CN116017440B - Key acquisition method, device, equipment and storage medium - Google Patents
Key acquisition method, device, equipment and storage medium Download PDFInfo
- Publication number
- CN116017440B CN116017440B CN202310301866.5A CN202310301866A CN116017440B CN 116017440 B CN116017440 B CN 116017440B CN 202310301866 A CN202310301866 A CN 202310301866A CN 116017440 B CN116017440 B CN 116017440B
- Authority
- CN
- China
- Prior art keywords
- key
- target
- train
- current time
- library
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 58
- 238000013523 data management Methods 0.000 claims abstract description 48
- 238000012216 screening Methods 0.000 claims abstract description 34
- 238000004590 computer program Methods 0.000 claims description 16
- 238000012423 maintenance Methods 0.000 abstract description 5
- 238000004891 communication Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 7
- 238000012545 processing Methods 0.000 description 6
- 238000007726 management method Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 230000003137 locomotive effect Effects 0.000 description 3
- 230000003287 optical effect Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000013473 artificial intelligence Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000012217 deletion Methods 0.000 description 1
- 230000037430 deletion Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 239000011521 glass Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000001953 sensory effect Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000000007 visual effect Effects 0.000 description 1
Images
Landscapes
- Train Traffic Observation, Control, And Security (AREA)
Abstract
The invention discloses a key acquisition method, a device, equipment and a storage medium. The method comprises the following steps: when the target train is successfully connected with the station data management server, acquiring the current time; screening at least two key libraries according to the current time and the target time interval to obtain a target key library; according to the technical scheme of the invention, the problem that if the ground equipment or the train is expanded, the whole road vehicle ground equipment is required to be subjected to key upgrading, and the operation efficiency is greatly influenced is solved, the problems that the vehicle equipment is fixed in key and cannot be updated on line are solved, the cost for acquiring the key can be reduced, and the maintenance workload is small.
Description
Technical Field
The embodiment of the invention relates to the technical field of computers, in particular to a method, a device, equipment and a storage medium for acquiring a secret key.
Background
The key management mode of the prior CTCS-3 train control system is to reserve numbers for all RBC (Radio Block Center, wireless block center) devices of the whole channel through a key center and allocate a group of keys for the combination of each set of RBC and each set of vehicle-mounted device. If an RBC is encountered that is not within the reserved range, the in-vehicle device will not initiate a call, and will not accept the secure connection establishment request even if the RBC is called.
The prior art scheme has the following problems:
1) If the ground equipment or the train expands, the key upgrade is required to be carried out on the ground equipment of the whole train, and the operation efficiency is greatly influenced;
2) The key of the vehicle-mounted equipment is fixed and cannot be updated online.
Disclosure of Invention
The embodiment of the invention provides a key acquisition method, a device, equipment and a storage medium, which can reduce the cost of acquiring a key and have small maintenance workload.
According to an aspect of the present invention, there is provided a key acquisition method including:
when the target train is successfully connected with the station data management server, acquiring the current time;
screening at least two key libraries according to the current time and the target time interval to obtain a target key library;
and determining a target key according to the target key library, and sending the target key to the target train.
Further, after determining a target key according to the target key library and sending the target key to the target train, the method further comprises:
acquiring the train number of the target train;
and correspondingly storing the train number of the target train and the target key to a target key library.
Further, the method further comprises the following steps:
and deleting the target key in the target key library and the train number of the target train after the target train is disconnected with the station data management server.
Further, the method further comprises the following steps:
when the train number does not exist in the target key bank, sending a key bank updating request to a central key dynamic generation server;
and receiving a key set dynamically sent by the central key, and updating the target key library according to the key set.
Further, before screening the at least two key stores according to the current time and the target time interval to obtain the target key store, the method further includes:
acquiring an operation plan of each train pair in the train pair set in the jurisdiction and a train operation log in the train pair set by communicating with the CTC central server;
and determining a target time interval according to the operation plan of each train pair in the train pair set and the train operation logarithm in the train pair set.
Further, screening the at least two key stores according to the current time and the target time interval to obtain a target key store, including:
determining the time periods corresponding to the at least two key stores according to the target time interval;
and screening the at least two key stores according to the current time and the time period corresponding to the at least two key stores to obtain a target key store.
Further, screening the at least two key stores according to the current time and the time period corresponding to the at least two key stores to obtain a target key store, including:
if the time period to which the current time belongs is a first time period, determining the first key bank as a target key bank, wherein the first key bank corresponds to the first time period;
and if the time period to which the current time belongs is a second time period, determining the second key store as a target key store, wherein the second key store corresponds to the second time period.
According to another aspect of the present invention, there is provided a key acquisition apparatus including:
the acquisition module is used for acquiring the current time when the target train is successfully connected with the station data management server;
the screening module is used for screening at least two key libraries according to the current time and the target time interval to obtain a target key library;
and the sending module is used for determining a target key according to the target key library and sending the target key to the target train.
According to another aspect of the present invention, there is provided an electronic apparatus including:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the key acquisition method according to any one of the embodiments of the present invention.
According to another aspect of the present invention, there is provided a computer readable storage medium storing computer instructions for causing a processor to execute a key acquisition method according to any one of the embodiments of the present invention.
In the embodiment of the invention, when the target train is successfully connected with the station data management server, the current time is acquired; screening the at least two key libraries according to the current time and the target time interval to obtain a target key library; the target key is determined according to the target key library, and the target key is sent to the target train, so that the problem that if the ground equipment or the train is expanded, the whole-path vehicle-mounted ground equipment is required to be subjected to key upgrading, the operation efficiency is greatly influenced is solved, the problem that the vehicle-mounted equipment key is fixed and cannot be updated on line is solved, the cost for acquiring the key can be reduced, and the maintenance workload is small.
It should be understood that the description in this section is not intended to identify key or critical features of the embodiments of the invention or to delineate the scope of the invention. Other features of the present invention will become apparent from the description that follows.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the embodiments will be briefly described below, it being understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and other related drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
FIG. 1 is a flow chart of a key acquisition method in an embodiment of the invention;
FIG. 2 is a schematic diagram of key updating in an embodiment of the invention;
FIG. 3 is a schematic diagram of key de-registration in an embodiment of the invention;
fig. 4 is a schematic diagram of a key acquisition apparatus in an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device in an embodiment of the present invention.
Detailed Description
In order that those skilled in the art will better understand the present invention, a technical solution in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in which it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the present invention without making any inventive effort, shall fall within the scope of the present invention.
It should be noted that the terms "first," "second," and the like in the description and the claims of the present invention and the above figures are used for distinguishing between similar objects and not necessarily for describing a particular sequential or chronological order. It is to be understood that the data so used may be interchanged where appropriate such that the embodiments of the invention described herein may be implemented in sequences other than those illustrated or otherwise described herein. Furthermore, the terms "comprises," "comprising," and "having," and any variations thereof, are intended to cover a non-exclusive inclusion, such that a process, method, system, article, or apparatus that comprises a list of steps or elements is not necessarily limited to those steps or elements expressly listed but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus.
It will be appreciated that prior to using the technical solutions disclosed in the embodiments of the present disclosure, the user should be informed and authorized of the type, usage range, usage scenario, etc. of the personal information related to the present disclosure in an appropriate manner according to the relevant legal regulations.
Example 1
Fig. 1 is a flowchart of a key obtaining method provided by an embodiment of the present invention, where the embodiment is applicable to a case of obtaining a key, the method may be performed by a key device in the embodiment of the present invention, and the device may be implemented in a software and/or hardware manner, as shown in fig. 1, and the method specifically includes the following steps:
s110, when the target train is successfully connected with the station data management server, acquiring the current time.
The current time is a time stamp corresponding to successful connection of the target train and the station data management server. I.e., the timestamp corresponding to the arrival of the target train.
Specifically, the vehicle-mounted equipment on the target train sends a connection request to the station data management server through the transponder, after the station data management server receives the connection request sent by the vehicle-mounted equipment on the target train, the station data management server establishes connection with the vehicle-mounted equipment on the target train according to the connection request, and when the vehicle-mounted equipment on the target train is successfully connected with the station data management server, the current time is acquired.
And S120, screening the at least two key libraries according to the current time and the target time interval to obtain a target key library.
The determining manner of the target time interval may be: acquiring an operation plan and a line train operation log of each train pair in a train pair set in a jurisdiction through communication with a CTC central server; and determining a target time interval according to the operation plan of each train pair in the train pair set. The determining manner of the target time interval may further be: the central key dynamic generation server is communicated with the CTC, calculates a train operation plan and a train operation log in a managed line to obtain a target time interval, and sends the target time interval to the station data management server, and the data management server receives the target time interval.
Optionally, before screening the at least two key stores according to the current time and the target time interval to obtain the target key store, the method further includes:
acquiring an operation plan of each train pair in the train pair set in the jurisdiction and a train operation log in the train pair set by communicating with the CTC central server;
and determining a target time interval according to the operation plan of each train pair in the train pair set and the train operation logarithm in the train pair set.
Wherein the operation plan includes: departure time of the train, time of passing each station, arrival time of the train, and the like. And the train operation logarithm is the train operation logarithm in the jurisdiction of the central key dynamic generation server.
When the target time interval satisfies that no train number exists in at least one key bank, at least one key bank is used for performing key distribution, for example, if two key banks exist, the target time interval is X hours, the first key bank performs key distribution within X hours, the second key bank performs key distribution after X hours, no train number exists in the first key bank within x+n hours, and x+n is less than 2X, that is, when the first key bank is updated, the second key bank is used for distributing keys.
Specifically, the method for determining the target time interval according to the operation plan of each train pair in the train pair set and the train operation logarithm in the train pair set may be: and acquiring a time interval determining model, and inputting the operation plan of each train pair in the train pair set and the train operation logarithm in the train pair set into the time interval determining model to obtain a target time interval. The method for determining the target time interval according to the operation plan of each train pair in the train pair set and the train operation logarithm in the train pair set can also be as follows: and (3) pre-establishing a corresponding relation table of an operation plan and a train operation logarithm and a time interval, and inquiring the corresponding relation table to obtain a target time interval corresponding to the operation plan of each train pair in the train pair set and the train operation logarithm in the train pair set.
In a specific example, the CTC center server is connected to a center key dynamic generation server, which is connected to a data management server of each station. The central key dynamic generation server is responsible for randomly generating keys and managing and updating a key library in a data management server in a management range on line. The CTC central server stores the operation plan and the line train operation logarithm of each train pair. As shown in fig. 2, the central key dynamic generation server transmits a request for acquiring the current operation plan to the CTC central server, and the CTC central server feeds back the current operation plan and the train operation logarithm to the central key dynamic generation server after receiving the request. The central key dynamic generation server determines a target time interval according to the current operation plan and the train operation logarithm, and the data management server of the station 1 comprises: the key database A1 and the key database A2 are used for distributing keys through the key database A1 when the train C5101 is successfully connected with the data management server of the station 1 and sending the keys to the station equipment of the train C5101, distributing the keys through the key database A2 when the train C6101 is successfully connected with the data management server of the station 1 after the time interval is larger than the target time interval, sending the keys to the station equipment of the train C6101, and deleting the keys corresponding to the train C5101 and the train C5101 after the train C5101 is disconnected with the data management server of the station 1. When the train in the key database A1 is emptied, the data management server applies for updating the key library to the central key dynamic generation server, and the central key dynamic generation server issues a new key library.
The current time belongs to a time period corresponding to the target key store. The at least two keystores include a target keystore.
Specifically, the method for screening the at least two key libraries according to the current time and the target time interval to obtain the target key library may be: determining time periods corresponding to at least two key libraries according to the target time interval; and screening the at least two key stores according to the current time and the time period corresponding to the at least two key stores to obtain the target key store.
Specifically, the central key dynamic generation server utilizes the secure data network to distribute key libraries to stations in the management range, each station distributes at least two key libraries, and simultaneously sends out update time periods corresponding to the at least two key libraries. At least two key stores distribute keys to the passing trains according to the updating time periods. For example, the key store may be replaced every X hours. If the train Q is successfully connected with the station data management server, the A1 key bank is used for distributing the keys, and if the train P is successfully connected with the station data management server, the A2 key bank is used for distributing the keys.
S130, determining a target key according to the target key library, and sending the target key to the target train.
Specifically, the method for determining the target key according to the target key library and sending the target key to the target train may be: and determining a target key according to the target key library, sending the target key to a transponder, and sending the received target key to vehicle-mounted equipment on a target train by the transponder.
In a specific example, the vehicle-mounted device on the target train passes through the transponder and then links with the data management server and requests the key from the data server, and after receiving the key, the vehicle-mounted device executes the result and informs the data management server of successful execution. And after the target train leaves the jurisdiction of the data management server, disconnecting the link with the data management server, deleting the executed key and informing the data management server that the deletion is successful.
In the embodiment of the invention, the vehicle-mounted equipment is not paired with the ground equipment any more, after the vehicle-mounted equipment is connected with the ground equipment through the transponder, the ground equipment randomly selects the secret key from at least two secret key libraries and sends the secret key to the vehicle-mounted equipment, and once the vehicle-mounted equipment is fed back successfully, the ground equipment is paired with the vehicle and fixes the secret key, so that the secret key cannot be reassigned to other trains. When the train is logged off at the ground device, the ground device and the vehicle-mounted device are unpaired, and the key is revoked.
It should be noted that, because the number of the common speed trains is far more than that of the high-speed railways, the demand for vehicle capacity expansion is large, and the locomotive is frequently changed as a shunting locomotive or a train locomotive, so that the secret keys cannot be fixed, if a mode of distributing a group of secret keys for each set of RBC and each set of on-board equipment is adopted, frequent updating of the secret key library is required, and the operation efficiency is greatly affected. The station data management server in the embodiment of the invention stores at least two key libraries, can randomly select the keys from the at least two key libraries and send the keys to the inbound train, and has low cost and small maintenance workload.
In the embodiment of the invention, the vehicle-mounted equipment on the train is not fixed to be a single key, and the data management server randomly selects the key from at least two key libraries by using the train number after being linked with the train and sends the key to the vehicle-mounted equipment on the train. The vehicle-mounted equipment and the data management server on the train are not fixed with a single key, so that the system is safer and more reliable.
Optionally, after determining a target key according to the target key store and sending the target key to the target train, the method further includes:
acquiring the train number of the target train;
and correspondingly storing the train number of the target train and the target key to a target key library.
Optionally, the train number of the target train and the target key may be stored in any storage area in the data management server correspondingly, which is not limited in the embodiment of the present invention.
Specifically, the method for obtaining the train number of the target train may be: after receiving the feedback successful receipt information sent by the vehicle-mounted equipment on the target train, the station data management server determines the train number of the target train according to the successful receipt information, pairs the target train, fixes the target key, and cannot reassign the target key to other trains, and correspondingly stores the train number of the target train and the target key to the target key library.
By storing the train number of the target train and the target key to the target key store, repeated distribution of keys can be prevented, and the state of each key in the key store can be recorded more accurately. When the key in use is not stored in the key store, the key is updated, so that the condition that the operation efficiency is influenced is prevented.
Optionally, the method further comprises:
and deleting the target key in the target key library and the train number of the target train after the target train is disconnected with the station data management server.
After the target train is disconnected from the station data management server, the target train is unpaired with the target train, the target key is revoked (the target key is not bound to any train any more), and the target key in the target key library and the train number of the target train are deleted.
In a specific example, as shown in fig. 3, when the train C5101 is successfully connected to the station data management server, the key X is determined by the key database A1, the train C5101 and the key X are correspondingly stored in the key database A1, and after the train C5101 is disconnected from the station data management server, the train C5101 and the key X in the key database A1 are deleted.
After the target train is disconnected with the station data management server, the target key in the target key library and the train number of the target train are deleted, so that the situation of repeated use of the key can be prevented, and the update time can be acquired more conveniently by deleting the target key in the target key library and the train number of the target train.
Optionally, the method further comprises:
when the train number does not exist in the target key bank, sending a key bank updating request to a central key dynamic generation server;
and receiving a key set dynamically sent by the central key, and updating the target key library according to the key set.
The number of the keys in the key set may be preset or determined according to an operation plan, which is not limited in the embodiment of the present invention.
Specifically, after the data management server is linked with the train, the data management server randomly selects a key from at least two key libraries according to the current time and the target time interval by using the train number, and sends the key to the vehicle-mounted equipment, and meanwhile, the train number and the key are bound, and the key cannot be bound with other trains any more. After the train is logged off by the data management server, the key is no longer bound to any train. After the train in any database in the data management server is emptied, the central key dynamic generation server is applied for updating the key library, and the central key dynamic generation server issues a new key library.
In a specific example, after the train in the A1 keystore is emptied, the keystore update is applied to a central key dynamic generation server, and the central key dynamic generation server generates 100 key updates A1 keystores online. The key library is updated online, so that the method and the device have no influence on field operation.
Optionally, screening the at least two key stores according to the current time and the target time interval to obtain a target key store, including:
determining the time periods corresponding to the at least two key stores according to the target time interval;
and screening the at least two key stores according to the current time and the time period corresponding to the at least two key stores to obtain a target key store.
Specifically, the determining the time periods corresponding to the at least two key stores according to the target time interval may be: and acquiring time periods corresponding to the at least two key stores according to the priorities corresponding to the at least two key stores and the target time interval.
Specifically, the method for screening the at least two key stores according to the current time and the time period corresponding to the at least two key stores to obtain the target key store may be: and sequentially judging whether the current time belongs to the time periods corresponding to the at least two key stores, and if the current time belongs to the time period corresponding to the first key store, determining the first key store as a target key store.
Optionally, screening the at least two key stores according to the current time and the time period corresponding to the at least two key stores to obtain a target key store, including:
if the time period to which the current time belongs is a first time period, determining the first key bank as a target key bank, wherein the first key bank corresponds to the first time period;
and if the time period to which the current time belongs is a second time period, determining the second key store as a target key store, wherein the second key store corresponds to the second time period.
Specifically, if the data management server includes two key stores: a first keystore and a second keystore. And determining the time period corresponding to the first key store as a first time period according to the target time interval, determining the time period corresponding to the second key store as a second time period, if the time period to which the current time belongs is the first time period, determining the first key store as the target key store, and if the time period to which the current time belongs is the second time period, determining the second key store as the target key store.
According to the technical scheme, when the target train is successfully connected with the station data management server, the current time is acquired; screening the at least two key libraries according to the current time and the target time interval to obtain a target key library; the target key is determined according to the target key library, and the target key is sent to the target train, so that the problem that if the ground equipment or the train is expanded, the whole-path vehicle-mounted ground equipment is required to be subjected to key upgrading, the operation efficiency is greatly influenced is solved, the problem that the vehicle-mounted equipment key is fixed and cannot be updated on line is solved, the cost for acquiring the key can be reduced, and the maintenance workload is small.
Example two
Fig. 4 is a schematic structural diagram of a key obtaining device according to an embodiment of the present invention. The present embodiment may be applicable to the case of key acquisition, where the apparatus may be implemented in software and/or hardware, and the apparatus may be integrated in any device that provides a key acquisition function, as shown in fig. 4, where the key acquisition apparatus specifically includes: a time acquisition module 210, a screening module 220, and a key transmission module 230.
The time acquisition module is used for acquiring the current time when the target train is successfully connected with the station data management server;
the screening module is used for screening at least two key libraries according to the current time and the target time interval to obtain a target key library;
and the key sending module is used for determining a target key according to the target key library and sending the target key to the target train.
Optionally, the method further comprises:
the train number acquisition module is used for acquiring the train number of the target train after determining a target key according to the target key library and sending the target key to the target train;
and the storage module is used for correspondingly storing the train number of the target train and the target key to a target key library.
Optionally, the method further comprises:
and the deleting module is used for deleting the target key in the target key library and the train number of the target train after the target train is disconnected with the station data management server.
Optionally, the method further comprises:
the request sending module is used for sending a key library updating request to the center key dynamic generation server when the train number does not exist in the target key library;
and the receiving module is used for receiving the key set dynamically sent by the central key and updating the target key library according to the key set.
Optionally, the method further comprises:
the data acquisition module is used for acquiring the operation plan of each train pair in the train pair set and the train operation logarithm in the train pair set in the jurisdiction through communication with the CTC central server before screening at least two key libraries according to the current time and the target time interval to obtain a target key library;
and the time interval determining module is used for determining a target time interval according to the operation plan of each train pair in the train pair set and the train operation logarithm in the train pair set.
Optionally, the screening module is specifically configured to:
determining the time periods corresponding to the at least two key stores according to the target time interval;
and screening the at least two key stores according to the current time and the time period corresponding to the at least two key stores to obtain a target key store.
Optionally, the screening module is specifically configured to:
if the time period to which the current time belongs is a first time period, determining the first key bank as a target key bank, wherein the first key bank corresponds to the first time period;
and if the time period to which the current time belongs is a second time period, determining the second key store as a target key store, wherein the second key store corresponds to the second time period.
The product can execute the method provided by any embodiment of the invention, and has the corresponding functional modules and beneficial effects of the execution method.
Example III
Fig. 5 shows a schematic diagram of the structure of an electronic device 10 that may be used to implement an embodiment of the invention. Electronic devices are intended to represent various forms of digital computers, such as laptops, desktops, workstations, personal digital assistants, servers, blade servers, mainframes, and other appropriate computers. Electronic equipment may also represent various forms of mobile devices, such as personal digital processing, cellular telephones, smartphones, wearable devices (e.g., helmets, glasses, watches, etc.), and other similar computing devices. The components shown herein, their connections and relationships, and their functions, are meant to be exemplary only, and are not meant to limit implementations of the inventions described and/or claimed herein.
As shown in fig. 5, the electronic device 10 includes at least one processor 11, and a memory, such as a Read Only Memory (ROM) 12, a Random Access Memory (RAM) 13, etc., communicatively connected to the at least one processor 11, in which the memory stores a computer program executable by the at least one processor, and the processor 11 may perform various appropriate actions and processes according to the computer program stored in the Read Only Memory (ROM) 12 or the computer program loaded from the storage unit 18 into the Random Access Memory (RAM) 13. In the RAM 13, various programs and data required for the operation of the electronic device 10 may also be stored. The processor 11, the ROM 12 and the RAM 13 are connected to each other via a bus 14. An input/output (I/O) interface 15 is also connected to bus 14.
Various components in the electronic device 10 are connected to the I/O interface 15, including: an input unit 16 such as a keyboard, a mouse, etc.; an output unit 17 such as various types of displays, speakers, and the like; a storage unit 18 such as a magnetic disk, an optical disk, or the like; and a communication unit 19 such as a network card, modem, wireless communication transceiver, etc. The communication unit 19 allows the electronic device 10 to exchange information/data with other devices via a computer network, such as the internet, and/or various telecommunication networks.
The processor 11 may be a variety of general and/or special purpose processing components having processing and computing capabilities. Some examples of processor 11 include, but are not limited to, a Central Processing Unit (CPU), a Graphics Processing Unit (GPU), various specialized Artificial Intelligence (AI) computing chips, various processors running machine learning model algorithms, digital Signal Processors (DSPs), and any suitable processor, controller, microcontroller, etc. The processor 11 performs the respective methods and processes described above, such as a key acquisition method.
In some embodiments, the key acquisition method may be implemented as a computer program tangibly embodied on a computer-readable storage medium, such as the storage unit 18. In some embodiments, part or all of the computer program may be loaded and/or installed onto the electronic device 10 via the ROM 12 and/or the communication unit 19. When the computer program is loaded into RAM 13 and executed by processor 11, one or more steps of the key acquisition method described above may be performed. Alternatively, in other embodiments, the processor 11 may be configured to perform the key acquisition method in any other suitable way (e.g. by means of firmware).
Various implementations of the systems and techniques described here above may be implemented in digital electronic circuitry, integrated circuit systems, field Programmable Gate Arrays (FPGAs), application Specific Integrated Circuits (ASICs), application Specific Standard Products (ASSPs), systems On Chip (SOCs), load programmable logic devices (CPLDs), computer hardware, firmware, software, and/or combinations thereof. These various embodiments may include: implemented in one or more computer programs, the one or more computer programs may be executed and/or interpreted on a programmable system including at least one programmable processor, which may be a special purpose or general-purpose programmable processor, that may receive data and instructions from, and transmit data and instructions to, a storage system, at least one input device, and at least one output device.
A computer program for carrying out methods of the present invention may be written in any combination of one or more programming languages. These computer programs may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus, such that the computer programs, when executed by the processor, cause the functions/acts specified in the flowchart and/or block diagram block or blocks to be implemented. The computer program may execute entirely on the machine, partly on the machine, as a stand-alone software package, partly on the machine and partly on a remote machine or entirely on the remote machine or server.
In the context of the present invention, a computer-readable storage medium may be a tangible medium that can contain, or store a computer program for use by or in connection with an instruction execution system, apparatus, or device. The computer readable storage medium may include, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. Alternatively, the computer readable storage medium may be a machine readable signal medium. More specific examples of a machine-readable storage medium would include an electrical connection based on one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
To provide for interaction with a user, the systems and techniques described here can be implemented on an electronic device having: a display device (e.g., a CRT (cathode ray tube) or LCD (liquid crystal display) monitor) for displaying information to a user; and a keyboard and a pointing device (e.g., a mouse or a trackball) through which a user can provide input to the electronic device. Other kinds of devices may also be used to provide for interaction with a user; for example, feedback provided to the user may be any form of sensory feedback (e.g., visual feedback, auditory feedback, or tactile feedback); and input from the user may be received in any form, including acoustic input, speech input, or tactile input.
The systems and techniques described here can be implemented in a computing system that includes a background component (e.g., as a data server), or that includes a middleware component (e.g., an application server), or that includes a front-end component (e.g., a user computer having a graphical user interface or a web browser through which a user can interact with an implementation of the systems and techniques described here), or any combination of such background, middleware, or front-end components. The components of the system can be interconnected by any form or medium of digital data communication (e.g., a communication network). Examples of communication networks include: local Area Networks (LANs), wide Area Networks (WANs), blockchain networks, and the internet.
The computing system may include clients and servers. The client and server are typically remote from each other and typically interact through a communication network. The relationship of client and server arises by virtue of computer programs running on the respective computers and having a client-server relationship to each other. The server can be a cloud server, also called a cloud computing server or a cloud host, and is a host product in a cloud computing service system, so that the defects of high management difficulty and weak service expansibility in the traditional physical hosts and VPS service are overcome.
It should be appreciated that various forms of the flows shown above may be used to reorder, add, or delete steps. For example, the steps described in the present invention may be performed in parallel, sequentially, or in a different order, so long as the desired results of the technical solution of the present invention are achieved, and the present invention is not limited herein.
The above embodiments do not limit the scope of the present invention. It will be apparent to those skilled in the art that various modifications, combinations, sub-combinations and alternatives are possible, depending on design requirements and other factors. Any modifications, equivalent substitutions and improvements made within the spirit and principles of the present invention should be included in the scope of the present invention.
Claims (9)
1. A key acquisition method, the method comprising:
when the target train is successfully connected with the station data management server, acquiring the current time;
screening at least two key libraries according to the current time and the target time interval to obtain a target key library;
determining a target key according to the target key library, and sending the target key to the target train;
screening the at least two key stores according to the current time and the target time interval to obtain a target key store, including:
determining the time periods corresponding to the at least two key stores according to the target time interval;
and screening the at least two key stores according to the current time and the time period corresponding to the at least two key stores to obtain a target key store.
2. The method of claim 1, further comprising, after determining a target key from the target keystore and transmitting the target key to the target train:
acquiring the train number of the target train;
and correspondingly storing the train number of the target train and the target key to a target key library.
3. The method as recited in claim 2, further comprising:
and deleting the target key in the target key library and the train number of the target train after the target train is disconnected with the station data management server.
4. The method as recited in claim 1, further comprising:
when the train number of the target train does not exist in the target key library, sending a key library updating request to a central key dynamic generation server;
and receiving a key set sent by the central key dynamic generation server, and updating the target key library according to the key set.
5. The method of claim 1, further comprising, prior to screening at least two keystores based on the current time and a target time interval to obtain a target keystore:
acquiring an operation plan of each train pair in the train pair set in the jurisdiction and a train operation log in the train pair set by communicating with the CTC central server;
and determining a target time interval according to the operation plan of each train pair in the train pair set and the train operation logarithm in the train pair set.
6. The method of claim 1, wherein the screening the at least two keystores according to the current time and the time periods corresponding to the at least two keystores to obtain a target keystore comprises:
if the time period to which the current time belongs is a first time period, determining the first key bank as a target key bank, wherein the first key bank corresponds to the first time period;
and if the time period to which the current time belongs is a second time period, determining the second key store as a target key store, wherein the second key store corresponds to the second time period.
7. A key acquisition apparatus, characterized by comprising:
the time acquisition module is used for acquiring the current time when the target train is successfully connected with the station data management server;
the screening module is used for screening at least two key libraries according to the current time and the target time interval to obtain a target key library;
the key sending module is used for determining a target key according to the target key library and sending the target key to the target train;
the screening module is specifically used for:
determining the time periods corresponding to the at least two key stores according to the target time interval;
and screening the at least two key stores according to the current time and the time period corresponding to the at least two key stores to obtain a target key store.
8. An electronic device, the electronic device comprising:
at least one processor; and
a memory communicatively coupled to the at least one processor; wherein,,
the memory stores a computer program executable by the at least one processor to enable the at least one processor to perform the key acquisition method of any one of claims 1-6.
9. A computer readable storage medium storing computer instructions for causing a processor to implement the key acquisition method of any one of claims 1-6 when executed.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310301866.5A CN116017440B (en) | 2023-03-27 | 2023-03-27 | Key acquisition method, device, equipment and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310301866.5A CN116017440B (en) | 2023-03-27 | 2023-03-27 | Key acquisition method, device, equipment and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116017440A CN116017440A (en) | 2023-04-25 |
| CN116017440B true CN116017440B (en) | 2023-06-02 |
Family
ID=86021356
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310301866.5A Active CN116017440B (en) | 2023-03-27 | 2023-03-27 | Key acquisition method, device, equipment and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116017440B (en) |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114554486A (en) * | 2022-01-06 | 2022-05-27 | 北京全路通信信号研究设计院集团有限公司 | Key management method and system for information secure transmission |
Family Cites Families (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| DE102011006772A1 (en) * | 2011-04-05 | 2012-10-11 | Siemens Aktiengesellschaft | System and method for key management of a train protection system |
| DE102019131344B3 (en) * | 2019-11-20 | 2020-10-08 | Thales Management & Services Deutschland Gmbh | Method and device for determining an assignment of a key for a symmetrical cryptography method |
| CN111148073B (en) * | 2020-04-03 | 2020-07-31 | 北京全路通信信号研究设计院集团有限公司 | Secret key management method and system for train-ground communication transmission information |
| CN111935672B (en) * | 2020-07-21 | 2022-10-25 | 捷德(中国)科技有限公司 | Information reading method, device, system and storage medium |
| RU2743103C1 (en) * | 2020-09-04 | 2021-02-15 | Акционерное общество "Научно-исследовательский и проектно-конструкторский институт информатизации, автоматизации и связи на железнодорожном транспорте" | System of interval regulation of train traffic |
| FR3118231A1 (en) * | 2020-12-18 | 2022-06-24 | Sagemcom Broadband Sas | METHOD FOR ENCRYPTING AND STORAGE OF COMPUTER FILES AND ASSOCIATED ENCRYPTION AND STORAGE DEVICE. |
| CN113094734A (en) * | 2021-04-27 | 2021-07-09 | 广东电网有限责任公司 | Equipment key updating method and device, storage medium and electronic equipment |
| CN113709733A (en) * | 2021-07-16 | 2021-11-26 | 中国铁道科学研究院集团有限公司通信信号研究所 | Key distribution method applied to safety train tail equipment |
| CN113792304B (en) * | 2021-08-12 | 2023-11-17 | 青岛海尔科技有限公司 | Database access system and method |
-
2023
- 2023-03-27 CN CN202310301866.5A patent/CN116017440B/en active Active
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114554486A (en) * | 2022-01-06 | 2022-05-27 | 北京全路通信信号研究设计院集团有限公司 | Key management method and system for information secure transmission |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116017440A (en) | 2023-04-25 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110365752A (en) | Processing method, device, electronic equipment and the storage medium of business datum | |
| CN106789362A (en) | A kind of device management method and network management system | |
| US20220244058A1 (en) | Method and apparatus for unmanned vehicle dispatching management, device, storage medium and program | |
| CN104301140A (en) | Service request responding method, device and system | |
| CN107404540A (en) | The synchronous method and device of data | |
| CN111782470A (en) | Distributed container log data processing method and device | |
| CN114084204A (en) | Data transmission system, method, device and storage medium for urban railway | |
| CN114866250A (en) | Method and device for constructing in-vehicle CAN network fresh value, vehicle and storage medium | |
| CN109710502B (en) | Log transmission method, device and storage medium | |
| CN116017440B (en) | Key acquisition method, device, equipment and storage medium | |
| CN109388655A (en) | A kind of method and apparatus of dynamic control of data access | |
| CN107231284B (en) | Message sending method and terminal equipment | |
| CN105429795A (en) | Alarm monitoring system and method | |
| CN111127706B (en) | Intelligent lock control method, intelligent lock, cloud server and computing equipment | |
| CN107995641B (en) | Management method, device and the computer readable storage medium of terminal and real-time base station communication failure | |
| CN107909460B (en) | Position synchronization method, device, data center and storage medium | |
| CN112685199A (en) | Message queue repairing method and device, computer equipment and storage medium | |
| CN109062931B (en) | Cache synchronization control method, device, system, server and readable storage medium | |
| CN115884128B (en) | Train cross-core network communication method, device, equipment and storage medium | |
| CN113645579B (en) | Short message channel distribution method, device and system | |
| CN112218273B (en) | Terminal uplink data distribution control method, device and system | |
| CN115103322B (en) | Subscription merging method, device, electronic equipment, storage medium and product | |
| CN115442055A (en) | Battery replacement vehicle information authentication method and device, electronic equipment and storage medium | |
| CN116112639A (en) | Image information transmission method and device for taxis, electronic equipment and storage medium | |
| CN117336807A (en) | Method, device, medium and system for switching multiple operators based on vehicle |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |