CN115643566A - De-identification method for transmitting vehicle-side collected personal information to third party - Google Patents
De-identification method for transmitting vehicle-side collected personal information to third party Download PDFInfo
- Publication number
- CN115643566A CN115643566A CN202211086449.5A CN202211086449A CN115643566A CN 115643566 A CN115643566 A CN 115643566A CN 202211086449 A CN202211086449 A CN 202211086449A CN 115643566 A CN115643566 A CN 115643566A
- Authority
- CN
- China
- Prior art keywords
- data
- personal information
- vehicle
- party
- identification method
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention relates to a de-identification method for transmitting personal information collected by a vehicle end to a third party, which comprises the steps of collecting the personal information and related data by the vehicle end; judging whether the information needs to be transmitted to a third party or not; if the transmission is not needed, the local processing is carried out; if data encryption processing and data transmission are needed; identifying VIN and carrying out Hash operation; packing the hash value and data, and transmitting the packed data; data decryption and hash value ID identification; feeding back service data and ID; correspondingly sending the ID and the VIN to the corresponding vehicle end; and the vehicle executes corresponding service according to the received feedback result. According to the de-identification method for transmitting the personal information collected by the vehicle end to the third party, the cloud TSP and the third party service provider only obtain one of the vehicle identifier and the vehicle collected data, so that the privacy and the data safety of a personal information main body are guaranteed; the vehicle identifier is calculated to obtain a specific ID, unique identification is guaranteed, and meanwhile de-identification is carried out to the maximum extent.
Description
Technical Field
The invention belongs to the technical field of automobiles, and particularly relates to a de-identification method for transmitting personal information collected by a vehicle end to a third party.
Background
With the rapid development of digital economy and the explosion of high-precision technology, the world formally enters the big data era, and data plays more and more important roles in social development and people's life. In recent years, with the advancement of "electric driving, networking, intellectualization, and sharing", the "internet of vehicles" has become a part of most of automobile equipment.
However, when the convenience of interconnection and intercommunication brought by the internet of vehicles is enjoyed, the data security problem gradually emerges from the water surface, if any service provider related to the internet of vehicles can directly and indiscriminately take the personal information of the personal information main body, basically, no security exists, and some individuals or organizations which maliciously steal the personal information can easily take all data of the vehicle user through technologies such as web crawlers and the like, and irreversible harm is brought to the vehicle user.
The implementation of regulations (trial) for automobile data security management begins at 1/10/2021, according to which personal information of vehicle users is required to follow a desensitization processing principle when being transmitted outwards, that is, anonymization, de-identification and the like are performed as far as possible. When the current personal information main body uses the internet connection function, a large amount of personal information needs to be transmitted to a TSP (Telematics Service Provider) and a third-party Service Provider platform, so that the personal information is easily leaked in the process, the personal information of the personal information main body may be illegally acquired and exchanged and maliciously provided to the outside, and the personal rights and interests of the personal information main body are affected negatively. Therefore, a de-identification method for preventing the personal information of the user from being leaked and transmitting the acquired personal information of the vehicle end to a third party is urgently needed to be developed.
Disclosure of Invention
The invention aims to provide a de-identification method for transmitting vehicle-side collected personal information to a third party, so as to solve the problem of insufficient data safety in the process of providing the personal information to the third party and processing data by the third party. The VIN is converted into the ID in the process of providing the personal information to the third party, so that the effect of de-identification is achieved; converting the VIN into the ID by adopting Hash operation; the TSP cannot decrypt the personal information data, and the third party cannot know the personal information main body corresponding to the ID, so that the privacy of the personal information main body is protected.
The purpose of the invention is realized by the following technical scheme:
a de-identification method for transmitting vehicle-side collected personal information to a third party comprises the following steps:
A. the vehicle end collects personal information and related data;
B. the vehicle end judges whether the acquired data contain personal information or not, and whether the acquired data need to be transmitted to a third party and processed by the third party or not;
C. if the transmission is not needed, the local processing is carried out, and the deletion is finished after the processing; if the transmission is needed but the personal information is not involved, the transmission can be carried out normally without other processing;
D. if the personal information is related and needs to be transmitted to a third party, data encryption is carried out, and data transmission is carried out after encryption is finished;
E. identifying VIN and carrying out Hash operation;
F. packing the hash value and data, and transmitting the packed data;
G. data decryption and hash value ID identification;
H. feeding back service data and ID;
I. correspondingly sending the ID and the VIN to a corresponding vehicle end;
J. and the vehicle executes corresponding service according to the received feedback result.
Further, step C, deleting the information after local processing.
And step D, encrypting the data by adopting a key agreed with the third party, and transmitting the data to the cloud TSP after encryption.
And step E, after receiving the data, the cloud TSP identifies the VIN number of the vehicle sending the data, and performs Hash operation on the VIN number to change the VIN number into a section of ID irrelevant to the VIN, and only the cloud TSP knows the corresponding relation between the VIN and the ID.
Further, in step F, the cloud TSP packages the ID and the encrypted data and forwards the ID and the encrypted data to a third-party service provider.
And G, the third-party service provider decrypts the data by using the key, executes corresponding operation service according to the data content, and deletes the original data after obtaining a feedback result.
Further, in step H, the third party service provider packs the feedback result and the ID and sends the feedback result and the ID to the cloud TSP.
Further, in step I, the cloud TSP converts the ID into a vehicle VIN number, and forwards the feedback data to the corresponding vehicle according to the number.
Compared with the prior art, the invention has the beneficial effects that:
according to the de-identification method for transmitting the personal information collected by the vehicle end to the third party, the cloud TSP and the third party service provider only obtain one of the vehicle identifier and the vehicle collected data, so that the privacy and the data safety of a personal information main body are guaranteed; the vehicle identifier is calculated to obtain a specific ID, unique identification is guaranteed, and meanwhile de-identification is conducted to the maximum extent.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
FIG. 1 is a flow chart of a method for de-identifying a vehicle-side collected personal information for transmission to a third party.
Detailed Description
The invention is further illustrated by the following examples:
the present invention will be described in further detail with reference to the drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention. It should be further noted that, for the convenience of description, only some of the structures related to the present invention are shown in the drawings, not all of the structures.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present invention, the terms "first", "second", and the like are used only for distinguishing the description, and are not construed as indicating or implying relative importance.
As shown in fig. 1, the method for de-identifying the vehicle-side collected personal information transmitted to the third party includes the following steps:
1. the vehicle user uses the internet function to trigger the process to start;
2. the vehicle end acquires data necessary for functional service;
3. the vehicle end judges whether the acquired data contain personal information or not, and whether the acquired data need to be transmitted to a third party and processed by the third party or not;
4. if the transmission is not needed, the local processing is carried out, and the deletion is finished after the processing; if the transmission is needed but the personal information is not involved, the transmission can be carried out normally without other processing;
5. if the personal information is related and needs to be transmitted to the third party, encrypting the data by adopting a key agreed with the third party, and transmitting the data to the cloud TSP after encryption;
6. after receiving the data, the cloud TSP identifies the VIN number of the vehicle sending the data, and performs Hash operation on the VIN number to enable the VIN number to become a section of ID irrelevant to the VIN, and only the cloud TSP knows the corresponding relation between the VIN and the ID;
7. the cloud TSP packages the ID and the encrypted data and forwards the ID and the encrypted data to a third-party service provider;
8. the third-party service provider decrypts the data by using the secret key, executes corresponding operation service according to the data content, and deletes the original data after obtaining a feedback result;
9. the third-party service provider packs the feedback result and the ID and sends the feedback result and the ID to the cloud TSP;
10. the cloud TSP converts the ID into a vehicle VIN number and forwards the feedback data to the corresponding vehicle according to the number;
11. and the vehicle executes corresponding service according to the received feedback result.
In the invention, the data collected by the vehicle is encrypted when being transmitted to the cloud TSP, the cloud cannot decrypt the data, the cloud cannot know the identity of the vehicle user, and only the vehicle identifier is known. In addition, the cloud TSP processes the vehicle identifier to generate a specific ID, and packages the encrypted data and the ID to be sent to a third-party service provider. The third-party service provider can decrypt the data, but does not know the corresponding relationship between the ID and the vehicle user, and provides corresponding service according to the decrypted data. And the third-party service provider adopts the ID identification when feeding back the service result, the cloud TSP corresponds to the vehicle VIN according to the ID, the feedback result data is sent to the corresponding vehicle, and the vehicle executes corresponding operation according to the feedback result.
The VIN is converted into the ID in the process of providing the personal information to the third party, so that the effect of de-identification is achieved; converting the VIN into the ID by adopting Hash operation; the TSP cannot decrypt the personal information data, and a third party cannot know the personal information main body corresponding to the ID, so that the privacy of the personal information main body is protected.
De-tagging is a data processing method that processes a data identifier so that the processed information cannot identify a specific personal information subject. The method involves a binding relationship of a vehicle identifier to a vehicle user, i.e., a body of personal information. The vehicle user identity and the vehicle identifier have a direct corresponding relationship at the vehicle end. The data that the vehicle gathered is encrypted when transmitting to high in the clouds TSP, and the high in the clouds can't decipher, and the high in the clouds also can't learn vehicle user's identity, only knows the vehicle identifier. In addition, the cloud TSP processes the vehicle identifier to generate a specific ID, and the encrypted data and the ID are packaged and sent to a third-party service provider. The third-party service provider can decrypt the data, but does not know the corresponding relationship between the ID and the vehicle user, and provides corresponding service according to the decrypted data.
The personal information is various information relating to a recognized or identifiable vehicle owner, driver, vehicle occupant, person outside the vehicle, and the like, which is recorded electronically or otherwise, and does not include information subjected to anonymization processing.
The personal information body refers to an organization or an individual who has the ability to determine the purpose, the mode, and the like of personal information processing.
The Vehicle Identification Number (VIN) is composed of 17-digit characters, is determined according to the national Vehicle management standard, and comprises information such as a manufacturer, a year, a Vehicle type, a Vehicle body type and code, an engine code, an assembly place and the like of a Vehicle.
The hash calculation maps a binary string of any length to a binary string of a fixed length, the mapping rule is a hash algorithm, and the binary string obtained by mapping the original data is a hash value. The original data cannot be deduced reversely from the hash value (so the hash algorithm is also called one-way hash algorithm); the method is very sensitive to input data, even if the original data only modifies one Bit, the finally obtained hash values are also quite different; the probability of hash collision is very small, and for different original data, the probability that the hash values are the same is very small; the execution efficiency of the hash algorithm is as high as possible, and the hash value can be calculated quickly for a long text.
It is to be noted that the foregoing description is only exemplary of the invention and that the principles of the technology may be employed. Those skilled in the art will appreciate that the present invention is not limited to the particular embodiments described herein, and that various obvious changes, rearrangements and substitutions will now be apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.
Claims (8)
1. A de-identification method for transmitting personal information collected by a vehicle end to a third party is characterized by comprising the following steps:
A. the vehicle end collects personal information and related data;
B. the vehicle end judges whether the acquired data contain personal information or not, and whether the acquired data need to be transmitted to a third party and processed by the third party or not;
C. if the transmission is not needed, the local processing is carried out, and the deletion is finished after the processing; if the transmission is needed but the personal information is not involved, the transmission can be carried out normally without other processing;
D. if the personal information is related and needs to be transmitted to a third party, data encryption processing is carried out, and data transmission is carried out after encryption is finished;
E. identifying VIN and carrying out Hash operation;
F. packing the hash value and data, and transmitting the packed data;
G. data decryption and hash value ID identification;
H. feeding back service data and an ID;
I. correspondingly sending the ID and the VIN to a corresponding vehicle end;
J. and the vehicle executes corresponding service according to the received feedback result.
2. The de-identification method for the vehicle end to collect the personal information and transmit the personal information to the third party according to claim 1, characterized in that: and C, deleting the information after local processing is finished.
3. The de-identification method for the vehicle-side collected personal information to be transmitted to the third party according to claim 1, characterized in that: and D, encrypting the data by adopting a secret key agreed with the third party, and transmitting the data to the cloud TSP after encryption.
4. The de-identification method for the vehicle-side collected personal information to be transmitted to the third party according to claim 1, characterized in that: and E, identifying the vehicle VIN number of the transmitted data after the cloud TSP receives the data, carrying out Hash operation on the VIN number to enable the VIN number to become a section of ID irrelevant to the VIN, and only knowing the corresponding relation between the VIN and the ID by the cloud TSP.
5. The de-identification method for the vehicle-side collected personal information to be transmitted to the third party according to claim 1, characterized in that: and F, packaging the ID and the encrypted data by the cloud TSP, and forwarding to a third-party service provider.
6. The de-identification method for the vehicle-side collected personal information to be transmitted to the third party according to claim 1, characterized in that: and G, the third-party service provider decrypts the data by using the secret key, executes corresponding operation service according to the data content, and deletes the original data after obtaining a feedback result.
7. The de-identification method for the vehicle end to collect the personal information and transmit the personal information to the third party according to claim 1, characterized in that: and step H, the third-party service provider packs the feedback result and the ID and sends the feedback result and the ID to the cloud TSP.
8. The de-identification method for the vehicle-side collected personal information to be transmitted to the third party according to claim 1, characterized in that: and step I, the cloud TSP converts the ID into a vehicle VIN number, and forwards the feedback data to the corresponding vehicle according to the number.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211086449.5A CN115643566A (en) | 2022-09-07 | 2022-09-07 | De-identification method for transmitting vehicle-side collected personal information to third party |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202211086449.5A CN115643566A (en) | 2022-09-07 | 2022-09-07 | De-identification method for transmitting vehicle-side collected personal information to third party |
Publications (1)
Publication Number | Publication Date |
---|---|
CN115643566A true CN115643566A (en) | 2023-01-24 |
Family
ID=84940882
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202211086449.5A Pending CN115643566A (en) | 2022-09-07 | 2022-09-07 | De-identification method for transmitting vehicle-side collected personal information to third party |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN115643566A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117221894A (en) * | 2023-11-09 | 2023-12-12 | 湖南雷诺科技发展有限公司 | Big data-based 5G communication transmission method |
-
2022
- 2022-09-07 CN CN202211086449.5A patent/CN115643566A/en active Pending
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN117221894A (en) * | 2023-11-09 | 2023-12-12 | 湖南雷诺科技发展有限公司 | Big data-based 5G communication transmission method |
CN117221894B (en) * | 2023-11-09 | 2024-01-12 | 湖南雷诺科技发展有限公司 | Big data-based 5G communication transmission method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US20030130893A1 (en) | Systems, methods, and computer program products for privacy protection | |
US9253167B2 (en) | Device and system for facilitating communication and networking within a secure mobile environment | |
CN103929428B (en) | A kind of method for realizing vehicle electronics information system communication safety | |
CN112468995B (en) | Searchable encryption privacy protection method and system based on Internet of vehicles | |
CN104025498A (en) | Methods and apparatus for sharing real-time user context information | |
CN115643566A (en) | De-identification method for transmitting vehicle-side collected personal information to third party | |
CN106453362A (en) | Data transmission method and apparatus of vehicle-mounted device | |
CN111046405B (en) | Data processing method, device, equipment and storage medium | |
EP2446578B1 (en) | Method and system for accessing medical data | |
CN110557738A (en) | Vehicle monitoring information safe transmission method and system | |
KR101953908B1 (en) | Security System and Method of Embeded software in Vehicle electric device | |
CN107682303B (en) | System and method for encrypting and inquiring personal sensitive information | |
CN111460475A (en) | Method for realizing data object subject de-identification processing based on cloud service | |
CN108337233B (en) | Method for encrypting content information, electronic equipment and storage medium | |
CN116028953A (en) | Data encryption method based on privacy calculation | |
KR101046907B1 (en) | Hybrid proxy-based access control device for vehicle black box data and its method | |
CN114039771A (en) | Data processing method, device and system, electronic equipment and storage medium | |
WO2017143541A1 (en) | Data security protection method and apparatus | |
CN111695958A (en) | Information safety management system of automobile leasing platform | |
CN110474930B (en) | Information transmission-based secure interaction method and device | |
CN103188239B (en) | The encryption system and vehicle-mounted end of vehicle-mounted transaction | |
CN105933305A (en) | Master-slave password management method for information system | |
CN111147487A (en) | Safe offshore data transmission method | |
US20200036710A1 (en) | Method and system for encryption using a radio frequency fingerprint | |
CN112804364B (en) | Safety management and control method and system for official vehicle |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |