherein the sharing digital key is from a terminal where the main digital key is located and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located;
The terminal receiving module is used for receiving permission control information returned by the vehicle terminal, wherein the permission control information is generated by the vehicle terminal when hash values corresponding to the vehicle terminal information and the terminal identity information are in a white list;
before the sharing digital key is sent to the vehicle end, the terminal receiving module is further used for receiving the sharing key sent by the terminal digital key sharing module, and the terminal digital key sharing module is used for sending sharing information to the vehicle end while sending the sharing digital key, so that the vehicle end adds the hash value corresponding to the sharing digital key to the white list, wherein the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information.
In a fifth aspect, embodiments of the present invention also provide a storage medium containing computer-executable instructions which, when executed by a computer processor, are used to perform the identity authentication method according to the third aspect.
The technical scheme of the identity authentication method provided by the embodiment of the invention is applied to a vehicle of a system consisting of a server, a terminal and a vehicle, and comprises the steps of receiving a digital key, wherein the digital key comprises vehicle end information and terminal identity information; calculating hash values of vehicle end information and terminal identity information; if the hash value is in the white list, the permission control information is output. And if the shared digital key of the shared digital key holding terminal is in the white list, the vehicle can be controlled according to the received permission control information after the shared digital key holding terminal passes the identity authentication through the identity authentication of the shared digital key holding terminal, so that the identity authentication of the user in an offline state is convenient, the safety is higher, and the user information leakage is prevented.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings required for the description of the embodiments will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flowchart of an identity authentication method according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a master digital key acquisition according to a first embodiment of the present invention;
FIG. 3 is a block diagram of an identity authentication device according to a second embodiment of the present invention;
fig. 4 is a flowchart of an identity authentication method according to a third embodiment of the present invention;
fig. 5 is a block diagram of an identity authentication device according to a fifth embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described by means of implementation examples with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
Fig. 1 is a flowchart of an identity authentication method according to an embodiment of the present invention. The technical scheme of the embodiment is suitable for the condition that the vehicle end verifies the identity of the terminal. The method can be executed by the identity authentication device provided by the embodiment of the invention, and the device can be realized in a software and/or hardware mode and is configured to be applied in a processor. The method specifically comprises the following steps:
s101, receiving a sharing digital key sent by a sharing digital key holding terminal, wherein the sharing digital key is generated by a terminal where a main digital key is located according to the main digital key and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located.
The terminal wants to control the vehicle by means of a digital key, which is usually sent to the vehicle first in order for the vehicle to verify it. The digital key of the embodiment comprises vehicle end information and terminal identity information of a terminal held by a vehicle owner, wherein the vehicle end information comprises the vehicle end identity information and a random number generated by the vehicle end. Further, the digital key preferably also includes rights information for defining the functions of the vehicle that the user can use. Such as disabling the use of air conditioning, disabling the use of car navigation, etc.
The digital key may be a master digital key or a shared digital key. Typically, the owner of the vehicle holds a master digital key. If another person wants to use the vehicle, the owner can generate a sharing digital key based on the master digital key and then share the sharing digital key to other users so that they can use the vehicle. That is, the terminal held by the vehicle owner is the terminal where the main digital key is located, and the terminal receiving the shared digital key shared by the vehicle owner is the terminal held by the shared digital key.
It will be appreciated that if the digital key is the primary digital key, the user or owner may need to obtain the primary digital key through the terminal before using the primary digital key. As shown in fig. 2, operations performed by the vehicle end when the master digital key is acquired include: the vehicle terminal receives authentication request information sent by the terminal and sends vehicle terminal information to the terminal according to the authentication request information, wherein the authentication request information comprises terminal identity information; the method comprises the steps that a vehicle terminal receives a signature value sent by a terminal, wherein the signature value is generated by signing vehicle terminal information and terminal identity information sent by the terminal through a server; and verifying the signature value, sending a digital key to the terminal when the verification is passed, and adding the hash values of the vehicle end information and the terminal identity information to the white list, wherein the premise of the verification is that the signature value at least comprises the signature value of the server. The vehicle end preferably adopts asymmetric calculation to verify the signature value, and the premise of passing the verification is that the signature value contains the signature value of the server, the terminal identity information and the vehicle end information.
It can be understood that if the digital key is a shared digital key, the shared digital key holding terminal and the vehicle end need to acquire the information of the shared digital key first. The operation of the vehicle end when the digital key is shared comprises the following steps: the vehicle end obtains sharing information fed back when the terminal of the main digital key sends the sharing digital key to the sharing digital key holding terminal, and the sharing digital key is generated by the terminal of the main digital key according to the main digital key; and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list. The shared information and the shared digital key comprise terminal identity information, vehicle end information and a signature value of the server which are the same as those of the main digital key.
It can be understood that the white list in fig. 2 contains a main digital key and a shared digital key, and in general, the main digital key and the shared digital key can be distinguished by a key identifier, so that the main digital key can be managed conveniently by a vehicle owner; or each vehicle is provided with only one main digital key, and the hash value of the main digital key is arranged in the first position.
The sharing information further comprises priority and authority information, and the priority and the authority information are added into the sharing digital key when the user generates the sharing digital key according to the main digital key. And for the priority level, after generating the hash value corresponding to the sharing digital key according to the sharing information, the user adds the hash value to the position corresponding to the priority level in the white list according to the priority level in the sharing information. The user may set a priority order, such as a higher priority of the digital key corresponding to a hash value with a smaller index, and a lower priority of the digital key corresponding to a hash value with a larger index. It can be understood that the priority and the authority information in the sharing information are used for enabling the vehicle end to acquire the authority information and the priority of the corresponding digital key.
S102, calculating hash values of the vehicle-end information and the terminal identity information.
After the vehicle receives the digital key, whether the digital key is a main digital key or a shared digital key, hash value operation is firstly carried out on the vehicle end information and the terminal identity information in the received digital key to obtain hash values of the vehicle end information and the terminal identity information. Preferably, the vehicle hashes the vehicle identification information in the digital key, the random number generated by the vehicle and the terminal identification information to obtain a hash value. And the vehicle-end information and the terminal identity information are encrypted through hash operation, so that the safety of the user information is improved.
S103, if the hash value is in the white list, outputting permission control information to the sharing digital key holding terminal.
After the hash value is obtained, the hash value is compared with the hash value in the white list, and if the obtained hash value is in the white list, the permission control information is sent to the source terminal of the digital key through verification of the digital key corresponding to the hash value. It will be appreciated that if the digital key is a shared digital key that includes rights information, then the permission control information also includes rights information, and the source terminal of the digital key can only use the vehicle within the scope of the rights defined by the rights information.
Further, if the vehicle end receives a plurality of digital keys at the same time, it is necessary to determine the priority level of each digital key first, which may be embodied in the serial number of the hash value in the white list, and after the priority level of the digital key is determined, the permission control information is sent to the source terminal of the digital key with the highest priority level, and the prohibition control information is sent to the source terminals of other digital keys.
In order to improve the security of the white list, the white list data of the present embodiment is stored in a nonvolatile memory in a scattered manner.
S104, if the hash value is not in the white list, outputting forbidden control information to the sharing digital key holding terminal.
It can be understood that if the obtained hash value is not in the white list, the digital key corresponding to the hash value cannot pass the authentication, and the prohibition control information is sent to the source terminal of the digital key, that is, the digital key is not allowed to control the current vehicle. Digital keys that are not on the whitelist, typically illegal keys or unregistered keys, cannot allow them to control the vehicle. Thus, the safety of the vehicle can be ensured, and the identity authentication time can be shortened.
The technical scheme of the identity authentication method provided by the embodiment of the invention is applied to a vehicle of a system consisting of a server, a terminal and a vehicle, and comprises the steps of receiving a sharing digital key, wherein the sharing digital key comprises vehicle end information and terminal identity information of a terminal where a main digital key is positioned; calculating hash values of vehicle end information and terminal identity information; and if the hash value is in the white list, outputting permission control information to the sharing digital key holding terminal. And if the shared digital key of the shared digital key holding terminal is in the white list, the vehicle can be controlled according to the received permission control information after the shared digital key holding terminal passes the identity authentication through the identity authentication of the shared digital key holding terminal, so that the identity authentication of the user in an offline state is convenient, the safety is higher, and the user information leakage is prevented.
Example two
Fig. 3 is a block diagram of an identity authentication device according to a second embodiment of the present invention. The device is used for executing the identity authentication method provided by any embodiment, and the device can be realized in software or hardware. The device comprises:
the vehicle end receiving module 11 is configured to receive a sharing digital key sent by a sharing digital key holding terminal, where the sharing digital key is generated by a terminal where a main digital key is located according to the main digital key, and includes vehicle end information and terminal identity information of the terminal where the main digital key is located;
the vehicle end computing module 12 is used for computing hash values of the vehicle end information and the terminal identity information;
and the vehicle end output module 13 is used for outputting permission control information to the sharing digital key holding terminal if the hash value is in the white list.
The vehicle-end sharing key module 14 is configured to, before receiving the sharing digital key sent by the sharing digital key holding terminal, further include: acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal; and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to a white list.
The vehicle-end information comprises vehicle-end identity information and random numbers, and the digital key is a main digital key or a shared digital key.
The vehicle end computing module is also used for: and outputting inhibition control information if the hash value is not in the white list.
The device also comprises a vehicle-end digital key generation module, a terminal identification module and a terminal identification module, wherein the vehicle-end digital key generation module is used for receiving authentication request information sent by a terminal where a main digital key is located and sending vehicle-end information to the terminal where the main digital key is located according to the authentication request information, and the authentication request information comprises terminal identification information of the terminal where the main digital key is located; the method comprises the steps of receiving a signature value sent by a terminal where a main digital key is located, wherein the signature value is generated by signing vehicle end information and terminal identity information sent by the terminal where the main digital key is located by a server; and verifying the signature value, sending the main digital key to a terminal where the main digital key is located when the verification passes, and adding the hash value of the vehicle end information and the terminal identity information to a white list, wherein the premise of the verification passing is that: the signature value comprises at least the signature value of the server.
The vehicle-end adding unit is specifically configured to generate a hash value corresponding to the sharing digital key according to the sharing information, and add the hash value of the sharing digital key to a white list position corresponding to the priority. Correspondingly, the vehicle end output module is specifically used for: if the hash value is in the white list, judging the number of the digital keys in the white list of the hash value received at the current moment; outputting permission control information if the number is 1; and if the number is at least two, outputting permission control information to the source terminal of the digital key with the highest hash value priority.
The technical scheme of the identity authentication device provided by the embodiment of the invention is applied to a vehicle of a system consisting of a server, a terminal and a vehicle, the shared digital key sent by a shared digital key holding terminal is received through a vehicle end receiving module, and the shared digital key is generated by the terminal where a main digital key is located according to the main digital key and comprises vehicle end information and terminal identity information; calculating hash values of the vehicle end information and the terminal identity information through a vehicle end calculation module; based on the vehicle end output module, if the hash value is in the white list, outputting permission control information; the vehicle end sharing key module is used for acquiring sharing information fed back when the terminal where the main digital key is located sends the sharing digital key to the sharing digital key holding terminal before receiving the digital key sent by the terminal where the main digital key is located; and generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list. And if the shared digital key of the shared digital key holding terminal is in the white list, the vehicle can be controlled according to the received permission control information after the shared digital key holding terminal passes the identity authentication through the identity authentication of the shared digital key holding terminal, so that the identity authentication of the user in an offline state is convenient, the safety is higher, and the user information leakage is prevented.
The identity authentication device provided by the embodiment of the invention can execute the identity authentication method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example III
Fig. 4 is a flowchart of an identity authentication method according to a third embodiment of the present invention. The technical scheme of the embodiment is suitable for the condition that the vehicle end verifies the identity of the terminal, and is applied to the terminal of the vehicle-to-vehicle system consisting of the server, the terminal and the vehicle. The method can be executed by the identity authentication device provided by the embodiment of the invention, and the device can be realized in a software and/or hardware mode and is configured to be applied in a processor. The method specifically comprises the following steps:
s201, sending a sharing digital key to a vehicle end, wherein the sharing digital key is from a terminal where a main digital key is located and comprises vehicle end information and terminal identity information of the terminal where the main digital key is located.
The terminal wants to control the vehicle by means of a digital key, which is usually sent to the vehicle first in order for the vehicle to verify it. The digital key of the embodiment includes vehicle-end information and terminal identity information, wherein the vehicle-end information includes vehicle-end identity information and a random number generated by the vehicle-end. Further, the digital key preferably also includes rights information for defining the functions of the vehicle that the user can use. Such as disabling the use of air conditioning, disabling the use of car navigation, etc.
The digital key may be a master digital key or a shared digital key. Typically, the owner of the vehicle holds a master digital key. If another person wants to use the vehicle, the owner can generate a sharing digital key based on the master digital key and then share the sharing digital key to the user of the vehicle to enable the user to use the vehicle.
It will be appreciated that if the digital key is the primary digital key, the user or owner may need to acquire the primary digital key before using the primary digital key. As shown in fig. 2, the operations performed by the terminal when the master digital key is acquired include: authentication request information is sent to a vehicle end, wherein the authentication request information comprises terminal identity information; receiving vehicle end information sent by a vehicle end according to authentication request information; the terminal identity information and the vehicle end information are sent to a server, and a signature value returned by the server is received; the signature value is sent to the vehicle end, so that the vehicle end verifies the signature value, a digital key is returned when verification passes, and the hash value of the vehicle end information and the terminal identity information is added to the white list, wherein the premise of the verification passing is that the signature value at least comprises the signature value of the server, and the signature value of the server, the terminal identity information and the vehicle end information are preferably included.
It can be understood that if the digital key shares the digital key, the terminal and the vehicle end need to acquire the information of sharing the digital key first. The operations executed by the terminal when the sharing digital key is acquired include: and the terminal of the main digital key sends sharing information to the vehicle end when sending the sharing digital key to the target terminal, namely to the sharing digital key holding terminal, so that the vehicle end adds the hash value corresponding to the sharing digital key to the white list, wherein the sharing digital key is generated by the terminal of the main digital key according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information. The shared information and the shared digital key comprise terminal identity information, vehicle end information and a signature value of the server which are the same as those of the main digital key.
The sharing information further comprises priority and authority information, and the priority and the authority information are added into the sharing digital key when the user generates the sharing digital key according to the main digital key. And for the priority level, after generating the hash value corresponding to the sharing digital key according to the sharing information, the user adds the hash value to the position corresponding to the priority level in the white list according to the priority level in the sharing information. It can be understood that the priority and the authority information in the sharing information are used for enabling the vehicle end to acquire the authority information and the priority of the corresponding digital key.
S202, receiving permission control information returned by the vehicle end, wherein the permission control information is generated by the vehicle end when hash values corresponding to the vehicle end information and the terminal identity information are in a white list.
After the vehicle receives the digital key, hash value operation is carried out on the vehicle-end information and the terminal identity information in the digital key to obtain hash values of the vehicle-end information and the terminal identity information. Preferably, the vehicle hashes the vehicle identification information in the digital key, the random number generated by the vehicle and the terminal identification information to obtain a hash value. Comparing the hash value with the hash value in the white list, and if the obtained hash value is in the white list, transmitting permission control information to a source terminal of the digital key through verification of the digital key corresponding to the hash value. It will be appreciated that if the digital key is a shared digital key that includes rights information, then the permission control information also includes rights information, and the source terminal of the digital key can only use the vehicle within the scope of the rights defined by the rights information.
It can be understood that the terminal may also receive the prohibition control information, which may be the case because the vehicle end does not pass the authentication of the terminal, that is, the hash value corresponding to the digital key sent by the terminal is not in the whitelist; it may also be because the vehicle end receives other digital keys and has a higher priority than the digital key of the current terminal.
Before the sharing digital key is sent to the vehicle end, the digital sharing key sent by the terminal is received, and the terminal sends sharing information to the vehicle end while sending the sharing digital key, so that the vehicle end adds the hash value corresponding to the sharing digital key to the white list, wherein the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information.
The technical scheme of the identity authentication method provided by the embodiment of the invention is applied to a terminal of a system consisting of a server, a terminal and a vehicle, and comprises the steps of sending a sharing digital key to a vehicle end, wherein the sharing digital key is from a terminal where a main digital key is located and comprises vehicle end information and terminal identity information; and receiving permission control information returned by the vehicle end, wherein the permission control information is generated by the vehicle end when hash values corresponding to the vehicle end information and the terminal identity information are in a white list. And if the sharing digital key is in the white list, the sharing digital key holding terminal can control the vehicle according to the received permission control information after passing the identity authentication, so that the identity authentication is convenient for the user in an offline state, the safety is higher, and the user information leakage is prevented.
Example IV
The embodiment of the invention provides an identity authentication method, which optimizes the management of a white list on the basis of the embodiment.
If the user finds that the digital key is revealed or attacked, the attacked information can be sent to the server, and after the server receives the attacked information, the digital key corresponding to the terminal identity information in the attacked information is deleted, so that the lawless persons are prevented from continuously using the digital key. The server deletes the digital key and sends the cancellation information of the cancellation digital key to the terminal, and sends the cancellation information of the cancellation digital key to the vehicle end through the terminal, and the vehicle end cancels the digital key according to the cancellation information.
If the terminal sending the attack information holds a main digital key, the vehicle end deletes the hash value corresponding to the main digital key in the white list and the hash value of the shared digital key generated based on the main digital key; if the terminal sending the attack information holds the sharing digital key, the vehicle end deletes the hash value corresponding to the sharing digital key in the white list.
After deleting the digital key corresponding to the terminal, the terminal may acquire the master digital key according to the method described in the foregoing embodiment. It can be understood that the random numbers in the vehicle-end information of the newly acquired main digital key are different, and the signature values of the server on the terminal identity information and the vehicle-end information are also different.
In addition, if the vehicle owner wants to revoke a certain sharing digital key, the vehicle owner can directly send a revocation request to the vehicle end, and the vehicle end deletes the hash value corresponding to the sharing digital key in the white list based on the revocation request.
In order to improve the convenience of digital key management, when a vehicle owner shares a digital key, valid time is added in authority information, and then the digital key added with the valid time is valid only in the valid time, and automatically fails once the valid time is exceeded, that is, a vehicle end automatically deletes a hash value from a white list or moves the hash value to other positions once the valid time is exceeded.
The hash value of the digital key is stored in the white list, so that the method has higher safety, and the flow and time of user identity authentication can be reduced on the premise of ensuring the safety of user information; and the hash value in the white list is easy to add and cancel, so that the user can use the hash value conveniently.
Example five
Fig. 5 is a block diagram of an identity authentication device according to a fifth embodiment of the present invention. The device is used for executing the identity authentication method provided by any embodiment, and the device can be realized in software or hardware. The device comprises:
The terminal sending module 21 is configured to send a sharing digital key to the vehicle end, where the sharing digital key is from a terminal where the main digital key is located, and the vehicle end information and the terminal identity information of the terminal where the main digital key is located;
the terminal receiving module 22 is configured to receive permission control information returned by the vehicle end, where the permission control information is generated by the vehicle end when a hash value corresponding to the vehicle end information and the terminal identity information is in a white list;
before sending the sharing digital key to the vehicle end, the terminal receiving module 22 is further configured to receive the sharing key sent by the terminal digital key sharing module, and the terminal digital key sharing module sends sharing information to the vehicle end while sending the sharing digital key, so that the vehicle end adds the hash value corresponding to the sharing digital key to the white list, where the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information.
The terminal receiving module is further used for receiving forbidden control information returned by the vehicle end, wherein the forbidden control information is generated by the vehicle end when hash values of the vehicle end information and the terminal identity information are not in a white list.
The vehicle-end information comprises vehicle-end identity information and random numbers. The digital key is a master digital key or a shared digital key.
The device also comprises a terminal digital key acquisition module, a terminal digital key acquisition module and a terminal digital key acquisition module, wherein the terminal digital key acquisition module is used for transmitting authentication request information to a vehicle end, and the authentication request information comprises terminal identity information of a terminal where a main digital key is positioned; receiving vehicle end information sent by a vehicle end according to the authentication request information; the terminal identity information and the vehicle end information are sent to a server, and a signature value returned by the server is received; the signature value is sent to a vehicle end, the vehicle end verifies the signature value, a digital key is returned when verification passes, and the hash value of the vehicle end information and the terminal identity information is added to a white list, wherein the premise of the verification passing is that: the signature value comprises at least the signature value of the server.
Preferably, the terminal digital key sharing module generates a sharing digital key according to the main digital key and the priority level input or selected by the user; and sending the sharing digital key to the target terminal, namely the sharing digital key holding terminal, and simultaneously sending sharing information to the vehicle end.
The device also comprises a reporting module which is used for sending the attacked information to the server so that the server deletes the main digital key corresponding to the terminal identity information in the attacked information.
The technical scheme of the identity authentication device provided by the embodiment of the invention is applied to a terminal of a system consisting of a server, a terminal and a vehicle, and a digital key is sent to a vehicle end through a terminal sending module and comprises vehicle end information and terminal identity information; and receiving permission control information returned by the vehicle end through the terminal receiving module, wherein the permission control information is generated by the vehicle end when hash values corresponding to the vehicle end information and the terminal identity information are in a white list. And if the sharing digital key is in the white list, the sharing digital key holding terminal can control the vehicle according to the received permission control information after passing the identity authentication, so that the identity authentication is convenient for the user in an offline state, the safety is higher, and the user information leakage is prevented.
The identity authentication device provided by the embodiment of the invention can execute the identity authentication method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example six
A sixth embodiment of the present invention also provides a storage medium containing computer-executable instructions, which when executed by a computer processor, are for performing a method of identity authentication, the method comprising:
the method comprises the steps that a sharing digital key is sent to a vehicle end, wherein the sharing digital key is from a terminal where a main digital key is located, and vehicle end information and terminal identity information of the terminal where the main digital key is located;
receiving permission control information returned by a vehicle end, wherein the permission control information is generated by the vehicle end when hash values corresponding to the vehicle end information and the terminal identity information are in a white list;
before a sharing digital key is sent to a vehicle end, a digital sharing key sent by a terminal where a main digital key is located is received, and the terminal sends sharing information to the vehicle end while sending the sharing digital key, so that the vehicle end adds a hash value corresponding to the sharing digital key to a white list, wherein the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and the hash value corresponding to the sharing digital key is generated by the vehicle end according to the sharing information.
Of course, the storage medium containing the computer executable instructions provided in the embodiments of the present invention is not limited to the method operations described above, and may also perform the related operations in the identity authentication method provided in any embodiment of the present invention. The computer storage medium may be any tangible medium, such as floppy diskettes, CD-ROMs, DVDs, hard drives, even network media, etc.
Those of ordinary skill in the art will appreciate that all or part of the steps in the various methods of the above embodiments may be implemented by a program to instruct related hardware, the program may be stored in a computer readable storage medium, and the storage medium may include: ROM, RAM, magnetic or optical disks, etc.
It should be understood that while one form of implementation of the embodiments of the present invention has been described above as a computer program product, the method or apparatus of embodiments of the present invention may be implemented in software, hardware, or a combination of software and hardware. The hardware portion may be implemented using dedicated logic; the software portions may be stored in a memory and executed by a suitable instruction execution system, such as a microprocessor or special purpose design hardware. Those of ordinary skill in the art will appreciate that the methods and apparatus described above may be implemented using computer executable instructions and/or embodied in processor control code, such as provided on a carrier medium such as a magnetic disk, CD or DVD-ROM, a programmable memory such as read only memory (firmware), or a data carrier such as an optical or electronic signal carrier. The methods and apparatus of the present invention may be implemented by hardware circuitry, such as very large scale integrated circuits or gate arrays, semiconductors such as logic chips, transistors, etc., or programmable hardware devices such as field programmable gate arrays, programmable logic devices, etc., as software executed by various types of processors, or by a combination of the above hardware circuitry and software, such as firmware.
It should be understood that while several modules or units of apparatus are mentioned in the detailed description above, such partitioning is merely exemplary and not mandatory. Indeed, according to exemplary embodiments of the invention, the features and functions of two or more modules/units described above may be implemented in one module/unit, whereas the features and functions of one module/unit described above may be further divided into a plurality of modules/units. Furthermore, certain modules/units described above may be omitted in certain application scenarios.
It should be understood that the description is only intended to describe some key, not necessarily essential, techniques and features in order not to obscure the embodiments of the invention, and may not be illustrative of some features that may be implemented by those skilled in the art.
The foregoing is only illustrative of the present invention and is not to be construed as limiting thereof, but rather as presently claimed, and is intended to cover all modifications, alternatives, and equivalents falling within the spirit and scope of the invention.
Although the present invention is disclosed above, the present invention is not limited thereto. Various changes and modifications may be made by one skilled in the art without departing from the spirit and scope of the invention, and the scope of the invention should be assessed accordingly to that of the appended claims.
Claims (9)
1. An identity authentication method applied to a vehicle of a system consisting of a server, a terminal and a vehicle, comprising:
acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal; the sharing information comprises priority and authority information;
generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list position corresponding to the priority level; the sharing information and the sharing digital key comprise terminal identity information, vehicle end information and a signature value of a server which are the same as those of the main digital key;
receiving a sharing digital key sent by the sharing digital key holding terminal; the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and comprises vehicle end information, terminal identity information and authority information of the terminal where the main digital key is located;
calculating hash values of the vehicle end information and the terminal identity information;
if the hash value is in the white list, judging the number of digital keys in the white list of the hash value received at the current moment;
Outputting permission control information if the number is 1;
if the number is at least two, outputting permission control information to a source terminal of the digital key with the highest hash value priority;
wherein, main digital key acquires, includes:
receiving authentication request information sent by a terminal where the main digital key is located, and sending vehicle end information to the terminal where the main digital key is located according to the authentication request information; the authentication request information comprises terminal identity information of a terminal where the main digital key is located;
receiving a signature value sent by a terminal where the main digital key is located; the signature value is generated by signing the vehicle end information sent by the terminal where the main digital key is located and the terminal identity information of the terminal where the main digital key is located by the server; and verifying the signature value, sending the main digital key to the terminal where the main digital key is located when the verification is passed, and adding the hash value of the vehicle end information and the terminal identity information of the terminal where the main digital key is located to a white list.
2. The method according to claim 1, wherein after calculating the hash values of the vehicle-side information and the terminal identity information, further comprising:
And if the hash value is not in the white list, outputting forbidden control information to the sharing digital key holding terminal.
3. The method of claim 1, wherein the vehicle-side information includes vehicle-side identity information and a random number.
4. An authentication apparatus provided in a vehicle of a system constituted by a server, a terminal, and a vehicle, comprising:
the vehicle end sharing key module is used for acquiring sharing information fed back when the terminal where the main digital key is located sends the sharing digital key to the sharing digital key holding terminal; the sharing information comprises priority and authority information; generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list position corresponding to the priority level; the sharing information and the sharing digital key comprise terminal identity information, vehicle end information and a signature value of a server which are the same as those of the main digital key;
the vehicle end receiving module is used for receiving the sharing digital key sent by the sharing digital key holding terminal; the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and comprises vehicle end information, terminal identity information and authority information of the terminal where the main digital key is located;
The vehicle end computing module is used for computing hash values of the vehicle end information and the terminal identity information;
the vehicle end output module is used for judging the number of the digital keys of the hash value received at the current moment in the white list if the hash value is in the white list; outputting permission control information if the number is 1; if the number is at least two, outputting permission control information to a source terminal of the digital key with the highest hash value priority;
wherein, main digital key acquires, includes:
receiving authentication request information sent by a terminal where the main digital key is located, and sending vehicle end information to the terminal where the main digital key is located according to the authentication request information; the authentication request information comprises terminal identity information of a terminal where the main digital key is located;
receiving a signature value sent by a terminal where the main digital key is located; the signature value is generated by signing the vehicle end information sent by the terminal where the main digital key is located and the terminal identity information of the terminal where the main digital key is located by the server; and verifying the signature value, sending the main digital key to the terminal where the main digital key is located when the verification is passed, and adding the hash value of the vehicle end information and the terminal identity information of the terminal where the main digital key is located to a white list.
5. An identity authentication method, comprising:
the terminal where the main digital key is located generates a sharing digital key according to the main digital key and the priority level input or selected by the user;
the terminal where the main digital key is located sends the sharing digital key to a sharing digital key holding terminal;
the sharing digital key holding terminal sends the sharing digital key to a vehicle end;
the vehicle end performs the following steps:
acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal; the sharing information comprises priority and authority information;
generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list position corresponding to the priority level; the sharing information and the sharing digital key comprise terminal identity information, vehicle end information and a signature value of a server which are the same as those of the main digital key;
receiving a sharing digital key sent by the sharing digital key holding terminal; the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and comprises vehicle end information, terminal identity information and authority information of the terminal where the main digital key is located;
Calculating hash values of the vehicle end information and the terminal identity information;
if the hash value is in the white list, judging the number of digital keys in the white list of the hash value received at the current moment;
outputting permission control information if the number is 1;
if the number is at least two, outputting permission control information to a source terminal of the digital key with the highest hash value priority;
when the master digital key is acquired, the vehicle end executing operation comprises:
receiving authentication request information sent by a terminal where the main digital key is located, and sending vehicle end information to the terminal where the main digital key is located according to the authentication request information; the authentication request information comprises terminal identity information of a terminal where the main digital key is located;
receiving a signature value sent by a terminal where the main digital key is located; the signature value is generated by signing the vehicle end information sent by the terminal where the main digital key is located and the terminal identity information of the terminal where the main digital key is located by the server;
the server verifies the signature value, sends the main digital key to the terminal where the main digital key is located when verification passes, and adds the hash value of the vehicle end information and the terminal identity information of the terminal where the main digital key is located to a white list;
And the sharing digital key holding terminal receives the permission control information returned by the vehicle end, wherein the permission control information is generated by the vehicle end when the hash value corresponding to the vehicle end information and the terminal identity information of the terminal where the digital key is positioned is in a white list.
6. The method of claim 5, wherein after the sharing digital key holder terminal transmits the sharing digital key to the vehicle end, further comprising:
and the sharing digital key holding terminal receives the forbidden control information returned by the vehicle end, wherein the forbidden control information is generated by the vehicle end when the hash value corresponding to the vehicle end information and the terminal identity information of the terminal where the digital key is positioned is not in a white list.
7. The method of claim 5, wherein the vehicle-side information includes vehicle-side identity information and a random number.
8. An identity authentication system, comprising:
the terminal where the main digital key is located is used for generating a sharing digital key according to the main digital key and the priority level input or selected by the user;
the terminal where the main digital key is located is also used for sending the sharing digital key to a sharing digital key holding terminal;
The sharing digital key holding terminal is used for sending the sharing digital key to a vehicle end;
the vehicle end is used for:
acquiring sharing information fed back when a terminal where a main digital key is located sends a sharing digital key to a sharing digital key holding terminal; the sharing information comprises priority and authority information;
generating a hash value corresponding to the sharing digital key according to the sharing information, and adding the hash value of the sharing digital key to the white list position corresponding to the priority level; the sharing information and the sharing digital key comprise terminal identity information, vehicle end information and a signature value of a server which are the same as those of the main digital key;
receiving a sharing digital key sent by the sharing digital key holding terminal; the sharing digital key is generated by the terminal where the main digital key is located according to the main digital key, and comprises vehicle end information, terminal identity information and authority information of the terminal where the main digital key is located;
calculating hash values of the vehicle end information and the terminal identity information;
if the hash value is in the white list, judging the number of digital keys in the white list of the hash value received at the current moment;
Outputting permission control information if the number is 1;
if the number is at least two, outputting permission control information to a source terminal of the digital key with the highest hash value priority;
when the master digital key is acquired, the vehicle end executing operation comprises:
receiving authentication request information sent by a terminal where the main digital key is located, and sending vehicle end information to the terminal where the main digital key is located according to the authentication request information; the authentication request information comprises terminal identity information of a terminal where the main digital key is located;
receiving a signature value sent by a terminal where the main digital key is located; the signature value is generated by signing the vehicle end information sent by the terminal where the main digital key is located and the terminal identity information of the terminal where the main digital key is located by the server;
the server is used for verifying the signature value, sending the main digital key to the terminal where the main digital key is located when verification passes, and adding the hash value of the vehicle end information and the terminal identity information of the terminal where the main digital key is located to a white list;
the sharing digital key holding terminal is further configured to receive permission control information returned by the vehicle end, where the permission control information is generated by the vehicle end when a hash value corresponding to the vehicle end information and terminal identity information of a terminal where the digital key is located is in a white list.
9. A storage medium containing computer executable instructions which, when executed by a computer processor, are for performing the identity authentication method of any one of claims 1-3 or 5-7.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110007496.5A CN112839040B (en) | 2018-12-26 | 2018-12-26 | Identity authentication method, device and medium |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202110007496.5A CN112839040B (en) | 2018-12-26 | 2018-12-26 | Identity authentication method, device and medium |
CN201811601776.3A CN109361718B (en) | 2018-12-26 | 2018-12-26 | Identity authentication method, apparatus and medium |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811601776.3A Division CN109361718B (en) | 2018-12-26 | 2018-12-26 | Identity authentication method, apparatus and medium |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112839040A CN112839040A (en) | 2021-05-25 |
CN112839040B true CN112839040B (en) | 2023-08-04 |
Family
ID=65330126
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811601776.3A Active CN109361718B (en) | 2018-12-26 | 2018-12-26 | Identity authentication method, apparatus and medium |
CN202110007496.5A Active CN112839040B (en) | 2018-12-26 | 2018-12-26 | Identity authentication method, device and medium |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811601776.3A Active CN109361718B (en) | 2018-12-26 | 2018-12-26 | Identity authentication method, apparatus and medium |
Country Status (1)
Country | Link |
---|---|
CN (2) | CN109361718B (en) |
Families Citing this family (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109859362B (en) * | 2019-03-13 | 2021-04-27 | 江苏金致新能源车业有限公司 | Intelligent key control method for electric vehicle |
CN111047740A (en) * | 2019-11-22 | 2020-04-21 | 上海银基信息安全技术股份有限公司 | Digital key sharing method |
CN111328051B (en) * | 2020-02-25 | 2023-08-29 | 上海银基信息安全技术股份有限公司 | Digital key sharing method and device, electronic equipment and storage medium |
CN111314897A (en) * | 2020-02-27 | 2020-06-19 | 科世达(上海)机电有限公司 | Method for recording white list of vehicle Bluetooth keys |
CN113920616B (en) * | 2020-06-24 | 2023-08-08 | 广州汽车集团股份有限公司 | Method for safely connecting vehicle with Bluetooth key, bluetooth module and Bluetooth key |
CN118230451A (en) * | 2021-03-19 | 2024-06-21 | 上海博泰悦臻网络技术服务有限公司 | Digital key deleting method, device, equipment, system and storage medium |
CN113066209A (en) * | 2021-03-23 | 2021-07-02 | 上海银基信息安全技术股份有限公司 | Method and device for safe off-line use of digital key and storage medium |
CN118369945A (en) * | 2022-11-18 | 2024-07-19 | 北京小米移动软件有限公司 | Method and device for sharing digital car key and storage medium |
CN117914942B (en) * | 2024-03-20 | 2024-06-21 | 广东银基信息安全技术有限公司 | Data request caching method and device, intelligent terminal and storage medium |
Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101043750A (en) * | 2006-03-23 | 2007-09-26 | 欧姆龙株式会社 | Radio communication system and method therefor and portable radio communication unit and method therefor |
JP2013159980A (en) * | 2012-02-06 | 2013-08-19 | Denso Corp | Electronic key system for vehicle |
JP2014169059A (en) * | 2013-03-05 | 2014-09-18 | Denso Corp | Vehicle function permission system |
WO2015033527A1 (en) * | 2013-09-06 | 2015-03-12 | 株式会社デンソー | Control device and electronic key system |
CN105015489A (en) * | 2015-07-14 | 2015-11-04 | 杭州万好万家新能源科技有限公司 | Intelligent vehicle control system based on digital key |
CN106301781A (en) * | 2016-07-27 | 2017-01-04 | 山东尼格电子技术有限公司 | A kind of Digital Automobile cloud key share system |
CN106394486A (en) * | 2016-08-31 | 2017-02-15 | 长城汽车股份有限公司 | Authorization method and system of virtual key and server |
CN107564145A (en) * | 2017-08-22 | 2018-01-09 | 济宁中科先进技术研究院有限公司 | The automobile double mode automatic switch door device and its method of built-in security chip |
Family Cites Families (9)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9740917B2 (en) * | 2012-09-07 | 2017-08-22 | Stone Lock Global, Inc. | Biometric identification systems and methods |
CN105976466B (en) * | 2016-05-03 | 2020-01-10 | 科世达(上海)管理有限公司 | Automobile entrance guard door opening method |
CN106534071A (en) * | 2016-10-09 | 2017-03-22 | 清华大学 | Internet-of-vehicles link security authentication method and system based on device whitelist management |
US20180285567A1 (en) * | 2017-03-31 | 2018-10-04 | Qualcomm Incorporated | Methods and Systems for Malware Analysis and Gating Logic |
CN108665337A (en) * | 2017-04-01 | 2018-10-16 | 重庆无线绿洲通信技术有限公司 | A kind of Vehicular system and its virtual key authentication method |
CN107650863B (en) * | 2017-09-19 | 2022-05-03 | 大陆投资(中国)有限公司 | Vehicle sharing method and system |
CN107919960A (en) * | 2017-12-04 | 2018-04-17 | 北京深思数盾科技股份有限公司 | The authentication method and system of a kind of application program |
CN107818622A (en) * | 2017-12-13 | 2018-03-20 | 美的集团股份有限公司 | Offline verification method and system |
CN108777691B (en) * | 2018-06-12 | 2022-04-15 | 山东智慧云链网络科技有限公司 | Network security protection method and device |
-
2018
- 2018-12-26 CN CN201811601776.3A patent/CN109361718B/en active Active
- 2018-12-26 CN CN202110007496.5A patent/CN112839040B/en active Active
Patent Citations (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101043750A (en) * | 2006-03-23 | 2007-09-26 | 欧姆龙株式会社 | Radio communication system and method therefor and portable radio communication unit and method therefor |
JP2013159980A (en) * | 2012-02-06 | 2013-08-19 | Denso Corp | Electronic key system for vehicle |
JP2014169059A (en) * | 2013-03-05 | 2014-09-18 | Denso Corp | Vehicle function permission system |
WO2015033527A1 (en) * | 2013-09-06 | 2015-03-12 | 株式会社デンソー | Control device and electronic key system |
CN105015489A (en) * | 2015-07-14 | 2015-11-04 | 杭州万好万家新能源科技有限公司 | Intelligent vehicle control system based on digital key |
CN106301781A (en) * | 2016-07-27 | 2017-01-04 | 山东尼格电子技术有限公司 | A kind of Digital Automobile cloud key share system |
CN106394486A (en) * | 2016-08-31 | 2017-02-15 | 长城汽车股份有限公司 | Authorization method and system of virtual key and server |
CN107564145A (en) * | 2017-08-22 | 2018-01-09 | 济宁中科先进技术研究院有限公司 | The automobile double mode automatic switch door device and its method of built-in security chip |
Non-Patent Citations (1)
Title |
---|
车联网中基于群签名的身份认证协议研究;郑明辉;段洋洋;吕含笑;;工程科学与技术(04);全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN112839040A (en) | 2021-05-25 |
CN109361718A (en) | 2019-02-19 |
CN109361718B (en) | 2021-04-27 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112839040B (en) | Identity authentication method, device and medium | |
US10991175B2 (en) | Repair management system for autonomous vehicle in a trusted platform | |
US11290437B2 (en) | Trusted platform protection in an autonomous vehicle | |
Othmane et al. | A survey of security and privacy in connected vehicles | |
EP3403246B1 (en) | A device and method for collecting user-based insurance data in vehicles | |
US10602360B2 (en) | Secure mobile device integration with vehicles | |
KR101861455B1 (en) | Secure vehicular data management with enhanced privacy | |
EP3726865A1 (en) | Method for generating and using virtual key of vehicle, system for same, and user terminal | |
US10515550B1 (en) | Transferring control of vehicles | |
US10917395B2 (en) | Vehicle wireless internet security | |
US20200235946A1 (en) | Security management system for vehicle communication, operating method thereof, and message-processing method of vehicle communication service provision system having the same | |
CN110365486B (en) | Certificate application method, device and equipment | |
CN109379403B (en) | Control method and device of Internet of things equipment, server and terminal equipment | |
CN105323753A (en) | In-vehicle safety module, vehicular system and method for information interaction between vehicles | |
Ray et al. | Extensibility in automotive security: Current practice and challenges | |
CN112950201B (en) | Node management method and related device applied to block chain system | |
CN108632356B (en) | Vehicle control method and system based on Internet of vehicles, vehicle-mounted terminal and server | |
Škorput et al. | Cyber security in cooperative intelligent transportation systems | |
Zidi et al. | Review and Perspectives on the Audit of Vehicle-to-everything Communications | |
TW201638818A (en) | Digital identity and authorization for machines with replaceable parts | |
Choi et al. | Security threats in connected car environment and proposal of in-vehicle infotainment-based access control mechanism | |
US20240073037A1 (en) | Internal certificate authority for electronic control unit | |
CN116094722A (en) | Zero trust-based vehicle identity authentication method and related equipment | |
US20230276409A1 (en) | Resource selection for 5g nr v2x pc5 mode 2 | |
Rosenstatter | Towards a Standardised Framework for Securing Connected Vehicles |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |