CN116366289A - Safety supervision method and device for remote sensing data of unmanned aerial vehicle - Google Patents

Safety supervision method and device for remote sensing data of unmanned aerial vehicle Download PDF

Info

Publication number
CN116366289A
CN116366289A CN202310162354.5A CN202310162354A CN116366289A CN 116366289 A CN116366289 A CN 116366289A CN 202310162354 A CN202310162354 A CN 202310162354A CN 116366289 A CN116366289 A CN 116366289A
Authority
CN
China
Prior art keywords
data
ciphertext
key
remote sensing
private key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310162354.5A
Other languages
Chinese (zh)
Inventor
刘正军
陈一铭
张赓
李永荣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chinese Academy of Surveying and Mapping
Original Assignee
Chinese Academy of Surveying and Mapping
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chinese Academy of Surveying and Mapping filed Critical Chinese Academy of Surveying and Mapping
Priority to CN202310162354.5A priority Critical patent/CN116366289A/en
Publication of CN116366289A publication Critical patent/CN116366289A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04QSELECTING
    • H04Q9/00Arrangements in telecontrol or telemetry systems for selectively calling a substation from a main station, in which substation desired apparatus is selected for applying a control signal thereto or for obtaining measured values therefrom
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02PCLIMATE CHANGE MITIGATION TECHNOLOGIES IN THE PRODUCTION OR PROCESSING OF GOODS
    • Y02P90/00Enabling technologies with a potential contribution to greenhouse gas [GHG] emissions mitigation
    • Y02P90/02Total factory control, e.g. smart factories, flexible manufacturing systems [FMS] or integrated manufacturing systems [IMS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Selective Calling Equipment (AREA)

Abstract

The application relates to a safety supervision method, device, computer equipment, storage medium and computer program product of unmanned aerial vehicle remote sensing data. The method is applied to the data acquisition end and comprises the following steps: encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext; encrypting the first private key based on the second public key to obtain a key ciphertext; and sending the transmission data containing the first data ciphertext and the key ciphertext to a data processing end so that the data processing end can decrypt the key ciphertext in the transmission data based on the second private key to obtain a first private key, and decrypting the first data ciphertext in the transmission data based on the first private key to obtain remote sensing data. The scheme improves the safety of the remote sensing data.

Description

Safety supervision method and device for remote sensing data of unmanned aerial vehicle
Technical Field
The application relates to the technical field of data transmission, in particular to a safety supervision method and device for remote sensing data of an unmanned aerial vehicle.
Background
At present, in the data transmission process of unmanned aerial vehicle remote sensing data, a data acquisition end directly transmits the acquired unmanned aerial vehicle remote sensing data to a data processing end. The unmanned aerial vehicle remote sensing data are original data which are not processed by the data acquisition end.
Therefore, any data processing end can acquire unmanned aerial vehicle remote sensing data acquired by the data acquisition end, and further the remote sensing data is easy to leak, so that the safety of the unmanned aerial vehicle remote sensing data is reduced.
Disclosure of Invention
In view of the foregoing, it is desirable to provide a method, an apparatus, a computer device, a computer readable storage medium, and a computer program product for security supervision of unmanned aerial vehicle remote sensing data, which can improve the security of unmanned aerial vehicle remote sensing data.
In a first aspect, the present application provides a method for securely monitoring remote sensing data of an unmanned aerial vehicle. The method is applied to a data acquisition end, and comprises the following steps:
encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext;
encrypting the first private key based on the second public key to obtain a key ciphertext;
and transmitting the transmission data containing the first data ciphertext and the key ciphertext to a data processing end, so that the data processing end decrypts the key ciphertext in the transmission data based on a second private key to obtain the first private key, and decrypts the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
In one embodiment, before the encrypting the collected remote sensing data based on the first public key, the method further includes:
acquiring the data initial acquisition time of the remote sensing data;
and acquiring the remote sensing data under the condition that the initial data acquisition time is earlier than the valid deadline of the preset digital certificate.
In one embodiment, the encrypting the collected remote sensing data based on the first public key to obtain the first data ciphertext includes:
sending an identity authentication request to a password platform, so that the password platform responds to the identity authentication request and returns a digital signature determined based on a preset digital certificate to the data acquisition end;
transmitting the digital signature to the data processing end; the digital signature is used for indicating the data processing end to perform signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end;
and under the condition that the signature verification result shows that verification is successful, encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext.
In a second aspect, the present application provides a method for security supervision of unmanned aerial vehicle remote sensing data. The method is applied to a data processing end, and comprises the following steps:
Receiving transmission data which is sent by a data acquisition end and contains a first data ciphertext and a key ciphertext; the first data ciphertext is obtained by encrypting the acquired remote sensing data based on a first public key by the data acquisition end; the key ciphertext is obtained by the data acquisition end through encryption processing of a first private key based on a second public key;
decrypting the key ciphertext in the transmission data based on a second private key to obtain the first private key;
and decrypting the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
In one embodiment, before receiving the transmission data including the first data ciphertext and the key ciphertext sent by the data acquisition end, the method further includes:
receiving a digital signature sent by the data acquisition end; the digital signature is determined based on a preset digital certificate by the password platform in response to an identity authentication request sent by the data acquisition end and is sent to the data processing end by the password platform;
performing signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end; and the signature verification result is used for indicating the data acquisition end to encrypt the acquired remote sensing data based on a first public key under the condition that the signature verification result indicates that verification is successful, so as to obtain a first data ciphertext.
In one embodiment, the decrypting the key ciphertext in the transmission data based on the second private key further includes, before obtaining the first private key:
inquiring the valid deadline of a preset digital certificate which is later than the data initial acquisition time based on the data initial acquisition time of the remote sensing data to obtain a target valid deadline;
and determining the second private key according to the target effective deadline and the equipment identifier of the data acquisition end.
In one embodiment, the transmission data further includes a second data ciphertext including a device identifier of the data acquisition end and a data start acquisition time of the remote sensing data, and a verification plaintext including the device identifier and the data start acquisition time; the decrypting the first data ciphertext in the transmission data based on the first private key includes:
and under the condition that the equipment identifier in the verification plaintext is consistent with the equipment identifier contained in the second data ciphertext and the data initial acquisition time in the verification plaintext is consistent with the data initial acquisition time contained in the second data ciphertext, decrypting the first data ciphertext in the transmission data based on the first private key.
In a third aspect, the present application further provides a safety supervision system for remote sensing data of an unmanned aerial vehicle. The safety supervision system of unmanned aerial vehicle remote sensing data includes data acquisition end and data processing end, wherein:
the data acquisition end is used for carrying out encryption processing on the acquired remote sensing data based on the first public key to obtain a first data ciphertext; encrypting the first private key based on the second public key to obtain a key ciphertext; transmitting transmission data containing the first data ciphertext and the key ciphertext to the data processing end;
the data processing end is used for decrypting the key ciphertext in the transmission data based on a second private key to obtain the first private key; and decrypting the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
In one embodiment, the data processing end comprises a data receiving end and an intranet cryptographic machine; the data processing end decrypts the key ciphertext in the transmission data based on the second private key to obtain the first private key; decrypting the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data, including:
The data receiving end is used for receiving the transmission data sent by the data acquisition end and sending the transmission data to the intranet cipher machine;
the intranet cipher machine is used for decrypting the key ciphertext in the transmission data based on a second private key to obtain the first private key; and decrypting the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
In a fourth aspect, the application further provides a safety supervision device for remote sensing data of an unmanned aerial vehicle. The device is applied to a data acquisition end, and comprises:
the first encryption module is used for encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext;
the second encryption module is used for encrypting the first private key based on the second public key to obtain a key ciphertext;
and the sending module is used for sending the transmission data containing the first data ciphertext and the key ciphertext to the data processing end so that the data processing end can decrypt the key ciphertext in the transmission data based on the second private key to obtain the first private key, and can decrypt the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
In one embodiment, the safety supervision device for remote sensing data of the unmanned aerial vehicle further includes:
the acquisition module is used for acquiring the data initial acquisition time of the remote sensing data;
and the acquisition module is used for acquiring the remote sensing data under the condition that the initial acquisition time of the data is earlier than the valid deadline of the preset digital certificate.
In one embodiment, the first encryption module is specifically configured to:
sending an identity authentication request to a password platform, so that the password platform responds to the identity authentication request and returns a digital signature determined based on a preset digital certificate to the data acquisition end;
transmitting the digital signature to the data processing end; the digital signature is used for indicating the data processing end to perform signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end;
and under the condition that the signature verification result shows that verification is successful, encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext.
In a fifth aspect, the present application further provides a device for safety supervision of remote sensing data of an unmanned aerial vehicle. The device is applied to a data processing end, and comprises:
The first receiving module is used for receiving transmission data which is sent by the data acquisition end and contains a first data ciphertext and a key ciphertext; the first data ciphertext is obtained by encrypting the acquired remote sensing data based on a first public key by the data acquisition end; the key ciphertext is obtained by the data acquisition end through encryption processing of a first private key based on a second public key;
the first decryption module is used for decrypting the key ciphertext in the transmission data based on the second private key to obtain the first private key;
and the second decryption module is used for decrypting the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
In one embodiment, the safety supervision device for remote sensing data of the unmanned aerial vehicle further includes:
the second receiving module is used for receiving the digital signature sent by the data acquisition end; the digital signature is determined based on a preset digital certificate by the password platform in response to an identity authentication request sent by the data acquisition end and is sent to the data processing end by the password platform;
the signature verification module is used for carrying out signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end; and the signature verification result is used for indicating the data acquisition end to encrypt the acquired remote sensing data based on a first public key under the condition that the signature verification result indicates that verification is successful, so as to obtain a first data ciphertext.
In one embodiment, the safety supervision device for remote sensing data of the unmanned aerial vehicle further includes:
the inquiry module is used for inquiring the valid deadline of a preset digital certificate which is later than the data initial acquisition time based on the data initial acquisition time of the remote sensing data to obtain a target valid deadline;
and the determining module is used for determining the second private key according to the target effective deadline and the equipment identifier of the data acquisition end.
In one embodiment, the transmission data further includes a second data ciphertext including a device identifier of the data acquisition end and a data start acquisition time of the remote sensing data, and a verification plaintext including the device identifier and the data start acquisition time; the second decryption module is specifically configured to:
and under the condition that the equipment identifier in the verification plaintext is consistent with the equipment identifier contained in the second data ciphertext and the data initial acquisition time in the verification plaintext is consistent with the data initial acquisition time contained in the second data ciphertext, decrypting the first data ciphertext in the transmission data based on the first private key.
In a sixth aspect, the present application also provides a computer device. The computer device comprises a memory storing a computer program and a processor implementing the steps of the first or second aspect when the processor executes the computer program.
In a seventh aspect, the present application also provides a computer-readable storage medium. The computer readable storage medium having stored thereon a computer program which, when executed by a processor, implements the steps of the first aspect or the second aspect or the third aspect.
In an eighth aspect, the present application also provides a computer program product. The computer program product comprising a computer program which, when executed by a processor, implements the steps as described in the first or second aspect.
The method, the device, the computer equipment, the storage medium and the computer program product for safely supervising the remote sensing data of the unmanned aerial vehicle are applied to a data acquisition end, and the acquired remote sensing data is encrypted based on a first public key to obtain a first data ciphertext; encrypting the first private key based on the second public key to obtain a key ciphertext; and sending the transmission data containing the first data ciphertext and the key ciphertext to a data processing end so that the data processing end can decrypt the key ciphertext in the transmission data based on the second private key to obtain a first private key, and decrypting the first data ciphertext in the transmission data based on the first private key to obtain remote sensing data. In the scheme, the transmission data is the ciphertext after being encrypted by the data acquisition end, so that the data processing end can acquire the remote sensing data in the transmission data only by decrypting the transmission data by using the correct decryption key, thereby reducing the leakage condition of the remote sensing data and improving the safety of the remote sensing data.
Drawings
FIG. 1 is an application environment diagram of a method for secure supervision of unmanned aerial vehicle remote sensing data in one embodiment;
fig. 2 is a flow chart of a method for security supervision of remote sensing data of an unmanned aerial vehicle according to an embodiment;
fig. 3 is a flow chart of a method for security supervision of remote sensing data of an unmanned aerial vehicle according to another embodiment;
fig. 4 is a signaling diagram of a method for security supervision of remote sensing data of an unmanned aerial vehicle in one embodiment;
FIG. 5 is a block diagram of a security supervision device for remote sensing data of an unmanned aerial vehicle in one embodiment;
fig. 6 is a block diagram of a security supervision device for remote sensing data of an unmanned aerial vehicle according to another embodiment;
fig. 7 is an internal structural diagram of a computer device in one embodiment.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail with reference to the accompanying drawings and examples. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
The security supervision method for the unmanned aerial vehicle remote sensing data can be applied to an application environment shown in fig. 1. The safety supervision system of the remote sensing data of the unmanned aerial vehicle shown in fig. 1 comprises a data acquisition end 102 and a data processing end 104, wherein the data acquisition end 102 and the data processing end 104 are connected through communication. In one embodiment, the security supervision system of the remote sensing data of the unmanned aerial vehicle further comprises a password platform, and the data acquisition end 102, the password platform and the data processing end 104 are connected in a communication manner. In one embodiment, the data acquisition terminal 102 may be a drone device. In one embodiment, the data processing side 104 includes a data receiving side and an intranet cryptographic engine.
The data acquisition end 102 acquires remote sensing data, and encrypts the acquired remote sensing data based on the first public key to obtain a first data ciphertext. The first public key is a public key generated by the data acquisition end 102, and is used for encrypting the remote sensing data acquired by the data acquisition end 102. The data collection terminal 102 encrypts the first private key based on the second public key to obtain a key ciphertext. In one embodiment, the first public key is an asymmetric key, and in particular, the first public key may be a public key of SM 2. The data acquisition end 102 sends the transmission data including the first data ciphertext and the key ciphertext to the data processing end 104. The data processing end 104 receives the transmission data including the first data ciphertext and the key ciphertext sent by the data acquisition end 102, and decrypts the key ciphertext in the transmission data based on the second private key to obtain the first private key. Wherein the second private key and the second public key are a pair of data key pairs. The data processing end 104 decrypts the first data ciphertext in the transmission data based on the first private key to obtain remote sensing data. Wherein the first private key and the first public key are a pair of key encryption key pairs.
In one embodiment, as shown in fig. 2, a method for monitoring and managing remote sensing data of an unmanned aerial vehicle is provided, and the method is described by taking a safety monitoring and managing system of remote sensing data of an unmanned aerial vehicle applied to fig. 1 as an example, where the method for monitoring and managing remote sensing data of an unmanned aerial vehicle is applied to a data acquisition end 102, and includes:
Step 202, encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext.
In this embodiment of the present application, the data acquisition end 102 performs encryption processing on the acquired remote sensing data based on the first public key, to obtain a first data ciphertext. The first public key is used for encrypting the collected remote sensing data, and is a public key of the data collection end 102. In one embodiment, the first public key is a symmetric key, in particular SM4.
And 204, encrypting the first private key based on the second public key to obtain a key ciphertext.
In this embodiment of the present application, the data collection terminal 102 encrypts the first private key based on the second public key to obtain the key ciphertext. The second public key is a key generated by the cryptographic platform and sent to the data collection end 102, or a key that is imported offline in the form of a digital certificate, and is used for encrypting the first public key, that is, a public key in the key encryption key. In one embodiment, the second public key is an asymmetric key, and in particular, the second public key may be a public key of SM 2. In one embodiment, the first private key and the first public key are the same symmetric key, and in particular, the first private key and the first public key may be SM4.
And 206, transmitting the transmission data containing the first data ciphertext and the key ciphertext to a data processing end, so that the data processing end decrypts the key ciphertext in the transmission data based on the second private key to obtain a first private key, and decrypts the first data ciphertext in the transmission data based on the first private key to obtain remote sensing data.
Wherein the second private key is stored in advance at the data processing end 104. In one embodiment, the data processing end 104 includes a data receiving end and an intranet cryptographic engine, and the second private key is pre-stored in the intranet cryptographic engine. In this embodiment, the data acquisition end 102 sends the transmission data including the first data ciphertext and the key ciphertext to the data processing end 104, so that the data processing end 104 decrypts the key ciphertext in the transmission data based on the second private key to obtain the first private key, and decrypts the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data. The data acquisition end 102 sends the transmission data including the first data ciphertext and the key ciphertext to the data processing end 104. In one embodiment, the transmitted data further comprises a verification plaintext, wherein the verification plaintext comprises the device identification of the data acquisition end 102 and the data start acquisition time of the remote sensing data, and the verification plaintext is used for verifying the authenticity of the transmitted data.
In the security supervision method for the remote sensing data of the unmanned aerial vehicle, the transmission data is ciphertext after being encrypted by the data acquisition end, so that the data processing end can acquire the remote sensing data in the transmission data only by decrypting the transmission data by using a correct decryption key, thereby reducing the leakage condition of the remote sensing data and improving the security of the remote sensing data.
In one embodiment, before the encrypting the collected remote sensing data based on the first public key, the method further comprises:
acquiring data initial acquisition time of remote sensing data; and under the condition that the data initial acquisition time is earlier than the valid deadline of the preset digital certificate, acquiring the remote sensing data.
In the embodiment of the present application, the data acquisition end 102 acquires the data initial acquisition time of the remote sensing data. The data acquisition end 102 compares the data start acquisition time with the preset valid deadline of the data certificate. The digital certificate is a certificate generated by the cryptographic platform and issued to the data acquisition end 102, and is used for proving the identity of the data acquisition end 102. In the case that the data start acquisition time is earlier than the preset valid deadline of the digital certificate, the data acquisition end 102 acquires remote sensing data. In the case that the data start acquisition time is later than the preset valid expiration time of the digital certificate, the data acquisition end 102 prohibits the execution of the data acquisition operation. Specifically, in the case that the data start acquisition time is later than the preset valid expiration time of the digital certificate, the data acquisition end 102 cannot take off, or the data acquisition end 102 cannot enter the data acquisition mode.
In this embodiment, before remote sensing data is collected, the data collection terminal 102 determines the early and late time of the data start collection time and the valid expiration time of the preset digital certificate. The data acquisition terminal 102 can acquire remote sensing data only when the data start acquisition time is earlier than the effective deadline. Therefore, the remote sensing data is acquired based on the legal data acquisition terminal 102, so that the safety and reliability of the remote sensing data can be improved.
In one embodiment, encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext includes:
sending an identity authentication request to the password platform, so that the password platform responds to the identity authentication request and returns a digital signature determined based on a preset digital certificate to the data acquisition end; transmitting the digital signature to a data processing end; and under the condition that the verification result shows that the verification is successful, encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext.
The digital signature is used for indicating the data processing end to perform signature verification processing based on the digital signature, so as to obtain a signature verification result, and returning the signature verification result to the data acquisition end.
In this embodiment, the data collection end 102 sends an identity authentication request to the cryptographic platform, so that the cryptographic platform responds to the identity authentication request, and the cryptographic platform returns a digital signature determined based on a preset digital certificate to the data collection end 102. The data acquisition side 102 sends the digital signature to the data processing side 104. The data processing end 104 performs signature verification processing based on the digital signature to obtain a signature verification result, and returns the signature verification result to the data acquisition end 102. And under the condition that the signature verification result shows that verification is successful, the terminal encrypts the collected remote sensing data based on the first public key to obtain a first data ciphertext.
In this embodiment, before the data acquisition end 102 encrypts the remote sensing data, identity authentication is performed first, and only if the identity authentication is successful, the data acquisition end 102 encrypts the remote sensing data. Therefore, the remote sensing data is encrypted based on the data acquisition end with successful identity authentication, so that the safety and reliability of the remote sensing data can be improved.
In one embodiment, as shown in fig. 3, a method for securely monitoring remote sensing data of an unmanned aerial vehicle is provided, and illustrated by taking a secure monitoring system of the remote sensing data of the unmanned aerial vehicle, which is applied to fig. 1, as an example, the method for securely monitoring the remote sensing data of the unmanned aerial vehicle is applied to the data processing end 104, and includes:
step 302, receiving transmission data including a first data ciphertext and a key ciphertext sent by a data acquisition terminal.
The first data ciphertext is obtained by encrypting the acquired remote sensing data based on the first public key by the data acquisition end; the key ciphertext is obtained by the data acquisition end encrypting the first private key based on the second public key.
In this embodiment, the data processing end 104 receives the transmission data including the first data ciphertext and the key ciphertext sent by the data acquisition end 102. In one embodiment, the transmission data further comprises a validation script, and a second data ciphertext. The data processing end 104 includes a data receiving end and an intranet cryptographic machine. Specifically, the data receiving end receives the transmission data including the first data ciphertext and the key ciphertext sent by the data collecting end 102, and sends the transmission data to the intranet cryptographic machine.
And step 304, decrypting the key ciphertext in the transmission data based on the second private key to obtain the first private key.
Wherein the second private key is stored in advance at the data processing end 104. In one embodiment, the data processing end 104 includes a data receiving end and an intranet cryptographic engine, and the second private key is pre-stored in the intranet cryptographic engine.
In this embodiment, the data processing end 104 decrypts the key ciphertext in the transmission data based on the second private key to obtain the first private key. Specifically, the intranet cipher machine decrypts the key ciphertext in the transmission data based on the second private key to obtain the first private key. In one embodiment, if the encryption key used to encrypt the second data ciphertext is the second public key, the data acquisition end 102 encrypts the first private key, the device identifier of the data acquisition end 102, and the data start acquisition time of the remote sensing data simultaneously based on the second public key, to obtain the target key ciphertext. It will be appreciated that in the case where the encryption key that encrypts the second data ciphertext is the second public key, both the key ciphertext and the second data ciphertext are actually referred to as the target key ciphertext. If the encryption key used for encrypting the second data ciphertext is the second public key, the data processing end 104 (the intranet cryptographic engine in) decrypts the key ciphertext (i.e. the target key ciphertext) in the transmission data based on the second private key, so as to obtain the first private key, the device identifier of the data acquisition end 102, and the data initial acquisition time of the remote sensing data. The device identifier of the data collection terminal 102 is an identification code, such as an ID of a cryptographic chip, with lifelong uniqueness, non-modifiable, anti-repudiation, and read-only properties in the data collection terminal 102. The data start acquisition time of the remote sensing data is a time string when the data acquisition end 102 starts to acquire the remote sensing data. In one embodiment, the format of the data start acquisition time of the telemetry data may be YYYY: m is M 1 M 1 :DD:HH:M 2 M 2 : SS (i.e., year: month: day: hour: minute: second).
And 306, decrypting the first data ciphertext in the transmission data based on the first private key to obtain remote sensing data.
In this embodiment, the data processing end 104 decrypts the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data. Specifically, the intranet cipher machine decrypts a first data ciphertext in the transmission data based on the first private key to obtain remote sensing data.
In one embodiment, if the encryption key used for encrypting the second data ciphertext is the first public key, the data acquisition end 102 performs encryption processing on the remote sensing data, the device identifier of the data acquisition end 102, and the data start acquisition time of the remote sensing data simultaneously based on the first public key to obtain the target data ciphertext, at this time, the first data ciphertext and the second data ciphertext refer to the target data ciphertext, and the data processing end 104 (the intranet cryptomachine in) performs decryption processing on the first data ciphertext (i.e., the target data ciphertext) in the transmission data based on the first private key to obtain the remote sensing data, the device identifier of the data acquisition end 102, and the data start acquisition time of the remote sensing data. It can be appreciated that the data processing end 104 can verify the authenticity of the remote sensing data based on the device identifier of the data acquisition end 102, the data start acquisition time of the remote sensing data, and the verification plaintext obtained by the decryption process.
In another embodiment, if the encryption key used to encrypt the second data ciphertext is the first public key, the data collection terminal 102 encrypts the remote sensing data based on the first public key to obtain the first data ciphertext. If the encryption key used for encrypting the second data ciphertext is the first public key, the data acquisition end 102 performs encryption processing on the device identifier of the data acquisition end 102 and the data initial acquisition time of the remote sensing data based on the first public key, so as to obtain the second data ciphertext. At this time, the first data ciphertext is not equal to the second data ciphertext. In this case, the (intranet cryptographic engine of the) data processing end 104 may decrypt the first data ciphertext first, or may decrypt the second data ciphertext first. Preferably, the (intranet crypto) of the data processing end 104 may decrypt the second data ciphertext first.
In the scheme, the transmission data is the ciphertext after being encrypted by the data acquisition end, so that the data processing end can acquire the remote sensing data in the transmission data only by decrypting the transmission data by using the correct decryption key, thereby reducing the leakage condition of the remote sensing data and improving the safety of the remote sensing data.
In one embodiment, before receiving the transmission data including the first data ciphertext and the key ciphertext sent by the data acquisition terminal, the method further includes:
receiving a digital signature sent by a data acquisition end; and carrying out signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end.
The digital signature is determined based on a preset digital certificate by the password platform in response to an identity authentication request sent by the data acquisition end and is sent to the data processing end by the password platform. The signature verification result is used for indicating the data acquisition end to encrypt the acquired remote sensing data based on the first public key under the condition that the signature verification result indicates that verification is successful, so as to obtain a first data ciphertext.
In this embodiment, the data processing end 104 receives the digital signature sent by the data acquisition end 102. The data processing end 104 performs signature verification processing based on the digital signature to obtain a signature verification result, and returns the signature verification result to the data acquisition end 102. Wherein the digital signature is the result of the cryptographic platform encrypting the digital certificate based on the public key of the cryptographic platform.
In this embodiment, the data processing end 104 performs signature verification processing based on the digital signature, and returns a signature verification result to the data acquisition end 102. Thus, a precondition is provided for the subsequent data acquisition terminal 102 to perform step 202 only if the verification result indicates that the verification is successful.
In one embodiment, the method further includes, before performing decryption processing on the key ciphertext in the transmission data based on the second private key to obtain the first private key:
inquiring the valid deadline of a preset digital certificate which is later than the data initial acquisition time based on the data initial acquisition time of the remote sensing data to obtain a target valid deadline; and determining a second private key according to the target effective deadline and the equipment identification of the data acquisition end.
In this embodiment, the data processing end 104 (intranet crypto machine) queries the valid deadline of the preset digital certificate later than the data initial acquisition time based on the data initial acquisition time, so as to obtain the target valid deadline. The data processing end 104 (intranet cryptographic machine in) determines the second private key corresponding to the target valid deadline and the device identifier based on the target valid deadline, the device identifier, and the preset corresponding relationship between the target valid deadline and the device identifier and the second private key.
In this embodiment, the data processing end 104 obtains the target effective deadline through the data start acquisition time and the query, and determines the second private key based on the target effective deadline and the device identifier, so as to provide a precondition for the subsequent data processing end 104 to decrypt the key ciphertext based on the second private key.
In one embodiment, the transmission data further includes a second data ciphertext including a device identifier of the data acquisition end and a data start acquisition time of the remote sensing data, and a verification plaintext including the device identifier and the data start acquisition time; decrypting the first data ciphertext in the transmission data based on the first private key includes:
under the condition that the equipment identifier in the verification plaintext is consistent with the equipment identifier contained in the second data ciphertext and the data initial acquisition time in the verification plaintext is consistent with the data initial acquisition time contained in the second data ciphertext, the first data ciphertext in the transmission data is decrypted based on the first private key.
In this embodiment, if the encryption key used for encrypting the second data ciphertext is the second public key, the data processing end 104 (the intranet cryptographic engine in) decrypts the second data ciphertext (i.e. the target key ciphertext) in the transmission data based on the second private key, so as to obtain the first private key, the device identifier of the data acquisition end 102, and the data initial acquisition time of the remote sensing data. The data processing end 104 (intranet cryptographic machine) compares the device identifier included in the verification plaintext in the transmission data with the device identifier obtained by decryption, and compares the data initial acquisition time included in the verification plaintext in the transmission data with the data initial acquisition time obtained by decryption. In the case that the device identifier included in the verification plaintext is consistent with the device identifier obtained by decryption, and the data start acquisition time included in the verification plaintext is consistent with the data start acquisition time obtained by decryption, the data processing end 104 executes step 306.
If the encryption key used for encrypting the second data ciphertext is the first public key and the first data ciphertext is not equal to the second data ciphertext, the data processing end 104 (the intranet crypto) firstly decrypts the second data ciphertext based on the first private key, so as to obtain the device identifier of the data acquisition end 102 and the data initial acquisition time of the remote sensing data. And under the condition that the device identifier in the verification plaintext is consistent with the device identifier contained in the second data ciphertext and the data initial acquisition time in the verification plaintext is consistent with the data initial acquisition time contained in the second data ciphertext, the data processing end 104 (the intranet cryptographic machine in the data processing end) decrypts the first data ciphertext in the transmission data based on the first private key, so as to obtain remote sensing data.
In this embodiment, the data processing end 104 may verify the authenticity of the transmission data by comparing the plaintext in the transmission data with the decryption result obtained by decrypting the transmission data, so as to avoid the potential safety hazard caused by maliciously tampered transmission data.
In one embodiment, as shown in fig. 4, there is provided an access authentication method, which is applicable to the access authentication system in fig. 1, the access authentication method including the steps of:
In step 402, the data acquisition end 102 acquires a data start acquisition time, and acquires remote sensing data if the data start acquisition time is earlier than a preset valid expiration time of the digital certificate.
Step 404, the data acquisition end 102 sends an identity authentication request to the cryptographic platform.
In step 406, the cryptographic platform determines a digital signature based on a preset digital certificate in response to the authentication request, and returns the digital signature to the data acquisition terminal 102.
In step 408, the data collection terminal 102 sends the digital signature to the data processing terminal 104.
In step 410, the data processing end 104 performs signature verification processing based on the digital signature, so as to obtain a signature verification result, and returns the signature verification result to the data acquisition end 102.
In step 412, in the case that the signature verification result indicates that the verification is successful, the data collection end 102 encrypts the collected remote sensing data based on the first public key to obtain a first data ciphertext.
In step 414, the data acquisition end 102 encrypts the first private key, the device identifier of the data acquisition end 102, and the data start acquisition time of the remote sensing data based on the second public key to obtain a key ciphertext.
In step 416, the data collection terminal 102 sends the transmission data including the first data ciphertext, the key ciphertext, and the authentication plaintext to the data processing terminal 104. The verification text includes the device identifier of the data acquisition end 102 and the data start acquisition time of the remote sensing data.
In step 418, the data processing end 104 decrypts the key ciphertext in the transmission data based on the second private key, to obtain the first private key, the device identifier of the data acquisition end 102, and the data start acquisition time of the remote sensing data.
Step 420, in the case that the device identifier in the plaintext is consistent with the device identifier obtained by decrypting in step 418, and the data initial acquisition time in the plaintext is consistent with the data initial acquisition time obtained by decrypting in step 418, the data processing end 104 performs decryption processing on the first data ciphertext in the transmission data based on the first private key, so as to obtain remote sensing data.
It should be understood that, although the steps in the flowcharts related to the embodiments described above are sequentially shown as indicated by arrows, these steps are not necessarily sequentially performed in the order indicated by the arrows. The steps are not strictly limited to the order of execution unless explicitly recited herein, and the steps may be executed in other orders. Moreover, at least some of the steps in the flowcharts described in the above embodiments may include a plurality of steps or a plurality of stages, which are not necessarily performed at the same time, but may be performed at different times, and the order of the steps or stages is not necessarily performed sequentially, but may be performed alternately or alternately with at least some of the other steps or stages.
Based on the same inventive concept, the embodiment of the application also provides a safety supervision system for the unmanned aerial vehicle remote sensing data, which is used for realizing the safety supervision method for the unmanned aerial vehicle remote sensing data. The implementation scheme of the solution to the problem provided by the system is similar to the implementation scheme described in the above method, so the specific limitation in the embodiments of the safety supervision system for remote sensing data of one or more unmanned aerial vehicles provided below can be referred to the limitation of the safety supervision method for remote sensing data of unmanned aerial vehicles hereinabove, and will not be repeated here.
In one embodiment, as shown in fig. 1, a system for monitoring and controlling the security of remote sensing data of an unmanned aerial vehicle is provided, where the system for monitoring and controlling the security of remote sensing data of an unmanned aerial vehicle includes a data acquisition end 102 and a data processing end 104, where:
the data acquisition end 102 is configured to encrypt the acquired remote sensing data based on the first public key to obtain a first data ciphertext; encrypting the first private key based on the second public key to obtain a key ciphertext; transmitting the transmission data containing the first data ciphertext and the key ciphertext to the data processing end 104;
the data processing end 104 is configured to decrypt the key ciphertext in the transmission data based on the second private key to obtain a first private key; and decrypting the first data ciphertext in the transmission data based on the first private key to obtain remote sensing data.
In one embodiment, the data processing end comprises a data receiving end and an intranet cryptographic machine; the data processing end decrypts the key ciphertext in the transmission data based on the second private key to obtain a first private key; decrypting the first data ciphertext in the transmission data based on the first private key to obtain remote sensing data, including:
the data receiving end is used for receiving the transmission data sent by the data acquisition end and sending the transmission data to the intranet cipher machine;
the intranet cipher machine is used for decrypting the key ciphertext in the transmission data based on the second private key to obtain a first private key; and decrypting the first data ciphertext in the transmission data based on the first private key to obtain remote sensing data.
In one embodiment, before the encrypting the collected remote sensing data based on the first public key, the method further comprises:
acquiring data initial acquisition time of remote sensing data;
and under the condition that the data initial acquisition time is earlier than the valid deadline of the preset digital certificate, acquiring the remote sensing data.
In one embodiment, encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext includes:
sending an identity authentication request to the password platform, so that the password platform responds to the identity authentication request and returns a digital signature determined based on a preset digital certificate to the data acquisition end;
Transmitting the digital signature to a data processing end; the digital signature is used for indicating the data processing end to perform signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end;
and under the condition that the verification result shows that the verification is successful, encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext.
In one embodiment, before receiving the transmission data including the first data ciphertext and the key ciphertext sent by the data acquisition terminal, the method further includes:
receiving a digital signature sent by a data acquisition end; the digital signature is determined based on a preset digital certificate by the password platform in response to an identity authentication request sent by the data acquisition end and is sent to the data processing end by the password platform;
performing signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end; the signature verification result is used for indicating the data acquisition end to encrypt the acquired remote sensing data based on the first public key under the condition that the signature verification result indicates that verification is successful, so as to obtain a first data ciphertext.
In one embodiment, the method further includes, before performing decryption processing on the key ciphertext in the transmission data based on the second private key to obtain the first private key:
Inquiring the valid deadline of a preset digital certificate which is later than the data initial acquisition time based on the data initial acquisition time of the remote sensing data to obtain a target valid deadline;
and determining a second private key according to the target effective deadline and the equipment identification of the data acquisition end.
In one embodiment, the transmission data further includes a second data ciphertext including a device identifier of the data acquisition end and a data start acquisition time of the remote sensing data, and a verification plaintext including the device identifier and the data start acquisition time; decrypting the first data ciphertext in the transmission data based on the first private key includes:
under the condition that the equipment identifier in the verification plaintext is consistent with the equipment identifier contained in the second data ciphertext and the data initial acquisition time in the verification plaintext is consistent with the data initial acquisition time contained in the second data ciphertext, the first data ciphertext in the transmission data is decrypted based on the first private key.
Based on the same inventive concept, the embodiment of the application also provides a safety supervision device for the unmanned aerial vehicle remote sensing data, which is used for realizing the safety supervision method for the unmanned aerial vehicle remote sensing data. The implementation scheme of the solution to the problem provided by the device is similar to the implementation scheme recorded in the method, so the specific limitation in the embodiments of the safety supervision device for remote sensing data of one or more unmanned aerial vehicles provided below can be referred to the limitation of the safety supervision method for remote sensing data of unmanned aerial vehicles hereinabove, and will not be repeated here.
In one embodiment, as shown in fig. 5, there is provided a device for monitoring and controlling remote sensing data of an unmanned aerial vehicle, where the device is applied to a data acquisition end, and the device includes:
the first encryption module 502 is configured to encrypt the collected remote sensing data based on the first public key to obtain a first data ciphertext;
a second encryption module 504, configured to encrypt the first private key based on the second public key to obtain a key ciphertext;
the sending module 506 is configured to send the transmission data including the first data ciphertext and the key ciphertext to the data processing end, so that the data processing end decrypts the key ciphertext in the transmission data based on the second private key to obtain a first private key, and decrypts the first data ciphertext in the transmission data based on the first private key to obtain remote sensing data.
In one embodiment, the safety supervision device of unmanned aerial vehicle remote sensing data further includes:
the acquisition module is used for acquiring the data initial acquisition time of the remote sensing data;
and the acquisition module is used for acquiring remote sensing data under the condition that the data initial acquisition time is earlier than the valid deadline of the preset digital certificate.
In one embodiment, the first encryption module 502 is specifically configured to:
Sending an identity authentication request to the password platform, so that the password platform responds to the identity authentication request and returns a digital signature determined based on a preset digital certificate to the data acquisition end;
transmitting the digital signature to a data processing end; the digital signature is used for indicating the data processing end to perform signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end;
and under the condition that the verification result shows that the verification is successful, encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext.
In one embodiment, as shown in fig. 6, there is provided a device for monitoring and controlling remote sensing data of an unmanned aerial vehicle, where the device is applied to a data processing end, and the device includes:
the first receiving module 602 is configured to receive transmission data including a first data ciphertext and a key ciphertext sent by the data acquisition end; the first data ciphertext is obtained by encrypting the acquired remote sensing data based on the first public key by the data acquisition end; the key ciphertext is obtained by the data acquisition end encrypting the first private key based on the second public key;
the first decryption module 604 is configured to decrypt the key ciphertext in the transmission data based on the second private key, to obtain a first private key;
The second decryption module 606 is configured to decrypt the first data ciphertext in the transmission data based on the first private key, to obtain remote sensing data.
In one embodiment, the safety supervision device of unmanned aerial vehicle remote sensing data further includes:
the second receiving module is used for receiving the digital signature sent by the data acquisition end; the digital signature is determined based on a preset digital certificate by the password platform in response to an identity authentication request sent by the data acquisition end and is sent to the data processing end by the password platform;
the signature verification module is used for carrying out signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end; the signature verification result is used for indicating the data acquisition end to encrypt the acquired remote sensing data based on the first public key under the condition that the signature verification result indicates that verification is successful, so as to obtain a first data ciphertext.
In one embodiment, the safety supervision device of unmanned aerial vehicle remote sensing data further includes:
the inquiry module is used for inquiring the preset effective deadline of the digital certificate which is later than the data initial acquisition time based on the data initial acquisition time of the remote sensing data to obtain the target effective deadline;
and the determining module is used for determining the second private key according to the target effective deadline and the equipment identification of the data acquisition end.
In one embodiment, the transmission data further includes a second data ciphertext including a device identifier of the data acquisition end and a data start acquisition time of the remote sensing data, and a verification plaintext including the device identifier and the data start acquisition time; the second decryption module 606 is specifically configured to:
under the condition that the equipment identifier in the verification plaintext is consistent with the equipment identifier contained in the second data ciphertext and the data initial acquisition time in the verification plaintext is consistent with the data initial acquisition time contained in the second data ciphertext, the first data ciphertext in the transmission data is decrypted based on the first private key.
All or part of each module in the unmanned aerial vehicle remote sensing data safety supervision device can be realized by software, hardware and a combination thereof. The above modules may be embedded in hardware or may be independent of a processor in the computer device, or may be stored in software in a memory in the computer device, so that the processor may call and execute operations corresponding to the above modules.
In one embodiment, a computer device is provided, which may be a terminal, and the internal structure of which may be as shown in fig. 7. The computer device includes a processor, a memory, an input/output interface, a communication interface, a display unit, and an input means. The processor, the memory and the input/output interface are connected through a system bus, and the communication interface, the display unit and the input device are connected to the system bus through the input/output interface. Wherein the processor of the computer device is configured to provide computing and control capabilities. The memory of the computer device includes a non-volatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The input/output interface of the computer device is used to exchange information between the processor and the external device. The communication interface of the computer device is used for carrying out wired or wireless communication with an external terminal, and the wireless mode can be realized through WIFI, a mobile cellular network, NFC (near field communication) or other technologies. The computer program, when executed by the processor, implements a method for secure supervision of unmanned aerial vehicle remote sensing data. The display unit of the computer device is used for forming a visual picture, and can be a display screen, a projection device or a virtual reality imaging device. The display screen can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, can also be a key, a track ball or a touch pad arranged on the shell of the computer equipment, and can also be an external keyboard, a touch pad or a mouse and the like.
It will be appreciated by those skilled in the art that the structure shown in fig. 7 is merely a block diagram of some of the structures associated with the present application and is not limiting of the computer device to which the present application may be applied, and that a particular computer device may include more or fewer components than shown, or may combine certain components, or have a different arrangement of components.
In one embodiment, a computer device is provided, comprising a memory and a processor, the memory having stored therein a computer program, the processor implementing the steps of the method embodiments described above when the computer program is executed.
In one embodiment, a computer-readable storage medium is provided, on which a computer program is stored which, when executed by a processor, carries out the steps of the method embodiments described above.
In an embodiment, a computer program product is provided, comprising a computer program which, when executed by a processor, implements the steps of the method embodiments described above.
It should be noted that, the user information (including, but not limited to, user equipment information, user personal information, etc.) and the data (including, but not limited to, data for analysis, stored data, presented data, etc.) referred to in the present application are information and data authorized by the user or sufficiently authorized by each party, and the collection, use and processing of the related data are required to comply with the related laws and regulations and standards of the related countries and regions.
Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, database, or other medium used in the various embodiments provided herein may include at least one of non-volatile and volatile memory. The nonvolatile Memory may include Read-Only Memory (ROM), magnetic tape, floppy disk, flash Memory, optical Memory, high density embedded nonvolatile Memory, resistive random access Memory (ReRAM), magnetic random access Memory (Magnetoresistive Random Access Memory, MRAM), ferroelectric Memory (Ferroelectric Random Access Memory, FRAM), phase change Memory (Phase Change Memory, PCM), graphene Memory, and the like. Volatile memory can include random access memory (Random Access Memory, RAM) or external cache memory, and the like. By way of illustration, and not limitation, RAM can be in the form of a variety of forms, such as static random access memory (Static Random Access Memory, SRAM) or dynamic random access memory (Dynamic Random Access Memory, DRAM), and the like. The databases referred to in the various embodiments provided herein may include at least one of relational databases and non-relational databases. The non-relational database may include, but is not limited to, a blockchain-based distributed database, and the like. The processors referred to in the embodiments provided herein may be general purpose processors, central processing units, graphics processors, digital signal processors, programmable logic units, quantum computing-based data processing logic units, etc., without being limited thereto.
The technical features of the above embodiments may be arbitrarily combined, and all possible combinations of the technical features in the above embodiments are not described for brevity of description, however, as long as there is no contradiction between the combinations of the technical features, they should be considered as the scope of the description.
The above examples only represent a few embodiments of the present application, which are described in more detail and are not to be construed as limiting the scope of the present application. It should be noted that it would be apparent to those skilled in the art that various modifications and improvements could be made without departing from the spirit of the present application, which would be within the scope of the present application. Accordingly, the scope of protection of the present application shall be subject to the appended claims.

Claims (10)

1. The method is characterized by being applied to a data acquisition end, and comprises the following steps:
encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext;
encrypting the first private key based on the second public key to obtain a key ciphertext;
and transmitting the transmission data containing the first data ciphertext and the key ciphertext to a data processing end, so that the data processing end decrypts the key ciphertext in the transmission data based on a second private key to obtain the first private key, and decrypts the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
2. The method of claim 1, wherein prior to encrypting the collected remote sensing data based on the first public key, further comprising:
acquiring the data initial acquisition time of the remote sensing data;
and acquiring the remote sensing data under the condition that the initial data acquisition time is earlier than the valid deadline of the preset digital certificate.
3. The method according to any one of claims 1 to 2, wherein the encrypting the collected remote sensing data based on the first public key to obtain the first data ciphertext includes:
sending an identity authentication request to a password platform, so that the password platform responds to the identity authentication request and returns a digital signature determined based on a preset digital certificate to the data acquisition end;
transmitting the digital signature to the data processing end; the digital signature is used for indicating the data processing end to perform signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end;
and under the condition that the signature verification result shows that verification is successful, encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext.
4. The method for safely supervising the remote sensing data of the unmanned aerial vehicle is characterized by being applied to a data processing end, and comprises the following steps:
receiving transmission data which is sent by a data acquisition end and contains a first data ciphertext and a key ciphertext; the first data ciphertext is obtained by encrypting the acquired remote sensing data based on a first public key by the data acquisition end; the key ciphertext is obtained by the data acquisition end through encryption processing of a first private key based on a second public key;
decrypting the key ciphertext in the transmission data based on a second private key to obtain the first private key;
and decrypting the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
5. The method of claim 4, wherein before receiving the transmission data including the first data ciphertext and the key ciphertext sent by the data acquisition terminal, further comprises:
receiving a digital signature sent by the data acquisition end; the digital signature is determined based on a preset digital certificate by the password platform in response to an identity authentication request sent by the data acquisition end and is sent to the data processing end by the password platform;
Performing signature verification processing based on the digital signature to obtain a signature verification result, and returning the signature verification result to the data acquisition end; and the signature verification result is used for indicating the data acquisition end to encrypt the acquired remote sensing data based on a first public key under the condition that the signature verification result indicates that verification is successful, so as to obtain a first data ciphertext.
6. The method according to any one of claims 4 to 5, wherein the decrypting the key ciphertext in the transmission data based on the second private key further comprises, before obtaining the first private key:
inquiring the valid deadline of a preset digital certificate which is later than the data initial acquisition time based on the data initial acquisition time of the remote sensing data to obtain a target valid deadline;
and determining the second private key according to the target effective deadline and the equipment identifier of the data acquisition end.
7. The method of claim 4, wherein the transmission data further comprises a second data ciphertext including a device identification of the data acquisition end and a data start acquisition time of the remote sensing data, and a verification plaintext including the device identification and the data start acquisition time; the decrypting the first data ciphertext in the transmission data based on the first private key includes:
And under the condition that the equipment identifier in the verification plaintext is consistent with the equipment identifier contained in the second data ciphertext and the data initial acquisition time in the verification plaintext is consistent with the data initial acquisition time contained in the second data ciphertext, decrypting the first data ciphertext in the transmission data based on the first private key.
8. The utility model provides a safety supervision system of unmanned aerial vehicle remote sensing data, its characterized in that, the system includes data acquisition end and data processing end, wherein:
the data acquisition end is used for carrying out encryption processing on the acquired remote sensing data based on the first public key to obtain a first data ciphertext; encrypting the first private key based on the second public key to obtain a key ciphertext; transmitting transmission data containing the first data ciphertext and the key ciphertext to the data processing end;
the data processing end decrypts the key ciphertext in the transmission data based on the second private key to obtain the first private key; and decrypting the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
9. The system of claim 8, wherein the data processing end comprises a data receiving end and an intranet cryptographic machine; the data processing end decrypts the key ciphertext in the transmission data based on the second private key to obtain the first private key; decrypting the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data, including:
The data receiving end is used for receiving the transmission data sent by the data acquisition end and sending the transmission data to the intranet cipher machine;
the intranet cipher machine is used for decrypting the key ciphertext in the transmission data based on a second private key to obtain the first private key; and decrypting the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
10. The utility model provides a safety supervision device of unmanned aerial vehicle remote sensing data, its characterized in that, the device is applied to data acquisition end, the device includes:
the first encryption module is used for encrypting the collected remote sensing data based on the first public key to obtain a first data ciphertext;
the second encryption module is used for encrypting the first private key based on the second public key to obtain a key ciphertext;
and the sending module is used for sending the transmission data containing the first data ciphertext and the key ciphertext to the data processing end so that the data processing end can decrypt the key ciphertext in the transmission data based on the second private key to obtain the first private key, and can decrypt the first data ciphertext in the transmission data based on the first private key to obtain the remote sensing data.
CN202310162354.5A 2023-02-24 2023-02-24 Safety supervision method and device for remote sensing data of unmanned aerial vehicle Pending CN116366289A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310162354.5A CN116366289A (en) 2023-02-24 2023-02-24 Safety supervision method and device for remote sensing data of unmanned aerial vehicle

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310162354.5A CN116366289A (en) 2023-02-24 2023-02-24 Safety supervision method and device for remote sensing data of unmanned aerial vehicle

Publications (1)

Publication Number Publication Date
CN116366289A true CN116366289A (en) 2023-06-30

Family

ID=86932201

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310162354.5A Pending CN116366289A (en) 2023-02-24 2023-02-24 Safety supervision method and device for remote sensing data of unmanned aerial vehicle

Country Status (1)

Country Link
CN (1) CN116366289A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117014223A (en) * 2023-09-06 2023-11-07 深圳龙电华鑫控股集团股份有限公司 Concentrator, data transmission method and device thereof and storage medium

Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010056541A1 (en) * 2000-05-11 2001-12-27 Natsume Matsuzaki File management apparatus
US20020095569A1 (en) * 2001-01-17 2002-07-18 Jerdonek Robert A. Apparatus for pre-authentication of users using one-time passwords
CN103414563A (en) * 2013-08-05 2013-11-27 南京瑞组信息技术有限公司 Validity time management method of CPK identification, secret key pair and certificate
CN107896223A (en) * 2017-12-04 2018-04-10 山东渔翁信息技术股份有限公司 A kind of data processing method and system, data collecting system and data receiving system
WO2018076564A1 (en) * 2016-10-31 2018-05-03 宇龙计算机通信科技(深圳)有限公司 Privacy protection method and privacy protection device in vehicle communication
CN108055236A (en) * 2017-11-03 2018-05-18 深圳市轱辘车联数据技术有限公司 A kind of data processing method, mobile unit and electronic equipment
US20200274699A1 (en) * 2019-02-22 2020-08-27 Panasonic Avionics Corporation Hybrid cryptographic system and method for encrypting data for common fleet of vehicles
CN113806772A (en) * 2021-09-03 2021-12-17 武汉虹旭信息技术有限责任公司 Information encryption transmission method and device based on block chain
WO2022060288A2 (en) * 2020-09-15 2022-03-24 华为技术有限公司 Method for secure communication between unmanned aerial vehicle and remote controller, and related apparatus

Patent Citations (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20010056541A1 (en) * 2000-05-11 2001-12-27 Natsume Matsuzaki File management apparatus
US20020095569A1 (en) * 2001-01-17 2002-07-18 Jerdonek Robert A. Apparatus for pre-authentication of users using one-time passwords
CN103414563A (en) * 2013-08-05 2013-11-27 南京瑞组信息技术有限公司 Validity time management method of CPK identification, secret key pair and certificate
WO2018076564A1 (en) * 2016-10-31 2018-05-03 宇龙计算机通信科技(深圳)有限公司 Privacy protection method and privacy protection device in vehicle communication
CN108055236A (en) * 2017-11-03 2018-05-18 深圳市轱辘车联数据技术有限公司 A kind of data processing method, mobile unit and electronic equipment
CN107896223A (en) * 2017-12-04 2018-04-10 山东渔翁信息技术股份有限公司 A kind of data processing method and system, data collecting system and data receiving system
US20200274699A1 (en) * 2019-02-22 2020-08-27 Panasonic Avionics Corporation Hybrid cryptographic system and method for encrypting data for common fleet of vehicles
WO2022060288A2 (en) * 2020-09-15 2022-03-24 华为技术有限公司 Method for secure communication between unmanned aerial vehicle and remote controller, and related apparatus
CN113806772A (en) * 2021-09-03 2021-12-17 武汉虹旭信息技术有限责任公司 Information encryption transmission method and device based on block chain

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117014223A (en) * 2023-09-06 2023-11-07 深圳龙电华鑫控股集团股份有限公司 Concentrator, data transmission method and device thereof and storage medium
CN117014223B (en) * 2023-09-06 2024-02-27 深圳龙电华鑫控股集团股份有限公司 Concentrator, data transmission method and device thereof and storage medium

Similar Documents

Publication Publication Date Title
CN110519260B (en) Information processing method and information processing device
US9646161B2 (en) Relational database fingerprinting method and system
EP3585032B1 (en) Data security service
US20170195119A1 (en) Key rotation techniques
CN110460439A (en) Information transferring method, device, client, server-side and storage medium
CN113691502B (en) Communication method, device, gateway server, client and storage medium
US9300639B1 (en) Device coordination
CN106452770B (en) Data encryption method, data decryption method, device and system
CN103246842A (en) Methods and devices for authentication and data encryption
CN108234442B (en) Method, system and readable storage medium for acquiring contract
CN112332975A (en) Internet of things equipment secure communication method and system
CN103914662A (en) Access control method and device of file encrypting system on the basis of partitions
CN111401901A (en) Authentication method and device of biological payment device, computer device and storage medium
CN114499875B (en) Service data processing method, device, computer equipment and storage medium
CN115348107A (en) Internet of things equipment secure login method and device, computer equipment and storage medium
CN116366289A (en) Safety supervision method and device for remote sensing data of unmanned aerial vehicle
CN104104650A (en) Data file visit method and terminal equipment
CN116049802B (en) Application single sign-on method, system, computer equipment and storage medium
CN117041956A (en) Communication authentication method, device, computer equipment and storage medium
CN116684102A (en) Message transmission method, message verification method, device, equipment, medium and product
CN116011042A (en) Data storage method, device, system, computer equipment and storage medium
CN116015846A (en) Identity authentication method, identity authentication device, computer equipment and storage medium
CN116233847A (en) Login method, login device, computer equipment and storage medium
CN116204903A (en) Financial data security management method and device, electronic equipment and storage medium
CN115361198A (en) Decryption method, encryption method, device, computer equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination