CN117768177A

CN117768177A - Data security transmission method, electronic equipment and vehicle

Info

Publication number: CN117768177A
Application number: CN202311775150.5A
Authority: CN
Inventors: 郭阳; 董凯歌
Original assignee: Great Wall Motor Co Ltd
Current assignee: Great Wall Motor Co Ltd
Priority date: 2023-12-21
Filing date: 2023-12-21
Publication date: 2024-03-26

Abstract

The application provides a data security transmission method, which is applied to an automobile event data recording system, and comprises the following steps: and adopting a certificate-free password algorithm to perform first bidirectional identity authentication with the server. And after the first bidirectional identity authentication is passed, performing second bidirectional identity authentication with the gateway. And responding to the second bidirectional identity authentication, and carrying out data transmission with a service server based on the service data transmission port distributed by the gateway. Namely, after two bidirectional identity authentications pass, the automobile event data recording system can perform data transmission with the business server. The method and the device avoid the illegal terminal from directly accessing the service end to steal data or carrying out malicious attack on the service end, thereby forming data security threat. According to the data security transmission method, the calculation force requirement is reduced in the digital signature verification process, so that the identity authentication rate in the automobile event data recording system and cloud data transmission process is effectively improved, and the communication resource consumption is reduced.

Description

Data security transmission method, electronic equipment and vehicle

Technical Field

The present disclosure relates to the field of data transmission technologies, and in particular, to a data security transmission method, an electronic device, and a vehicle.

Background

Currently, newly produced passenger cars are equipped with an automobile Event data recording system (Event DataRecorder, EDR) according to safety requirements. EDR can record the operating parameters and safety state information of the vehicle in three phases, pre-crash, upon crash and post-crash. In order to further analyze the collision event of the vehicle, frequent data access and data transmission are required between the EDR and the cloud. In general, the data access transmission between the EDR and the cloud end adopts a mode of connection first and authentication later, and no identity authentication process is performed when connection is established, so that the connection mode has a relatively high risk, and the safety in the process of data interaction between the EDR and the cloud end cannot be ensured.

Disclosure of Invention

Accordingly, the present application is directed to a data security transmission method, an electronic device and a vehicle, so as to solve the problem that data security cannot be guaranteed when EDR performs data interaction with a cloud.

Based on the above object, a first aspect of the present application provides a data security transmission method, applied to an automobile event data recording system, the method comprising:

adopting a certificate-free cryptographic algorithm to perform first bidirectional identity authentication with the zero-trust server;

Responding to the passing of the first bidirectional identity authentication, and adopting a certificateless cryptographic algorithm to perform second bidirectional identity authentication with a gateway;

and responding to the second bidirectional identity authentication, and carrying out data transmission with a service server based on the service data transmission port distributed by the gateway.

Optionally, the adopting a certificateless cryptographic algorithm to perform a first bidirectional identity authentication with the zero trust server side includes:

generating authentication request information;

based on the authentication request information, a digital signature generation algorithm in a certificateless cryptographic algorithm is adopted to generate a first digital signature;

the authentication request information and the first digital signature are sent to the zero trust server, so that the zero trust server verifies the first digital signature;

receiving authentication request feedback information and a second digital signature which are sent by the zero trust server after the first digital signature passes verification;

and verifying the second digital signature by adopting a digital signature verification algorithm in a certificate-free password algorithm so as to complete the first bidirectional identity authentication.

Optionally, said responding to said first bidirectional identity authentication passing, using a certificateless cryptographic algorithm, performing a second bidirectional identity authentication with the gateway, including:

Receiving an authentication token, an access control security policy and a gateway port identifier sent by the zero trust server in response to the first bidirectional identity authentication passing;

establishing communication connection with the gateway by accessing a gateway port corresponding to the gateway port identifier;

generating a data transmission request according to the authentication token and the access control security policy, and sending the data transmission request to the gateway through the gateway port, so that the gateway performs identity verification on the automobile event data recording system based on the data transmission request and the authentication token received from the zero trust server in advance;

receiving a third digital signature sent by the gateway after the authentication of the automobile event data recording system is passed;

and verifying the third digital signature by adopting a digital signature verification algorithm in a certificate-free password algorithm to finish the second bidirectional identity authentication.

A second aspect of the present application provides a data security transmission method, applied to a zero trust server, where the method includes:

adopting a certification-free password algorithm to perform first bidirectional identity authentication with an automobile event data recording system;

And responding to the first bidirectional identity authentication to pass so as to enable the automobile event data recording system to perform second bidirectional identity authentication with a gateway, and responding to the second bidirectional identity authentication to pass so as to enable the automobile event data recording system to perform data transmission with a service server based on a service data transmission port distributed by the gateway.

Optionally, before the second bidirectional identity authentication is performed between the automobile event data recording system and the gateway, the method includes:

performing trust evaluation on the automobile event data recording system;

and responding to the trust evaluation result to meet a preset evaluation condition, so that the automobile event data recording system and the gateway perform second bidirectional identity authentication.

A third aspect of the present application provides a data security transmission method, applied to a gateway, where the method includes:

adopting a certification-free password algorithm to carry out second bidirectional identity authentication with the automobile event data recording system; the second bidirectional identity authentication is performed after the first bidirectional identity authentication is performed between the automobile event data recording system and the zero trust server;

and responding to the second bidirectional identity authentication to pass so as to enable the automobile event data recording system to perform data transmission with a service server through a service data transmission port distributed by the gateway.

Optionally, before the second bidirectional identity authentication with the automobile event data recording system, the method includes:

receiving a gateway port identification; the gateway port identification is sent by the zero trust server after the first bidirectional identity authentication is passed between the automobile event data recording system and the zero trust server;

opening a corresponding gateway port according to the gateway port identification;

and receiving a data transmission request sent by the automobile event data recording system from the gateway port.

Optionally, the method further comprises: and closing the gateway port in response to the fact that the data transmission request is not received from the gateway port within a preset time period.

A fourth aspect of the present application provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method according to the first aspect when executing the program.

A fifth aspect of the present application provides a vehicle comprising an electronic device as described in the fourth aspect.

From the above, it can be seen that the data security transmission method provided by the present application is applied to an automobile event data recording system, and the method includes: and adopting a certificate-free cryptographic algorithm to perform first bidirectional identity authentication with the zero-trust server. The zero trust server and the automobile event data recording system can ensure the identity legitimacy of the other party through the first bidirectional identity authentication. And after the first bidirectional identity authentication is passed, the automobile event data recording system establishes connection with the gateway, so that the connection with the gateway after authentication is realized, and the safety of communication connection with the gateway is ensured. And then, the automobile event data recording system and the gateway perform second bidirectional identity authentication, and a certification-free password algorithm is adopted in the password algorithm in the second bidirectional identity authentication. The gateway and the automobile event data recording system can ensure the identity legitimacy of the other party through the second bidirectional identity authentication. And in response to the second bidirectional identity authentication, the automobile event data recording system establishes connection with the service server, realizes authentication before connection with the service server, ensures the safety of communication connection with the service server, and further performs data transmission with the service server based on the service data transmission port distributed by the gateway. That is, after two bidirectional identity authentications pass, the automobile event data recording system can perform data transmission with the service server, so that illegal terminals can be prevented from directly accessing the service server to steal data or performing malicious attack on the service server, data security threat is formed, and the security of data access transmission in the Internet of vehicles is improved. The certification-free cipher algorithm is a lightweight cipher algorithm, removes a digital certificate, realizes that the issuing of a public and private key does not depend on the digital certificate, and has a faster generation rate. Meanwhile, the occupation of the digital certificate to communication resources in the communication transmission process is reduced by removing the digital certificate, and the calculation force demand is reduced in the digital signature verification process, so that the identity authentication rate in the data transmission process of the automobile event data recording system and the business server side is effectively improved, and the consumption of communication resources is reduced.

Drawings

In order to more clearly illustrate the technical solutions of the present application or related art, the drawings that are required to be used in the description of the embodiments or related art will be briefly described below, and it is apparent that the drawings in the following description are only embodiments of the present application, and other drawings may be obtained according to these drawings without inventive effort to those of ordinary skill in the art.

Fig. 1 is a flow chart of a data security transmission method according to an embodiment of the present application;

fig. 2 is a flow chart of a data security transmission method according to another embodiment of the present application;

fig. 3 is a flow chart of a data security transmission method according to another embodiment of the present application;

fig. 4 is a schematic structural diagram of a data security transmission device according to an embodiment of the present application;

fig. 5 is a schematic diagram of a hardware structure of an electronic device according to an embodiment of the present application.

Detailed Description

For the purposes of making the objects, technical solutions and advantages of the present application more apparent, the present application will be further described in detail below with reference to the accompanying drawings.

It should be noted that unless otherwise defined, technical or scientific terms used in the embodiments of the present application should be given the ordinary meaning as understood by one of ordinary skill in the art to which the present application belongs. The terms "first," "second," and the like, as used in embodiments of the present application, do not denote any order, quantity, or importance, but rather are used to distinguish one element from another. The word "comprising" or "comprises", and the like, means that elements or items preceding the word are included in the element or item listed after the word and equivalents thereof, but does not exclude other elements or items. The terms "connected" or "connected," and the like, are not limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. "upper", "lower", "left", "right", etc. are used merely to indicate relative positional relationships, which may also be changed when the absolute position of the object to be described is changed.

The EDR can record vehicle running information, and timely records data information for a period of time when the vehicle has an emergency, until the emergency is released, such as overspeed, scram and the like. EDR data can be used as important evidence to judge accident liability parties, and the popularization of EDR brings great convenience to the evidence collection work of vehicles. In order to facilitate the protection and analysis of EDR data, EDRs need to upload data to or download data from the cloud. However, in the related art, a data transmission method that is generally adopted is a method of first connecting and then authenticating, that is, the EDR and the cloud end first establish communication connection, and then verify the legal identity of the other party. Before communication connection is established, the two parties do not undergo any identity authentication, so that safety risks exist in the connection process, and EDR data and cloud data are easy to be attacked illegally.

In view of this, the present application proposes a data security transmission method, in which, in order to ensure data security during data interaction, a verification method based on a zero trust network architecture is used for data transmission. The zero trust network breaks the concept of the existing internet of vehicles network security and data security protection on the trust of the internal network, the default internal network is not trusted and unsafe as the external network, any connection to any person, any equipment, any system and any application in the network is required to be authenticated and dynamically authorized according to the current state, and access control is realized. The access to the data changes the existing mode of first connection and then authentication into a new mode of first authentication and then connection, namely, the data access of all equipment, users and applications adopts the modes of authentication, authorization and encryption transmission, thereby solving the problem of the short protection plate of the data security of the Internet of vehicles. In the identity authentication process, the certificate-free cryptographic algorithm is adopted to perform identity authentication of each end, so that on the basis of ensuring data transmission safety, the consumption of communication resources is reduced, the identity authentication rate is improved, and the data transmission rate is further improved.

Before implementing the data security transmission method provided by the application, the automobile event data recording system, the zero trust server and the gateway need to meet some preconditions, including: the automobile event data recording system completes the installation and deployment of the public key/private key pair or the identification/private key pair when the whole automobile is off-line, and the public key/private key pair or the identification/private key pair and the public key or identification of other equipment ends except the automobile event data recording system, the zero trust server and the gateway are set through a safety channel. The zero trust server needs to register the managed automobile event data recording system and gateway, and the registration information comprises EDR identification, EDR information, EDR state, hidden port information for realizing connection with EDR, evaluation value for performing primary trust evaluation according to vehicle end authentication request information, and the like.

Embodiments of the present application are described in detail below with reference to the accompanying drawings.

The application provides a data security transmission method, which is applied to an automobile event data recording system, and referring to fig. 1, the method comprises the following steps:

step 102, adopting a certificateless cryptographic algorithm to perform a first bidirectional identity authentication with the zero trust server.

Specifically, before establishing communication connection with a service server and performing data transmission, the EDR of the automobile event data recording system needs to perform bidirectional identity authentication with a zero trust server and a gateway respectively. After the legal identity is determined, communication connection is established with the service server for subsequent data transmission, and illegal attack of the outside on the Internet of vehicles can be effectively resisted. The bidirectional identity authentication comprises a first bidirectional identity authentication performed by the EDR and the server and a second bidirectional identity authentication performed by the EDR and the gateway. The security of authentication can be improved through two-time bidirectional identity authentication.

The zero-trust server is a server which can provide dynamic trust evaluation service for each end in the zero-trust network architecture. In the application, the zero-trust server can provide dynamic trust evaluation service for EDR and gateway to complete registration and evaluation tasks. The EDR establishes communication connection with the zero trust server through a hidden port agreed during certificate registration under the production line, and opens the hidden port of the zero trust server through a port knocking technology. The hidden port is an externally hidden port, and when the EDR needs to access the hidden port, a port knocking technology can be adopted, namely, the hidden port is opened by transmitting appointed information with the hidden port, so that data interaction with the zero-trust server is realized, and first bidirectional identity authentication is carried out with the zero-trust server. The zero trust server can dynamically evaluate the EDR according to a trust evaluation algorithm, adjust the access control security policy of the EDR in real time, and dynamically authorize the EDR if the evaluation is passed, so that the EDR can further establish communication connection with the gateway. The fine-granularity authority control of the EDR is realized through the zero trust server, and the authority outdated and excessive grant of the EDR terminal is effectively avoided.

In the first two-way identity authentication process, the adopted cryptographic algorithm is a certificate-free cryptographic algorithm. The certificateless cryptographic algorithm in the embodiment is a certificateless and implicit certificateless public key cryptographic algorithm based on elliptic curve public key cryptographic algorithm, also called a certificateless and implicit certificateless public key cryptographic algorithm based on SM2 algorithm, and solves the problems of complex certificate management, low communication efficiency and the like based on digital certificate authentication. The digital signature generation algorithm and the digital signature verification algorithm in the algorithm can realize bidirectional identity authentication between the EDR and the zero trust server, and the identity authentication rate is improved.

And 104, responding to the passing of the first bidirectional identity authentication, and adopting a certificateless cryptographic algorithm to perform second bidirectional identity authentication with the gateway.

Specifically, after the first bidirectional identity authentication passes, the EDR identity is initially confirmed to be legal, the zero-trust server side can allocate an accessible gateway port for the EDR, the EDR can establish communication connection with the gateway through the gateway port, and the EDR is connected after authentication so as to ensure that the EDR and the gateway establish safe communication connection. The EDR performs data transmission between the gateway port and the gateway, and performs second bidirectional identity authentication with the gateway based on the sent data transmission request. Through the second bidirectional identity authentication, whether the identities of the EDR and the gateway are legal or not can be confirmed between the EDR and the gateway. In the second bidirectional identity authentication process, the adopted certificateless cryptographic algorithm is also a certificateless and implicit certificateless public key cryptographic algorithm based on elliptic curve public key cryptographic algorithm, and will not be described in detail herein.

And step 106, responding to the passing of the second bidirectional identity authentication, and carrying out data transmission with the service server based on the service data transmission port allocated by the gateway.

Specifically, after the second bidirectional identity authentication passes, the validity of the EDR identity is further determined, the gateway allocates a service data transmission port for the EDR, the EDR can establish communication connection with a service server through the service data transmission port allocated by the gateway, access the service server application through the allocated application address, and realize data transmission with the service server. The method realizes the authentication-before-connection with the service server, ensures the establishment of the secure communication connection with the service server, can effectively prevent EDR connection which is not subjected to identity authentication from accessing the service server application, and effectively avoids the access or malicious attack of an illegal terminal. The business server side can conduct detailed vehicle-end emergency data analysis according to the data uploaded by the EDR, objectively restore the true phase of the vehicle-end accident, and provide basic analysis data for accident responsibility judgment. The EDR can also read or download related information from the service server side, so that the requirement of EDR for storing data is met.

Based on the steps 102 to 106, the embodiment provides a data security transmission method, which is applied to an automobile event data recording system, and the method includes: and adopting a certificate-free cryptographic algorithm to perform first bidirectional identity authentication with the zero-trust server. The zero trust server and the automobile event data recording system can ensure the identity legitimacy of the other party through the first bidirectional identity authentication. After the first two-way identity authentication is passed, the automobile event data recording system can establish connection with the gateway, so that the connection with the gateway after authentication is realized, and the safety of communication connection with the gateway is ensured. And then, the automobile event data recording system and the gateway perform second bidirectional identity authentication, and a certification-free password algorithm is adopted in the password algorithm in the second bidirectional identity authentication. The gateway and the automobile event data recording system can ensure the identity legitimacy of the other party through the second bidirectional identity authentication. And in response to the second bidirectional identity authentication, the automobile event data recording system establishes connection with the service server, realizes authentication before connection with the service server, ensures the safety of communication connection with the service server, and further performs data transmission with the service server based on the service data transmission port distributed by the gateway. After the two-time two-way identity authentication is passed, the automobile event data recording system can perform data transmission with the service server, so that illegal terminals can be prevented from directly accessing the service server to steal data or performing malicious attack on the service server, data security threat is formed, and the security of data access transmission in the Internet of vehicles is improved. The certification-free cipher algorithm is a lightweight cipher algorithm, removes a digital certificate, realizes that the issuing of a public and private key does not depend on the digital certificate, and has a faster generation rate. Meanwhile, the occupation of the digital certificate to communication resources in the communication transmission process is reduced by removing the digital certificate, and the calculation force demand is reduced in the digital signature verification process, so that the identity authentication rate in the data transmission process of the automobile event data recording system and the business server side is effectively improved, and the consumption of communication resources is reduced.

The procedure of the first mutual authentication is described below by means of a specific embodiment.

In some embodiments, the performing, with the zero trust server, a first bidirectional identity authentication using a certificateless cryptographic algorithm includes:

step 202, generating authentication request information;

step 204, based on the authentication request information, generating a first digital signature by adopting a digital signature generation algorithm in a certificateless cryptographic algorithm;

step 206, the authentication request information and the first digital signature are sent to the zero trust server, so that the zero trust server verifies the first digital signature;

step 208, receiving the authentication request feedback information and the second digital signature sent after the zero trust server verifies the first digital signature;

and step 210, verifying the second digital signature by adopting a digital signature verification algorithm in a certificateless cryptographic algorithm to complete the first bidirectional identity authentication.

Specifically, the authentication request information may include EDR identification, or include EDR identification, data information to be requested, and the like. The EDR identification is a unique identity of the EDR. The data information to be requested is the data information which the EDR needs to access or transmit with the service server. Based on the authentication request information, a digital signature generation algorithm is adopted to generate a first digital signature, which comprises the following steps: and generating the first digital signature by adopting a digital signature generation algorithm in a certificateless cryptographic algorithm based on elliptic curve system parameters, random numbers, authentication request information and/or a private key of the EDR.

The elliptic curve system parameter is a parameter of an elliptic curve cryptosystem, the elliptic curve cryptosystem is a system applying an SM2 elliptic curve public key cryptosystem, and the SM2 elliptic curve public key cryptosystem is one of the national cryptographic algorithms. The random number is an EDR generated random number. The private key of the EDR is an identification private key of the EDR which is generated in advance by adopting a key generation method.

In this application, the system for providing the cryptographic service for the certificateless cryptographic algorithm is an ECS cryptographic server, and is responsible for ECS master key management and provides corresponding cryptographic support. The key generation method provided in the present embodiment is also a key generation method under the ECS mechanism. The ECS (Elastic Certificateless Service) mechanism is a certificate-free or implicit certificate public key cryptography mechanism based on a national secret SM2 algorithm, and solves the problems of complex certificate management, low communication efficiency and the like based on digital certificate authentication. The public key under the ECS mechanism does not need to verify the signature of the certificate, and 1/3 of cryptographic operation can be reduced when the internet of vehicles terminal performs signature verification. Cryptographic service systems can be classified into a certificate-less system and an implicit certificate system. The non-certificate system and the implicit certificate system are distinguished in the generation of digital signatures, and are described below by way of specific examples.

Further, when the password service system is a certificate-free system, a hash value and a public key component are needed to be calculated in sequence when the first digital signature is generated, and then the digital signature is generated by adopting a digital signature generation algorithm in combination with elliptic curve system parameters, authentication request information and an EDR private key. Step 204 specifically includes:

step 2042, calculating to obtain a hash value H based on the EDR identifier, the elliptic curve system parameter and the main public key of the cryptographic server _A Hash value H _A The calculation method of (2) is represented by the following formula:

H _A ＝H ₂₅₆ (ENTL _A ‖d′ _S ‖a‖b‖X _G ‖Y _G ‖X _Pub ‖Y _pub )

wherein H is ₂₅₆ () EnTL representing a message digest length 256-bit cryptographic hash algorithm _A Is made up of an integer entlen _A Two bytes converted, entlen _A The bit length identified for EDR. a is b represents a concatenation of a and b, and the data types of a and b can be bit strings or character strings. a. b, X _G 、Y _G Is an elliptic curve system parameter, a and b are elliptic curve equation parameters, (X) _G ，Y _G ) And G is the coordinate of G, and G represents one base point of an elliptic curve in an elliptic curve public key cryptography algorithm. (X) _Pub ，Y _Pub ) Is P _Pub Coordinates, P of _Pub Is the main public key of the password service end. X is X _G 、Y _G 、X _Pub 、Y _Pub Is a bit string.

Step 2044, generating a first public key component of the vehicle event data recording system based on the elliptic curve system parameters and the random number, comprises: calculating the product of the elliptic curve system parameter and the random number, and carrying out summation operation on the product and the multiple of the elliptic curve system parameter to obtain a first public key component w of the automobile event data recording system _A ：

w _A ＝[w]G+U _A

Wherein U is _A Is the second maleKey component, U _A ＝[d′ _A ]G。[d′ _A ]G represents d 'of point G on the elliptic curve' _A The doubling point, i.e. [ d ]' _A ]G=g+g+ … +g, the number of G on the right of the equation being d' _A And d' _A Is a positive integer. d' _A Random number, d 'generated for EDR' _A ∈[1,n-1]。[w]G represents a point w times the point G on the elliptic curve, i.e. [ w ]]G=g+g+ … +g, the number of G on the right of the equation is w, w being a positive integer. w is a random number generated by a password service system, and w is E [1, n-1 ]]. G represents a base point of the elliptic curve, the order of which is prime, and n represents the order of the base point G.

Step 2046, based on the elliptic curve system parameter, the hash value H _A The first public key component, the authentication request information and the private key of the EDR generate the first digital signature (r) using a digital signature generation algorithm of a certificateless cryptographic algorithm ₁ ,s ₁ )。

Where SIGN () represents the digital signature algorithm, param represents the elliptic curve system parameters,and->Is w _A Coordinates, M of ₁ Represents authentication request information, O represents a special point on the elliptic curve, called infinity point or zero point, is a unit element of elliptic curve addition group, d _A Representing the EDR private key.

Further, when the cryptographic service system is an implicit certificate system, the method for generating the first digital signature includes:

Generating the first signature by adopting a digital signature generation algorithm in a certificateless cryptographic algorithm based on the elliptic curve system parameters, an implicit certificate of the automobile event data recording system, the authentication request information and the EDR private keyA digital signature (r) ₁ ,s ₁ ). First digital signature (r ₁ ,s ₁ ) The generation method of (2) is represented by the following formula:

(r ₁ ,s ₁ )＝SIGN(param,ZE,ICA ₁ ||M ₁ ,O,d _A )

wherein SIGN () represents a digital signature algorithm, param represents an elliptic curve system parameter, ZE represents a null string, ICA ₁ Implicit certificate representing EDR, ICA ₁ At least comprises EDR identification and a first public key component w _A ，M ₁ Indicating authentication request information.

After the first digital signature is generated, the EDR sends the first digital signature and authentication request information to the zero-trust server, and the zero-trust server verifies the first digital signature by adopting a digital signature verification algorithm. And if the verification is passed, generating authentication request feedback information. The authentication request feedback information at least comprises an authentication token generated by the zero trust server, a security access strategy and an allocated gateway port identifier. The zero trust server side generates a second digital signature by adopting a digital signature generation algorithm based on the authentication request feedback information. After receiving the authentication request feedback information and the second digital signature sent by the zero-trust server, the EDR verifies the second digital signature, and after the verification is passed, the first two-way identity authentication is passed, and both the EDR and the zero-trust server have legal identities, so that safe communication can be performed.

Step 210 specifically includes:

calculating to obtain a public key of the zero trust server based on the identifier of the zero trust server, elliptic curve system parameters and random numbers; and verifying the second digital signature by adopting a digital signature verification algorithm in a certificateless cryptographic algorithm based on the identification of the zero-trust server, the elliptic curve system parameter, the random number, the authentication request feedback information and/or the public key of the zero-trust server.

Corresponding to the digital signature algorithm in the above-mentioned certificateless cryptographic algorithm, the digital signature verification algorithm is also different in the certificateless system and the implicit certification system, and will be described by way of specific examples.

Further, when the cryptographic service system is a certificate-less system, the method for verifying the second digital signature includes:

step 2102, calculating to obtain a hash value H based on the identifier of the zero trust server, the elliptic curve system parameter and the main public key of the cryptographic server _B 。

Specifically, the identifier of the zero trust server is the unique identifier of the zero trust server, the elliptic curve system parameter is the parameter of an elliptic curve cryptosystem, the elliptic curve cryptosystem is a system applying an SM2 elliptic curve public key cryptosystem, and the SM2 elliptic curve public key cryptosystem is one of the national encryption algorithms. Hash value H _B The calculation method of (2) is represented by the following formula:

H _B ＝H ₂₅₆ (ENTL _B ‖d′ _B ‖a‖b‖X _G ‖Y _G ‖X _Pub ‖Y _Pub )

wherein H is ₂₅₆ () EnTL representing a message digest length 256-bit cryptographic hash algorithm _B Is made up of an integer entlen _B Two bytes converted, entlen _B The bit length of the identity of the server is zero trusted. a is b represents a concatenation of a and b, and the data types of a and b can be bit strings or character strings. a. b, X _G 、Y _G Is an elliptic curve system parameter, a and b are elliptic curve equation parameters, (X) _G ，Y _G ) And G is the coordinate of G, and G represents one base point of an elliptic curve in an elliptic curve public key cryptography algorithm. (X) _Pub ，Y _Pub ) Is P _Pub Coordinates, P of _Pub Is the main public key of the password service end. X is X _G 、Y _G 、X _Pub 、Y _Pub Is a bit string. d' _B And generating a random number for the zero trust server.

Step 2104, based on the elliptic curve system parameter and the random number d' _B And generating a third public key component w of the server.

w _B ＝[w]G+U _B

Wherein U is _B For the fourth public key component,U _B ＝[d′ _B ]G。[d′ _B ]g represents d 'of point G on the elliptic curve' _B The doubling point, i.e. [ d ]' _B ]G=g+g+ … +g, the number of G on the right of the equation being d' _B And d' _B Is a positive integer. d' _B Random number generated for server, d' _B ∈[1,n-1]。[w]G represents a point w times the point G on the elliptic curve, i.e. [ w ]]G=g+g+ … +g, the number of G on the right of the equation is w, w being a positive integer. w is a random number generated by the password server, w is E [1, n-1 ] ]. G represents a base point of the elliptic curve, the order of which is prime, and n represents the order of the base point G.

Step 2106, based on the elliptic curve system parameter, the hash value H _B And the third public key component, the authentication request feedback information and the public key of the zero trust server adopt a digital signature verification algorithm in a certificateless cryptographic algorithm to verify the second digital signature.

Specifically, the hash value H is determined by the foregoing steps _B And after the third public key component, verifying the second digital signature by combining the elliptic curve system parameter, the authentication request feedback information and the public key of the zero trust server. Verifying the second digital signature by the following steps of:

where VERIFY () represents the digital signature verification algorithm, P _B Representing the public key of a zero trust server,and->Is w _B Coordinates of (r) ₂ ,s ₂ ) Representing a second digital signature, M ₂ Representing authentication request feedback information, P _Pub Mod n represents the modulo-n operation for the primary public key of the cryptographic service system. If the output result is correct, the authentication request is indicatedThe feedback information is not tampered, and if the output result is incorrect, the feedback information of the authentication request is tampered. After the second digital signature passes verification, the first two-way identity authentication passes.

If the first bidirectional identity authentication is not passed, the zero-trust server discards authentication request information sent by the EDR according to the principle of discarding and not responding, and adopts a policy of discarding and not responding to illegal data packets, so that malicious attack by using the port can be effectively lightened, and the security of resources such as the zero-trust server, the gateway, the business server and the like is ensured. Through the first bidirectional identity authentication in the embodiment, the communication safety between the EDR and the zero trust server can be ensured, and after the EDR identity is legal, the EDR can further perform data interaction with the gateway and the service server, so that the safety of data interaction is further ensured. Meanwhile, in the authentication process, a certification-free password algorithm is adopted, so that the authentication rate can be effectively improved, and then the data communication rate among the EDR, the gateway, the zero trust server and the business server is improved.

After the EDR and the zero trust server end complete the first bidirectional identity authentication, the zero trust server end allocates a gateway port for the EDR so that the EDR can establish safe communication connection with a gateway through the gateway port and perform second bidirectional identity authentication with the gateway. The procedure of the second bidirectional identity authentication is described below by means of specific embodiments.

In some embodiments, the responding to the first bidirectional identity authentication passing, adopting a certificateless cryptographic algorithm to perform second bidirectional identity authentication with the gateway, and comprising:

and step 302, receiving an authentication token, an access control security policy and a gateway port identifier sent by the zero trust server in response to the first bidirectional identity authentication passing.

Specifically, after the first bidirectional identity authentication is passed, the zero trust server side sends an authentication token, an access control security policy and a gateway port identifier to the EDR and the gateway. The authentication token is used for authenticating the EDR by the gateway, and the authentication token can prove the validity of the EDR identity. The access control security policy includes data access transmission permission granted to the EDR by the zero trust server, for example, open read-only permission or one-time access permission for the EDR according to authentication request information of the EDR. The gateway port identifier is a unique identifier of a gateway port that can be accessed by the EDR, and through the gateway port identifier, it can be determined that the corresponding gateway port can be accessed.

And 304, establishing communication connection with the gateway by accessing the gateway port corresponding to the gateway port identifier.

The EDR determines a corresponding gateway port according to the gateway port identification, accesses the gateway port, establishes communication connection with the gateway through the gateway port, and can establish safe communication connection with the gateway and perform subsequent safe data interaction because the gateway port is a safe gateway port.

And 306, generating a data transmission request according to the authentication token and the access control security policy, and sending the data transmission request to the gateway through the gateway port, so that the gateway performs identity verification on the automobile event data recording system based on the data transmission request and the authentication token received from the zero trust server in advance.

Specifically, the EDR generates a data transmission request according to the authentication token and the access control security policy, the data transmission request may further include data information to be transmitted, the data transmission request is sent to the gateway, and after the gateway receives the data transmission request, the EDR needs to be verified first to further determine the validity of the EDR identity. The specific verification method is that the gateway determines whether the authentication token carried in the data transmission request is the same as the authentication token received from the zero trust server, if so, the EDR is verified to pass the zero trust server, if not, the EDR is illegal, the data transmission request sent by the EDR needs to be discarded, and no response is made, so that the EDR is prevented from being attacked by an illegal attacker.

Step 308, receiving a third digital signature sent by the gateway after the authentication of the automobile event data recording system is passed.

And after the gateway passes the EDR authentication, returning a third digital signature to the EDR, wherein the third digital signature is generated by the gateway through a digital signature generation algorithm. The EDR may verify the identity of the gateway by means of a third digital signature.

And 310, verifying the third digital signature by adopting a digital signature verification algorithm in a certificateless cryptographic algorithm to complete the second bidirectional identity authentication.

Specifically, after the gateway passes the EDR authentication, the gateway sends a third digital signature and the identification of the service data transmission port to the EDR. The service data transmission port is a port which is allocated by the gateway for the EDR and can access the service server application, and the EDR accesses the service server through the service data transmission port. The identification of the service data transmission port is the unique identification of the service data transmission port, and the unique service data transmission port can be determined through the identification of the service data transmission port. The third digital signature is generated by the gateway based on the identification of the data transmission port by adopting a digital signature generation algorithm. And after the EDR receives the third digital signature, verifying the third digital signature by adopting a digital signature verification algorithm, and after the verification is passed, passing the second bidirectional identity authentication. The EDR can access the application of the service server through the service data transmission port by means of the gateway, so that a secure connection mode of authentication before connection is realized, and the security of data access transmission is ensured.

The verification method of the third digital signature is specifically described below by way of example, and step 310 includes:

calculating to obtain a public key of the gateway based on the identification of the gateway, elliptic curve system parameters and random numbers;

and verifying the third digital signature by adopting a digital signature verification algorithm in a certificateless cryptographic algorithm based on the identification of the gateway, the elliptic curve system parameter, a random number, the identification of the data transmission port and/or the public key of the gateway. As with the aforementioned method of verifying digital signatures, the verification of the third digital signature also includes two cases, a non-certificate system and an implicit certificate system, respectively.

Further, when the cryptographic service system is a certificate-less system, the method for verifying the third digital signature includes:

step 3102, calculating to obtain a hash value H based on the gateway identifier, the elliptic curve system parameter and the main public key of the cryptographic server _C 。

Specifically, the identification of the gateway is the unique identification of the gateway, the elliptic curve system parameter is the parameter of an elliptic curve cryptosystem, the elliptic curve cryptosystem is a system applying an SM2 elliptic curve public key cryptosystem, and the SM2 elliptic curve public key cryptosystem is one of the national cryptographic algorithms. Hash value H _C The calculation method of (2) is represented by the following formula:

H _C ＝H ₂₅₆ (ENTL _C ‖d′ _C ‖a‖b‖X _G ‖Y _G ‖X _Pub ‖Y _Pub )

wherein H is ₂₅₆ () EnTL representing a message digest length 256-bit cryptographic hash algorithm _C Is made up of an integer entlen _C Two bytes converted, entlen _C The bit length of the identity for the gateway. a is b represents a concatenation of a and b, and the data types of a and b can be bit strings or character strings. a. b, X _G 、Y _G Is an elliptic curve system parameter, a and b are elliptic curve equation parameters, (X) _G ，Y _G ) And G is the coordinate of G, and G represents one base point of an elliptic curve in an elliptic curve public key cryptography algorithm. (X) _Pub ，Y _Pub ) Is P _Pub Coordinates, P of _Pub Is the main public key of the password service end. X is X _G 、Y _G 、X _Pub 、Y _Pub Is a bit string. d' _C A random number generated for the gateway.

Step 3104, generating a fifth public key component w of the gateway based on the elliptic curve system parameters and the random number _C 。

w _C ＝[w]G+U _C

Wherein U is _C For the sixth public key component, U _C ＝[d′ _C ]G。[d′ _C ]G represents a point G on the elliptic curved′ _C The doubling point, i.e. [ d ]' _C ]G=g+g+ … +g, the number of G on the right of the equation being d' _C And d' _C Is a positive integer. d' _C Random number, d 'generated for gateway' _C ∈[1,n-1]。[w]G represents a point w times the point G on the elliptic curve, i.e. [ w ]]G=g+g+ … +g, the number of G on the right of the equation is w, w being a positive integer. w is a random number generated by the password server, w is E [1, n-1 ] ]. G represents a base point of the elliptic curve, the order of which is prime, and n represents the order of the base point G.

Step 3106, based on the elliptic curve system parameter, the hash value H _C And verifying the third digital signature by adopting a digital signature verification algorithm in a certificateless cryptographic algorithm, wherein the fifth public key component, the identification of the data transmission port and the public key of the gateway.

Specifically, the hash value H is determined by the foregoing steps _C And after the fifth public key component, verifying the third digital signature by combining the elliptic curve system parameter, the identification of the data transmission port and the public key of the gateway. And verifying the third digital signature through the following steps of:

where VERIFY () represents the digital signature verification algorithm, P _C Representing the public key of the gateway, P _C ＝w _C +[λ _C ]P _Pub ，And->Is w _C Coordinates of (r) ₃ ,s ₃ ) Representing a third digital signature. M is M ₃ Representing the identity of the data transmission port. P (P) _Pub Mod n represents the modulo-n operation for the primary public key of the cryptographic service system. If the output result is correct, the identification of the data transmission port is not tampered, if the output result is correctIf incorrect, the identification indicating the data transmission port is tampered with. And after the third digital signature passes verification, the second bidirectional identity authentication passes.

Through the second bidirectional identity authentication of the embodiment, the communication safety between the EDR and the gateway can be ensured, and after the EDR identity is determined to be legal again, the EDR can further perform data interaction with the service server, so that the safety of data interaction is further ensured. Meanwhile, in the authentication process, a certification-free password algorithm is adopted, so that the authentication rate can be effectively improved, and then the data communication rate among the EDR, the gateway, the zero trust server and the business server is improved.

Correspondingly, the application also provides a data security transmission method applied to the zero trust server, and referring to fig. 2, the method comprises the following steps:

step 402, a certificateless cryptographic algorithm is adopted to perform a first two-way identity authentication with the automobile event data recording system.

Specifically, before establishing communication connection with a service server and performing data transmission, the EDR of the automobile event data recording system needs to perform bidirectional identity authentication with a zero trust server and a gateway respectively. After the identity authentication is determined to be legal, the communication connection is established with the service server for subsequent data transmission, so that illegal attack of the outside on the Internet of vehicles can be effectively resisted. The bidirectional identity authentication comprises a first bidirectional identity authentication performed by the EDR and the zero trust server and a second bidirectional identity authentication performed by the EDR and the gateway. The security of authentication can be improved through two-time bidirectional identity authentication.

The EDR establishes communication connection with the server through a hidden port agreed during certificate registration under the production line, opens the hidden port of the server through a port knocking technology, realizes data interaction with the server, and performs first bidirectional identity authentication with the server. In the first two-way identity authentication process, the adopted cryptographic algorithm is a public key cryptographic algorithm without certificate and with hidden certificate based on elliptic curve public key cryptographic algorithm. The public key cryptographic algorithm of the certificates and hidden certificates based on the elliptic curve public key cryptographic algorithm is also called as the public key cryptographic algorithm of the certificates and hidden certificates based on the SM2 algorithm, and the algorithm solves the problems of complex certificate management, low communication efficiency and the like based on digital certificate authentication. The digital signature generation algorithm and the digital signature verification algorithm in the algorithm can realize bidirectional identity authentication between the EDR and the server, and the identity authentication rate is improved.

And step 404, responding to the passing of the first bidirectional identity authentication so as to enable the automobile event data recording system to perform second bidirectional identity authentication with a gateway, and responding to the passing of the second bidirectional identity authentication so as to enable the automobile event data recording system to perform data transmission with a service server based on a service data transmission port distributed by the gateway.

Specifically, after the first bidirectional identity authentication passes, the server side allocates an accessible gateway port for the EDR, the EDR can establish a secure communication connection with the gateway through the gateway port, perform data transmission with the gateway, and perform second bidirectional identity authentication with the gateway. Through the second bidirectional identity authentication, whether the identities of the EDR and the gateway are legal or not can be confirmed between the EDR and the gateway. After the second bidirectional identity authentication is passed, the EDR can establish communication connection with the service server through a service data transmission port distributed by the gateway, and realize data transmission with the service server through the service data transmission port. The business server side can conduct detailed vehicle-end emergency data analysis according to the data uploaded by the EDR, objectively restore the true phase of the vehicle-end accident, and provide basic analysis data for accident responsibility judgment. The EDR can also read or download related information from the service server to realize the EDR storage data requirement.

Based on the steps 402 to 404, through the data security transmission method provided in this embodiment, a first bidirectional identity authentication between the EDR and the zero trust server and a second bidirectional identity authentication between the EDR and the gateway are implemented. After the first bidirectional identity authentication, the EDR and the gateway establish communication connection, so that the first authentication and then connection with the gateway are realized, and after the second bidirectional identity authentication, the EDR and the service server establish communication connection, so that the first authentication and then connection with the service server are realized, and the data transmission safety is effectively ensured. After the two-time two-way identity authentication is passed, the automobile event data recording system can perform data transmission with the cloud, so that the safety of data access transmission in the Internet of vehicles is improved. The certificate-free cryptographic algorithm adopted in the two identity authentication processes is a lightweight cryptographic algorithm, the digital certificate is removed by the cryptographic algorithm, the public and private keys are issued independently of the digital certificate, and the public and private keys are generated at a high speed. Meanwhile, the occupation of the digital certificate to communication resources in the communication transmission process is reduced by removing the digital certificate, and the calculation force requirement is reduced in the digital signature verification process, so that the identity authentication rate of the automobile event data recording system and the cloud data transmission process is effectively improved, and the consumption of communication resources is reduced.

In the first bidirectional identity authentication process between the EDR and the zero trust server, in order to further confirm the current legitimacy of the EDR, the EDR is required to be subjected to trust evaluation, and the current trust evaluation value of the EDR is recalculated so as to realize dynamic authorization of the EDR.

In some embodiments, before the second bidirectional identity authentication is performed by the automobile event data recording system and the gateway, the method comprises:

performing trust evaluation on the automobile event data recording system;

Specifically, when the zero-trust server side performs the first bidirectional identity authentication with the EDR, the EDR sends authentication request information to the zero-trust server side, and the zero-trust server side performs trust evaluation on the EDR based on the authentication request information. The authentication request information can also comprise information such as security attribute information, equipment attribute and the like of the EDR, and the zero trust server carries out new-round trust evaluation on the EDR according to the information such as the security attribute information, the equipment attribute and the like. The zero trust server dynamically evaluates the EDR trust value according to the security attributes and the equipment attributes such as the equipment information, the equipment position, the equipment state, the request information and the like which are currently included in the EDR by utilizing a trust evaluation algorithm, and adjusts the access control security policy of the EDR in real time so as to realize the dynamic authorization of the EDR. And calculating by a trust evaluation algorithm to obtain a new trust value, and if the new trust value meets a preset evaluation condition, carrying out final judgment by combining the attribute of the business server application to be accessed by the EDR, and determining whether the EDR can access the business server application. If the access is available, determining an access control security policy, and issuing the access control security policy to the EDR so that the EDR can perform second bidirectional identity authentication with the gateway later. If the new trust value can not reach the preset evaluation condition, the zero trust server can not pass the identity authentication of the EDR, and discard the authentication request information of the EDR according to the principle of discard and no response. By the method in the embodiment, the current trust value of the EDR can be determined in real time, and when the real-time trust value meets the preset evaluation condition, the EDR can perform second bidirectional identity authentication with the gateway, so that the data communication safety is further ensured.

Correspondingly, the application also provides a data security transmission method which is applied to the gateway, and referring to fig. 3, the method comprises the following steps:

step 502, adopting a certificateless cryptographic algorithm to perform second bidirectional identity authentication with an automobile event data recording system; the second bidirectional identity authentication is performed after the first bidirectional identity authentication is performed between the automobile event data recording system and the zero trust server.

And step 504, responding to the passing of the second bidirectional identity authentication, so that the automobile event data recording system performs data transmission with a service server through a service data transmission port distributed by the gateway.

When the first bidirectional identity authentication is passed, the zero trust server allocates an accessible gateway port for the EDR, and the EDR can establish communication connection with the gateway through the gateway port and perform second bidirectional identity authentication with the gateway. After passing the second bidirectional identity authentication, the EDR and the gateway can confirm whether the identities of the EDR and the gateway are legal or not. In the second bidirectional identity authentication process, the adopted cryptographic algorithm is also a certificateless cryptographic algorithm. The certificateless cipher algorithm is a certificateless and implicit certificateless public key cipher algorithm based on elliptic curve public key cipher algorithm, also called a certificateless and implicit certificateless public key cipher algorithm based on SM2 algorithm, and solves the problems of complicated certificate management, low communication efficiency and the like based on digital certificate authentication. The digital signature generation algorithm and the digital signature verification algorithm in the algorithm can realize bidirectional identity authentication between the EDR and the server, and the identity authentication rate is improved.

After the second bidirectional identity authentication is passed, the EDR can establish communication connection with the service server through a service data transmission port distributed by the gateway, and realize data transmission with the service server through the service data transmission port. The business server side can conduct detailed vehicle-end emergency data analysis according to the data uploaded by the EDR, objectively restore the true phase of the vehicle-end accident, and provide basic analysis data for accident responsibility judgment. The EDR can also read or download related information from the cloud to realize the EDR storage data requirement.

Based on the steps 502 to 504, the data security transmission method provided by the embodiment realizes the first bidirectional identity authentication between the EDR and the zero trust server and the second bidirectional identity authentication between the EDR and the gateway. After the first bidirectional identity authentication, the EDR and the gateway establish communication connection, so that the first authentication and then connection with the gateway are realized, and after the second bidirectional identity authentication, the EDR and the service server establish communication connection, so that the first authentication and then connection with the service server are realized, and the data transmission safety is effectively ensured. After the two-time two-way identity authentication is passed, the automobile event data recording system can perform data transmission with the business server, so that the safety of data access transmission in the Internet of vehicles is improved. The certification-free cipher algorithm is a lightweight cipher algorithm, removes a digital certificate, realizes that the issuing of a public and private key does not depend on the digital certificate, and has a faster generation rate. Meanwhile, the occupation of the digital certificate to communication resources in the communication transmission process is reduced by removing the digital certificate, and the calculation force requirement is reduced in the digital signature verification process, so that the identity authentication rate of the automobile event data recording system and the cloud data transmission process is effectively improved, and the consumption of communication resources is reduced.

In some embodiments, prior to the second bidirectional identity authentication with the automotive event data logging system, comprising:

Specifically, after the first bidirectional identity authentication passes, the zero trust server allocates a target gateway port for the EDR, and simultaneously, the server sends the identifier of the allocated gateway port to the gateway, so that the gateway opens the target gateway port according to the identifier of the gateway port, waits for the EDR to send a data transmission request, and receives the data transmission request from the gateway port. The EDR is connected with the gateway through a special gateway port, so that the malicious attack action by using the port can be effectively lightened, and the safety of gateway resources is ensured.

Further, for data access security, the time length of the gateway opening the gateway port is set within a preset time length, and if the gateway does not receive a data transmission request from the gateway port within the preset time length, the gateway port is closed to protect the gateway port from being attacked maliciously and prevent illegal EDR access.

It should be noted that, the method of the embodiments of the present application may be performed by a single device, for example, a computer or a server. The method of the embodiment can also be applied to a distributed scene, and is completed by mutually matching a plurality of devices. In the case of such a distributed scenario, one of the devices may perform only one or more steps of the methods of embodiments of the present application, and the devices may interact with each other to complete the methods.

It should be noted that some embodiments of the present application are described above. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments described above and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.

Based on the same inventive concept, the application also provides a data security transmission device corresponding to the method of any embodiment.

Referring to fig. 4, the data security transmission device is applied to an automobile event data recording system, and comprises:

a first authentication module 1002 configured to perform a first bidirectional identity authentication with the zero trust server using a certificateless cryptographic algorithm;

a second authentication module 1004 configured to perform a second bidirectional identity authentication with the gateway using a certificateless cryptographic algorithm in response to the first bidirectional identity authentication passing;

and the data transmission module 1006 is configured to perform data transmission with the service server based on the service data transmission port allocated by the gateway in response to the second bidirectional identity authentication passing.

In some embodiments, the first authentication module 1002 is further configured to generate authentication request information;

In some embodiments, the second authentication module 1004 is further configured to receive, in response to the first bidirectional identity authentication passing, an authentication token, an access control security policy, and a gateway port identifier sent by the zero trust server;

The data security transmission device is applied to a zero trust server and comprises:

the third authentication module is configured to perform first bidirectional identity authentication with the automobile event data recording system by adopting a certificateless cryptographic algorithm;

In some embodiments, the third authentication module is configured to perform a trust evaluation on the car event data logging system prior to the second bidirectional identity authentication with a gateway; and responding to the trust evaluation result to meet a preset evaluation condition, so that the automobile event data recording system and the gateway perform second bidirectional identity authentication.

The data security transmission device is applied to a gateway and comprises:

the fourth authentication module is configured to perform second bidirectional identity authentication with the automobile event data recording system by adopting a certificateless cryptographic algorithm; the second bidirectional identity authentication is performed after the first bidirectional identity authentication is performed between the automobile event data recording system and the zero trust server;

In some embodiments, the fourth authentication module is further configured to receive a gateway port identification prior to a second bidirectional identity authentication with the vehicle event data logging system; the gateway port identification is sent by the zero trust server after the first bidirectional identity authentication is passed between the automobile event data recording system and the zero trust server; opening a corresponding gateway port according to the gateway port identification; and receiving a data transmission request sent by the automobile event data recording system from the gateway port.

In some embodiments, the fourth authentication module is further configured to close the gateway port in response to not receiving the data transmission request from the gateway port within a preset time period.

For convenience of description, the above devices are described as being functionally divided into various modules, respectively. Of course, the functions of each module may be implemented in the same piece or pieces of software and/or hardware when implementing the present application.

The device of the foregoing embodiment is configured to implement the corresponding data security transmission method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which is not described herein.

Based on the same inventive concept, the application also provides an electronic device corresponding to the method of any embodiment, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the data security transmission method of any embodiment when executing the program.

Fig. 5 shows a more specific hardware architecture of an electronic device according to this embodiment, where the device may include: a processor 1010, a memory 1020, an input/output interface 1030, a communication interface 1040, and a bus 1050. Wherein processor 1010, memory 1020, input/output interface 1030, and communication interface 1040 implement communication connections therebetween within the device via a bus 1050.

The processor 1010 may be implemented by a general-purpose CPU (Central Processing Unit ), microprocessor, application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits, etc. for executing relevant programs to implement the technical solutions provided in the embodiments of the present disclosure.

The Memory 1020 may be implemented in the form of ROM (Read Only Memory), RAM (Random Access Memory ), static storage device, dynamic storage device, or the like. Memory 1020 may store an operating system and other application programs, and when the embodiments of the present specification are implemented in software or firmware, the associated program code is stored in memory 1020 and executed by processor 1010.

The input/output interface 1030 is used to connect with an input/output module for inputting and outputting information. The input/output module may be configured as a component in a device (not shown) or may be external to the device to provide corresponding functionality. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various types of sensors, etc., and the output devices may include a display, speaker, vibrator, indicator lights, etc.

Communication interface 1040 is used to connect communication modules (not shown) to enable communication interactions of the present device with other devices. The communication module may implement communication through a wired manner (such as USB, network cable, etc.), or may implement communication through a wireless manner (such as mobile network, WIFI, bluetooth, etc.).

Bus 1050 includes a path for transferring information between components of the device (e.g., processor 1010, memory 1020, input/output interface 1030, and communication interface 1040).

It should be noted that although the above-described device only shows processor 1010, memory 1020, input/output interface 1030, communication interface 1040, and bus 1050, in an implementation, the device may include other components necessary to achieve proper operation. Furthermore, it will be understood by those skilled in the art that the above-described apparatus may include only the components necessary to implement the embodiments of the present description, and not all the components shown in the drawings.

The electronic device of the foregoing embodiment is configured to implement the corresponding data security transmission method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which is not described herein.

Based on the same inventive concept, corresponding to any of the above embodiments of the method, the present application further provides a non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the data security transmission method according to any of the above embodiments.

The computer readable media of the present embodiments, including both permanent and non-permanent, removable and non-removable media, may be used to implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device.

The storage medium of the foregoing embodiments stores computer instructions for causing the computer to perform the data security transmission method according to any one of the foregoing embodiments, and has the advantages of the corresponding method embodiments, which are not described herein.

Those of ordinary skill in the art will appreciate that: the discussion of any of the embodiments above is merely exemplary and is not intended to suggest that the scope of the application (including the claims) is limited to these examples; the technical features of the above embodiments or in the different embodiments may also be combined within the idea of the present application, the steps may be implemented in any order, and there are many other variations of the different aspects of the embodiments of the present application as described above, which are not provided in detail for the sake of brevity.

Additionally, well-known power/ground connections to Integrated Circuit (IC) chips and other components may or may not be shown within the provided figures, in order to simplify the illustration and discussion, and so as not to obscure the embodiments of the present application. Furthermore, the devices may be shown in block diagram form in order to avoid obscuring the embodiments of the present application, and this also takes into account the fact that specifics with respect to implementation of such block diagram devices are highly dependent upon the platform on which the embodiments of the present application are to be implemented (i.e., such specifics should be well within purview of one skilled in the art). Where specific details (e.g., circuits) are set forth in order to describe example embodiments of the application, it should be apparent to one skilled in the art that embodiments of the application can be practiced without, or with variation of, these specific details. Accordingly, the description is to be regarded as illustrative in nature and not as restrictive.

While the present application has been described in conjunction with specific embodiments thereof, many alternatives, modifications, and variations of those embodiments will be apparent to those skilled in the art in light of the foregoing description. For example, other memory architectures (e.g., dynamic RAM (DRAM)) may use the embodiments discussed.

The present embodiments are intended to embrace all such alternatives, modifications and variances which fall within the broad scope of the appended claims. Accordingly, any omissions, modifications, equivalents, improvements and/or the like which are within the spirit and principles of the embodiments are intended to be included within the scope of the present application.

Claims

1. A method for securely transmitting data for use in an automotive event data recording system, said method comprising:

2. The method of claim 1, wherein the performing the first bidirectional identity authentication with the zero trust server using a certificateless cryptographic algorithm comprises:

generating authentication request information;

3. The method of claim 1, wherein said performing a second bidirectional identity authentication with a gateway using a certificateless cryptographic algorithm in response to the first bidirectional identity authentication passing comprises:

4. A data security transmission method, applied to a zero trust server, the method comprising:

5. The method of claim 4, comprising, prior to the second bidirectional identity authentication with the gateway by the automotive event data logging system:

performing trust evaluation on the automobile event data recording system;

6. A method for securely transmitting data, applied to a gateway, the method comprising:

7. The method of claim 6, comprising, prior to the second bidirectional identity authentication with the vehicle event data logging system:

8. The method as recited in claim 7, further comprising:

and closing the gateway port in response to the fact that the data transmission request is not received from the gateway port within a preset time period.

9. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 3 when the program is executed by the processor.

10. A vehicle, characterized in that it comprises an electronic device according to claim 9.