CN115225399A - Vehicle alarm information processing system and method - Google Patents
Vehicle alarm information processing system and method Download PDFInfo
- Publication number
- CN115225399A CN115225399A CN202210871653.1A CN202210871653A CN115225399A CN 115225399 A CN115225399 A CN 115225399A CN 202210871653 A CN202210871653 A CN 202210871653A CN 115225399 A CN115225399 A CN 115225399A
- Authority
- CN
- China
- Prior art keywords
- target
- encrypted data
- alarm information
- vehicle
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000010365 information processing Effects 0.000 title claims abstract description 28
- 238000000034 method Methods 0.000 title abstract description 23
- 230000005540 biological transmission Effects 0.000 claims abstract description 61
- 238000004891 communication Methods 0.000 claims abstract description 59
- 238000012795 verification Methods 0.000 claims description 17
- 238000012545 processing Methods 0.000 claims description 8
- 238000003672 processing method Methods 0.000 claims description 5
- 238000004458 analytical method Methods 0.000 claims description 4
- 230000008569 process Effects 0.000 description 10
- 230000006870 function Effects 0.000 description 7
- 230000007547 defect Effects 0.000 description 5
- 229920006395 saturated elastomer Polymers 0.000 description 5
- 230000003993 interaction Effects 0.000 description 3
- 206010063385 Intellectualisation Diseases 0.000 description 2
- 206010039203 Road traffic accident Diseases 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 238000010586 diagram Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000005265 energy consumption Methods 0.000 description 2
- 238000005516 engineering process Methods 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000008447 perception Effects 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 230000002159 abnormal effect Effects 0.000 description 1
- 230000004075 alteration Effects 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Alarm Systems (AREA)
Abstract
The invention provides a vehicle alarm information processing system and a method, wherein the system comprises: the system comprises an encryption module, a data transmission control module and a decryption module, wherein the encryption module and the data transmission control module run on a target vehicle, and the decryption module run on a server; the encryption module is used for encrypting and signing alarm information of a target vehicle to obtain target encryption data; the data transmission control module is used for sending the target encrypted data to the server based on various vehicle local available communication channels; the decryption module is used for verifying and decrypting the target encrypted data received by the server to obtain alarm information. When the alarm information is uploaded on the target vehicle, the integrity and the reliability of the alarm information can be guaranteed, and the safety and the reliability of a transmission channel of the alarm information can be guaranteed. The target encrypted data is subjected to saturation type transmission through various vehicle local available communication channels, and the requirements of high-efficiency, reachable, real and reliable transmission of alarm information of the vehicle in emergency scenes such as functional faults, network attacks, fire disasters and flood disasters can be met.
Description
Technical Field
The invention belongs to the technical field of intelligent automobiles, and particularly relates to a vehicle alarm information processing system and a vehicle alarm information processing method.
Background
Along with the development of intelligent automobiles, the intellectualization of automobiles is more and more powerful. Due to unique network operation environments such as user interaction attributes, intelligent network application integration attributes and high privacy use requirements of the intelligent automobile, corresponding related safety guarantee measures of the intelligent automobile are also synchronously improved under the background of continuous development of intellectualization.
Under the existing security mechanism, when an intelligent automobile is subjected to some security attacks or damages, for example, network attacks, fire disasters, flood disasters, functional faults and the like, corresponding risks are subjected to security alarm, so that rapid perception and processing of the risks are realized. Therefore, how to guarantee the integrity and reliability of the vehicle alarm information and the safety and reliability of the transmission channel are problems to be solved.
Disclosure of Invention
The invention provides a vehicle alarm information processing system and a vehicle alarm information processing method, which aim to solve the problem that the integrity and reliability of alarm information and the safety and reliability of a transmission channel of an intelligent automobile cannot be effectively guaranteed under the condition that the intelligent automobile is subjected to a safety risk.
To solve or to improve the technical problem to some extent, according to an aspect of the present invention, there is provided a vehicle alarm information processing system, including: the system comprises an encryption module, a data transmission control module and a decryption module, wherein the encryption module and the data transmission control module run on a target vehicle, and the decryption module run on a server;
the encryption module is used for encrypting and signing alarm information of a target vehicle to obtain target encryption data;
the data transmission control module is used for sending the target encrypted data to a server based on various vehicle local available communication channels;
the decryption module is used for verifying and decrypting the target encrypted data received by the server to obtain the alarm information.
In some embodiments, the plurality of vehicle locally available communication channels includes at least two of:
a communication channel between a cockpit side of the target vehicle and the service side;
a communication channel between the charging pile corresponding to the target vehicle and the server side;
a communication channel between a vehicle end of the target vehicle and the service end.
In some embodiments, the alert information includes at least one of:
alarm information for vehicle information security;
alarm information aiming at vehicle function defects;
alarm information for natural disasters;
alarm information aiming at vehicle accident conditions.
In some embodiments, the encryption module comprises: the encryption module comprises a first encryption module operated at a vehicle end of a target vehicle, or a second encryption module operated at a cockpit end of the target vehicle;
the encrypting and signing the alarm information of the target vehicle to obtain the target encrypted data comprises the following steps: the first encryption module encrypts and signs the alarm information of the target vehicle to obtain first target encryption data; or the second encryption module encrypts and signs the alarm information of the target vehicle to obtain second target encryption data;
the sending the target encrypted data to a server based on a plurality of communication channels comprises: the data transmission control module sends the first target encrypted data or the second target encrypted data to the server based on a plurality of communication channels;
the verifying and decrypting the target encrypted data received by the server includes: and the decryption module verifies and decrypts the first target encrypted data or the second target encrypted data.
In some embodiments, the encryption module comprises: a first encryption module operating at a vehicle end of the target vehicle and a second encryption module operating at a cockpit end of the target vehicle;
the encrypting and signing the alarm information of the target vehicle to obtain the target encrypted data comprises the following steps: the first encryption module encrypts and signs alarm information of a target vehicle to obtain first target encryption data; the second encryption module encrypts and signs the alarm information of the target vehicle to obtain second target encryption data;
the sending the target encrypted data to a server based on a plurality of communication channels comprises: the data transmission control module sends the first target encrypted data and the second target encrypted data to the server based on a plurality of communication channels;
the verifying and decrypting the target encrypted data received by the server includes: the decryption module checks and decrypts the first target encrypted data to obtain first alarm information, and the decryption module checks and decrypts the second target encrypted data to obtain second alarm information.
In some embodiments, the system further comprises: and the alarm information checking module is used for comparing the first alarm information with the second alarm information, responding to the fact that the first alarm information is different from the second alarm information, and sending alarm resetting prompt information to the target vehicle.
In some embodiments, the first encryption module encrypts and signs the alert information of the target vehicle, including: the first encryption module encrypts the alarm information of the target vehicle by using the public key of the server side to obtain encrypted data, and signs the encrypted data by using the private key of the vehicle side to obtain first target encrypted data;
correspondingly, the decryption module verifies and decrypts the first target encrypted data, and includes: the decryption module verifies whether the signature of the first target encrypted data comes from the vehicle end or not by using the public key of the vehicle end, and if so, decrypts the first target encrypted data by using the private key of the server end;
the second encryption module encrypts and signs the alarm information of the target vehicle to obtain second target encryption data, and the second encryption module comprises: the second encryption module encrypts the alarm information of the target vehicle by using the public key of the server to obtain encrypted data, and signs the encrypted data by using the private key of the cockpit end to obtain second target encrypted data;
correspondingly, the decryption module verifies and decrypts the second target encrypted data, and includes: and the decryption module verifies whether the signature of the second target encrypted data is from the cockpit end by using the public key of the cockpit end, and decrypts the second target encrypted data by using the private key of the server end if the signature of the second target encrypted data is from the cockpit end.
In some embodiments, the system further comprises: and the key distribution module is used for distributing the private key at the vehicle end and the public key at the service end to the first encryption module, distributing the private key of the cab and the public key at the service end to the second encryption module, and distributing the public key at the vehicle end, the public key of the cab and the private key at the service end to the decryption module.
In some embodiments, the encrypting the alarm information of the target vehicle by the first encryption module using the public key of the server to obtain encrypted data includes:
the first encryption module encrypts the alarm information of the target vehicle by using an encryption key to obtain an encrypted data packet; encrypting the encryption key by using the public key of the server to obtain encryption metadata; taking the encrypted data packet and the encrypted metadata as the encrypted data;
correspondingly, the decrypting the first target encrypted data by using the private key of the server includes:
the decryption module decrypts the encrypted metadata in the first target encrypted data by using a private key of the server to obtain the encryption key, and decrypts the encrypted data packet in the first target encrypted data by using a decryption key corresponding to the encryption key to obtain the alarm information.
In some embodiments, the system further comprises: and the alarm information processing module is used for analyzing the alarm information and carrying out alarm processing based on the analysis result.
According to an aspect of the present invention, there is provided a vehicle alarm information processing method including:
the target vehicle encrypts and signs the alarm information of the target vehicle to obtain target encrypted data;
the target vehicle sends the target encrypted data to a server based on a plurality of vehicle local available communication channels;
and the server receives the target encrypted data, and performs signature verification and decryption on the encrypted data to obtain the alarm information.
Compared with the prior art, the invention has the following advantages:
the vehicle alarm information processing system provided by the invention comprises: the system comprises an encryption module, a data transmission control module and a decryption module, wherein the encryption module and the data transmission control module run on a target vehicle, and the decryption module run on a server; the encryption module is used for encrypting and signing alarm information of a target vehicle to obtain target encryption data; the data transmission control module is used for sending the target encrypted data to the server based on various vehicle local available communication channels; the decryption module is used for verifying and decrypting the target encrypted data received by the server to obtain alarm information. When a target vehicle uploads alarm information to a server side due to network attack, fire, flood, functional failure and the like, the system encrypts and signs the alarm information of the target vehicle and uploads target encrypted data to the server side through various vehicle local available communication channels, the server side verifies and decrypts the uploaded target encrypted data, encryption and decryption are completed on the target vehicle side by the alarm information in the process, integrity and reliability of the alarm information can be guaranteed through encryption and decryption operations between the target vehicle and the server side, the encrypted data are signed by the target vehicle, and the signature is verified on the server side, if the verification is passed, it is shown that a transmission channel between the target vehicle and the server side is safe and smooth, namely, the signature and signature verification results can be used for reflecting the safety and reliability of the transmission channel, and further the safety and reliability of the transmission channel of the alarm information are guaranteed. And moreover, the target encrypted data is transmitted in a saturated mode through various vehicle local available communication channels, so that the transmission robustness of the alarm information can be powerfully guaranteed, the encrypted alarm information can be transmitted to a server side in a high-efficiency, timely and reachable mode, and the transmission requirements of high efficiency, strong accessibility and real reliability of the alarm information under emergency scenes such as functional faults, network attacks, fire disasters and flood disasters of vehicles are met.
The foregoing description is only an overview of the technical solutions of the present invention, and in order to make the technical means of the present invention more clearly understood, the present invention may be implemented in accordance with the content of the description, and in order to make the above and other objects, features, and advantages of the present invention more clearly understood, the following preferred embodiments are described in detail with reference to the accompanying drawings.
Drawings
FIG. 1 is a schematic diagram of a vehicle alarm information processing system according to an embodiment of the present application;
FIG. 2 is a flowchart of a vehicle alarm information processing method according to an embodiment of the present application.
Detailed Description
To further illustrate the technical means and effects of the present invention adopted to achieve the predetermined objects, the following detailed description will be given to the specific embodiments and effects of the user identity authentication method according to the present invention with reference to the accompanying drawings.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present application. This application is capable of implementation in many different ways than those herein set forth and of similar import by those skilled in the art without departing from the spirit of this application and is therefore not limited to the specific implementations disclosed below.
Under the existing security mechanism, when an intelligent automobile is subjected to some security attacks or damages, for example, network attacks, fire disasters, flood disasters, functional faults and the like, corresponding risks are subjected to security alarm, so that rapid perception and processing of the risks are realized. In this process, there are the following problems: firstly, the integrity and the security of alarm information can be damaged, for example, in a network attack scene, the security alarm information of a vehicle machine is often intercepted; secondly, the transmission process of the alarm information cannot be kept safe and smooth, for example, when a physical flood fire occurs, the communication channel of the vehicle machine itself may be damaged, so that the alarm information cannot be transmitted.
Aiming at the transmission scene of the alarm information, in order to ensure the integrity and the reliability of the alarm information and the safety and the reliability of a transmission channel, the application provides a vehicle alarm information processing system. The following provides an embodiment for a detailed description of the vehicle alarm information processing system.
Fig. 1 is a schematic diagram of a vehicle alarm information processing system provided in an embodiment of the present application, and the vehicle alarm information processing system provided in the embodiment is described in detail below with reference to fig. 1. The following description refers to embodiments for the purpose of illustrating the principles of the methods, and is not intended to be limiting in actual use.
As shown in fig. 1, the vehicle alarm information processing system provided by the present embodiment includes: the system comprises an encryption module 101 and a data transmission control module 102 which operate on a target vehicle, a decryption module 103 which operates on a server side, and an alarm information processing module 104.
The encryption module 101 is configured to encrypt and sign the alarm information of the target vehicle to obtain target encrypted data. In this embodiment, the alarm information includes at least one of: alarm information for vehicle information security, for example, alarm information for network attack events such as hacker intrusion, program vulnerabilities being exploited, firewall rules being triggered, and the like; alarm information aiming at vehicle function defects, such as alarm information aiming at emergency function related defects such as ABS function faults, collision early warning function faults and the like; alarm information for natural disasters, such as an event that a vehicle is subjected to a physical disaster such as a fire, a flood, or the like; the alarm information for the vehicle accident situation is, for example, the alarm information for the damage of the vehicle caused by the traffic accident.
The data transmission control module 102 is configured to send the target encrypted data to the server based on a plurality of vehicle locally available communication channels. In this embodiment, the above-mentioned plurality of vehicle locally available communication channels include at least two of: the method comprises the following steps that a communication channel is formed between a cab end and a service end of a target vehicle, the cab end and the vehicle end correspond to different functional attributes, the vehicle end is mainly used for deploying an original functional module of the vehicle, such as collection of functional parameters of a vehicle transmitter, collection of vehicle energy consumption information, establishment of original vehicle communication and the like, the cab end is mainly used for deploying an intelligent application functional module of the vehicle, and in the intelligent vehicle, the cab end can realize various intelligent network applications such as user interaction, identity authentication, payment service, safe storage safe box service, cipher key resetting service, network entertainment service and the like; the charging pile can send data to the server side, for example, when the target vehicle is charged at the corresponding charging pile or is connected with the charging pile, the target encrypted data can be transferred and sent to the server side through a data sending unit of the charging pile; a communication channel between a vehicle end and a service end of the target vehicle. The multiple vehicle local available communication channels are used for carrying out saturated transmission on the target encrypted data, the reliability of the encrypted data transmission process can be guaranteed, the transmission robustness of the alarm information is powerfully guaranteed, the encrypted alarm information can be transmitted to a server side in a high-efficiency, timely and reachable mode, and the high-efficiency, reachable, real and reliable transmission requirements of the alarm information under emergency scenes such as functional failure, network attack, fire, flood and the like of the vehicle are met.
The decryption module 103 is configured to verify and decrypt the target encrypted data received by the server to obtain the alarm information.
The alarm information processing module 104 is configured to analyze the alarm information and perform alarm processing based on the analysis result.
In this embodiment, the encryption module 101 may be a first encryption module 1011 running at a vehicle end of the target vehicle, and the encrypting and signing the alarm information of the target vehicle to obtain the target encrypted data may be: the first encryption module encrypts and signs alarm information of a target vehicle to obtain first target encryption data; the method for sending the target encrypted data to the server based on the multiple communication channels comprises the following steps: the data transmission control module sends the first target encrypted data to the server based on various communication channels; the decryption module 103 performs signature verification and decryption on the target encrypted data received by the server, which may refer to: and the decryption module verifies and decrypts the first target encrypted data.
The cryptographic module 101 may also be a second cryptographic module 1012 operating at the cockpit end of the target vehicle; the encrypting and signing the alarm information of the target vehicle to obtain the target encrypted data may refer to: the second encryption module encrypts and signs the alarm information of the target vehicle to obtain second target encrypted data; the sending of the target encrypted data to the server based on the multiple communication channels includes: the data transmission control module sends the second target encrypted data to the server based on various communication channels; the above-mentioned decryption module checks the label and decrypts the target encrypted data that the server side received, including: and the decryption module verifies and decrypts the second target encrypted data.
In another embodiment, the encryption module 101 may further include both a first encryption module 1011 operating at a vehicle end of the target vehicle and a second encryption module 1012 operating at a cockpit end of the target vehicle, in which case, one of the first encryption module and the second encryption module may be used as a standby encryption module, for example, the second encryption module may be used as a standby encryption module, and when the vehicle end of the target vehicle fails to operate and the first encryption module fails to operate, the second encryption module may be used to encrypt and sign the alarm information of the target vehicle, so as to ensure an alarm information encryption link at the target vehicle side.
In another embodiment, the first encryption module and the second encryption module may operate simultaneously, that is, the encrypting and signing the alarm information of the target vehicle to obtain the target encrypted data may refer to: the first encryption module encrypts and signs alarm information of a target vehicle to obtain first target encryption data; the second encryption module encrypts and signs the alarm information of the target vehicle to obtain second target encryption data; the sending of the target encrypted data to the server based on the multiple communication channels may be: the data transmission control module sends the first target encrypted data and the second target encrypted data to the server based on various communication channels; the above-mentioned decryption module checks the label and decrypts the target encrypted data that the server side received, including: the decryption module checks and decrypts the encrypted data of the first target to obtain first alarm information, and the decryption module checks and decrypts the encrypted data of the second target to obtain second alarm information. In this case, the vehicle alarm information processing system further includes: and the alarm information checking module is used for comparing the first alarm information with the second alarm information, sending alarm reset prompting information to the target vehicle under the condition that the first alarm information is different from the second alarm information, wherein the alarm reset prompting information represents that the transmission process or the encryption process of the alarm information is abnormal, and the alarm information needs to be encrypted and uploaded again. It should be noted that, under the condition that the first alarm information is the same as the second alarm information, the alarm information checking module may provide the first alarm information or the second alarm information to the preset alarm information processing module 104, so that the alarm information processing module analyzes the first alarm information or the second alarm information, and performs alarm processing based on an analysis result.
Above-mentioned mode through first encryption module and second encryption module simultaneous operation carries out saturation formula encryption to alarm information to check the module through alarm information and compare the information after the deciphering, can make the encryption process realize double-deck guarantee, for example, when first encryption module or second encryption module's encryption process goes wrong, first target enciphered data and second target enciphered data that the two obtained are inequality, consequently send warning reset suggestion information to the target vehicle, encrypt and upload alarm information again for the target vehicle.
The first encryption module encrypts and signs the alarm information of the target vehicle, and may refer to: the first encryption module encrypts and signs the alarm information of the target vehicle based on an RSA public and private key system, and the process specifically comprises the following steps: the first encryption module encrypts alarm information of the target vehicle by using a public key of the server side to obtain encrypted data, and signs the encrypted data by using a private key of the vehicle end to obtain first target encrypted data. In this embodiment, an AES algorithm may be used for encryption, for example, the first encryption module encrypts the alarm information by using an encryption key (AES encryption key, which may be generated randomly), so as to obtain an encrypted data packet; encrypting the encryption key by using a public key of a server to obtain encryption metadata; and taking the encrypted data packet and the encrypted metadata as the signed encrypted data.
Correspondingly, the decryption module performs signature verification and decryption on the first target encrypted data, which may refer to: the decryption module verifies whether the signature of the first target encrypted data comes from the vehicle end or not by using the public key of the vehicle end, and if so, decrypts the first target encrypted data by using the private key of the server end; specifically, after the server receives the first target encrypted data, the decryption module verifies whether the signature of the first target encrypted data is from the vehicle end by using a public key of the vehicle end, if so, the decryption module indicates that at least one communication channel of the multiple vehicle local available communication channels is safe and unblocked, that is, the results of the signature and the signature verification can be used for reflecting the safety and reliability of the transmission channel, and then the server decrypts the first target encrypted data by using a private key of the server to obtain the alarm information. The public key of the vehicle end and the private key of the vehicle end are a public-private key pair, and the public key of the server end and the private key of the server end are also a public-private key pair. Corresponding to the above encryption by using the AES algorithm, here, the private key of the server is used to decrypt the first target encrypted data, specifically: the decryption module decrypts the encrypted metadata in the first target encrypted data by using a private key of the server to obtain an encrypted key, and decrypts the encrypted data packet in the first target encrypted data by using a decryption key corresponding to the encrypted key to obtain alarm information.
The second encryption module 1012 running at the cockpit end of the target vehicle encrypts and signs the alarm information of the target vehicle to obtain second target encryption data, which may be: the second encryption module encrypts and signs the alarm information of the target vehicle based on an RSA public and private key system, and the process specifically comprises the following steps: the second encryption module encrypts alarm information of the target vehicle by using a public key of the server to obtain encrypted data, and signs the encrypted data by using a private key of the cockpit end to obtain second target encrypted data. In this embodiment, an AES algorithm may be used for encryption, for example, the second encryption module encrypts the alarm information by using an encryption key (AES encryption key, which may be generated randomly), so as to obtain an encrypted data packet; encrypting the encryption key by using a public key of the server to obtain encryption metadata; and taking the encrypted data packet and the encrypted metadata as the signed encrypted data.
Correspondingly, the above decryption module performs signature verification and decryption on the second target encrypted data, which may refer to: the decryption module uses the public key of the cockpit end to verify whether the signature of the second target encrypted data comes from the cockpit end, if so, the signature indicates that at least one communication channel of the multiple locally available communication channels of the vehicles is safe and smooth, namely, the signature and signature verification results can be used for reflecting the safety and reliability of the communication channels, and then the private key of the server end is used for decrypting the second target encrypted data to obtain the alarm information. The public key of the vehicle end and the private key of the vehicle end are a public-private key pair, and the public key of the server end and the private key of the server end are also a public-private key pair. Corresponding to the above encryption by using the AES algorithm, here, the private key of the server is used to decrypt the second target encrypted data, specifically: the decryption module decrypts the encrypted metadata in the second target encrypted data by using a private key of the server to obtain an encrypted key, and decrypts the encrypted data packet in the second target encrypted data by using a decryption key corresponding to the encrypted key to obtain alarm information.
In this embodiment, the vehicle alarm information processing system further includes: a key distribution module 105, which can manage and distribute the public-private key pairs, for example, distributing the private key of the vehicle end and the public key of the service end to a first encryption module, distributing the private key of the cockpit and the public key of the service end to a second encryption module, and distributing the public key of the vehicle end, the public key of the cockpit, and the private key of the service end to a decryption module.
The vehicle alarm information processing system provided by the embodiment comprises: the system comprises an encryption module, a data transmission control module and a decryption module, wherein the encryption module and the data transmission control module run on a target vehicle, and the decryption module run on a server; the encryption module is used for encrypting and signing alarm information of a target vehicle to obtain target encryption data; the data transmission control module is used for sending the target encrypted data to the server based on various vehicle local available communication channels; the decryption module is used for verifying and decrypting the target encrypted data received by the server to obtain alarm information. When a target vehicle uploads alarm information to a server side due to network attack, fire, flood, functional failure and the like, the system encrypts and signs the alarm information of the target vehicle and uploads target encrypted data to the server side through various vehicle local available communication channels, the server side verifies and decrypts the uploaded target encrypted data, encryption and decryption are completed on the target vehicle side by the alarm information in the process, integrity and reliability of the alarm information can be guaranteed through encryption and decryption operations between the target vehicle and the server side, the encrypted data are signed by the target vehicle, and the signature is verified on the server side, if the verification is passed, it is shown that a transmission channel between the target vehicle and the server side is safe and smooth, namely, the signature and signature verification results can be used for reflecting the safety and reliability of the transmission channel, and further the safety and reliability of the transmission channel of the alarm information are guaranteed. And moreover, the target encrypted data is transmitted in a saturated mode through various vehicle local available communication channels, so that the transmission robustness of the alarm information can be powerfully guaranteed, the encrypted alarm information can be transmitted to a server side in an efficient, timely and reachable mode, and the transmission requirements of high efficiency, strong accessibility and real reliability in the alarm information transmission process of the vehicle in emergency scenes such as functional failure, network attack, fire, flood and the like are met.
Another embodiment of the present application provides a method for processing vehicle warning information, as shown in fig. 2, the method for processing vehicle warning information includes the following steps:
s201, the target vehicle encrypts and signs the alarm information of the target vehicle to obtain target encrypted data.
In this embodiment, the alarm information includes at least one of: alarm information for vehicle information security, for example, alarm information for network attack events such as hacker intrusion, program vulnerabilities being exploited, firewall rules being triggered, and the like; alarm information aiming at vehicle function defects, such as alarm information aiming at emergency function related defects such as ABS function faults, collision early warning function faults and the like; alarm information for natural disasters, such as an event that a vehicle is subjected to a physical disaster such as a fire, a flood, or the like; the alarm information aiming at the vehicle accident condition is, for example, the alarm information aiming at the damage of the vehicle caused by the traffic accident.
The above target vehicle encrypts and signs its alarm information to obtain target encrypted data, which may refer to: the vehicle end of the target vehicle encrypts and signs the alarm information, or the cab end of the target vehicle encrypts and signs the alarm information, or the vehicle end and the cab end of the target vehicle encrypt and signs the alarm information.
In this embodiment, the alarm information of the target vehicle may be encrypted and signed specifically based on an RSA public and private key system, and the process specifically includes: and the vehicle end and/or the cockpit end of the target vehicle encrypts the alarm information of the target vehicle by using the public key of the server end to obtain encrypted data, and signs the encrypted data by using the private key of the vehicle end and/or the cockpit end. In this embodiment, an AES algorithm may be used for encryption, for example, an encryption key (which may be randomly generated) is used to encrypt the alarm information, so as to obtain an encrypted data packet; encrypting the encryption key by using a public key of a server to obtain encryption metadata; and taking the encrypted data packet and the encrypted metadata as the signed encrypted data.
S202, the target vehicle sends the target encrypted data to a server based on various vehicle local available communication channels.
In this embodiment, the above-mentioned plurality of vehicle locally available communication channels include at least two of: the method comprises the following steps that a communication channel is formed between a cab end and a service end of a target vehicle, the cab end and the vehicle end correspond to different functional attributes, the vehicle end is mainly used for deploying an original functional module of the vehicle, such as collection of functional parameters of a vehicle transmitter, collection of vehicle energy consumption information, establishment of original vehicle communication and the like, the cab end is mainly used for deploying an intelligent application functional module of the vehicle, and in the intelligent vehicle, the cab end can realize various intelligent network applications such as user interaction, identity authentication, payment service, safe storage safe box service, cipher key resetting service, network entertainment service and the like; the charging pile can send data to the server side, for example, when the target vehicle is charged at the corresponding charging pile or is connected with the charging pile, the target encrypted data can be transferred and sent to the server side through a data sending unit of the charging pile; a communication channel between a vehicle end and a service end of the target vehicle. The multiple vehicle local available communication channels are used for carrying out saturated transmission on the target encrypted data, the reliability of the encrypted data transmission process can be guaranteed, the transmission robustness of the alarm information is powerfully guaranteed, the encrypted alarm information can be transmitted to a server side in a high-efficiency, timely and reachable mode, and the high-efficiency, reachable, real and reliable transmission requirements of the alarm information under emergency scenes such as functional failure, network attack, fire, flood and the like of the vehicle are met.
S203, the server receives the target encrypted data, and performs signature verification and decryption on the encrypted data to obtain the alarm information.
The above verifying and decrypting the target encrypted data may refer to: the server side uses the public key of the vehicle side to verify whether the signature of the target encrypted data comes from the vehicle side, and if so, the private key of the server side is used for decrypting the target encrypted data; specifically, after the server receives the target encrypted data, the public key of the vehicle end is used for verifying whether the signature of the target encrypted data comes from the vehicle end, if so, at least one communication channel in the multiple vehicle local available communication channels is safe and smooth, namely, the signature and signature verification results can be used for reflecting the safety and reliability of the transmission channel, and then the private key of the server is used for decrypting the target encrypted data to obtain the alarm information. The public key of the vehicle end and the private key of the vehicle end are a public-private key pair, and the public key of the server end and the private key of the server end are also a public-private key pair. Corresponding to the encryption by the AES algorithm, here, the private key of the server is used to decrypt the target encrypted data, specifically: and decrypting the encrypted metadata in the target encrypted data by using a private key of the server to obtain an encryption key, and decrypting the encrypted data packet in the target encrypted data by using a decryption key corresponding to the encryption key to obtain alarm information.
Or the server side uses the public key of the cockpit side to verify whether the signature of the target encrypted data comes from the cockpit side, if so, the safety and smoothness of at least one communication channel in the multiple locally available communication channels of the vehicles are indicated, namely, the signature and signature verification results can be used for reflecting the safety and reliability of the communication channels, and then the private key of the server side is used for decrypting the target encrypted data to obtain the alarm information. The public key of the vehicle end and the private key of the vehicle end are a public-private key pair, and the public key of the server end and the private key of the server end are also a public-private key pair. Corresponding to the above encryption by using the AES algorithm, here, the private key of the server is used to decrypt the target encrypted data, specifically: the server decrypts the encrypted metadata in the target encrypted data by using the private key of the server to obtain an encrypted key, and decrypts the encrypted data packet in the target encrypted data by using the decryption key corresponding to the encrypted key to obtain alarm information.
By using the method provided by the embodiment, when the target vehicle uploads the alarm information to the server side due to network attack, fire, flood, functional failure and other reasons, the alarm information of the target vehicle is encrypted and signed, the target encrypted data is uploaded to the server side through various vehicle local available communication channels, the server side verifies and decrypts the uploaded target encrypted data, in the process, the alarm information is encrypted on the target vehicle side, decryption is completed on the server side, integrity and reliability of the alarm information can be guaranteed through encryption and decryption operations between the target vehicle and the server side, in addition, the encrypted data is signed on the target vehicle, the signature is verified on the server side, and if the verification is passed, the transmission channel between the target vehicle and the server side is safe and smooth, namely, the signature and signature verification results can be used for reflecting the safety and reliability of the transmission channel, and further guarantee the safety and reliability of the transmission channel of the alarm information. And moreover, the target encrypted data is transmitted in a saturated mode through various vehicle local available communication channels, so that the transmission robustness of the alarm information can be powerfully guaranteed, the encrypted alarm information can be transmitted to a server side in an efficient, timely and reachable mode, and the transmission requirements of high efficiency, strong accessibility and real reliability in the alarm information transmission process of the vehicle in emergency scenes such as functional failure, network attack, fire, flood and the like are met.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
1. Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, computer readable media does not include non-transitory computer readable media (transient media), such as modulated data signals and carrier waves.
2. As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
Although the present invention has been described with reference to a preferred embodiment, it should be understood that various changes, substitutions and alterations can be made herein without departing from the spirit and scope of the invention as defined by the appended claims.
Claims (10)
1. A vehicle alarm information processing system, characterized by comprising: the system comprises an encryption module, a data transmission control module and a decryption module, wherein the encryption module and the data transmission control module run on a target vehicle, and the decryption module run on a server;
the encryption module is used for encrypting and signing alarm information of a target vehicle to obtain target encryption data;
the data transmission control module is used for sending the target encrypted data to a server based on various vehicle local available communication channels;
the decryption module is used for verifying and decrypting the target encrypted data received by the server side to obtain the alarm information.
2. The system of claim 1, wherein the plurality of vehicle locally available communication channels comprises at least two of:
a communication channel between a cockpit side of the target vehicle and the service side;
a communication channel between the charging pile corresponding to the target vehicle and the server side;
a communication channel between a vehicle end of the target vehicle and the service end.
3. The system of claim 1, wherein the encryption module comprises: the encryption module comprises a first encryption module operated at a vehicle end of a target vehicle, or a second encryption module operated at a cockpit end of the target vehicle;
the encrypting and signing the alarm information of the target vehicle to obtain the target encrypted data comprises the following steps: the first encryption module encrypts and signs the alarm information of the target vehicle to obtain first target encryption data; or the second encryption module encrypts and signs the alarm information of the target vehicle to obtain second target encrypted data;
the sending the target encrypted data to a server based on a plurality of communication channels comprises: the data transmission control module sends the first target encrypted data or the second target encrypted data to the server based on a plurality of communication channels;
the verifying and decrypting the target encrypted data received by the server includes: and the decryption module verifies and decrypts the first target encrypted data or the second target encrypted data.
4. The system of claim 1, wherein the encryption module comprises: the first encryption module runs at the vehicle end of the target vehicle, and the second encryption module runs at the cockpit end of the target vehicle;
the encrypting and signing the alarm information of the target vehicle to obtain the target encrypted data comprises the following steps: the first encryption module encrypts and signs alarm information of a target vehicle to obtain first target encryption data; the second encryption module encrypts and signs the alarm information of the target vehicle to obtain second target encryption data;
the sending the target encrypted data to a server based on a plurality of communication channels comprises: the data transmission control module sends the first target encrypted data and the second target encrypted data to the server based on various communication channels;
the verifying and decrypting the target encrypted data received by the server includes: the decryption module checks and decrypts the first target encrypted data to obtain first alarm information, and the decryption module checks and decrypts the second target encrypted data to obtain second alarm information.
5. The system of claim 4, further comprising: and the alarm information checking module is used for comparing the first alarm information with the second alarm information, responding to the difference between the first alarm information and the second alarm information, and sending alarm reset prompt information to the target vehicle.
6. The system of claim 3 or 4, wherein the first encryption module encrypts and signs the alert information of the target vehicle, comprising: the first encryption module encrypts the alarm information of the target vehicle by using the public key of the server side to obtain encrypted data, and signs the encrypted data by using the private key of the vehicle side to obtain first target encrypted data;
correspondingly, the decryption module performs signature verification and decryption on the first target encrypted data, and includes: the decryption module verifies whether the signature of the first target encrypted data comes from the vehicle end or not by using the public key of the vehicle end, and if so, decrypts the first target encrypted data by using the private key of the server end;
the second encryption module encrypts and signs the alarm information of the target vehicle to obtain second target encryption data, and the second encryption module comprises: the second encryption module encrypts the alarm information of the target vehicle by using the public key of the server to obtain encrypted data, and signs the encrypted data by using the private key of the cockpit end to obtain second target encrypted data;
correspondingly, the decryption module verifies and decrypts the second target encrypted data, and includes: and the decryption module verifies whether the signature of the second target encrypted data is from the cockpit end by using the public key of the cockpit end, and decrypts the second target encrypted data by using the private key of the server end if the signature of the second target encrypted data is from the cockpit end.
7. The system of claim 6, further comprising: and the key distribution module is used for distributing a private key at the vehicle end and a public key at the service end to the first encryption module, distributing a private key of the cab and a public key at the service end to the second encryption module, and distributing the public key at the vehicle end, the public key of the cab and the private key at the service end to the decryption module.
8. The system of claim 6, wherein the first encryption module encrypts the alarm information of the target vehicle by using a public key of the server to obtain encrypted data, and comprises:
the first encryption module encrypts the alarm information of the target vehicle by using an encryption key to obtain an encrypted data packet; encrypting the encryption key by using the public key of the server to obtain encryption metadata; taking the encrypted data packet and the encrypted metadata as the encrypted data;
correspondingly, the decrypting the first target encrypted data by using the private key of the server includes:
the decryption module decrypts the encrypted metadata in the first target encrypted data by using a private key of the server to obtain the encryption key, and decrypts the encrypted data packet in the first target encrypted data by using a decryption key corresponding to the encryption key to obtain the alarm information.
9. The system of claim 1, further comprising: and the alarm information processing module is used for analyzing the alarm information and carrying out alarm processing based on the analysis result.
10. A vehicle alarm information processing method is characterized by comprising the following steps:
the target vehicle encrypts and signs the alarm information of the target vehicle to obtain target encrypted data;
the target vehicle sends the target encrypted data to a server based on a plurality of vehicle local available communication channels;
and the server receives the target encrypted data, and performs signature verification and decryption on the encrypted data to obtain the alarm information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210871653.1A CN115225399A (en) | 2022-07-22 | 2022-07-22 | Vehicle alarm information processing system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210871653.1A CN115225399A (en) | 2022-07-22 | 2022-07-22 | Vehicle alarm information processing system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115225399A true CN115225399A (en) | 2022-10-21 |
Family
ID=83614088
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210871653.1A Pending CN115225399A (en) | 2022-07-22 | 2022-07-22 | Vehicle alarm information processing system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115225399A (en) |
Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109823304A (en) * | 2017-11-23 | 2019-05-31 | 太和汉创汽车工程科技(武汉)有限公司 | A kind of long-range control vehicle system based on multiple safety protection |
| CN110191415A (en) * | 2019-05-29 | 2019-08-30 | 深圳市元征科技股份有限公司 | A kind of encryption method of information of vehicles, mobile unit and server |
| CN110365643A (en) * | 2019-06-04 | 2019-10-22 | 菜鸟智能物流控股有限公司 | Communication method and device |
| CN111923863A (en) * | 2020-08-25 | 2020-11-13 | 东信和平科技股份有限公司 | Vehicle control method based on digital vehicle key |
| CN112885147A (en) * | 2021-01-27 | 2021-06-01 | 星觅(上海)科技有限公司 | Vehicle safety warning system and warning information sending and receiving method |
| CN113344561A (en) * | 2021-06-30 | 2021-09-03 | 陕西云捷智通信息科技有限公司 | Digital currency vehicle wallet payment secure encryption communication method and system |
| CN113806772A (en) * | 2021-09-03 | 2021-12-17 | 武汉虹旭信息技术有限责任公司 | Information encryption transmission method and device based on block chain |
| CN114419928A (en) * | 2022-01-27 | 2022-04-29 | 合肥工业大学 | Vehicle road cloud cooperative control system and method based on quantum communication |
| CN114726906A (en) * | 2022-03-31 | 2022-07-08 | 阿波罗智联(北京)科技有限公司 | Device interaction method and device, electronic device and storage medium |
-
2022
- 2022-07-22 CN CN202210871653.1A patent/CN115225399A/en active Pending
Patent Citations (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109823304A (en) * | 2017-11-23 | 2019-05-31 | 太和汉创汽车工程科技(武汉)有限公司 | A kind of long-range control vehicle system based on multiple safety protection |
| CN110191415A (en) * | 2019-05-29 | 2019-08-30 | 深圳市元征科技股份有限公司 | A kind of encryption method of information of vehicles, mobile unit and server |
| CN110365643A (en) * | 2019-06-04 | 2019-10-22 | 菜鸟智能物流控股有限公司 | Communication method and device |
| CN111923863A (en) * | 2020-08-25 | 2020-11-13 | 东信和平科技股份有限公司 | Vehicle control method based on digital vehicle key |
| CN112885147A (en) * | 2021-01-27 | 2021-06-01 | 星觅(上海)科技有限公司 | Vehicle safety warning system and warning information sending and receiving method |
| CN113344561A (en) * | 2021-06-30 | 2021-09-03 | 陕西云捷智通信息科技有限公司 | Digital currency vehicle wallet payment secure encryption communication method and system |
| CN113806772A (en) * | 2021-09-03 | 2021-12-17 | 武汉虹旭信息技术有限责任公司 | Information encryption transmission method and device based on block chain |
| CN114419928A (en) * | 2022-01-27 | 2022-04-29 | 合肥工业大学 | Vehicle road cloud cooperative control system and method based on quantum communication |
| CN114726906A (en) * | 2022-03-31 | 2022-07-08 | 阿波罗智联(北京)科技有限公司 | Device interaction method and device, electronic device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3937041B1 (en) | Trusted startup methods and apparatuses of dedicated blockchain node device | |
| CN112150147A (en) | Data security storage system based on block chain | |
| CN109728914B (en) | Digital signature verification method, system, device and computer readable storage medium | |
| CN112800450B (en) | Data storage method, system, device, equipment and storage medium | |
| KR102256730B1 (en) | System and method for vehicle verification and communication | |
| CN104756127A (en) | Secure data handling by a virtual machine | |
| CN115242841A (en) | Vehicle operation log processing system and method | |
| CN103414682A (en) | Method for cloud storage of data and system | |
| CN112332975A (en) | Internet of things equipment secure communication method and system | |
| CN113190860B (en) | Block chain sensor data authentication method and system based on ring signature | |
| Agarwal et al. | Authenticating cryptography over network in data | |
| CN114598501A (en) | Data processing method and device based on Internet of things | |
| CN110737905B (en) | Data authorization method, data authorization device and computer storage medium | |
| CN112968774B (en) | Method, device storage medium and equipment for encrypting and decrypting configuration file | |
| CN101325486B (en) | Method and apparatus for transferring field permission cryptographic key | |
| CN115225399A (en) | Vehicle alarm information processing system and method | |
| CN104732701A (en) | Method and system for monitoring fire warning information | |
| CN111190694A (en) | Virtualization security reinforcement method and device based on Roc platform | |
| CN114553557B (en) | Key calling method, device, computer equipment and storage medium | |
| CN113468607B (en) | Method for generating and using encrypted tamper-proof file | |
| CN115225398A (en) | Vehicle alarm information processing system and method | |
| CN107404476B (en) | Method and device for protecting data security in big data cloud environment | |
| CN116707795A (en) | Information protection method for safety access gateway and safety access gateway | |
| CN113672955B (en) | Data processing method, system and device | |
| CN112702170A (en) | Management method, management system, viewing method and viewing terminal for vehicle data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |