CN113806709A - Method for activating vehicle-mounted machine service, vehicle and readable storage medium - Google Patents
Method for activating vehicle-mounted machine service, vehicle and readable storage medium Download PDFInfo
- Publication number
- CN113806709A CN113806709A CN202111122889.7A CN202111122889A CN113806709A CN 113806709 A CN113806709 A CN 113806709A CN 202111122889 A CN202111122889 A CN 202111122889A CN 113806709 A CN113806709 A CN 113806709A
- Authority
- CN
- China
- Prior art keywords
- service
- vehicle
- activation request
- authentication
- activating
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 38
- 230000003213 activating effect Effects 0.000 title claims abstract description 30
- 230000004913 activation Effects 0.000 claims abstract description 69
- 238000004590 computer program Methods 0.000 claims description 12
- 230000006870 function Effects 0.000 description 24
- 230000008569 process Effects 0.000 description 7
- 238000011144 upstream manufacturing Methods 0.000 description 5
- 238000013475 authorization Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 238000006243 chemical reaction Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 3
- 238000012544 monitoring process Methods 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 230000009545 invasion Effects 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 239000012466 permeate Substances 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000001133 acceleration Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000015556 catabolic process Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000006731 degradation reaction Methods 0.000 description 1
- 230000036541 health Effects 0.000 description 1
- 230000000977 initiatory effect Effects 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/45—Structures or tools for the administration of authentication
Abstract
The invention discloses a method for activating a vehicle-mounted machine service, a vehicle and a readable storage medium, wherein the method comprises the following steps: acquiring an input service activation request, and judging whether the service activation request conforms to a preset interface calling authentication or not; and if the service activation request conforms to the interface calling authentication, activating the service activation request to activate the corresponding vehicle-mounted machine service. The method and the system can reduce the risk when the vehicle-mounted machine service is activated and improve the safety of the vehicle.
Description
Technical Field
The invention relates to the technical field of automobile service, in particular to an activation method of vehicle-mounted machine service, a vehicle and a readable storage medium.
Background
With the continuous improvement of the technology of the internet of vehicles in China, the communication between the vehicle machines and the cloud service permeates the daily driving life of people. People can inquire the state information of the vehicle through the mobile phone app and remotely control the vehicle machine, so that the functional vehicles need to be provided with a large number of external information interfaces, and the risk of being invaded is increased. With the increasing level of vehicle informatization, there is an increasing risk of misoperations of the vehicle control system via network attacks implemented externally.
Disclosure of Invention
The invention provides a vehicle-mounted service activation method, a vehicle and a readable storage medium, and aims to solve the technical problem of high risk when the vehicle-mounted service is activated.
In order to achieve the above object, the present invention provides a method for activating a car-in-vehicle service, which comprises the following steps:
acquiring an input service activation request, and judging whether the service activation request conforms to a preset interface calling authentication or not;
and if the service activation request conforms to the interface calling authentication, activating the service activation request to activate the corresponding vehicle-mounted machine service.
Optionally, if the service activation request does not conform to the interface invocation authentication, rejecting the service activation request.
Optionally, judging whether the calling end carries out interface calling for the first time;
and if the calling terminal calls the interface for the first time, sending an account registration instruction to the calling terminal.
Optionally, acquiring a registration request sent by a calling end; judging whether the registration request meets a preset registration requirement or not;
and if the registration request meets the preset registration requirement, allocating a legal identity to the calling terminal.
Optionally, the service activation request is parsed to obtain interface call parameters;
and activating the vehicle-machine service corresponding to the interface calling parameter.
Optionally, it is determined whether the service activation request conforms to identity authentication, where the interface call authentication includes the identity authentication.
Optionally, it is determined whether the service activation request conforms to an authority authentication, where the interface call authentication includes the authority authentication.
Optionally, it is determined whether the service activation request complies with a signature authentication, the interface call authentication including the signature authentication.
In order to achieve the above object, the present application further proposes a vehicle, which includes a memory, a processor, and a computer program stored on the memory and executable on the processor, wherein the computer program, when executed by the processor, implements the method for activating the car-machine service.
In order to achieve the above object, the present application further provides a readable storage medium, where a computer program is stored, and when the computer program is executed by a processor, the computer program implements the method for activating the car-machine service.
In the technical scheme of the invention, a service activation request is obtained, and whether the service activation request accords with the calling authentication of a preset interface is judged; and if the service activation request conforms to the interface calling authentication, activating the corresponding vehicle-mounted machine service according to the service activation request. The service of the vehicle machine is managed in a unified mode and unified authentication is carried out, so that the risk when the service of the vehicle machine is activated can be reduced, and the safety of vehicles is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to the structures shown in the drawings without creative efforts.
Fig. 1 is a schematic block diagram illustrating an activation method of a car-in-vehicle service according to an embodiment of the present invention;
fig. 2 is a flowchart of a method for activating a car-in-vehicle service according to an embodiment of the present invention;
fig. 3 is a diagram illustrating an example of a method for activating the in-vehicle service according to an embodiment of the present invention.
Detailed Description
It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Referring to fig. 1, fig. 1 is a schematic diagram of a hardware structure of a vehicle according to various embodiments of the present invention. The vehicle comprises an execution module 01, a memory 02, a processor 03, a vehicle-mounted battery and the like. Those skilled in the art will appreciate that the vehicle shown in FIG. 1 may also include more or fewer components than shown, or some components may be combined, or a different arrangement of components. The processor 03 is connected to the memory 02 and the execution module 01, respectively, and the memory 02 stores a computer program, which is executed by the processor 03 at the same time.
The execution module 01 may verify the service activation request sent by the user, perform protocol conversion, and feed back the above information to the processor 03.
The memory 02 may be used to store software programs and various data. The memory 02 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data or information created according to the use of the terminal, or the like. Further, the memory 02 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
The processor 03, which is a control center of the processing platform, connects various parts of the entire terminal by using various interfaces and lines, and performs various functions of the terminal and processes data by operating or executing software programs and/or modules stored in the memory 02 and calling data stored in the memory 02, thereby integrally monitoring the vehicle. Processor 03 may include one or more processing units; preferably, the processor 03 may integrate an application processor, which mainly handles operating systems, user interfaces, application programs, etc., and a modem processor, which mainly handles wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 03.
Those skilled in the art will appreciate that the vehicle configuration shown in FIG. 1 does not constitute a limitation of the vehicle, and may include more or fewer components than shown, or some components in combination, or a different arrangement of components.
Various embodiments of the method of the present invention are presented in terms of the above-described hardware architecture.
Referring to fig. 2, in a first embodiment of the method for activating the in-vehicle service according to the present invention, the method for activating the in-vehicle service includes:
step S100, acquiring an input service activation request, and judging whether the service activation request accords with a preset interface calling authentication;
with the continuous improvement of the technology of the internet of vehicles in China, the communication between the vehicle machines and the cloud service permeates the daily driving life of people. People can inquire the state information of the vehicle and remotely control the vehicle machine through calling terminals such as mobile phone apps, so that the functional vehicles need to be provided with a large number of external information interfaces, along with the increasing functions of the vehicles, the corresponding interfaces of the functional services are increased, and the risk that the vehicles are invaded is increased. With the increasing level of vehicle informatization, there is an increasing risk of misoperations of the vehicle control system via network attacks implemented externally.
In some embodiments, in order to deal with such a risk, a data store is provided based on a spring boot micro-service framework, the data store can uniformly set all service functions in the car machine in the data store, at this time, the call interfaces of the service functions all become internal interfaces of the service store, and the service store only displays the label information of the service function interfaces to the outside. When the user wants to activate any service function in the service store, the user only needs to send a service activation request to the service store. Therefore, the information interface of the vehicle can be prevented from being exposed to the outside as much as possible, the information safety is ensured to the maximum extent, the risk of invasion is reduced, and even if the vehicle machine is subjected to invasion, the interface of the service shop can be reinforced by centralized safety resources. In addition, the unified management of the internal interfaces can be realized, if the interfaces of the service shop have problems, people can be recruited quickly to solve the problems, and the problem of one interface is solved by easily solving the problems of a plurality of interfaces.
In this embodiment, based on security considerations, an Application Programming Interface (API) gateway is set in the service store, where the API gateway includes a single IAM, and is responsible for all authentication and authorization, and provides authentication modes based on an organization, a user, a resource, and the like. Therefore, after the car machine obtains the service activation request sent by the user through the mobile phone, the mobile computer or other terminals, the API gateway authenticates the service activation request to judge whether the service activation request conforms to the preset interface calling authentication.
And step S200, if the service activation request conforms to the interface calling authentication, activating the service activation request to activate the corresponding vehicle-machine service.
In this embodiment, only if the service activation request conforms to the interface call authentication, the service store authorizes the call terminal corresponding to the service activation request. Specifically, in some embodiments, a user logs in a platform through a calling terminal to obtain authentication and authorization information, directly calls a unified authentication and authorization service through an API gateway, accesses a user database, checks whether login account information is consistent with user database storage information, requests the authentication service to generate a unique authentication token if the login account information is consistent with the user database storage information, stores the unique authentication token in a distributed cache Redis cache, returns the unique authentication token to a client with the unique authentication token, and stores the unique authentication token in the client; if not, returning to the client to prompt that the platform does not have the user, and needing to register first. The interfaces with the vehicle service function are managed and authenticated in a unified way through the API gateway, so that resources can be greatly saved, and the information safety of vehicles can be ensured.
In an embodiment, the step of determining whether the service activation request conforms to a preset interface call authentication includes:
and if the service activation request does not conform to the interface calling authentication, rejecting the service activation request.
In this embodiment, if the service activation request does not conform to the interface call authentication, the service activation request is rejected. By the method, the access of the users who do not meet the requirements to the vehicle can be intercepted, and the safety of the vehicle is improved. In addition, when the external terminal calls the interface, the external terminal firstly passes through the reverse proxy load balancing server and then enters the gateway. In some embodiments, the reverse proxy server is located between the user and the target server, but for the user, the reverse proxy server is equivalent to the target server, i.e., the user can obtain the resources of the target server by directly accessing the reverse proxy server. Meanwhile, the user does not need to know the address of the target server and does not need to make any setting at the user end. The reverse proxy server can be generally used for Web acceleration, namely, the reverse proxy is used as a front-end processor of the Web server to reduce the load of the network and the server and improve the access efficiency. The access speed of an external terminal to the vehicle machine can be improved through the reverse proxy load balancing server, and specifically, the vehicle machine realizes reverse proxy and load balancing through Nginx.
In an embodiment, the step of determining whether the service activation request conforms to the preset interface call authentication includes:
judging whether the calling end carries out interface calling for the first time;
and if the calling terminal calls the interface for the first time, sending an account registration instruction to the calling terminal.
In an embodiment, after the step of sending the account registration instruction to the calling terminal, the step includes:
acquiring a registration request sent by a calling terminal; judging whether the registration request meets a preset registration requirement or not;
and if the registration request meets the preset registration requirement, allocating a legal identity to the calling terminal.
In this embodiment, the calling end is a terminal used by the user to call the data store interface, and the calling end may be a mobile end or a web end. Before a user accesses the car machine and calls an interface through a calling terminal, the user firstly needs to register an account number and applies for an application to acquire a legal identity. Therefore, if the user tries to call the interface through the calling terminal for the first time, the car machine sends an account registration instruction to the user to prompt the user to register the account. If the user does not try to call the interface through the calling terminal for the first time, the user directly logs in and provides authentication information such as an account number and a password for the server, and if the server successfully verifies the authentication information, the authority list of the user is obtained at the same time, and the user is directly allowed to activate the vehicle-mounted service function allowed in the authority list; and if the authentication information is failed to be verified by the server, sending the information of failed verification to the user and intercepting the activation of the user on the service. Specifically, the step of verifying the authentication information is as follows: judging whether the authentication information is consistent with the information stored in the cache of the data store, if so, the server successfully verifies the authentication information; and if the authentication information is inconsistent, the server fails to verify the authentication information.
In an embodiment, the step of activating the corresponding in-vehicle service according to the service activation request includes:
analyzing the service activation request to obtain an interface calling parameter;
and activating the vehicle-machine service corresponding to the interface calling parameter.
In this embodiment, after the API gateway receives the service activation request, the service activation request protocol needs to be analyzed, and the requested protocol is converted into an internal interface protocol, so as to facilitate an interface for invoking an internal service function of the data store, and to activate the corresponding car-in-vehicle service. In addition, the API gateway can also protect the overall stability of the gateway through fault-tolerant modes such as current limiting, degradation, fusing and the like in the calling process.
In an embodiment, the step of determining whether the service activation request conforms to a preset interface call authentication includes:
and judging whether the service activation request conforms to identity authentication or not, wherein the interface calling authentication comprises the identity authentication.
In this embodiment, the step of determining whether the service activation request conforms to the preset interface call authentication includes identity authentication, permission authentication, and signature authentication. The identity authentication is login and session level user authentication. Specifically, the user can log in through an account password through the mobile terminal or the web terminal, or log in through code scanning of the mobile terminal, so as to call a session API. In some embodiments, the user is authenticated via multiple levels of tokens after logging in, and only downward authorization is available between multiple levels of tokens. After logging in for the first time, the server generates a Token and returns the Token to the client, and the client only needs to take the Token to request data before taking the Token later, and does not need to take the user name and the password again. And the purpose of using Token is to reduce the pressure of the server, reduce frequent query of the database, and make the server more robust. The specific steps of calling are as follows: the webtoken or the mobiletoken is obtained through user name and password authentication, a user can take the sessiontoken through the webtoken or the mobiletoken, the accessstoken can be taken through the sessiontoken briefly, and the API can be called through the accessstoken, namely the identity authentication. However, for the mobile terminal, the user experience is better, namely the mobile terminal is in a login state at any moment, and the mobile terminal can preferably use one password for most years. Therefore, the time of Token's storage on different terminals is set by the user. By the identity authentication of the service activation request, the expansibility of the system can be improved, so that clients with different properties can be accessed conveniently, and independent maintenance of the multi-level Token with clear levels is facilitated.
In an embodiment, the step of determining whether the service activation request conforms to a preset interface call authentication includes:
and judging whether the service activation request conforms to authority authentication, wherein the interface calling authentication comprises the authority authentication.
In this embodiment, after the identity of the user is authenticated, the user needs to be authenticated, that is, after the identity of the user is confirmed, it is confirmed whether the user has the right to call the API, or it is determined whether the user has the right to activate the microservices in the data store.
In an embodiment, the step of determining whether the service activation request conforms to a preset interface call authentication includes:
and judging whether the service activation request conforms to signature authentication, wherein the interface calling authentication comprises the signature authentication.
In this embodiment, after the identity of the user is authenticated and the authority of the user is authenticated, the user needs to be signed and authenticated. Since there is a risk that the request is forged and the parameter is tampered in Token hijacking in the above identity authentication process, it is necessary to further secure the data store through signature authentication. Specifically, the signature authentication method is similar to the above identity authentication method, in an embodiment, the data store allocates an appsect (user name) and an APPKey (key for interface encryption and not participating in transmission) to the client, the client combines the APPKey and all request parameters into a source string, generates a signature value according to a signature algorithm, and sends the signature value to the data store server for verification when sending the request. Thus, even if Token is hijacked, the opposite party does not know the AppKey and the signature algorithm, and cannot forge the request and tamper the parameters. By combining the retransmission attack solution, the secondary repeated request cannot be forged even if the request parameters are hijacked, and the information security of the vehicle machine is further guaranteed.
Further, as shown in fig. 3, in some embodiments, the architecture of the data store is based on a spring boot micro-service architecture, the data store unifies internal interfaces, some interface information labels are externally exposed, when an interface (API) of the data store is called externally, the data store first passes through a nginnx reverse proxy & load balancing Server and then passes through a Gateway (Gateway), the micro-service obtains a configuration center Meta Server service address through a proxy of a Nacos, and then establishes a long connection with a Config service, each micro-service is relatively independent and does not affect each other, and each application is different. Middleware such as MySQL, Reids and kafka is used in the framework of the data store to ensure the storage of data, and the data store is only responsible for transmitting upstream data to downstream without changing the upstream data.
In other embodiments, before the user calls the interface, the user registers an account number and applies for an application to obtain a key and a secret, after the user applies for the key and the secret, the user sends a service activation request containing the key and the secret to a gateway layer of a data store, the data store performs uniform authentication on the gateway layer, and if the authentication is not passed, the service activation request is directly intercepted to reject calling the interface. Interface data structure conversion refers to converting parameters incoming from a user into a parameter data structure conforming to an upstream interface. After receiving the parameters of the user initiating the call interface, the data store initiates the call of the upstream interface after identity authentication, authority authentication, signature verification and data structure conversion are carried out, and the whole process is not more than 1 s. The average service time is 33.7235 milliseconds, the maximum service time is 32315 milliseconds (32.315 seconds), the maximum service time is an interface for calling the vehicle control, the maximum time of the vehicle control interface is counted before the maximum timeout time is set, the timeout time is set to 20 seconds, if no result is returned, the vehicle control interface is determined to be timeout, and 5 seconds are added on the basis of setting the timeout when no result is returned by the vehicle control UCU15 s. The gateway layer of the data store can perform uniform authentication, and then authentication can be performed again at the interface of each function service at the upstream so as to ensure the information security of the vehicle.
In addition, the configuration center shown in fig. 3 can also perform functions such as service tracking, service fusing, and the like. Specifically, the micro service functions of the vehicle at least include: the system comprises a safety certification micro-service function, a data store micro-service function, a vehicle information micro-service function, a vehicle control micro-service function, a vehicle sharing micro-service function, a user system micro-service function, a work order system micro-service function and a charging micro-service function, wherein the micro-service functions are divided into three blocks of health monitoring, log monitoring and service tracking, and a future vehicle machine can further comprise more micro-service functions and blocks. As the number of vehicular microservices continues to grow, the propagation of a request from one microservice to the next needs to be tracked, and service tracking is solving this problem by introducing a unique ID into the log to ensure consistency between microservice calls so you can track how a request passes from one microservice to the next. In order to realize request tracking, when a request is sent to an entry endpoint of a distributed system, only a unique tracking identifier needs to be created for the request by a service tracking framework, and meanwhile, when the request is circulated inside the distributed system, the framework always transmits the unique identifier until the unique identifier is returned to a requesting party, and the unique identifier is the aforementioned Trace ID. Through the record of the Trace ID, all request process logs can be associated. In order to count the time delay of each processing unit, when the request reaches each service component, or the processing logic reaches a certain state, its start, specific process and end are also marked by a unique identifier, which is the Span ID mentioned in the foregoing, for each Span, it must have two start and end nodes, and the time delay of the Span can be counted by recording the timestamps of the start Span and the end Span, and it can also contain some other metadata besides the timestamp record, such as: event name, request information, etc.
And service fusing refers to: in a microservice architecture, there are usually multiple service layer calls, and a failure of a base service may cause a cascading failure, which in turn causes an unavailability of the entire system, which is called a service avalanche effect. The service avalanche effect is a process of making "service consumers" unusable due to the unavailability of "service providers" and gradually enlarging the unavailability. The service fusing solves the problem that quick failure can be realized, if a plurality of similar errors are detected in a period of time, a plurality of subsequent calls can be forced to quickly fail and no longer access to a remote server, so that the application program is prevented from continuously trying to execute the operation which may fail, the application program is enabled to continuously execute without waiting for correcting the errors, or CPU time is wasted until a long time is generated. The fuses may also enable the application to diagnose whether the error has been corrected, and if so, the application may again attempt to invoke the operation.
Further, in other embodiments, the data store may also implement service registration and discovery functions, particularly since in the data store microservice application, the configuration of service instances at runtime may also change dynamically, including their network addresses. In order to meet the need for a client to send a request to a service, a service discovery mechanism must be implemented. A key part of service discovery is the service registry. The service registry is a database of available service instances. The service registry provides an administration API and a query API. Registration and deregistration of service instances is accomplished through a management API, which is used to find available service instances.
The invention also proposes a vehicle comprising a memory, a processor, and a computer program stored on said memory and executable on said processor for carrying out the method according to the various embodiments of the invention.
The invention also proposes a readable storage medium on which the computer program is stored. The computer-readable storage medium may be the Memory in fig. 1, and may also be at least one of a ROM (Read-Only Memory)/RAM (Random Access Memory), a magnetic disk, and an optical disk, and the computer-readable storage medium includes several instructions for enabling a terminal device (which may be a mobile phone, a computer, a server, a terminal, or a network device) having a processor to execute the method according to the embodiments of the present invention.
In the present invention, the terms "first", "second", "third", "fourth" and "fifth" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance, and those skilled in the art can understand the specific meanings of the above terms in the present invention according to specific situations.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above are not necessarily intended to refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, various embodiments or examples and features of different embodiments or examples described in this specification can be combined and combined by one skilled in the art without contradiction.
Although the embodiment of the present invention has been shown and described, the scope of the present invention is not limited thereto, it should be understood that the above embodiment is illustrative and not to be construed as limiting the present invention, and that those skilled in the art can make changes, modifications and substitutions to the above embodiment within the scope of the present invention, and that these changes, modifications and substitutions should be covered by the scope of the present invention. Therefore, the protection scope of the present invention shall be subject to the protection scope of the claims.
Claims (10)
1. A method for activating a car machine service is characterized by comprising the following steps:
acquiring an input service activation request, and judging whether the service activation request conforms to a preset interface calling authentication or not;
and if the service activation request conforms to the interface calling authentication, activating the vehicle-machine service corresponding to the service activation request.
2. The method for activating the in-vehicle service according to claim 1, wherein the step of determining whether the service activation request conforms to a preset interface call authentication comprises:
and if the service activation request does not conform to the interface calling authentication, rejecting the service activation request.
3. The method for activating the in-vehicle service according to claim 1, wherein the step of determining whether the service activation request conforms to a preset interface call authentication comprises:
judging whether the calling end carries out interface calling for the first time;
and if the calling terminal calls the interface for the first time, sending an account registration instruction to the calling terminal.
4. The method for activating the in-vehicle service according to claim 3, wherein the step of sending the account registration instruction to the calling terminal includes:
acquiring a registration request sent by a calling terminal; judging whether the registration request meets a preset registration requirement or not;
and if the registration request meets the preset registration requirement, allocating a legal identity to the calling terminal.
5. The method for activating the in-vehicle service according to claim 1, wherein the step of activating the corresponding in-vehicle service according to the service activation request includes:
analyzing the service activation request to obtain an interface calling parameter;
and activating the vehicle-machine service corresponding to the interface calling parameter.
6. The method for activating the in-vehicle service according to claim 1, wherein the step of determining whether the service activation request conforms to a preset interface call authentication comprises:
and judging whether the service activation request conforms to identity authentication or not, wherein the interface calling authentication comprises the identity authentication.
7. The method for activating the in-vehicle service according to claim 1, wherein the step of determining whether the service activation request conforms to a preset interface call authentication comprises:
and judging whether the service activation request conforms to authority authentication, wherein the interface calling authentication comprises the authority authentication.
8. The method for activating the in-vehicle service according to claim 1, wherein the step of determining whether the service activation request conforms to a preset interface call authentication comprises:
and judging whether the service activation request conforms to signature authentication, wherein the interface calling authentication comprises the signature authentication.
9. A vehicle comprising a memory, a processor, and a computer program stored on the memory and executable on the processor, the computer program when executed by the processor implementing the steps of the method for activating a car machine service according to any one of claims 1 to 8.
10. A readable storage medium, wherein the readable storage medium stores thereon a computer program, and the computer program, when executed by a processor, implements the steps of the method for activating the car machine service according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111122889.7A CN113806709A (en) | 2021-09-24 | 2021-09-24 | Method for activating vehicle-mounted machine service, vehicle and readable storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111122889.7A CN113806709A (en) | 2021-09-24 | 2021-09-24 | Method for activating vehicle-mounted machine service, vehicle and readable storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113806709A true CN113806709A (en) | 2021-12-17 |
Family
ID=78940406
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111122889.7A Pending CN113806709A (en) | 2021-09-24 | 2021-09-24 | Method for activating vehicle-mounted machine service, vehicle and readable storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113806709A (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101784049A (en) * | 2009-12-31 | 2010-07-21 | 中兴通讯股份有限公司 | Method and system thereof for controlling cars through mobile terminal |
| CN109583179A (en) * | 2018-10-16 | 2019-04-05 | 蔚来汽车有限公司 | Vehicle device Activiation method and system, server, storage medium |
| CN109726528A (en) * | 2019-03-18 | 2019-05-07 | 百度在线网络技术(北京)有限公司 | Vehicle device Service Activation, vehicle device service request method, device, equipment and medium |
| CN110995450A (en) * | 2020-02-27 | 2020-04-10 | 中科星图股份有限公司 | Authentication and authorization method and system based on Kubernetes |
| CN112597447A (en) * | 2020-12-15 | 2021-04-02 | 广州橙行智动汽车科技有限公司 | Vehicle-mounted service authorization activation method and device and vehicle |
| CN112632474A (en) * | 2020-12-28 | 2021-04-09 | 湖北亿咖通科技有限公司 | Vehicle-mounted machine software and hardware activation method |
| CN112653556A (en) * | 2020-12-24 | 2021-04-13 | 光大兴陇信托有限责任公司 | TOKEN-based micro-service security authentication method, device and storage medium |
-
2021
- 2021-09-24 CN CN202111122889.7A patent/CN113806709A/en active Pending
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101784049A (en) * | 2009-12-31 | 2010-07-21 | 中兴通讯股份有限公司 | Method and system thereof for controlling cars through mobile terminal |
| CN109583179A (en) * | 2018-10-16 | 2019-04-05 | 蔚来汽车有限公司 | Vehicle device Activiation method and system, server, storage medium |
| CN109726528A (en) * | 2019-03-18 | 2019-05-07 | 百度在线网络技术(北京)有限公司 | Vehicle device Service Activation, vehicle device service request method, device, equipment and medium |
| CN110995450A (en) * | 2020-02-27 | 2020-04-10 | 中科星图股份有限公司 | Authentication and authorization method and system based on Kubernetes |
| CN112597447A (en) * | 2020-12-15 | 2021-04-02 | 广州橙行智动汽车科技有限公司 | Vehicle-mounted service authorization activation method and device and vehicle |
| CN112653556A (en) * | 2020-12-24 | 2021-04-13 | 光大兴陇信托有限责任公司 | TOKEN-based micro-service security authentication method, device and storage medium |
| CN112632474A (en) * | 2020-12-28 | 2021-04-09 | 湖北亿咖通科技有限公司 | Vehicle-mounted machine software and hardware activation method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR102605987B1 (en) | Specially programmed computing systems with associated devices configured to implement centralized services ecu based on services oriented architecture and methods of use thereof | |
| US9237021B2 (en) | Certificate grant list at network device | |
| CN112422532B (en) | Service communication method, system and device and electronic equipment | |
| EP2550595B1 (en) | System and method for remote maintenance of multiple clients in an electronic network using virtualization and attestation. | |
| US20110072502A1 (en) | Method and Apparatus for Identity Verification | |
| US20120240211A1 (en) | Policy-based authentication | |
| US9325697B2 (en) | Provisioning and managing certificates for accessing secure services in network | |
| US20160308849A1 (en) | System and Method for Out-of-Ban Application Authentication | |
| CN110138741B (en) | Micro-service management method and device based on unified management platform and computer equipment | |
| CN112788031B (en) | Micro-service interface authentication system, method and device based on Envoy architecture | |
| CN111526111B (en) | Control method, device and equipment for logging in light application and computer storage medium | |
| CN114745431B (en) | Non-invasive authority authentication method, system, medium and equipment based on side car technology | |
| CN112543169A (en) | Authentication method, device, terminal and computer readable storage medium | |
| CN111880919A (en) | Data scheduling method, system and computer equipment | |
| CN115996122A (en) | Access control method, device and system | |
| CN113901429A (en) | Access method and device of multi-tenant system | |
| CN113806709A (en) | Method for activating vehicle-mounted machine service, vehicle and readable storage medium | |
| CN112597118B (en) | Shared file adding method and device | |
| CN113992420B (en) | Authority management method, system, electronic equipment and storage medium | |
| US20230129128A1 (en) | Secure and documented key access by an application | |
| CN114363373B (en) | Application communication management system, method, device, electronic equipment and storage medium | |
| US20230412570A1 (en) | Configurable proxying application program interface façade service | |
| WO2021248410A1 (en) | System for accelerated distributed ledger and for digital wallet deployment | |
| CN116204920A (en) | Access authority control method and device for vehicle sensitive resource data and electronic equipment | |
| CN116996316A (en) | System and method for authenticating services in online and instant mode |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |