CN116828033A - Information security middleware system and method for providing security service - Google Patents

Information security middleware system and method for providing security service Download PDF

Info

Publication number
CN116828033A
CN116828033A CN202310834451.4A CN202310834451A CN116828033A CN 116828033 A CN116828033 A CN 116828033A CN 202310834451 A CN202310834451 A CN 202310834451A CN 116828033 A CN116828033 A CN 116828033A
Authority
CN
China
Prior art keywords
security
certificate
data
security service
packaged
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310834451.4A
Other languages
Chinese (zh)
Inventor
尹杨
周伟
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhejiang Geely Holding Group Co Ltd
Geely Automobile Research Institute Ningbo Co Ltd
Original Assignee
Zhejiang Geely Holding Group Co Ltd
Geely Automobile Research Institute Ningbo Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhejiang Geely Holding Group Co Ltd, Geely Automobile Research Institute Ningbo Co Ltd filed Critical Zhejiang Geely Holding Group Co Ltd
Priority to CN202310834451.4A priority Critical patent/CN116828033A/en
Publication of CN116828033A publication Critical patent/CN116828033A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/2871Implementation details of single intermediate entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/2885Hierarchically arranged intermediate devices, e.g. for hierarchical caching
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Small-Scale Networks (AREA)

Abstract

The application provides an information security middleware system and a method for providing security service, wherein after an upper intelligent security service application is issued by the information security middleware system, a security service request and data to be packaged generated by an intelligent network-connected automobile electronic control unit according to the upper intelligent security service application are received; determining whether a hardware security module corresponding to the security service request exists; if the data to be packaged does not exist, the data to be packaged is packaged by utilizing a cryptographic algorithm to obtain a summary signature and a data ciphertext, and the summary signature and the data ciphertext are fed back to an intelligent network-connected automobile electronic control unit, so that the problems that the cost is high and the automobile information is not absolutely safe due to the fact that the HSM is required to be configured for each ECU in the prior art are solved.

Description

Information security middleware system and method for providing security service
Technical Field
The application relates to the technical field of intelligent network-connected automobile information security, in particular to an information security middleware system and a method for providing security service.
Background
With the development of intelligent network-connected automobiles, more and more automobile manufacturers realize system upgrading, application updating, vulnerability restoration, function opening and the like of automobile products through a remote upgrading technology (OTA). The OTA system is an important component of the intelligent network-connected automobile and is also an important attack object of an intruder. For continuous and healthy development of intelligent network-connected automobiles, information security protection measures must be added to the automobile OTA system.
Currently, information security of an automobile OTA system is independently implemented by a single Electronic Control Unit (ECU). An automotive open system architecture (AUTOSAR) defines basic software functions and interfaces for software running on an ECU, ensuring that the ECU interfaces are standardized. A Hardware Security Module (HSM) provides the ECU with keys for protecting and managing the use of the strong authentication system, and at the same time provides related cryptographic operations to secure the information of the ECU.
In the scheme, the HSM cost is high, information of the ECU can interact with an Autosar protocol stack provider, and automobile information is not absolutely safe.
Disclosure of Invention
The application provides an information security middleware system and a method for providing security service, which are used for solving the problems that the cost of providing security service for an ECU by using an HSM is high and automobile information is not absolutely safe in the prior art.
In one aspect, the present application provides an information security middleware system comprising:
the security service layer is used for issuing an upper intelligent security service application for the intelligent network-connected automobile electronic control unit to select, and the security service comprises a true random number generation service and a data decryption service;
the application packaging layer is used for receiving a security service request and data to be packaged of the intelligent network-connected automobile electronic control unit, and sending the security service request and the data to be packaged to the basic algorithm layer, wherein the security service request is generated according to the upper intelligent security service application;
a basic algorithm layer for determining whether the hardware driving layer has a hardware security module corresponding to the security service request; packaging the data to be packaged by using a cryptographic algorithm;
and the hardware driving layer comprises a hardware security module and is used for packaging the data to be packaged according to the security service request.
In another aspect, the present application provides a method for providing security services by an information security middleware system, including:
issuing an upper intelligent security service application;
receiving a security service request and data to be packaged of an intelligent network-connected automobile electronic control unit, wherein the security service request is generated according to the upper intelligent security service application;
determining whether a hardware security module corresponding to the security service request exists, and if so, packaging the data to be packaged by using the hardware security module; if not, the data to be packaged are packaged by utilizing a cryptographic algorithm, so that a digest signature and a data ciphertext are obtained;
and sending the digest signature and the data ciphertext to the intelligent network-connected automobile electronic control unit.
In yet another aspect, the present application provides an electronic device comprising: a processor, and a memory communicatively coupled to the processor;
the memory stores computer-executable instructions;
the processor executes computer-executable instructions stored in the memory to implement the method as described above.
In a final aspect, the application provides a computer readable storage medium having stored therein computer executable instructions which when executed by a processor are adapted to carry out a method of providing security services in an information security middleware system as described hereinbefore.
The application provides an information security middleware system and a method for providing security service, which are applied by issuing upper intelligent security service; receiving a security service request and data to be packaged generated by an intelligent network-connected automobile electronic control unit according to an upper intelligent security service application; determining whether a hardware security module corresponding to the security service request exists or not, and if not, packaging the data to be packaged by using a cryptographic algorithm to obtain a summary signature and a data ciphertext; the digest signature and the data ciphertext are sent to the intelligent network-connected automobile electronic control unit, so that the problems that the cost is high and the automobile information is not absolutely safe due to the fact that an HSM needs to be configured for each ECU in the prior art are solved.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the application and together with the description, serve to explain the principles of the application.
FIG. 1 is a schematic diagram of an information security middleware system architecture according to an embodiment of the present application;
FIG. 2 is a flow chart of a method for providing security services by the information security middleware system according to an embodiment of the present application;
FIG. 3 is a signaling interaction schematic diagram of a method for providing security services by an information security middleware system according to an embodiment of the present application;
fig. 4 is a flow chart of a security service upgrading method of an information security middleware system according to an embodiment of the present application;
FIG. 5 is a signaling interaction schematic diagram of a security service upgrading method of an information security middleware system according to an embodiment of the present application;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application.
Specific embodiments of the present application have been shown by way of the above drawings and will be described in more detail below. The drawings and the written description are not intended to limit the scope of the inventive concepts in any way, but rather to illustrate the inventive concepts to those skilled in the art by reference to the specific embodiments.
Detailed Description
Reference will now be made in detail to exemplary embodiments, examples of which are illustrated in the accompanying drawings. When the following description refers to the accompanying drawings, the same numbers in different drawings refer to the same or similar elements, unless otherwise indicated. The implementations described in the following exemplary examples do not represent all implementations consistent with the application. Rather, they are merely examples of apparatus and methods consistent with aspects of the application as detailed in the accompanying claims.
With the development of intelligent network connection automobiles, more and more automobile manufacturers realize system upgrading, application updating, vulnerability repairing, function opening and the like of automobile products through a remote upgrading technology OTA. The OTA system is an important component of the intelligent network-connected automobile and is also an important attack object of an intruder. For continuous and healthy development of intelligent network-connected automobiles, information security protection measures must be added to the automobile OTA system. Currently, information security of an automobile OTA system is independently realized by a single electronic control unit ECU. The automobile open system architecture AUTOSAR defines basic software functions and interfaces for software running on the ECU, and ensures the standardization of the ECU interfaces. The hardware security module HSM provides the ECU with a key for protecting and managing the key used by the strong authentication system and simultaneously provides related cryptography operation so as to ensure the information security of the ECU. However, HSM has high cost, and ECU information interacts with the AUTOSAR protocol stack provider, so that the vehicle information is not absolutely safe.
Fig. 1 is a schematic diagram of an information security middleware system architecture according to an embodiment of the present application, and referring to fig. 1, the system architecture may specifically include a security service layer 101, an application encapsulation layer 102, a basic algorithm layer 103, and a hardware driver layer 104.
The security service layer 101 can provide security services such as a true random number generation service 1011, a data decryption service 1012 and the like, and release the security services into an upper intelligent security service application in the form of an intelligent application APP for selection by an intelligent network-connected automobile electronic control unit.
It will be appreciated that the security service layer 101 in fig. 1 only shows two security services of the true random number generation service 1011 and the data decryption service 1012, but in the practical application process, the security service layer 101 can also provide other security services. Similarly, although only four applications, that is, the OTA APP1001, the digital key APP1002, the vehicle body configuration APP1003, and the power management APP1004, are shown in fig. 1, in the practical application process, the security service layer 101 may also issue other applications.
The application packaging layer 102 includes a security access module 1021, a security communication module 1022, and other related modules, and is configured to receive a security service request and data to be packaged of the intelligent network-connected electronic control unit, and send the security service request and the data to be packaged to the basic algorithm layer 103.
The security service request of the intelligent network-connected automobile electronic control unit is determined after analysis of the upper intelligent security service application issued by the security service layer 101, and is generated according to the security service that can be provided by the upper intelligent security service application.
The base algorithm layer 103 includes mainstream international algorithms 1031, a certificate management module 1032, a domestic encryption algorithm 1033, a key management module 1034, and other modules.
The certificate management module 1032 is capable of determining whether the hardware driver layer 104 has a hardware security module 1041 corresponding to a security service request of an intelligent network-connected vehicle electronic control unit.
The key management module 1034 is used for storing data to be packaged sent by the intelligent network-connected automobile electronic control unit.
In addition, the basic algorithm layer 103 can also encapsulate the data to be encapsulated by using the mainstream international algorithm 1031 or the domestic encryption algorithm 1033 when the hardware security module 1041 corresponding to the security service request is not found in the hardware driver layer 104.
The hardware driver layer 104 includes a hardware security module 1041, a trusted execution environment module 1042, and other related driver modules, and the hardware driver layer 104 can package data to be packaged according to a security service request.
In the prior art, the information security of the intelligent network-connected automobile is independently realized by an electronic control unit provided with a hardware security module, but the electronic control unit provided with the hardware security module needs to interact with an AUTOSAR protocol stack provider, part of automobile information can be reserved in the provider, the hardware security module has high cost, and if the hardware security module is configured on each electronic control unit, the cost is increased linearly. Therefore, in order to ensure the absolute safety of the automobile information and reduce the production cost, the application considers that the information safety middleware is utilized to replace the function of the hardware safety module, and provides relevant safety service for the electronic control unit.
Fig. 2 is a flow chart of a method for providing security services by using an information security middleware system according to an embodiment of the present application, and referring to fig. 2, the method for providing security services by using an information security middleware system according to an embodiment of the present application includes:
s201, publishing an upper-layer intelligent security service application.
The security service layer 101 can provide security services such as a true random number generation service 1011, a data decryption service 1012 and the like, and release the security services into an upper intelligent security service application in the form of an intelligent application APP for selection by an intelligent network-connected automobile electronic control unit.
In one implementation manner, the security services that can be generated by the security service layer 101 are a, b, and c, and the three security services a, b, and c are issued to the upper-layer intelligent security service application in the form of an intelligent application APP, and the three security services a, b, and c correspond to the A, B, C three intelligent applications APP, respectively.
The method distributes upper intelligent safety service application through the safety service layer 101, provides selectable safety service range for the intelligent network connection automobile electronic control unit, and can more accurately provide safety service required by the intelligent network connection automobile electronic control unit.
S202, receiving a security service request of the intelligent network-connected automobile electronic control unit and data to be packaged.
The intelligent network-connected automobile electronic control unit generates a safety service request according to the upper intelligent safety service application.
After analyzing the intelligent application APP issued by the security service layer 101, the intelligent network-connected automobile electronic control unit determines that the security service that can be obtained by itself in the information security middleware is a true random number generation service 1011 and a data decryption service 1012. After determining the security service required by the intelligent network-connected automobile electronic control unit, the intelligent network-connected automobile electronic control unit sends a request for acquiring the security service and data to be packaged to the application packaging layer 102.
In one implementation manner, the intelligent network-connected automobile electronic control unit is obtained through analysis, the security service which can be obtained in the information security middleware is A, B, C, and after determining that the security service required by the intelligent network-connected automobile electronic control unit is C, the intelligent network-connected automobile electronic control unit sends a request for obtaining the security service C and data to be packaged to the application packaging layer 102.
The method determines the security service to be provided by receiving the security service request of the intelligent network-connected automobile electronic control unit, and provides the security service name for the subsequent encapsulation of the data to be encapsulated.
S203, determining whether a hardware security module corresponding to the security service request exists, and if so, packaging the data to be packaged by using the hardware security module; and if the data does not exist, packaging the data to be packaged by using a cryptographic algorithm to obtain a summary signature and a data ciphertext.
After receiving the data to be encapsulated transmitted by the application encapsulation layer 102, the basic algorithm layer 103 stores the data to be encapsulated in the key management module 1034, and determines whether the hardware driver layer 104 has a hardware security module 1041 corresponding to a security service request of the intelligent network-connected electronic control unit by using the certificate management module 1032.
Wherein the certificate management module 1032 obtains a certificate from the secure service request, the certificate including a signature. The certificate management module 1032 analyzes the certificate to determine whether the certificate is legal, if so, a hardware security module corresponding to the security service request exists; if not, the hardware security module corresponding to the security service request does not exist.
The certificate management module 1032 analyzes the certificate, i.e. analyzes the certificate to obtain the validity period of the certificate, and determines whether the service time of the certificate is within the validity period.
The certificate management module 1032 analyzes the certificate and further includes pushing back a certificate chain containing the certificate to obtain a root certificate of the certificate; analyzing the root certificate to obtain a root certificate public key; it is determined whether the root certificate public key matches the signature of the certificate.
The basic algorithm layer 103 can also use the hardware security module 1041 to encapsulate data to be encapsulated when the hardware security module 1041 corresponding to the security service request is found in the hardware driver layer 104.
In addition, the basic algorithm layer 103 can also encapsulate the data to be encapsulated by using the mainstream international algorithm 1031 or the domestic encryption algorithm 1033 when the hardware security module 1041 corresponding to the security service request is not found in the hardware driver layer 104.
When the mainstream international algorithm 1031 or the domestic encryption algorithm 1033 is utilized to package the data to be packaged, firstly, carrying out hash operation on the data to be packaged to obtain a data abstract; then, performing abstract signature processing on the data abstract by using an asymmetric algorithm to obtain an abstract signature; and finally, encrypting the data to be packaged by utilizing a key of a symmetric algorithm to obtain a data ciphertext.
In one implementation, after the certificate management module 1032 determines that the hardware driver layer 104 has a hardware security module 1041 corresponding to a security service request of the intelligent network-connected electronic control unit, the hardware security module 1041 is used to package the data to be packaged stored in the key management module 1034.
In another implementation, after the determination by the certificate management module 1032, the hardware driver layer 104 does not have the hardware security module 1041 corresponding to the security service request of the intelligent network-connected electronic control unit, and the data to be packaged stored in the key management module 1034 is packaged by using the mainstream international algorithm 1031 or the domestic encryption algorithm 1033.
According to the method, when the intelligent network-connected automobile electronic control unit does not have the hardware security module 1041, the main stream international algorithm 1031 or the domestic encryption algorithm 1033 is utilized to provide security service for the intelligent network-connected automobile electronic control unit, the hardware security module 1041 is not required to be configured, information leakage caused by the fact that the intelligent network-connected automobile electronic control unit uses the hardware security module 1041 is avoided, and production cost is saved.
S204, the digest signature and the data ciphertext are sent to an intelligent network-connected automobile electronic control unit.
After the data to be packaged is packaged by the basic algorithm layer 103 or the hardware driving layer 104, a summary signature and a data ciphertext are obtained, and the summary signature and the data ciphertext are fed back to the intelligent network-connected automobile electronic control unit through the application packaging layer 102.
In one implementation manner, the base algorithm layer 103 obtains the digest signature and the data ciphertext after the data to be packaged is packaged, the base algorithm layer 103 transmits the digest signature and the data ciphertext to the application packaging layer 102, and the application packaging layer 102 feeds back the received digest signature and the received data ciphertext to the intelligent network-connected automobile electronic control unit.
In another implementation manner, after the data to be packaged is packaged, the hardware driving layer 104 obtains a digest signature and a data ciphertext, the hardware driving layer 104 transmits the digest signature and the data ciphertext to the basic algorithm layer 103, the basic algorithm layer 103 transmits the obtained digest signature and the obtained data ciphertext to the application packaging layer 102, and the application packaging layer 102 finally feeds back the received digest signature and the received data ciphertext to the intelligent network-connected automobile electronic control unit.
According to the method, the hardware security module of the original intelligent network-connected automobile electronic control unit is replaced by the information security middleware, so that absolute security of automobile information is ensured, and meanwhile, production cost is reduced.
It can be understood that the intelligent network-connected automobile electronic control unit can also upgrade the security service after acquiring the required security service. Referring to fig. 4, fig. 4 is a flow chart of an upgrade method for security services of an information security middleware system according to an embodiment of the present application, and in combination with a signaling interaction diagram of the upgrade method for security services of an information security middleware system according to an embodiment of the present application shown in fig. 5, the upgrade method for security services of an information security middleware system includes:
s401, acquiring a vehicle upgrading information description file from a vehicle remote upgrading server.
And establishing a first channel with the vehicle remote upgrading server, and downloading the vehicle upgrading information description file from the vehicle remote upgrading server by using the first channel.
Wherein the vehicle remote upgrade server is provided by a vehicle manufacturer.
The vehicle upgrade information description file includes: the vehicle upgrade information configuration file downloads the address and the vehicle remote upgrade certificate.
In one implementation, if the intelligent network-connected vehicle electronic control unit wants to upgrade the security service a, the intelligent network-connected vehicle electronic control unit sends a security service a upgrade request to the information security middleware system. The information security middleware system determines through analysis that the information description file of the security service A needs to be acquired from the vehicle remote upgrade server.
According to the method, the intelligent network connection automobile electronic control unit and the vehicle remote upgrading server are enabled to conduct information interaction through the information security middleware, the intelligent network connection automobile electronic control unit is not enabled to conduct information interaction directly with the vehicle remote upgrading server, and information security of the intelligent network connection automobile electronic control unit is protected to a certain extent.
S402, acquiring the vehicle upgrade information configuration file from the vehicle content distribution server according to the download address of the vehicle upgrade information configuration file.
And determining a vehicle content distribution server corresponding to the download address of the vehicle upgrade information configuration file, establishing a second channel with the vehicle content distribution server, and downloading the vehicle upgrade information configuration file from the vehicle content distribution server by utilizing the second channel.
Wherein the vehicle content distribution server is provided by a vehicle manufacturer.
The vehicle upgrade information configuration file includes: vehicle upgrade configuration information and a vehicle upgrade information configuration summary.
In one implementation, the information security middleware matches the received download address of the security service a configuration file with the vehicle content distributor, and obtains the upgrade information configuration file of the security service a from the vehicle content distribution server after determining that the vehicle content distribution server corresponding to the download address of the security service a configuration file is well.
According to the method, the configuration file is acquired according to the download address, and the upgrade file of the target security service can be obtained more accurately.
S403, verifying the vehicle remote upgrade certificate to determine whether the vehicle remote upgrade certificate is legal.
Analyzing the vehicle remote upgrade certificate to obtain the validity period of the vehicle remote upgrade certificate, and determining whether the service time of the vehicle remote upgrade certificate is within the validity period.
The certificate chain containing the vehicle remote upgrade certificate is pushed back to obtain a root certificate of the vehicle remote upgrade certificate; analyzing the root certificate to obtain a root certificate public key; it is determined whether the root certificate public key matches the signature of the vehicle remote upgrade certificate.
In one implementation, the information security middleware system analyzes the vehicle remote upgrade certificate to obtain the validity period of the vehicle remote upgrade certificate from 2022 to 2023, and if the current time is 2022 to 2023, the service time of the vehicle remote upgrade certificate is within the validity period. Meanwhile, the information security middleware system obtains that the public key of the root certificate of the vehicle remote upgrading certificate is X, and the signature of the vehicle remote upgrading certificate is X, and then the public key of the root certificate is matched with the signature of the vehicle remote upgrading certificate. At this time, the vehicle remote upgrade certificate is legal.
In another implementation manner, the information security middleware system analyzes the vehicle remote upgrade certificate to obtain the validity period of the vehicle remote upgrade certificate from 2022 to 2023, and if the current time is 2023 to 12, the service time of the vehicle remote upgrade certificate is not within the validity period. Meanwhile, the information security middleware system obtains that the public key of the root certificate of the vehicle remote upgrading certificate is X, and the signature of the vehicle remote upgrading certificate is Y, and then the public key of the root certificate is not matched with the signature of the vehicle remote upgrading certificate. At this time, the vehicle remote upgrade certificate is illegal.
In a further implementation manner, the information security middleware system analyzes the vehicle remote upgrade certificate to obtain that the validity period of the vehicle remote upgrade certificate is 2022, 1 month, 2023 and 1 month, and if the current time is 2023, 12 months, the service time of the vehicle remote upgrade certificate is not within the validity period. Meanwhile, the information security middleware system obtains that the public key of the root certificate of the vehicle remote upgrading certificate is X, and the signature of the vehicle remote upgrading certificate is X, and then the public key of the root certificate is matched with the signature of the vehicle remote upgrading certificate. At this time, the vehicle remote upgrade certificate is illegal.
In the last implementation manner, the information security middleware system analyzes the vehicle remote upgrade certificate to obtain the validity period of the vehicle remote upgrade certificate from 2022 to 2023, and if the current time is 2022 to 2023, the service time of the vehicle remote upgrade certificate is within the validity period. Meanwhile, the information security middleware system obtains that the public key of the root certificate of the vehicle remote upgrading certificate is X, and the signature of the vehicle remote upgrading certificate is Y, and then the public key of the root certificate is not matched with the signature of the vehicle remote upgrading certificate. At this time, the vehicle remote upgrade certificate is illegal.
The method determines whether the vehicle remote upgrade certificate is legal or not through the union of the two modes, so that the judgment of the validity of the vehicle remote upgrade certificate is more accurate, and the validity of the vehicle remote upgrade certificate is ensured to a greater extent.
S404, if the vehicle upgrading information configuration file is legal, analyzing the vehicle upgrading information configuration file to obtain vehicle upgrading configuration information and a vehicle upgrading information configuration signature, and checking the vehicle upgrading information configuration signature.
Decrypting the vehicle upgrade information configuration signature to obtain a vehicle upgrade information configuration abstract; then encrypting the vehicle upgrading configuration information by using an encryption algorithm to obtain a vehicle upgrading encryption abstract; and determining whether the vehicle upgrading encryption abstract is the same as the vehicle upgrading information configuration abstract, and if so, checking the signature of the vehicle upgrading information configuration.
In one implementation, the information security middleware system decrypts the configuration signature of the vehicle upgrade information to obtain a configuration abstract A of the vehicle upgrade information, encrypts the configuration information of the vehicle upgrade by using an encryption algorithm to obtain an encryption abstract A of the vehicle upgrade, and if the A and the A are the same, the configuration signature of the vehicle upgrade information passes the signature verification.
In another implementation manner, after decrypting the configuration signature of the vehicle upgrading information, the information security middleware system obtains a configuration abstract A of the vehicle upgrading information, encrypts the configuration information of the vehicle upgrading by using an encryption algorithm to obtain an encryption abstract B of the vehicle upgrading, and if the A and the B are different, the configuration signature of the vehicle upgrading information does not pass the signature verification.
The method determines the obtained configuration information as the target configuration information in a signature verification mode, and ensures the accuracy of the configuration information.
S405, if the vehicle upgrade information configuration signature passes the verification, the vehicle upgrade configuration information is utilized to configure the intelligent network-connected automobile electronic control unit.
If the vehicle upgrading information configuration abstract passes the signature verification, carrying out security access authentication on the intelligent network-connected automobile electronic control unit, and determining whether the security access authentication passes or not; if the vehicle upgrading configuration information passes, the vehicle upgrading configuration information is installed on the intelligent network-connected automobile electronic control unit.
In one implementation, the vehicle upgrade information configuration abstract is checked and signed, the information security middleware system performs security access authentication on the intelligent network-connected automobile electronic control unit, and the intelligent network-connected automobile electronic control unit passes the security access authentication, so that the vehicle upgrade configuration information is installed on the intelligent network-connected automobile electronic control unit.
In another implementation manner, the vehicle upgrading information configuration abstract is checked and signed, and the information security middleware system performs security access authentication on the intelligent network-connected automobile electronic control unit, but the intelligent network-connected automobile electronic control unit cannot install the vehicle upgrading configuration information on the intelligent network-connected automobile electronic control unit if the intelligent network-connected automobile electronic control unit fails the security access authentication.
The method determines the intelligent network-connected automobile electronic control unit through the security access authentication, and ensures the correct forwarding of the vehicle upgrade configuration information.
Fig. 3 is a signaling interaction schematic diagram of a method for providing security services by using an information security middleware system according to an embodiment of the present application, referring to fig. 3, and in combination with fig. 2, the method for providing security services by using an information security middleware system according to an embodiment of the present application includes the following steps:
s301, the security service layer 101 issues an upper intelligent security service application.
S302, the application packaging layer 102 receives a security service request of the intelligent network-connected automobile electronic control unit and data to be packaged.
The security service request is generated in accordance with an upper level intelligent security service application.
S303, the application packaging layer 102 sends the received security service request of the intelligent network-connected automobile electronic control unit and the data to be packaged to the basic algorithm layer 103.
S304, the basic algorithm layer 103 determines whether or not the hardware security module 1041 corresponding to the security service request exists in the hardware driver layer 104.
And S305, if the data to be packaged does not exist, the basic algorithm layer 103 packages the data to be packaged by utilizing a cryptographic algorithm to obtain a digest signature and a data ciphertext.
If so, the basic algorithm layer 103 sends the data to be packaged to the hardware driving layer 104, and the hardware driving layer 104 packages the data to be packaged by utilizing the hardware security module 1041 to obtain a digest signature and a data ciphertext, and feeds the digest signature and the data ciphertext back to the basic algorithm layer 103.
S306, the basic algorithm layer 103 sends the digest signature and the data ciphertext to the application packaging layer 102.
S307, the application packaging layer 102 sends the digest signature and the data ciphertext to the intelligent network-connected automobile electronic control unit.
Fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present application, and referring to fig. 6, the electronic device includes: memory 601, processor 602, and computer program; wherein the computer program is stored in the memory 601 and configured to perform the steps of fig. 2 to 5 by the processor 602. The processor 602 is configured to implement the modules of fig. 1.
Wherein the memory 601 and the processor 602 are connected via a bus 603.
The relevant descriptions and effects corresponding to the steps in the embodiments corresponding to fig. 2 to 5 may be understood correspondingly, and are not repeated here.
Embodiments of the present application also provide a computer readable storage medium comprising computer code which, when run on a computer, causes the computer to perform a method as provided by any of the implementations corresponding to fig. 2 to 5.
Embodiments of the present application also provide a computer program product comprising program code to perform a method as provided by any of the implementations corresponding to fig. 2 to 5 when the computer runs the computer program product.
Other embodiments of the application will be apparent to those skilled in the art from consideration of the specification and practice of the application disclosed herein. This application is intended to cover any variations, uses, or adaptations of the application following, in general, the principles of the application and including such departures from the present disclosure as come within known or customary practice within the art to which the application pertains. It is intended that the specification and examples be considered as exemplary only, with a true scope and spirit of the application being indicated by the following claims.
It is to be understood that the application is not limited to the precise arrangements and instrumentalities shown in the drawings, which have been described above, and that various modifications and changes may be effected without departing from the scope thereof. The scope of the application is limited only by the appended claims.

Claims (11)

1. An information security middleware system, comprising:
the security service layer is used for issuing an upper intelligent security service application for the intelligent network-connected automobile electronic control unit to select, and the security service comprises a true random number generation service and a data decryption service;
the application packaging layer is used for receiving a security service request and data to be packaged of the intelligent network-connected automobile electronic control unit, and sending the security service request and the data to be packaged to the basic algorithm layer, wherein the security service request is generated according to the upper intelligent security service application;
a basic algorithm layer for determining whether the hardware driving layer has a hardware security module corresponding to the security service request; packaging the data to be packaged by using a cryptographic algorithm;
and the hardware driving layer comprises a hardware security module and is used for packaging the data to be packaged according to the security service request.
2. The system of claim 1, wherein the base algorithm layer comprises:
and the algorithm management module is specifically used for packaging the data to be packaged by utilizing a cryptographic algorithm when the hardware security module corresponding to the security service request is not found in the hardware driving layer.
3. The system of claim 2, wherein the base algorithm layer further comprises: a certificate management module;
the certificate management module is used for determining whether the hardware driving layer is provided with a hardware security module corresponding to the security service request.
4. The system of claim 3, wherein the base algorithm layer further comprises: a key management module;
and the key management module is used for storing the data to be packaged sent by the intelligent network-connected automobile electronic control unit.
5. A method for providing security services in an information security middleware system, comprising:
issuing an upper intelligent security service application;
receiving a security service request and data to be packaged of an intelligent network-connected automobile electronic control unit, wherein the security service request is generated according to the upper intelligent security service application;
determining whether a hardware security module corresponding to the security service request exists, and if so, packaging the data to be packaged by using the hardware security module; if not, the data to be packaged are packaged by utilizing a cryptographic algorithm, so that a digest signature and a data ciphertext are obtained;
and sending the digest signature and the data ciphertext to the intelligent network-connected automobile electronic control unit.
6. The method of claim 5, wherein said encapsulating the data to be encapsulated using a cryptographic algorithm comprises:
performing hash operation on the data to be packaged to obtain a data abstract;
performing abstract signature processing on the data abstract by using an asymmetric algorithm to obtain an abstract signature;
and encrypting the data to be packaged by using a key of a symmetric algorithm to obtain a data ciphertext.
7. The method of claim 5 or 6, wherein the determining whether a hardware security module corresponding to the security service request exists comprises:
obtaining a certificate from the security service request, analyzing the certificate, and determining whether the certificate is legal, wherein the certificate comprises: signing;
if the security service request is legal, a hardware security module corresponding to the security service request exists;
if not, the hardware security module corresponding to the security service request does not exist.
8. The method of claim 7, wherein analyzing the certificate to determine whether the certificate is legitimate comprises:
analyzing the certificate to obtain the validity period of the certificate, and determining whether the service time of the certificate is within the validity period.
9. The method of claim 7, wherein analyzing the certificate to determine whether the certificate is legitimate further comprises:
pushing back a certificate chain containing the certificate to obtain a root certificate of the certificate;
analyzing the root certificate to obtain a root certificate public key;
a determination is made as to whether the root certificate public key matches the signature of the certificate.
10. An electronic device, comprising: a processor, and a memory communicatively coupled to the processor;
the memory stores computer-executable instructions;
the processor executes computer-executable instructions stored in the memory to implement the method of any one of claims 5-9.
11. A computer readable storage medium having stored therein computer executable instructions which when executed by a processor are adapted to implement a method of providing security services in an information security middleware system according to any of claims 5-9.
CN202310834451.4A 2023-07-07 2023-07-07 Information security middleware system and method for providing security service Pending CN116828033A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310834451.4A CN116828033A (en) 2023-07-07 2023-07-07 Information security middleware system and method for providing security service

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310834451.4A CN116828033A (en) 2023-07-07 2023-07-07 Information security middleware system and method for providing security service

Publications (1)

Publication Number Publication Date
CN116828033A true CN116828033A (en) 2023-09-29

Family

ID=88123976

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310834451.4A Pending CN116828033A (en) 2023-07-07 2023-07-07 Information security middleware system and method for providing security service

Country Status (1)

Country Link
CN (1) CN116828033A (en)

Similar Documents

Publication Publication Date Title
US11356425B2 (en) Techniques for improving security of encrypted vehicle software updates
CN110225063B (en) Upgrading method and system of automobile-mounted system, server and vehicle-mounted terminal
EP3319266B1 (en) Software distribution processing device, vehicle, software distribution processing method, and computer program
US11361087B2 (en) Security data processing device
JP4638912B2 (en) Method for transmitting a direct proof private key in a signed group to a device using a distribution CD
US11334345B2 (en) Differential firmware update generation
US20080189695A1 (en) Updating of Data Instructions
CN103368739A (en) Secure software file transfer systems and methods for vehicle control modules
CN110213039B (en) Management method, terminal and server
CN112882750A (en) OTA upgrade package processing method and device and electronic equipment
JP6387908B2 (en) Authentication system
CN113055181A (en) OTA file security processing method, device and system
CN111464554B (en) Vehicle information safety control method and system
CN116419217B (en) OTA data upgrading method, system, equipment and storage medium
CN116193436B (en) OTA upgrade package issuing method and system for vehicle-mounted equipment
CN116909603A (en) Vehicle safety upgrading method and system
Adelsbach et al. Secure software delivery and installation in embedded systems
CN116828033A (en) Information security middleware system and method for providing security service
CN114661314A (en) Vehicle-mounted terminal file encryption upgrading method and device, terminal equipment and storage medium
CN116566716B (en) Cloud system authentication method, third party system authentication method, device and equipment
CN116248282B (en) Firmware downloading method, electronic device, control device and computer readable storage medium
KR20140082408A (en) Method and apparatus for managing application
CN112583605B (en) Block chain-based secret-free authentication method, system, terminal and storage medium
RU2812276C2 (en) Method for installing computing component and related electronic device
CN118018246A (en) Equipment security authentication method, equipment identity authentication platform and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination