CN116170204A - PKI certificate filling system and method - Google Patents
PKI certificate filling system and method Download PDFInfo
- Publication number
- CN116170204A CN116170204A CN202310135820.0A CN202310135820A CN116170204A CN 116170204 A CN116170204 A CN 116170204A CN 202310135820 A CN202310135820 A CN 202310135820A CN 116170204 A CN116170204 A CN 116170204A
- Authority
- CN
- China
- Prior art keywords
- vehicle
- mounted terminal
- certificate
- service platform
- content service
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0869—Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02P—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
- Y02P90/00—Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
- Y02P90/30—Computing systems specially adapted for manufacturing
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a PKI certificate filling system, wherein a vehicle-mounted terminal provider platform is used for transmitting vehicle-mounted terminal production plan information to a content service platform and writing a preset universal certificate chain and a corresponding private key into a vehicle-mounted terminal when the vehicle-mounted terminal is produced; the vehicle-mounted terminal is connected with the Internet to trigger a filling and certification-issuing application after the production is electrified; the content service platform compares the received vehicle-mounted terminal equipment number with vehicle-mounted terminal production plan information, if the vehicle-mounted terminal equipment number is in the vehicle-mounted terminal production plan information, the received corresponding certificate request file is forwarded to a PKI infrastructure, and the PKI infrastructure creates a corresponding vehicle-mounted terminal equipment certificate and sends the corresponding vehicle-mounted terminal equipment certificate to the content service platform; and the content service platform forwards the vehicle-mounted terminal equipment certificate created by the PKI technical facility to the corresponding vehicle-mounted terminal. The invention realizes certificate authentication and filling in the leaving factory of parts in a safe mode on the premise of not modifying the whole vehicle production line and working procedure.
Description
Technical Field
The invention relates to the technical field of Internet of vehicles, in particular to a PKI (Public Key Infrastructure ) certificate filling system and method.
Background
In recent years, the trend of automobile quadrupling (electromotive, intelligent, networking and sharing) is more and more obvious, and automobiles are used as comprehensive application bodies of cloud computing, big data, internet of things/internet of vehicles, multidimensional sensors, artificial intelligence and novel communication technologies represented by 4G/5G, so that the automobiles become intelligent terminals which are highly integrated with the IOT technology, and various automobile enterprises are fully utilizing the IOT technology to build differentiated products, so that more and more intelligent and networking landing of business scenes are jointly promoted; the landing of the scenes promotes the intelligent and networking degree of the automobile, the automobile is more and more required to be communicated and interacted with external data, more and more users and vehicle data are required to be processed and borne, and meanwhile, the information security and the data security of the automobile are an unavoidable problem and are required to be jointly cracked and dealt with by industries. The framework of the internet of vehicles application service security authentication system based on PKI is a standard to be formulated, which is proposed in the Internet of vehicles network security and data security standard system construction guide issued by the office of the Ministry of industry and informatization, 25 days of 2022.
Therefore, a plurality of train enterprises are main solutions for using PKI certificates as the safety of the Internet of vehicles, but in the filling mode of the PKI certificates, the filling modes of the train enterprises have obvious differences due to various reasons; it is difficult to take a trade-off in terms of safety and convenience. A series of problems may also occur due to imperfections in the business scenario considerations.
Aiming at the problem of filling the PKI certificate, china patent with the patent publication number of CN113094687A discloses a digital certificate filling method, filling equipment and a vehicle-mounted terminal, wherein the filling equipment sends a digital certificate request instruction to the vehicle-mounted terminal and receives a digital certificate request message which is sent by the vehicle-mounted terminal and carries identity information of the vehicle-mounted terminal; forwarding the digital certificate request message to a content service platform; receiving a digital certificate issued by the content service platform after confirming that the vehicle-mounted terminal is legal, and sending the digital certificate to the vehicle-mounted terminal; and checking the networking state of the vehicle-mounted terminal according to the digital certificate storage state returned by the vehicle-mounted terminal and the networking state of the vehicle-mounted terminal. The digital certificate filling method and device can solve the problems that in the prior art, the digital certificate filling process is complex, and illegal certificates are easily written in the filling process by an external tool. However, the design of the patent is too ideal, consideration of service scenes is insufficient, the scheme itself depends on the EOL of the whole vehicle factory production line and the after-sales diagnostic instrument to trigger the filling process, and in most existing vehicle enterprises, the EOL and the diagnostic instrument need to be modified and cannot be well combined with the existing vehicle model production line. There are problems that the production line efficiency is affected, the after-sales service quality is affected, etc.
The scheme of the patent with the publication number of CN114626045A is introduced into the concept of a front end processor, and aims to solve the problem of line stop possibly caused by the filling failure of an online certificate on a production line due to the network problem. But additional modifications to the production line may be made without regard to the after-market replacement scenario. Another set of solutions still needs to be designed for after-market scenarios.
Disclosure of Invention
The invention aims to provide a PKI certificate filling system and a PKI certificate filling method, which realize certificate authentication and filling when parts leave the factory in a safe mode on the premise of not modifying the whole vehicle production line and working procedure, and solve the problem of consistency of the production line and after-sale.
To achieve the purpose, the PKI certificate filling system designed by the invention comprises a vehicle-mounted terminal provider platform, a content service platform and a PKI infrastructure;
the vehicle-mounted terminal provider platform is used for sending vehicle-mounted terminal production plan information to the content service platform when the vehicle-mounted terminal is produced, and writing a preset universal certificate chain and a corresponding private key into the vehicle-mounted terminal;
the vehicle-mounted terminal establishes a bidirectional authentication safety channel with the content service platform through a certificate chain, and encrypts and decrypts information transmission in the safety channel through a corresponding private key;
the vehicle-mounted terminal is connected with the Internet to trigger a filling and certification-issuing application after the production is electrified, the vehicle-mounted terminal generates a vehicle-mounted terminal equipment number and a corresponding certificate request file according to the filling and certification-issuing application, and the vehicle-mounted terminal sends the generated vehicle-mounted terminal equipment number and the corresponding certificate request file to the content service platform through a security channel of bidirectional authentication;
the content service platform is used for comparing the received vehicle-mounted terminal equipment number with vehicle-mounted terminal production plan information, if the vehicle-mounted terminal equipment number is in the vehicle-mounted terminal production plan information, forwarding the received corresponding certificate request file to the PKI infrastructure, and after receiving the certificate request file forwarded by the content service platform, the PKI infrastructure creates a corresponding vehicle-mounted terminal equipment certificate and sends the corresponding vehicle-mounted terminal equipment certificate to the content service platform;
the content service platform is used for forwarding the vehicle-mounted terminal equipment certificate created by the PKI technical facility to the corresponding vehicle-mounted terminal through a security channel of bidirectional authentication.
The invention has the beneficial effects that:
according to the invention, the equipment certificate is filled in the vehicle-mounted terminal production link, after the part production link realizes the certificate filling work, the whole vehicle production line does not need to add additional stations for filling the certificate, and only the state of the certificate is detected in the EOL link, so that the production efficiency is improved. Meanwhile, the filling work of the certificate can be completed in the part production link, and 4S stores do not need to be equipped with additional equipment to complete the filling work of the certificate, so that the cost and inconvenience brought by the complexity of production lines and after-sales part replacement are reduced.
The invention effectively verifies the validity of the filled parts on the side of the content service platform through the production plan, wherein the production plan comprises a unique part number (PDSN), and when the certificate is filled, the invention automatically verifies whether the part number is in the production plan, if the part is not in the production plan, the part is regarded as an illegal part, and the certificate cannot be installed, and cannot be normally used.
The invention automatically triggers and realizes the operation of certificate downloading after the power-on networking, and the production line does not need to add additional stations, thereby greatly improving the efficiency, optimizing the flow, reducing the investment of the additional stations while improving the efficiency, and maximally reducing the cost of the production line transformation.
Compared with the scheme in the background, the invention omits the filling equipment link, and realizes the automatic downloading of the certificate through the software on the vehicle-mounted terminal.
Drawings
FIG. 1 is a schematic diagram of the structure of the present invention;
fig. 2 is a flow chart of the vehicle-mounted terminal certificate filling.
Detailed Description
The invention is described in further detail below with reference to the attached drawings and specific examples:
the PKI certificate filling system shown in fig. 1 and 2 includes a vehicle-mounted terminal provider platform, a content service platform, and a PKI infrastructure;
the vehicle-mounted terminal provider platform is used for transmitting vehicle-mounted terminal production plan information to the content service platform when the vehicle-mounted terminal is produced, and writing a preset universal certificate chain and a corresponding private key into the vehicle-mounted terminal, wherein the preset universal certificate can ensure that a safety communication channel is also used when the part downloads a formal certificate, so that the communication safety of the whole life cycle of the whole part is ensured;
the vehicle-mounted terminal establishes a bidirectional authentication safety channel with the content service platform through a certificate chain, and encrypts and decrypts information transmission in the safety channel through a corresponding private key;
the vehicle-mounted terminal is connected with the Internet after the production is electrified to trigger a filling and issuing certification application (namely, application for downloading a vehicle-mounted terminal equipment certificate), the vehicle-mounted terminal generates a vehicle-mounted terminal equipment number and a corresponding certificate request file (Cerificate Signing Request, certificate request) according to the filling and issuing certification application, the vehicle-mounted terminal sends the generated vehicle-mounted terminal equipment number and the corresponding certificate request file to a content service platform through a security channel of bidirectional authentication, and the certificate request file is used for collecting key information of the vehicle-mounted terminal and is used for applying for a unique equipment certificate of the vehicle-mounted terminal;
the content service platform is used for comparing the received vehicle-mounted terminal equipment number with vehicle-mounted terminal production plan information, if the vehicle-mounted terminal equipment number is in the vehicle-mounted terminal production plan information, the received corresponding certificate request file is forwarded to the PKI infrastructure, after the PKI infrastructure receives the certificate request file forwarded by the content service platform, a corresponding vehicle-mounted terminal equipment certificate is created and sent to the content service platform, if the received vehicle-mounted terminal equipment number is not in the vehicle-mounted terminal production plan information, the vehicle-mounted terminal equipment certificate application is refused, in order to prevent illegal equipment from downloading the certificate, the cloud platform is accessed, and a unique PDSN of the equipment is used for carrying out one round of authentication;
the content service platform is used for forwarding the vehicle-mounted terminal equipment certificate created by the PKI technical facility to the corresponding vehicle-mounted terminal through a security channel of bidirectional authentication.
In the above technical solution, the key information includes:
common Name (CN) domain Name/Name, such as CN represents China;
organization (O) unit names, such as XISU, represent university of Western Ann foreign language;
a city of Locality (L), such as XiAn for XiAn;
state (ST) province/direct jurisdiction, e.g. ShanXi represents Shaanxi;
country (C) Country, such as CN, represents China;
and a unique public key generated by the device;
the information, in combination, may generate a device certificate unique to the device.
In the above technical solution, the vehicle-mounted terminal is an electronic device on the automobile, such as a Tbox (intelligent vehicle-mounted terminal) for providing 4G/5G communication service, and provides an IVI (In-Vehicle Infotainment, in-vehicle infotainment system) for video entertainment for the user.
In the above technical solution, the production plan information includes a unique identifier PDSN information, which is a vehicle-mounted terminal device number of the vehicle-mounted device that is planned to be generated, where the vehicle-mounted terminal device number is used to verify whether the device accessing the cloud service is a legal access device, and only the vehicle-mounted terminal device number included in the production plan is a device that can be approved to access the cloud service and install the certificate.
In the above technical solution, the universal certificate chain and the corresponding private key are manually generated by the PKI infrastructure, and the vehicle-mounted terminal provider platform writes the universal certificate chain and the corresponding private key into a secure storage area in the vehicle-mounted terminal. After receiving the certificate request file, the PKI infrastructure extracts key information in the certificate request file and generates a device certificate, namely a filling certificate, according to the agreed template.
In the above technical solution, the universal certificate chain includes a universal certificate (an offline certificate manually generated by a PKI infrastructure), where the universal certificate is used to establish a bidirectional authenticated secure channel between the vehicle-mounted terminal and the content service platform, and perform first secure communication through the bidirectional authenticated secure channel, so as to apply for downloading the vehicle-mounted terminal device certificate. Through the mutual authentication, the content service platform can know the identity of the vehicle-mounted terminal (the vehicle and the type of the vehicle-mounted terminal equipment), and the vehicle-mounted terminal can also know the identity of the content service platform (the service provided by the vehicle-mounted terminal equipment, such as remote control).
In the above technical solution, after receiving the vehicle-mounted terminal equipment certificate forwarded by the content service platform, the vehicle-mounted terminal stores a unique vehicle-mounted terminal equipment certificate, and deletes the universal certificate in the universal certificate chain.
In the above technical solution, the certificate chain further includes a root certificate and an intermediate certificate for issuing a certificate, the universal certificate of the content service platform and the universal certificate of the vehicle-mounted terminal are derived from the root certificate and the intermediate certificate, and association information between the universal certificate of the content service platform and the universal certificate of the vehicle-mounted terminal can be found through the certificate chain, and a complete certificate authentication ring is formed by combining the vehicle-mounted terminal equipment certificate filled by the vehicle-mounted terminal.
In the technical scheme, the universal certificate is provided by a whole vehicle factory or a certificate provider and can be reused.
The PKI certificate filling method based on the system is characterized by comprising the following steps of:
step 1: the vehicle-mounted terminal provider platform is used for transmitting vehicle-mounted terminal production plan information to the content service platform when the vehicle-mounted terminal is produced, and writing a preset universal certificate chain and a corresponding private key into the vehicle-mounted terminal;
step 2: the vehicle-mounted terminal establishes a bidirectional authentication safety channel with the content service platform through a certificate chain, and encrypts and decrypts information transmission in the safety channel through a corresponding private key;
step 3: the vehicle-mounted terminal is connected with the Internet to trigger a filling and certification-issuing application after the production is electrified, the vehicle-mounted terminal generates a vehicle-mounted terminal equipment number and a corresponding certificate request file according to the filling and certification-issuing application, and the vehicle-mounted terminal sends the generated vehicle-mounted terminal equipment number and the corresponding certificate request file to the content service platform through a security channel of bidirectional authentication;
step 4: the content service platform compares the received vehicle-mounted terminal equipment number with vehicle-mounted terminal production plan information, if the vehicle-mounted terminal equipment number is in the vehicle-mounted terminal production plan information, the received corresponding certificate request file is forwarded to the PKI infrastructure, and after receiving the certificate request file forwarded by the content service platform, the PKI infrastructure creates a corresponding vehicle-mounted terminal equipment certificate and sends the corresponding vehicle-mounted terminal equipment certificate to the content service platform;
step 5: the content service platform is used for forwarding the vehicle-mounted terminal equipment certificate created by the PKI technical facility to the corresponding vehicle-mounted terminal through a security channel of bidirectional authentication;
step 6: after receiving the vehicle-mounted terminal equipment certificate forwarded by the content service platform, the vehicle-mounted terminal stores a unique vehicle-mounted terminal equipment certificate, realizes certificate filling, and deletes the universal certificate in the universal certificate chain.
A computer-readable storage medium storing a computer program, characterized in that: the computer program realizes the steps of the above method when being executed by a processor.
What is not described in detail in this specification is prior art known to those skilled in the art.
Claims (10)
1. A PKI certificate filling system, characterized by: the system comprises a vehicle-mounted terminal provider platform, a content service platform and a PKI infrastructure;
the vehicle-mounted terminal provider platform is used for sending vehicle-mounted terminal production plan information to the content service platform when the vehicle-mounted terminal is produced, and writing a preset universal certificate chain and a corresponding private key into the vehicle-mounted terminal;
the vehicle-mounted terminal establishes a bidirectional authentication safety channel with the content service platform through a certificate chain, and encrypts and decrypts information transmission in the safety channel through a corresponding private key;
the vehicle-mounted terminal is connected with the Internet to trigger a filling and certification-issuing application after the production is electrified, the vehicle-mounted terminal generates a vehicle-mounted terminal equipment number and a corresponding certificate request file according to the filling and certification-issuing application, and the vehicle-mounted terminal sends the generated vehicle-mounted terminal equipment number and the corresponding certificate request file to the content service platform through a security channel of bidirectional authentication;
the content service platform is used for comparing the received vehicle-mounted terminal equipment number with vehicle-mounted terminal production plan information, if the vehicle-mounted terminal equipment number is in the vehicle-mounted terminal production plan information, forwarding the received corresponding certificate request file to the PKI infrastructure, and after receiving the certificate request file forwarded by the content service platform, the PKI infrastructure creates a corresponding vehicle-mounted terminal equipment certificate and sends the corresponding vehicle-mounted terminal equipment certificate to the content service platform;
the content service platform is used for forwarding the vehicle-mounted terminal equipment certificate created by the PKI technical facility to the corresponding vehicle-mounted terminal through a security channel of bidirectional authentication.
2. The PKI certificate filling system of claim 1, wherein: the production plan information comprises a vehicle-mounted terminal equipment number of the vehicle-mounted equipment which is planned to be generated, the vehicle-mounted terminal equipment number is used for verifying whether equipment which is accessed to the cloud service is legal access equipment, and only the vehicle-mounted terminal equipment number contained in the production plan is approved equipment which can access the cloud service and install the certificate.
3. The PKI certificate filling system of claim 1, wherein: the universal certificate chain and the corresponding private key are manually generated by the PKI infrastructure, and the vehicle-mounted terminal provider platform writes the universal certificate chain and the corresponding private key into a safe storage area in the vehicle-mounted terminal.
4. The PKI certificate filling system of claim 1, wherein: the universal certificate chain comprises a universal certificate, the universal certificate is used for establishing a bidirectional authentication safety channel between the vehicle-mounted terminal and the content service platform, and carrying out first safety communication through the bidirectional authentication safety channel to apply for downloading the vehicle-mounted terminal equipment certificate.
5. The PKI certificate filling system of claim 1, wherein: and refusing the application of the vehicle-mounted terminal equipment certificate if the received vehicle-mounted terminal equipment number is not in the vehicle-mounted terminal production plan information.
6. The PKI certificate filling system of claim 4, wherein: after receiving the vehicle-mounted terminal equipment certificate forwarded by the content service platform, the vehicle-mounted terminal stores a unique vehicle-mounted terminal equipment certificate and deletes the universal certificate in the universal certificate chain.
7. The PKI certificate filling system of claim 4, wherein: the certificate chain also comprises a root certificate and an intermediate certificate for issuing a certificate, the root certificate and the intermediate certificate are derived from the universal certificate of the content service platform and the universal certificate of the vehicle-mounted terminal, and the association information between the universal certificate of the content service platform and the universal certificate of the vehicle-mounted terminal can be found through the certificate chain and combined with the vehicle-mounted terminal equipment certificate filled by the vehicle-mounted terminal to form a complete certificate authentication ring.
8. The PKI certificate filling system of claim 4, wherein: the universal certificate is provided by the whole vehicle factory or a certificate provider and can be reused.
9. A PKI certificate filling method based on the system of claim 1, characterized in that it comprises the steps of:
step 1: the vehicle-mounted terminal provider platform is used for transmitting vehicle-mounted terminal production plan information to the content service platform when the vehicle-mounted terminal is produced, and writing a preset universal certificate chain and a corresponding private key into the vehicle-mounted terminal;
step 2: the vehicle-mounted terminal establishes a bidirectional authentication safety channel with the content service platform through a certificate chain, and encrypts and decrypts information transmission in the safety channel through a corresponding private key;
step 3: the vehicle-mounted terminal is connected with the Internet to trigger a filling and certification-issuing application after the production is electrified, the vehicle-mounted terminal generates a vehicle-mounted terminal equipment number and a corresponding certificate request file according to the filling and certification-issuing application, and the vehicle-mounted terminal sends the generated vehicle-mounted terminal equipment number and the corresponding certificate request file to the content service platform through a security channel of bidirectional authentication;
step 4: the content service platform compares the received vehicle-mounted terminal equipment number with vehicle-mounted terminal production plan information, if the vehicle-mounted terminal equipment number is in the vehicle-mounted terminal production plan information, the received corresponding certificate request file is forwarded to the PKI infrastructure, and after receiving the certificate request file forwarded by the content service platform, the PKI infrastructure creates a corresponding vehicle-mounted terminal equipment certificate and sends the corresponding vehicle-mounted terminal equipment certificate to the content service platform;
step 5: the content service platform is used for forwarding the vehicle-mounted terminal equipment certificate created by the PKI technical facility to the corresponding vehicle-mounted terminal through a security channel of bidirectional authentication;
step 6: after receiving the vehicle-mounted terminal equipment certificate forwarded by the content service platform, the vehicle-mounted terminal stores a unique vehicle-mounted terminal equipment certificate, realizes certificate filling, and deletes the universal certificate in the universal certificate chain.
10. A computer-readable storage medium storing a computer program, characterized in that: which computer program, when being executed by a processor, carries out the steps of the method according to claim 9.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310135820.0A CN116170204A (en) | 2023-02-20 | 2023-02-20 | PKI certificate filling system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310135820.0A CN116170204A (en) | 2023-02-20 | 2023-02-20 | PKI certificate filling system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN116170204A true CN116170204A (en) | 2023-05-26 |
Family
ID=86412916
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310135820.0A Pending CN116170204A (en) | 2023-02-20 | 2023-02-20 | PKI certificate filling system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116170204A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116567579A (en) * | 2023-07-07 | 2023-08-08 | 一汽解放汽车有限公司 | Vehicle-mounted terminal data filling method and system |
-
2023
- 2023-02-20 CN CN202310135820.0A patent/CN116170204A/en active Pending
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN116567579A (en) * | 2023-07-07 | 2023-08-08 | 一汽解放汽车有限公司 | Vehicle-mounted terminal data filling method and system |
| CN116567579B (en) * | 2023-07-07 | 2023-10-20 | 一汽解放汽车有限公司 | Vehicle-mounted terminal data filling method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103201996B (en) | The method that radio machine motor-car is accessed is provided | |
| WO2022027957A1 (en) | Safe distribution method, device and system of vehicle bluetooth key and storage medium | |
| WO2021135258A1 (en) | Method and apparatus for using vehicle based on smart key | |
| CN111783068B (en) | Device authentication method, system, electronic device and storage medium | |
| CN105991643A (en) | Method and apparatus for performing secure Bluetooth communication | |
| CN107672469A (en) | Electrical bicycle charging method and system based on credential management | |
| CN109766108A (en) | Vehicle terminal software upgrade-system, method and device | |
| CN111638704A (en) | Method, system and device for remotely waking up vehicle | |
| CN113541939B (en) | Internet of vehicles digital certificate issuing method and system | |
| CN116170204A (en) | PKI certificate filling system and method | |
| US20180287787A1 (en) | Method and system for providing security for the first time a mobile device makes contact with a device | |
| CN103944861A (en) | Voice verification system | |
| CN112883382A (en) | Vehicle flashing method, vehicle networking box, vehicle and storage medium | |
| CN114301596A (en) | OTA (over the air) secure communication method and device for vehicle intranet, vehicle-mounted system and storage medium | |
| CN109688111A (en) | A kind of vehicle identification Verification System and method adapting to V2X communication | |
| CN104349313A (en) | Service authorization method, equipment and system | |
| CN108990060A (en) | A kind of credential distribution system and method for base station equipment | |
| CN112862487A (en) | Digital certificate authentication method, equipment and storage medium | |
| CN115220762A (en) | Vehicle-end firmware upgrading method, device, equipment and medium of digital key system | |
| TWI699104B (en) | Network device, control system and method thereof | |
| CN103428161A (en) | Phone authentication service system | |
| CN109933045A (en) | A kind of vehicle automatic technique upgrade method and system | |
| CN113452517A (en) | Key updating method, device, system, storage medium and terminal | |
| CN107749842A (en) | A kind of train radio running number checks information data analysis system and method | |
| CN113094687A (en) | Digital certificate filling method, filling equipment and vehicle-mounted terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |