CN116017309A

CN116017309A - Unicast communication method, device and terminal of Internet of vehicles

Info

Publication number: CN116017309A
Application number: CN202111223427.4A
Authority: CN
Inventors: 郑石磊; 张学艳
Original assignee: CICTCI Technology Co Ltd
Current assignee: CICTCI Technology Co Ltd
Priority date: 2021-10-20
Filing date: 2021-10-20
Publication date: 2023-04-25

Abstract

The invention provides a unicast communication method, device and terminal of the Internet of vehicles. The method is applied to the first terminal and comprises the following steps: transmitting a first message frame and indicating a security mode used by the first message frame in a first mode; wherein the first message frame includes at least one of: a first dedicated traffic advertisement DSA frame for unicast link establishment, a first dedicated short message DSM for unicast traffic data transmission, and a second DSA frame for unicast link release. The scheme of the invention can simplify the processing complexity of identifying the security mode and reduce the interaction processing time by indicating the security mode used by the first message frame.

Description

Unicast communication method, device and terminal of Internet of vehicles

Technical Field

The present invention relates to the field of communications technologies, and in particular, to a unicast communication method, device and terminal for internet of vehicles.

Background

The unicast flow of LTE (Long Term Evolution ) -V2X (vehicle to everything), the internet of vehicles, is mainly divided into three major parts: firstly, in the unicast address interaction stage, namely, the process of establishing unicast connection, the two parties carry out address interaction to determine the address pair used by the subsequent unicast communication. The sending of the unicast service announcement by the RSU (Road Side Unit) should be to repeat the broadcast sending according to a certain period, the OBU (On board Unit) sends the unicast service announcement response message after receiving the unicast service announcement message, the OBU may set a certain sending period and waiting time, if the unicast service data message sent by the RSU is not received in a certain period, the OBU may repeat the sending of the unicast service announcement response message. And secondly, after the unicast establishment process is completed, carrying out an interaction stage of unicast data, and carrying out receiving and transmitting corresponding data information aiming at different applications and services. Finally, after the unicast data interaction is completed, the unicast link needs to be released.

The road toll service definition of the near field payment message set and the interaction flow in the T/CSAE 157-2020 based on LTE-V2X, wherein two security modes are defined in the road toll service scene about the security mode, the system can complete the toll service process through any one security mode, and the method comprises the following steps:

security mode 1: and the LTE-based internet of vehicles wireless communication security certificate management system is utilized to realize identity authentication of a vehicle end and a road end, so that charging and payment processes are realized.

Security mode 2: by utilizing the security mechanism of the current ETC (Electronic Toll Collection, electronic toll collection system), referring to GB/T20851.4-2019, access permission, information authentication and encryption protection are realized at an application layer, so that the toll collection and payment process is realized.

In the prior art, the terminal distinguishes the currently used security modes in the application layer in the modes of content and format of the message set, but in practice, the two security modes are very different in encryption process, transmitted information content and the like, and the specific reason of the failure of the current message interaction is difficult to distinguish whether the security mode is wrong or wrong in information transmission caused by other problems only by judging whether the message set is successfully decrypted or not or the format of the message content, and the security modes can be correctly identified only by multiple attempts, so that the processing complexity and interaction time are increased.

Disclosure of Invention

The invention provides a unicast communication method, a unicast communication device and a unicast communication terminal for the Internet of vehicles, which solve the problems of high processing complexity, easy error and long interaction time of a safe mode identification method in the unicast communication process in the prior art.

In a first aspect, an embodiment of the present invention provides a unicast communication method for internet of vehicles, applied to a first terminal, where the method includes:

transmitting a first message frame and indicating a security mode used by the first message frame in a first mode;

wherein the first message frame includes at least one of: a first dedicated traffic advertisement (Dedicated Service Advertisement, abbreviated DSA) frame for unicast link establishment, a first dedicated short message (Dedicated Short Message, abbreviated DSM) frame for unicast traffic data transmission, and a second DSA frame for unicast link release.

Optionally, the first mode includes at least one of the following:

the first message frame comprises a first target field for indicating the security mode;

a predefined mapping relation exists between a media access control (Medium Access Control, abbreviated as MAC) address corresponding to the first message frame and the security mode;

And the application identifier (Application Identification, AID for short) corresponding to the first message frame and the security mode have a predefined mapping relation.

Optionally, the first message frame is the first DSA frame, and after the sending the first message frame, the method further includes:

receiving a DSA response frame sent by the second terminal; wherein the DSA response frame is fed back according to the first DSA frame;

determining a security mode used by the DSA response frame according to at least one of:

determining a security mode used by the DSA response frame according to a first field in the DSA response frame;

determining a security mode used by the DSA response frame according to a predefined mapping relation between the MAC address corresponding to the DSA response frame and the security mode;

and determining the security mode used by the DSA response frame according to a predefined mapping relation between the first AID and the security mode in the DSA response frame.

Optionally, after receiving the DSA response frame sent by the second terminal, the method further includes:

the first terminal generates a first association relation between the first information and a security mode used by unicast communication; the first information is related information of unicast communication between the first terminal and the second terminal;

Determining a security mode used in a target communication process according to the first association relation; wherein the target communication process includes at least one of: a data interaction procedure and a unicast communication link release procedure.

Optionally, the determining, according to the first association relationship, a security mode used by the target communication process includes:

receiving a second DSM sent by the second terminal;

and determining a security mode used by the second DSM according to the first association relation.

Optionally, the unicast communication method of the internet of vehicles further includes:

receiving a second DSM sent by a second terminal;

determining a security mode used by the second DSM according to one of:

determining a security mode used by the second DSM according to a second field in the second DSM; wherein the second field explicitly indicates a security mode used by the second DSM;

determining a security mode used by the second DSM according to a predefined mapping relation between the MAC address corresponding to the second DSM and the security mode;

and determining the security mode used by the second DSM according to a predefined mapping relation between the second AID and the security mode in the second DSM.

Optionally, the first information includes at least one of: MAC address information, application identification, identity, internal identifier of local information store of dedicated management entity (Dedicated Management Entity, DME for short).

In a second aspect, an embodiment of the present invention provides a unicast communication method of internet of vehicles, applied to a second terminal, the method including:

receiving a first message frame sent by a first terminal; wherein the first message frame includes at least one of: a first DSA frame for unicast link establishment, a first DSM for unicast traffic data transmission, and a second DSA frame for unicast link release;

according to a second mode, a security mode used by the first message frame is determined.

Optionally, after the receiving the first message frame sent by the first terminal, if the first message frame is the first DSA frame, the method further includes:

the second terminal generates a second association relation between second information and a security mode used by unicast communication; the second information is related information of unicast communication between the second terminal and the first terminal.

Optionally, the second mode includes at least one of:

the MAC address corresponding to the first message frame has a predefined mapping relation with the security mode;

and the application identifier AID in the first message frame has a predefined mapping relation with the security mode.

Optionally, in the case that the first message frame is the first DSM or the second DSA frame, the second manner includes: the second association relationship.

Optionally, the second information includes at least one of: MAC address information, application identification, identity, internal identifier of the local information store of the dedicated management entity DME.

sending a second message frame to the first terminal, and indicating a security mode used by the second message frame through a third mode; wherein the second message frame comprises: a DSA response frame or a second DSM; and the DSA response frame is according to the first DSA feedback;

the third mode includes at least one of:

the second message frame comprises a second target field for indicating the security mode;

the MAC address corresponding to the second message frame has a predefined mapping relation with the security mode;

And the application identifier AID corresponding to the second message frame and the security mode have a predefined mapping relation.

In a third aspect, an embodiment of the present invention provides a unicast communication device for internet of vehicles, applied to a first terminal, the device including:

the first sending module is used for sending a first message frame and indicating a security mode used by the first message frame in a first mode;

wherein the first message frame includes at least one of: a first dedicated traffic advertisement DSA frame for unicast link establishment, a first dedicated short message DSM for unicast traffic data transmission, and a second DSA frame for unicast link release.

In a fourth aspect, an embodiment of the present invention provides a unicast communication device for internet of vehicles, which is applied to a second terminal, the device comprising:

the first receiving module is used for receiving a first message frame sent by the first terminal; wherein the first message frame includes at least one of: a first DSA frame for unicast link establishment, a first DSM for unicast traffic data transmission, and a second DSA frame for unicast link release;

and the first determining module is used for determining a safety mode used by the first message frame according to the second mode.

In a fifth aspect, an embodiment of the present invention provides a terminal, including: a transceiver, a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the steps of the method for resource selection of a through link according to the first or second aspect when the computer program is executed.

In a sixth aspect, embodiments of the present invention provide a computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the method for resource selection of a through link according to the first or second aspect.

The technical scheme of the invention has the beneficial effects that:

in the above scheme, the first terminal sends the first message frame and indicates the security mode used by the first message frame in the first mode; wherein the first message frame includes at least one of: a first dedicated traffic advertisement DSA frame for unicast link establishment, a first dedicated short message DSM for unicast traffic data transmission, and a second DSA frame for unicast link release. The scheme can simplify the processing complexity of identifying the security mode and reduce the interaction processing time by indicating the security mode used by the first message frame.

Drawings

Fig. 1 shows a unicast flow diagram of LTE-V2X;

fig. 2 shows a network layer architecture schematic of an LTE-based internet of vehicles wireless communication technology;

fig. 3 shows a schematic diagram of the interaction flow between the cross layers of unicast link connection establishment;

FIG. 4 shows a schematic diagram of DSA versus DSM;

FIG. 5 shows one of the flowcharts of the unicast communication method of the Internet of vehicles according to the embodiment of the invention;

FIG. 6 is a flow chart of a second method for unicast communication of the Internet of vehicles according to an embodiment of the present invention;

fig. 7 shows one of the block diagrams of the unicast communication device of the internet of vehicles according to the embodiment of the present invention;

fig. 8 is a second block diagram of a unicast communication device of the internet of vehicles according to the embodiment of the present invention;

fig. 9 shows one of the hardware configuration diagrams of the terminal according to the embodiment of the present invention;

fig. 10 shows a second hardware configuration of the terminal according to the embodiment of the invention.

Detailed Description

In order to make the technical problems, technical solutions and advantages to be solved more apparent, the following detailed description will be given with reference to the accompanying drawings and specific embodiments. In the following description, specific details such as specific configurations and components are provided merely to facilitate a thorough understanding of embodiments of the invention. It will therefore be apparent to those skilled in the art that various changes and modifications can be made to the embodiments described herein without departing from the scope and spirit of the invention. In addition, descriptions of well-known functions and constructions are omitted for clarity and conciseness.

It should be appreciated that reference throughout this specification to "one embodiment" or "an embodiment" means that a particular feature, structure or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, the appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. Furthermore, the particular features, structures, or characteristics may be combined in any suitable manner in one or more embodiments.

In various embodiments of the present invention, it should be understood that the sequence numbers of the following processes do not mean the order of execution, and the order of execution of the processes should be determined by the functions and internal logic, and should not constitute any limitation on the implementation process of the embodiments of the present invention.

In addition, the terms "system" and "network" are often used interchangeably herein.

In the examples provided herein, it should be understood that "B corresponding to a" means that B is associated with a from which B may be determined. It should also be understood that determining B from a does not mean determining B from a alone, but may also determine B from a and/or other information.

In the embodiment of the invention, the form of the access network is not limited, and the access network may be an access network including a macro base station (Macro Base Station), a micro base station (Pico Base Station), a Node B (3G mobile base station name), an enhanced base station (eNB), a Home enhanced base station (Femto eNB or Home eNode B or Home eNB or HeNB), a relay station, an access point, an RRU (Remote Radio Unit, a remote radio module), an RRH (Remote Radio Head, a remote radio head), and the like. The user terminal may be a mobile phone (or handset), or other device capable of transmitting or receiving wireless signals, including user equipment, personal Digital Assistant (PDA), wireless modem, wireless communicator, handheld device, laptop, cordless phone, wireless Local Loop (WLL) station, CPE (Customer Premise Equipment, client terminal) or mobile smart hot spot capable of converting mobile signals to WiFi signals, smart home appliances, or other devices capable of spontaneously communicating with a mobile communication network without manipulation by a person, etc.

The following first describes what the scheme provided in the embodiments of the present application relates to.

1. Unicast flow based on LTE-V2X

As shown in fig. 1, the unicast flow of LTE-V2X at the present stage is mainly divided into three major parts: firstly, in the unicast address interaction stage, namely, the process of establishing unicast connection, the two parties carry out address interaction to determine the address pair used by the subsequent unicast communication. The RSU shall send the unicast service announcement in a certain period and repeat the broadcast transmission, the OBU sends the unicast service announcement response message after receiving the unicast service announcement message, the OBU may set a certain sending period and waiting time, and if the unicast service data message sent by the RSU is not received in a certain period, the OBU may repeat the unicast service announcement response message. And secondly, after the unicast establishment process is completed, carrying out an interaction stage of unicast data, and carrying out receiving and transmitting corresponding data information aiming at different applications and services. Finally, after the unicast data interaction is completed, the unicast link needs to be released.

2. Cross-layer interaction flow established by unicast communication

As shown in fig. 2, which illustrates a network layer architecture of an LTE-based internet of vehicles wireless communication technology, the network layer architecture includes: an application layer, a network layer and an LTE-V2X access layer; wherein, the network layer includes: a management sublayer and a data sublayer. The management sub-layer comprises a dedicated management entity DME, and the data sub-layer comprises: TCP (Transfer Control Protocol, transmission control protocol)/UDP (User Data Protocol ), IP (Internet Protocol, internet protocol), dedicated short message protocol (DSRC Short Message Protocol, abbreviated DSMP), and Adaptation layer (Adaptation layer), wherein DSRC is dedicated short range communication (Dcdicated Short Range Communication).

As shown in fig. 3, a cross-layer interaction flow diagram for unicast communication setup is shown. The main interaction flow of successful unicast link connection establishment considers interaction among cross layers, and the interaction flow mainly comprises:

1. address interaction process:

RUS side: the application layer sends a unicast service request to the DME; the DME sends DSM request to DSMP; the DSMP sends DSA (bearing unicast service announcement) to the DSMP of the OBU;

OBU side: DSMP of OBU sends DSM indication to DME, DME sends unicast service indication to application layer; the application layer sends a unicast service request to the DME; the DME sends DSM request to DSMP; the DSMP sends DSA (bearing unicast service response) to the DSMP of the RSU;

RUS side: the DSMP receives DSA (bearing unicast service response) and sends DSM indication to DME; the DME sends a DME unicast service indication to the application layer;

2. data interaction process

The application layer at the RSU side sends a DSM request to the DSMP, the DSM sends a DSM (bearer unicast data) to the DSMP of the OBU, and the DSMP sends a DSM indication to the application layer. The OBU side is the same.

3. Description of DSM and DSA

1、DSM

The DSM data frame is composed of two parts, namely a DSMP Header and data, wherein the DSMP Header comprises an AID field for distinguishing data of different applications, and the details are shown in the following table 1:

TABLE 1 DSM data frame Structure

2、DSA

The special service announcement DSA of the wireless communication technology of the Internet of vehicles based on the LTE should be packaged in the data part of the DSM, and the AID in the DSM is set to be the AID value corresponding to the DSA. The data frame format of DSA is shown in table 2:

TABLE 2 DSM data frame Structure

Specifically, the spreading format of the Header field of DSA is shown in table 3 below:

TABLE 3 DSA Header Domain expansion Format

Specifically, the expanded format of the DSA Application Info field is shown in Table 4 below:

1 byte	Variable(s)	Variable(s)
			Application Info Count	AID	Application Extension
Application information counting	Application identification	Application extension domain

TABLE 4 Application Info Format Domain of DSA

In summary, the relationship between DSA and DSM is shown in fig. 4, where AID1 indicates that the corresponding current DSM data portion is DSA, and AID2 is used to set an application indication of DSA (application identifier).

4. Secure mode

In a road toll service scene, two security modes are defined, and the system can complete a toll service process through any one security mode, and mainly comprises the following two security modes:

Security mode 2: by utilizing the safety mechanism of the current ETC electronic charging system, referring to GB/T20851.4-2019, access permission, information authentication and encryption protection are realized at an application layer, so that charging and payment processes are realized.

Specifically, the near field payment service message layer operation includes:

1) Sending and receiving near field payment service announcement information RST;

2) Transmitting and receiving near field payment service response information VSI;

3) Sending and receiving near field payment service data Request information Action-Request;

4) Transmitting and receiving near field payment service data Response information Action-Response;

5) And sending and receiving near field payment service link release information Event-Report.

The message set of the near field payment service message layer should conform to the specification of YD/T3977-2021.

5. Unicast communication flow based on security mode 1

For unicast service based on LTE-V2X, on the premise that the OBU and the RSU have effective V2X certificates, the OBU can complete key negotiation with the RSU by means of a certificate mechanism, and finally, secure communication of a unicast link is realized. The specific flow is as follows:

the RSU sends a unicast service announcement message (e.g. BST message of ETC), and the SPDU for packaging the announcement message needs to carry the certificate used by the RSU and the signature of the message;

after the OBU receives the SPDU, firstly verifying whether a certificate used by the RSU is legal or not, and then verifying whether the signature of the message is correct or not;

3. if the certificate and the signature pass verification, the OBU generates a symmetric key for subsequent encrypted data;

4, the OBU encrypts the randomly generated symmetric key by using the public key in the RSU current certificate to obtain an encrypted symmetric key; the OBU generates a unicast traffic advertisement response message (e.g., VST message of ETC) and encrypts the message using a symmetric key

The OBU sends SPDU (Session Protocol Data Unit ) with unicast service announcement response message to RSU, and carries symmetric key encrypted by RSU public key; meanwhile, the OBU needs to sign the message by using the certificate of the OBU and attach the certificate to the SPDU;

after receiving the response message responded by the OBU, the RSU verifies whether the certificate used by the OBU is legal or not and verifies whether the signature of the message is correct or not;

7. if the certificate and the signature pass the verification, the RSU uses a private key corresponding to the public key in the certificate to decrypt the symmetric key; and decrypting the unicast service announcement response message using the symmetric key;

8. at this time, the negotiation of the symmetric key is completed between the RSU and the OBU, and the response information of the OBU is transmitted to the RSU by encryption. The key may be used by both parties to secure the communication content during subsequent communications.

Considering the uniformity of the LTE-V2X unicast security mechanism and the broadcast security mechanism, it is suggested to use the LTE-V2X existing security mechanism also for unicast communication.

6. Unicast communication flow based on security mode 2

Taking the typical application ETC of near field payment as an example, there has also been a definition of security mechanisms in the transportation industry (e.g., GB/T20851.3 and GB/T20851.4). From the role, the safety protection used includes:

access permissions: the access data should provide a license credential, and the OBU is allowed to access after passing the verification;

and (3) information authentication: transmitting a group of authentication codes along with the key data, and judging the data as legal data after the RSU verifies the data;

encryption protection: the data is encrypted during transmission.

Specifically, taking an example that the OBU completes the access permission to the RSU, one implementation manner defined in the standard is:

the RSU sends BST information to the OBU, wherein the BST information comprises charging related information;

the obu sends a VST message to the RSU carrying system information (including the contactSerialNumber), a random number rndOBE.

The RSU generates access permission according to the system information and the random number and sends the access permission to the OBU;

and 4, after the OBU receives the access permission, verifying the validity of the access permission, and finishing the access permission to the RSU. And then transmits the vehicle information and the like to the RSU.

If the corresponding security mode identification mechanism is not specially introduced, the terminal can only distinguish the currently used security modes in the application layer in the modes of message set content, format and the like, but the security modes based on LTE-V2X and ETC are very different in encryption process, transmitted information content and the like, and the specific reason of the failure of the current message interaction is difficult to distinguish whether the specific reason is the security mode identification error or the information transmission error caused by other problems only by judging whether the message set is successfully decrypted or not or the message content format. And multiple attempts are required to correctly identify the security mode, increasing the complexity of the process and the time of interaction.

Specifically, the embodiment of the invention provides a unicast communication method, a unicast communication device and a unicast communication terminal for the Internet of vehicles, which solve the problems of high processing complexity, easy error and long interaction time of a safety mode identification method in the unicast communication process in the prior art.

First embodiment

As shown in fig. 5, an embodiment of the present invention provides a unicast communication method of internet of vehicles, which is applied to a first terminal, wherein the first terminal may include: the method comprises the following steps of:

step 101: transmitting a first message frame and indicating a security mode used by the first message frame in a first mode; wherein the first message frame includes at least one of: a first dedicated traffic advertisement DSA frame for unicast link establishment, a first dedicated short message DSM for unicast traffic data transmission, and a second DSA frame for unicast link release.

Specifically, the security modes include:

security mode 1: the LTE-based internet-of-vehicles wireless communication security certificate management system is utilized to realize identity authentication of a vehicle end and a road end, so that charging and payment processes are realized;

It should be noted that, the first DSA frame is used for carrying unicast service announcement, and after determining the security mode used for unicast communication, the first DSA frame is generated by the application layer/message layer of the first terminal through a cross-layer primitive indicating the network layer, where the cross-layer primitive is: DME-UnicastService.

The second DSA frame is used for bearing a link release message, and the second DSA frame is generated by the first terminal through a cross-layer primitive indicating network layer; wherein the cross-layer primitives are: DME-UnicastService.

The first special short message DSM is used for carrying service data, and the first special short message DSM is generated by indicating a network layer through a cross-layer primitive dsm.request;

in the above embodiment, the first terminal sends the first message frame, and indicates, in the first manner, the security mode used by the first message frame; wherein the first message frame includes at least one of: a first dedicated traffic advertisement DSA frame for unicast link establishment, a first dedicated short message DSM for unicast traffic data transmission, and a second DSA frame for unicast link release. The scheme can simplify the processing complexity of identifying the security mode and reduce the interaction processing time by indicating the security mode used by the first message frame. The problems of complexity caused by implicit judgment of the security mode through the message, easy misjudgment and the like are avoided.

In an embodiment, the first mode includes at least one of:

1 st: the first message frame comprises a first target field for indicating the security mode;

the security mode indicated in the first target field is a specific security mode or a security mode related parameter.

Illustratively, the first destination fields of the first DSA frame and the second DSA frame include: a Reserved field (Reserved) or a Header Extension field (Header Extension), and the security mode related information indicated by the field should correspond to a security mode (security mode) in the primitive DME-unicastservice request, and/or a security mode parameter (Security Mode parameter); it should be noted that the security mode and/or the security mode parameter (Security Mode parameter) is a newly added parameter in the primitive DME-unicastservice.

Illustratively, the first destination field of the first DSM includes: a Reserved field (Reserved) or an extended field (Extension), and the security mode related information indicated by the field should correspond to the security mode in the primitive dsm.request; it should be noted that a parameter Security mode (Security mode) is added to the primitive dsm.request to indicate the Security mode adopted by the current communication.

2 nd:

the Media Access Control (MAC) address corresponding to the first message frame has a predefined mapping relation with the security mode;

specifically, the MAC address corresponding to the first message frame is the source MAC address (source MAC address) of the first terminal, and when the first message frame adopts different source MAC addresses, the source MAC address should be at least selected in [65537,16777215], and the interval is divided into N subintervals according to the number N of security modes, where the subintervals are respectively associated with the corresponding security modes.

3 rd:

and the application identifier AID corresponding to the first message frame and the security mode have a predefined mapping relation.

Specifically, the application identifier AID corresponding to the first message frame is used for distinguishing different applications and associating different security modes.

Further, in an embodiment, the first message frame is the first DSA frame, and after the sending the first message frame, the method further includes:

Note that, the DSA response frame is used to carry the unicast service announcement response, and the first field in the DSA response frame may include: a Reserved field (Reserved) or a Header Extension field (Header Extension); the MAC address corresponding to the DSA response frame may include: the source MAC address of the second terminal or the destination MAC address of the second terminal, and the different security modes correspond to different MAC addresses or address ranges; when the DSA response frame adopts different MAC addresses, the MAC address value at least should be selected in [65537,16777215], and the interval is divided into N subintervals according to the number N of the security modes, and the subintervals are respectively associated with the corresponding security modes; the first AID in the DSA response frame is used to identify the service application type, and the different first AID corresponds to different security modes.

In an embodiment, after the receiving the DSA response frame sent by the second terminal, the method further includes:

Specifically, the first information includes at least one of: MAC address information, application identification, identity, internal identifier of the local information store of the dedicated management entity DME.

Illustratively, the first association between the first information and the security mode used for unicast communication may be as shown in the following table 5 or 6:

TABLE 5 first association table

It should be noted that at least one of the security mode parameter information and the security mode used by the unicast service in table 5 is selected.

TABLE 6 first association table

In a specific embodiment, the determining, according to the first association, a security mode used by the target communication process includes:

Receiving a second DSM sent by the second terminal;

In this embodiment, the first terminal may quickly identify the security mode used by the second DSM through the second association relationship maintained by the first terminal itself. The problems of complexity caused by implicit judgment of the security mode through the message, easy misjudgment and the like are avoided.

In a specific embodiment, the method further comprises:

receiving a second DSM sent by a second terminal;

determining a security mode used by the second DSM according to one of:

Note that the second field in the second DSM is: reserved field (Reserved) or Extension field (Extension); the MAC address corresponding to the second DSM may include: the source MAC address of the second terminal or the destination MAC address of the second terminal, and the different security modes correspond to different MAC addresses or address ranges; when the second DSM adopts different MAC addresses, the MAC address value at least should be selected in [65537,16777215], and the interval is divided into N subintervals according to the number N of the security modes, wherein the subintervals are respectively associated with the corresponding security modes; the second AID in the second DSM is used to identify the data portion as a DSA, and a different second AID corresponds to a different security mode.

Second embodiment

As shown in fig. 6, a second embodiment of the present invention provides a unicast communication method of internet of vehicles, which is applied to a second terminal, and specifically includes the following steps:

step 201, receiving a first message frame sent by a first terminal; wherein the first message frame includes at least one of: a first DSA frame for unicast link establishment, a first DSM for unicast traffic data transmission, and a second DSA frame for unicast link release;

in the step, a first DSA frame is used for carrying unicast service announcement, and after determining a security mode used for unicast communication, the first DSA frame is generated by an application layer/message layer of a first terminal through a cross-layer primitive indicating a network layer, wherein the cross-layer primitive is: DME-UnicastService.

step 202, determining a security mode used by the first message frame according to a second mode.

Specifically, the security modes include:

When a first terminal sends a first message frame, indicating a safety mode used by the first message frame through a first mode, so that a second terminal determines the safety mode used by the first message frame; wherein the first mode and the second mode are mutually corresponding.

In the above embodiment, the second terminal receives the first message frame and confirms the security mode used by the first message frame in the second manner, so as to perform the security communication of the subsequent process. The scheme can simplify the processing complexity of identifying the security mode and reduce the interaction processing time by indicating the security mode used by the first message frame. The problems of complexity caused by implicit judgment of the security mode through the message, easy misjudgment and the like are avoided.

Further, in an embodiment, after the receiving the first message frame sent by the first terminal, in a case where the first message frame is the first DSA frame, the method further includes:

Specifically, the second information includes at least one of: MAC address information, application identification, identity, internal identifier of the local information store of the dedicated management entity DME.

For example, the first association relationship between the first information and the security mode used for unicast communication may be as shown in table 5 or 6, which is not described herein.

In a specific embodiment, the second mode includes at least one of:

1 st:

Illustratively, the first target field for the first DSM includes: a Reserved field (Reserved) or an extended field (Extension), and the security mode related information indicated by the field should correspond to the security mode in the primitive dsm.request; it should be noted that a parameter Security mode (Security mode) is added to the primitive dsm.request to indicate the Security mode adopted by the current communication.

2 nd:

3 rd:

4 th:

in the case that the first message frame is the first DSM or the second DSA frame, the second means includes: the second association relationship.

Further, in an embodiment, the method further includes:

the third mode includes at least one of:

It should be noted that the second target field of the DSA response frame is a Reserved field (Reserved) or a Header Extension field (Header Extension); the MAC address corresponding to the DSA response frame may include: the source MAC address of the second terminal or the destination MAC address of the second terminal, and the different security modes correspond to different MAC addresses or address ranges; when the DSA response frame adopts different MAC addresses, the MAC address value at least should be selected in [65537,16777215], and the interval is divided into N subintervals according to the number N of the security modes, and the subintervals are respectively associated with the corresponding security modes; the first AID in the DSA response frame is used for identifying the service application type, and different first AIDs correspond to different security modes;

The second destination field of the second DSM is a Reserved field (Reserved) or an Extension field (Extension); the MAC address corresponding to the second DSM may include: the source MAC address of the second terminal or the destination MAC address of the second terminal, and the different security modes correspond to different MAC addresses or address ranges; when the second DSM adopts different MAC addresses, the MAC address value at least should be selected in [65537,16777215], and the interval is divided into N subintervals according to the number N of the security modes, wherein the subintervals are respectively associated with the corresponding security modes; the second AID in the second DSM is used to identify the data portion as a DSA, and a different second AID corresponds to a different security mode.

The unicast flow of the present application is described below in conjunction with specific embodiments.

Example 1

Taking the first terminal as an RSU and the second terminal as an OBU as an example, the unicast communication flow may include the following steps:

step 11, in the link establishment process, a first terminal sends a first DSA frame and indicates a security mode used by the first DSA frame through a first target field in the first DSA frame;

step 12, in the link establishment process, the second terminal receives a first DSA frame, and determines a security mode used by the first DSA frame according to a first target field for indicating the security mode included in the first DSA frame;

Step 13, the second terminal generates a second association relation between the second information and a security mode used by unicast communication; the second information is related information of unicast communication between the second terminal and the first terminal;

step 14, in the link establishment process, the second terminal sends a DSA response frame to the first terminal, and indicates the used security mode through a second target field in the DSA response frame;

step 15, in the link establishment process, the first terminal receives the DSA response frame, and determines the security mode used by the DSA response frame according to the second target field in the DSA response frame;

step 16, the first terminal generates a first association relation between the first information and a security mode used by unicast communication; the first information is related information of unicast communication between the second terminal and the first terminal;

step 17, in the process of carrying out data interaction between the first terminal and the second terminal, the first terminal receives a second DSM sent by the second terminal, and determines a security mode used by the second DSM according to a first association relation stored by the first terminal;

step 18, in the process of data interaction between the first terminal and the second terminal, the second terminal receives the first DSM sent by the first terminal and determines a security mode used by the first DSM according to a second association relationship stored by the second terminal;

Step 19, in the link release process, the first terminal sends a second DSA frame to the second terminal;

step 20, the second terminal receives the second DSA frame and determines a security mode used by the second DSA frame according to a second association relation stored by the second terminal;

step 21, the second terminal completes the reception of the link release message (second DSA frame) and releases the unicast link.

Example 2

step 20, the second terminal receives the second DSA frame and determines a security mode used by the second DSA frame according to a target field in the second DSA frame;

Example 3

step 11, in the link establishment process, a first terminal sends a first DSA frame, and a predefined mapping relation is formed between a Media Access Control (MAC) address corresponding to the first DSA frame and the security mode; or, the application identifier AID corresponding to the first DSA frame has a predefined mapping relation with the security mode, and indicates the security mode used by the first DSA frame;

step 12, in the link establishment process, the second terminal receives a first DSA frame, and a predefined mapping relation exists between the Media Access Control (MAC) address corresponding to the first DSA frame and the security mode; or, the application identifier AID corresponding to the first DSA frame has a predefined mapping relation with the security mode, and the security mode used by the first DSA frame is determined;

step 13, in the link establishment process, the second terminal sends a DSA response frame to the first terminal, and a predefined mapping relation is formed between the media access control MAC address corresponding to the DSA response frame and the security mode; or, the application identifier AID corresponding to the DSA response frame has a predefined mapping relation with the security mode, and indicates the security mode used;

Step 14, in the link establishment process, the first terminal receives a DSA response frame, and a predefined mapping relation exists between the media access control MAC address corresponding to the DSA response frame and the security mode; or, the application identifier AID corresponding to the DSA response frame has a predefined mapping relation with the security mode, and the security mode used by the DSA response frame is determined;

step 15, in the process of data interaction between the first terminal and the second terminal, the first terminal receives a second DSM sent by the second terminal, and has a predefined mapping relation between the media access control MAC address corresponding to the second DSM and the security mode; or, the application identifier AID corresponding to the frame corresponding to the second DSM has a predefined mapping relation with the security mode, and the security mode used by the second DSM is determined;

step 16, in the process of data interaction between the first terminal and the second terminal, the second terminal receives a first DSM sent by the first terminal, and has a predefined mapping relation between a media access control MAC address corresponding to the first DSM and the security mode; or, the application identifier AID corresponding to the frame corresponding to the first DSM has a predefined mapping relation with the security mode, and the security mode used by the first DSM is determined;

Step 17, in the link release process, the first terminal sends a second DSA frame to the second terminal;

step 18, the second terminal receives the second DSA frame, and has a predefined mapping relation between the media access control MAC address corresponding to the second DSA frame and the security mode; or, the application identifier AID corresponding to the second DSA frame has a predefined mapping relation with the security mode, and the security mode used by the second DSA frame is determined;

step 19, the second terminal completes the reception of the link release message (second DSA frame) and releases the unicast link.

Example 4

step 13, in the link establishment process, the second terminal sends a DSA response frame to the first terminal, and indicates the used security mode through a second target field in the DSA response frame;

Step 14, in the link establishment process, the first terminal receives the DSA response frame, and determines the security mode used by the DSA response frame according to the second target field in the DSA response frame;

step 15, in the process of carrying out data interaction between the first terminal and the second terminal, the first terminal sends a first DSM to the second terminal, and indicates a security mode used by the first DSM according to a target field in the first DSM; the second terminal sends a second DSM to the first terminal, and indicates a security mode used by the second DSM according to a target field in the second DSM;

step 16, in the process of carrying out data interaction between the first terminal and the second terminal, the first terminal receives a second DSM sent by the second terminal, and determines a security mode used by the second DSM according to a second field in the second DSM; the second terminal receives a first DSM sent by the first terminal, and determines a security mode used by the first DSM according to a target field in the first DSM;

step 17, in the link release process, the first terminal sends a second DSA frame to the second terminal, and indicates the security mode used by the second DSA frame through the target field in the second DSA frame;

step 18, the second terminal receives the second DSA frame and determines the security mode used by the second DSA frame according to the target field in the second DSA frame;

The foregoing is merely illustrative, and the indication mode and the confirmation mode of the security mode in specific different communication processes may be selected according to actual needs, and are not limited to the foregoing examples. And the number of times of interaction of the DSM between the first terminal and the second terminal in the data interaction process is not limited, i.e., the first DSM and the second DSM are only for illustrating one DSM data interaction.

In the scheme, the problems of complexity, easiness in misjudgment and the like caused by implicitly judging the security mode through the message are avoided by establishing a displayed security mode indication method at a network layer or maintaining information such as the security mode adopted by unicast pairs at a message layer.

Third embodiment

As shown in fig. 7, an embodiment of the present invention provides a unicast communication device 700 of internet of vehicles, which is applied to a first terminal, the device 700 includes:

a first sending module 701, configured to send a first message frame, and instruct, by a first manner, a security mode used by the first message frame;

Optionally, the first mode includes at least one of the following:

Optionally, the first message frame is the first DSA frame, and after the sending the first message frame, the apparatus 700 further includes:

the response receiving module is used for receiving the DSA response frame sent by the second terminal; wherein the DSA response frame is fed back according to the first DSA frame;

a first determining module configured to determine a security mode used by the DSA response frame according to at least one of:

Optionally, the apparatus further includes:

the first processing module is used for generating a first association relation between the first information and a security mode used for unicast communication by the first terminal; the first information is related information of unicast communication between the first terminal and the second terminal;

the second determining module is used for determining a security mode used in the target communication process according to the first association relation; wherein the target communication process includes at least one of: a data interaction procedure and a unicast communication link release procedure.

Optionally, the second determining module includes:

a receiving unit, configured to receive a second DSM sent by the second terminal;

and the determining unit is used for determining the security mode used by the second DSM according to the first association relation.

Optionally, the method further comprises:

the second receiving module is used for receiving a second DSM sent by the second terminal;

a third determination module for determining a security mode used by the second DSM according to one of:

Optionally, the first information includes at least one of: MAC address information, application identification, identity, internal identifier of the local information store of the dedicated management entity DME.

The apparatus 700 corresponds to the method of the first embodiment, and all implementation means in the first embodiment are applicable to the embodiment of the apparatus 700, so that the same technical effects can be achieved.

Fourth embodiment

As shown in fig. 8, a unicast communication device 800 of internet of vehicles according to an embodiment of the present invention is applied to a second terminal, where the device 800 includes:

a first receiving module 801, configured to receive a first message frame sent by a first terminal; wherein the first message frame includes at least one of: a first DSA frame for unicast link establishment, a first DSM for unicast traffic data transmission, and a second DSA frame for unicast link release;

And a fourth determining module, configured to determine, according to the second manner, a security mode used by the first message frame.

Optionally, in the case that the first message frame is the first DSA frame, the apparatus further includes:

the second processing module is used for generating a second association relation between second information and a security mode used for unicast communication by the second terminal; the second information is related information of unicast communication between the second terminal and the first terminal.

Optionally, the second mode includes at least one of:

Optionally, the apparatus 800 further includes:

the second sending module is used for sending a second message frame to the first terminal and indicating a security mode used by the second message frame through a third mode; wherein the second message frame comprises: a DSA response frame or a second DSM; and the DSA response frame is according to the first DSA feedback;

the third mode includes at least one of:

The apparatus 800 corresponds to the method in the second embodiment, and all implementation means in the method embodiment are applicable to the embodiment of the apparatus 800, so that the same technical effects can be achieved.

Fifth embodiment

In order to better achieve the above object, as shown in fig. 9, a fifth embodiment of the present invention further provides a terminal, including:

a processor 900; and a memory 920 connected to the processor 900 through a bus interface, the memory 920 storing programs and data used by the processor 900 when performing operations, the processor 900 calling and executing the programs and data stored in the memory 920.

Wherein the transceiver 910 is coupled to a bus interface for receiving and transmitting data under the control of the processor 900; the processor 900 is used to read the program in the memory 920.

Specifically, the transceiver 910 is configured to send a first message frame and instruct, in a first manner, a security mode used by the first message frame;

Wherein in fig. 9, a bus architecture may comprise any number of interconnected buses and bridges, and in particular one or more processors represented by processor 900 and various circuits of memory represented by memory 920, linked together. The bus architecture may also link together various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are well known in the art and, therefore, will not be described further herein. The bus interface provides an interface. The transceiver 910 may be a number of elements, including a transmitter and a transceiver, providing a means for communicating with various other apparatus over a transmission medium. The user interface 930 may also be an interface capable of interfacing with an inscribed desired device for a different terminal, including but not limited to a keypad, display, speaker, microphone, joystick, etc. The processor 900 is responsible for managing the bus architecture and general processing, and the memory 920 may store data used by the processor 900 in performing operations.

Optionally, the first mode includes at least one of the following:

Optionally, the first message frame is the first DSA frame, and after the first message frame is sent, the transceiver 910 is further configured to receive a DSA response frame sent by the second terminal; wherein the DSA response frame is fed back according to the first DSA frame;

the processor 900 is configured to determine a security mode for use by the DSA response frame according to at least one of:

Optionally, after the DSA response frame sent by the second terminal is received, the processor 900 is configured to generate a first association relationship between the first information and a security mode used for unicast communication by the first terminal; the first information is related information of unicast communication between the first terminal and the second terminal;

Optionally, the processor 900 is configured to: receiving a second DSM sent by the second terminal; and determining a security mode used by the second DSM according to the first association relation.

Optionally, the transceiver 910 is further configured to receive a second DSM transmitted by a second terminal;

the processor 900 is configured to determine the security mode used by the second DSM according to one of the following ways:

The terminal provided by the invention indicates the safety mode used by the first message frame through a first mode by sending the first message frame; wherein the first message frame includes at least one of: a first dedicated traffic advertisement DSA frame for unicast link establishment, a first dedicated short message DSM for unicast traffic data transmission, and a second DSA frame for unicast link release. The scheme can simplify the processing complexity of identifying the security mode and reduce the interaction processing time by indicating the security mode used by the first message frame. The problems of complexity caused by implicit judgment of the security mode through the message, easy misjudgment and the like are avoided.

Those skilled in the art will appreciate that all or part of the steps of implementing the above-described embodiments may be implemented by hardware, or may be implemented by instructing the relevant hardware by a computer program comprising instructions for performing some or all of the steps of the above-described methods; and the computer program may be stored in a readable storage medium, which may be any form of storage medium.

Sixth embodiment

In order to better achieve the above object, as shown in fig. 10, a sixth embodiment of the present invention further provides a terminal, including:

a processor 1000; and a memory 1020 connected to the processor 1000 through a bus interface, the memory 1020 storing programs and data used by the processor 1000 in performing operations, the processor 1000 calling and executing the programs and data stored in the memory 1020.

Wherein the transceiver 1010 is coupled to the bus interface for receiving and transmitting data under the control of the processor 1000; the processor 1000 is configured to read a program in the memory 1020.

Specifically, the transceiver 1010 is configured to receive a first message frame sent by a first terminal; wherein the first message frame includes at least one of: a first DSA frame for unicast link establishment, a first DSM for unicast traffic data transmission, and a second DSA frame for unicast link release;

the processor 1000 is configured to determine a security mode to be used by the first message frame according to a second mode.

Wherein in fig. 10, a bus architecture may comprise any number of interconnected buses and bridges, and in particular one or more processors represented by the processor 1000 and various circuits of the memory, represented by the memory 1020, are chained together. The bus architecture may also link together various other circuits such as peripheral devices, voltage regulators, power management circuits, etc., which are well known in the art and, therefore, will not be described further herein. The bus interface provides an interface. The transceiver 1010 may be a number of elements, including a transmitter and a transceiver, providing a means for communicating with various other apparatus over a transmission medium. The user interface 1030 may also be an interface capable of interfacing with an internal connection requiring device including, but not limited to, a keypad, display, speaker, microphone, joystick, etc., for different terminals. The processor 1000 is responsible for managing the bus architecture and general processing, and the memory 1020 may store data used by the processor 1000 in performing operations.

Optionally, in the case that the first message frame is the first DSA frame, after the receiving the first message frame sent by the first terminal, the processor 1000 is further configured to:

Optionally, the second mode includes at least one of:

Optionally, the processor 1000 is further configured to: sending a second message frame to the first terminal, and indicating a security mode used by the second message frame through a third mode; wherein the second message frame comprises: a DSA response frame or a second DSM; and the DSA response frame is according to the first DSA feedback;

The third mode includes at least one of:

The terminal provided by the invention receives the first message frame and confirms the safety mode used by the first message frame in a second mode so as to carry out safety communication in a subsequent process. The scheme can simplify the processing complexity of identifying the security mode and reduce the interaction processing time by indicating the security mode used by the first message frame. The problems of complexity caused by implicit judgment of the security mode through the message, easy misjudgment and the like are avoided.

In addition, a specific embodiment of the present invention also provides a computer readable storage medium, on which a computer program is stored, which when executed by a processor, implements the steps of the method in the first embodiment or the second embodiment described above. And the same technical effects can be achieved, and in order to avoid repetition, the description is omitted here.

Furthermore, it should be noted that in the apparatus and method of the present invention, it is apparent that the components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered as equivalent aspects of the present invention. Also, the steps of performing the series of processes described above may naturally be performed in chronological order in the order of description, but are not necessarily performed in chronological order, and some steps may be performed in parallel or independently of each other. It will be appreciated by those of ordinary skill in the art that all or any of the steps or components of the methods and apparatus of the present invention may be implemented in hardware, firmware, software, or a combination thereof in any computing device (including processors, storage media, etc.) or network of computing devices, as would be apparent to one of ordinary skill in the art after reading this description of the invention.

The object of the invention can thus also be achieved by running a program or a set of programs on any computing device. The computing device may be a well-known general purpose device. The object of the invention can thus also be achieved by merely providing a program product containing program code for implementing said method or apparatus. That is, such a program product also constitutes the present invention, and a storage medium storing such a program product also constitutes the present invention. It is apparent that the storage medium may be any known storage medium or any storage medium developed in the future. It should also be noted that in the apparatus and method of the present invention, it is apparent that the components or steps may be disassembled and/or assembled. Such decomposition and/or recombination should be considered as equivalent aspects of the present invention. The steps of executing the series of processes may naturally be executed in chronological order in the order described, but are not necessarily executed in chronological order. Some steps may be performed in parallel or independently of each other.

While the foregoing is directed to the preferred embodiments of the present invention, it will be appreciated by those skilled in the art that various modifications and adaptations can be made without departing from the principles of the present invention, and such modifications and adaptations are intended to be comprehended within the scope of the present invention.

Claims

1. A unicast communication method for internet of vehicles, which is applied to a first terminal, the method comprising:

2. The internet of vehicles unicast communication method according to claim 1, wherein said first mode comprises at least one of:

3. The method of unicast communication according to claim 1, wherein said first message frame is said first DSA frame, and said method further comprises, after said sending said first message frame:

4. The method for unicast communication according to claim 3, wherein after said receiving the DSA response frame sent by the second terminal, the method further comprises:

5. The method for unicast communication of internet of vehicles according to claim 4, wherein said determining a security mode used by a target communication process according to said first association relation comprises:

receiving a second DSM sent by the second terminal;

6. The internet of vehicles unicast communication method according to claim 1, further comprising:

receiving a second DSM sent by a second terminal;

determining a security mode used by the second DSM according to one of:

7. The internet of vehicles unicast communication method according to claim 4, wherein said first information comprises at least one of: MAC address information, application identification, identity, internal identifier of the local information store of the dedicated management entity DME.

8. A unicast communication method for internet of vehicles, which is applied to a second terminal, the method comprising:

9. The method for unicast communication according to claim 8, wherein in the case where said first message frame is said first DSA frame, said receiving said first message frame sent by said first terminal is followed by said receiving said first message frame, said method further comprising:

10. The internet of vehicles unicast communication method according to claim 8, wherein said second mode comprises at least one of:

11. The method of claim 9, wherein in the case where the first message frame is the first DSM or a second DSA frame, the second mode includes: the second association relationship.

12. The internet of vehicles unicast communication method according to claim 9, wherein said second information comprises at least one of: MAC address information, application identification, identity, internal identifier of the local information store of the dedicated management entity DME.

13. The internet of vehicles unicast communication method according to claim 8, further comprising:

the third mode includes at least one of:

14. A terminal, comprising: transceiver, memory, processor and computer program stored on the memory and executable on the processor, characterized in that the processor when executing the computer program implements the steps of the method of unicast communication of the internet of vehicles according to any one of claims 1 to 7 or the steps of the method of unicast communication of the internet of vehicles according to any one of claims 8 to 13.

15. A unicast communication device for internet of vehicles, applied to a first terminal, the device comprising:

16. A unicast communication device for internet of vehicles, applied to a second terminal, the device comprising:

17. A computer-readable storage medium, on which a computer program is stored, characterized in that the computer program, when being executed by a processor, implements the steps of the unicast communication method of the internet of vehicles according to any one of claims 1 to 7, or the steps of the unicast communication method of the internet of vehicles according to any one of claims 8 to 13.