CN119856448A - Method, device and system for replacing pseudonym certificate - Google Patents
Method, device and system for replacing pseudonym certificate Download PDFInfo
- Publication number
- CN119856448A CN119856448A CN202280100005.4A CN202280100005A CN119856448A CN 119856448 A CN119856448 A CN 119856448A CN 202280100005 A CN202280100005 A CN 202280100005A CN 119856448 A CN119856448 A CN 119856448A
- Authority
- CN
- China
- Prior art keywords
- information
- area
- pseudonym certificate
- replacement
- pseudonym
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Traffic Control Systems (AREA)
Abstract
A method, a device and a system for replacing a pseudonym certificate comprise the steps that first equipment obtains first information, the first information is used for indicating the first equipment to replace the pseudonym certificate, the first information is associated with a first area where the first equipment is located and/or the running state of the first equipment, and the first equipment controls replacement of the pseudonym certificate according to the first information. The method can be applied to intelligent driving equipment such as intelligent vehicles, electric vehicles and the like, can prevent an attacker from continuously tracking the first equipment under the condition of grasping the replacement period, and is beneficial to improving the safety of the first equipment.
Description
The application relates to the field of internet of vehicles security, in particular to a method, a device and a system for replacing a pseudonym certificate.
With the development of intelligent driving technology, information interaction can be performed between a vehicle-to-outside (vehicle to everything, V2X) communication network and nodes such as surrounding vehicles, base stations, road Side Units (RSUs) and the like, so as to assist driving. In the V2X scene, the vehicle continuously broadcasts information such as its own driving parameters and positions to surrounding vehicles, base stations, RSUs and other nodes, which may be acquired by an attacker, and the attacker can determine the position of the vehicle according to the broadcast information, thereby further damaging the privacy security of the driver through the association of the vehicle and the driver. To avoid that an attacker keeps track of the vehicle position, which leads to the invasiveness of the driver's privacy, it is currently common practice to use authentication by means of a pseudonym certificate to address the threat of the attacker to the vehicle's security.
Vehicles can continually change the pseudonym certificates used by them, making it difficult for an attacker to associate the pseudonym certificates with vehicles in corresponding locations, thereby enhancing the complexity of location tracking. However, the traditional replacement of the pseudonym certificate based on the fixed period still cannot avoid that an attacker determines the position of the vehicle according to the pseudonym certificate, and privacy disclosure such as the position of the vehicle is still easy to cause.
In view of this, a scheme of replacing a pseudonymous certificate capable of improving the safety of a vehicle is urgently required to be developed.
Disclosure of Invention
The embodiment of the application provides a method, a device and a system for replacing a pseudonym certificate, which can reduce the probability of leakage of intelligent privacy caused by continuous tracking of an attacker on intelligent driving equipment and are beneficial to improving the safety of the intelligent driving equipment.
The method provided by the application can be applied to intelligent driving equipment, the intelligent driving equipment can be vehicles in a broad concept, and can be vehicles (such as automobiles, commercial vehicles, trucks, motorcycles, aircraft, aeroplanes, trains, ships and the like), industrial vehicles (such as forklifts, trailers, tractors and the like), engineering vehicles (such as excavators, earth-moving vehicles, cranes and the like), agricultural equipment (such as mowers, harvesters and the like), recreation equipment, toy vehicles and the like.
In a first aspect, a method of replacing a pseudonym certificate is provided, which may be performed by an intelligent driving device, or may be performed by a chip or circuit for an intelligent driving device, as the application is not limited in this regard.
The method comprises the steps that first equipment obtains first information, the first information is used for indicating the first equipment to replace a pseudonym certificate, the first information is associated with a first area where the first equipment is located and/or the running state of the first equipment, and the first equipment controls the replacement of the pseudonym certificate according to the first information.
In the technical scheme, when the first equipment is in a specific running state and/or runs to a specific area, the replacement of the pseudonym certificate is controlled, so that the first equipment can be continuously tracked under the condition that an attacker grasps the replacement period, and the safety of the first equipment is improved.
The first device may be an intelligent driving device, or the first device may be a certain processor provided in the intelligent driving device, for example. When the first device is a processor arranged in the intelligent driving device, the area where the first device is located is the area where the intelligent driving device is located, and the running state of the first device is the running state of the intelligent driving device.
By way of example, "the first information is associated with a first region in which the first device is located and/or an operating state of the first device" may be understood that the first information is generated and/or obtained when the first device is located in the first region and/or the first information is generated and/or obtained when the first device is in a certain operating state. Wherein, a certain running state can comprise at least one of a running state, a power-on and stopping state and a just-started state.
The first area may, for example, comprise at least one of an area where the pseudonym certificate is used less frequently, an area where the first device is often traveling, an area determined from a location of interest to the user of the first device.
In some possible implementations, the first information may be received from a roadside device, or the first information may be obtained from other processors of the intelligent driving device.
With reference to the first aspect, in some implementations of the first aspect, the first area includes a second area, the second area is an area associated with a location of interest to a user of the first device, and the first device obtains the first information, including receiving, by the first device, the first information from a first roadside device that is closest to the first device in the first area when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold.
The preset distance threshold may be 5 meters, or may be 3 meters, or may be other distances, for example.
By way of example, the "the second area is an area associated with a location of interest to the user of the first device" may be understood as the second area being a cluster determined from the location of interest to the user of the first device or the second area being a location of interest to the user of the first device.
It should be noted that the first device may also obtain the first information from other devices, for example, from other intelligent driving devices.
In the technical scheme, the self-adaptive replacement scheme of the pseudonym certificate can be designed for the first equipment according to the place of interest of the user, so that the user experience is improved. Furthermore, after the attacker obtains location related information of interest to the user, the first device may be tracked in connection with a pseudonym certificate replacement cycle. When the first equipment runs to the area related to the place of interest of the user, the replacement of the pseudonym certificate is controlled, so that the difficulty of an attacker in breaking through the relationship between the new pseudonym certificate and the old pseudonym certificate of the vehicle can be increased, the probability of the attacker obtaining the privacy of the first equipment can be reduced, and the safety of the first equipment is further improved.
With reference to the first aspect, in some implementations of the first aspect, the first area includes a first signal intersection, and the first device controls to replace the pseudonym certificate according to the first information, including controlling to replace the pseudonym certificate by the first device when a running speed of the first device in the first area is less than or equal to a preset speed threshold.
In some possible implementations, the first signal intersection is a location of interest to the user or a second area associated with the location of interest to the user, the first device receives the first information when a distance between the first device and the first signal intersection is less than or equal to a preset distance threshold, and further, the first device controls replacement of the pseudonym certificate when a traveling speed of the first device in the first area is less than or equal to a preset speed threshold.
In some possible implementations, the first device receives the first information when the signal light of the first signal light intersection turns red, and further, when the running speed of the first device in the first area is less than or equal to a preset speed threshold value, the first device controls to replace the pseudonym certificate. The signal light is, for example, a signal light of the first device driving direction. For example, if the first device needs to go straight from north to south at a first signal intersection, the signal may be a signal indicating a north-south straight at the first signal intersection.
The preset speed threshold may be, for example, 3km/h, or may be 0km/h, or may be other speeds as well.
In the above technical scheme, when the first device is parked at the intersection in the running process, because the requirement of the first device for communication with other devices is smaller in the scene, the replacement of the pseudonym certificate can be controlled, and the safety of the first device can be improved on the premise of ensuring that the communication of the first device is not affected.
With reference to the first aspect, in certain implementation manners of the first aspect, the first device controlling the replacement of the pseudonym certificate according to the first information includes controlling the replacement of the pseudonym certificate by the first device when the first device is started.
In some possible implementations, the first device receives the first information when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold, and shuts down after the first device receives the first information. Since the first device does not need to communicate with other devices when it is turned off, the pseudonym certificate does not need to be replaced. Further, the first device controls the replacement of the pseudonym certificate when the first device is started in the second area.
In the above technical solution, before the first device is started, since the first device does not need to communicate with other devices, the pseudonym certificate may not be replaced for a long time, and the pseudonym certificate before being directly used after the first device is started is relatively easy to be tracked by an attacker, so that the pseudonym certificate is replaced when the first device is started, which is helpful for improving the security of the first device.
With reference to the first aspect, in certain implementation manners of the first aspect, the method further includes the first device determining a replacement period of the pseudonym certificate, the replacement period being associated with a real-time status parameter of the first device, and controlling replacement of the pseudonym certificate by the first device when the replacement period arrives.
In the above technical scheme, the replacement period for replacing the pseudonym certificate can be determined according to the real-time state parameter of the first device, and because the pseudonym replacement period is changed, an attacker cannot determine the replacement period of the pseudonym certificate of the first device, so that the first device cannot be tracked, and the security of the first device is improved.
With reference to the first aspect, in certain implementations of the first aspect, the real-time status parameter includes at least one of a speed of the first device, a traffic density around the first device, a privacy disclosure level of the first device, and a user demand level, wherein the user demand level is used to indicate a demand level for a user of the first device to change a pseudonym certificate.
In a second aspect, a method of replacing a pseudonym certificate is provided, which may be performed by a cloud server or may also be performed by a chip or circuitry for the cloud server. In some possible implementations, the method may also be performed by a roadside device, or may also be performed by a chip or circuit to which the roadside device is applied, which is not limited by the present application.
The method comprises the steps that a second device generates first information, the first information is used for indicating a first device to replace a pseudonym certificate, the first information is associated with a first area where the first device is located and/or the running state of the first device, and the second device sends the first information to the first device.
In the technical scheme, when the first equipment is in a specific running state and/or runs to a specific area, the first information is sent to the first equipment so as to control the first equipment to replace the pseudonym certificate, so that the first equipment can be prevented from being continuously tracked by an attacker under the condition of grasping a replacement period, and the safety of the first equipment is improved.
With reference to the second aspect, in some implementations of the second aspect, the first area includes a second area, the second area is an area associated with a location of interest according to a user of the first device, the second device is a road side device closest to the first device in the first area, and the second device sends the first information to the first device, including sending the first information to the first device when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold.
In the technical scheme, the indication information for indicating the first equipment to replace the pseudonym certificate is generated in the specific area and sent to the first equipment, so that the first equipment can replace the pseudonym certificate according to the indication information of the second equipment in the specific area, the calculation cost of the first equipment can be saved, and the problem that the user privacy is leaked due to tracking of an attacker on the first equipment can be further prevented.
With reference to the second aspect, in some implementations of the second aspect, the first area includes a first signal intersection, and the second device generates the first information, including when the second device obtains information that a signal at the first signal intersection turns red, the second device generates the first information.
The signal light is, for example, a signal light of the first device driving direction.
The signal reddening of the first signal intersection may be detected by the second device or may be indicated by other devices, for example.
In the above technical scheme, when the first device is in the driving process of the intersection and stops at the intersection, because the requirement of the first device for communication with other devices is smaller in the scene, the first device can be instructed to replace the pseudonym certificate, and the safety of the first device can be improved on the premise of ensuring that the communication of the first device is not affected.
With reference to the second aspect, in certain implementations of the second aspect, the second device sending the first information to the first device includes the second device sending the first information to the first device via a third device.
The second device is a cloud server, and the third device is a road side device, for example, the third device may be a road side device of an area where the first device travels.
In some possible implementations, the second device may not facilitate sending information indicating that it replaces the pseudonym certificate directly to the first device, which may then be sent to the first device by the third device.
With reference to the second aspect, in some implementations of the second aspect, the method further includes the second device obtaining information of the first area and/or information of an operating state of the first device.
The second device may obtain the information of the first area and/or the information of the operation state of the first device from the first device, or the second device may detect the first area where the first device is located and/or the operation state of the first device by itself, for example.
With reference to the second aspect, in some implementations of the second aspect, the method further includes the second device obtaining a real-time status parameter of the first device, the second device determining a replacement period of the pseudonym certificate according to the real-time status parameter, and the second device sending information of the replacement period to the first device.
In the technical scheme, the second device can determine the replacement period of the replacement pseudonym certificate according to the real-time state parameter of the first device, and because the pseudonym replacement period is changed, an attacker cannot determine the replacement period of the pseudonym certificate of the first device, cannot track the first device, and is beneficial to improving the safety of the first device.
With reference to the second aspect, in certain implementations of the second aspect, the real-time status parameter includes at least one of a speed of the first device, a traffic density around the first device, a privacy disclosure level of the first device, and a user demand level, wherein the user demand level is used to indicate a demand level for a user of the first device to change a pseudonym certificate.
In a third aspect, a method of replacing a pseudonym certificate is provided, which may include a first device determining a replacement period for the pseudonym certificate, the replacement period being associated with a real-time status parameter of the first device, the first device controlling replacement of the pseudonym certificate when the replacement period arrives.
With reference to the third aspect, in certain implementations of the third aspect, the real-time status parameter includes at least one of a speed of the first device, a traffic density around the first device, a privacy disclosure level of the first device, and a user demand level, wherein the user demand level is used to indicate a demand level for a user of the first device to change a pseudonym certificate.
With reference to the third aspect, in some implementations of the third aspect, the first device obtains first information, where the first information is used to instruct the first device to replace a pseudonym certificate, the first information is associated with a first area where the first device is located and/or an operation state of the first device, and the first device controls replacement of the pseudonym certificate according to the first information.
With reference to the third aspect, in some implementations of the third aspect, the first area includes a second area, the second area is an area associated with a location of interest to a user of the first device, and the first device obtains the first information, including receiving, by the first device, the first information from a first roadside device that is closest to the first device in the first area when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold.
With reference to the third aspect, in some implementations of the third aspect, the first area includes a first signal intersection, and the first device controls to replace the pseudonym certificate according to the first information, including controlling to replace the pseudonym certificate by the first device when a running speed of the first device in the first area is less than or equal to a preset speed threshold.
With reference to the third aspect, in some implementations of the third aspect, the first device controlling the replacement of the pseudonym certificate according to the first information includes, when the first device is started, the first device controlling the replacement of the pseudonym certificate.
In a fourth aspect, an apparatus for replacing a pseudonym certificate is provided, where the apparatus includes an acquisition unit and a processing unit, where the acquisition unit is configured to acquire first information, where the first information is used to instruct a first device to replace the pseudonym certificate, the first information is associated with a first area where the first device is located and/or an operation state of the first device, and the processing unit is configured to control replacement of the pseudonym certificate according to the first information.
With reference to the fourth aspect, in some implementations of the fourth aspect, the first area includes a second area, the second area is an area associated with a location of interest to a user of the first device, and the acquiring unit is configured to receive the first information from a first roadside device when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold, the first roadside device being a roadside device closest to the first device in the first area.
With reference to the fourth aspect, in some implementations of the fourth aspect, the first area includes a first signal intersection, and the processing unit is configured to control replacement of the pseudonym certificate when a running speed of the first device in the first area is less than or equal to a preset speed threshold.
With reference to the fourth aspect, in some implementations of the fourth aspect, the processing unit is configured to control replacement of the pseudonym certificate when the first device is booted.
With reference to the fourth aspect, in certain implementations of the fourth aspect, the apparatus further includes a determining unit configured to determine a replacement period of the pseudonym certificate, the replacement period being associated with a real-time status parameter of the first device, and the processing unit is further configured to control replacement of the pseudonym certificate when the replacement period arrives.
With reference to the fourth aspect, in some implementations of the fourth aspect, the real-time status parameter includes at least one of a speed of the first device, a traffic density around the first device, a privacy disclosure level of the first device, and a user demand level, wherein the user demand level is used to indicate a demand level for a user of the first device to change a pseudonym certificate.
In a fifth aspect, an apparatus for replacing a pseudonym certificate is provided, the apparatus comprising a generating unit and a transceiving unit, wherein the generating unit is used for generating first information, the first information is used for indicating a first device to replace the pseudonym certificate, the first information is associated with a first area where the first device is located and/or an operation state of the first device, and the transceiving unit is used for sending the first information to the first device.
With reference to the fifth aspect, in some implementations of the fifth aspect, the first area includes a second area, the second area is an area associated with a location of interest according to a user of the first device, the second device is a road side device closest to the first device in the first area, and the transceiver unit is configured to send the first information to the first device when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold.
With reference to the fifth aspect, in some implementations of the fifth aspect, the first area includes a first signal intersection, and the apparatus further includes an obtaining unit, where the generating unit is configured to generate the first information when the obtaining unit obtains information that a signal at the first signal intersection turns red.
With reference to the fifth aspect, in some implementations of the fifth aspect, the transceiver unit is configured to send the first information to the first device via a third device.
With reference to the fifth aspect, in certain implementation manners of the fifth aspect, the apparatus further includes an acquiring unit, where the acquiring unit is configured to acquire information of the first area and/or information of an operation state of the first device.
With reference to the fifth aspect, in some implementations of the fifth aspect, the apparatus further includes an acquiring unit configured to acquire a real-time status parameter of the first device, and a determining unit configured to determine a replacement period of the pseudonym certificate according to the real-time status parameter, and the transceiving unit is further configured to send information of the replacement period to the first device.
With reference to the fifth aspect, in certain implementations of the fifth aspect, the real-time status parameter includes at least one of a speed of the first device, a traffic density around the first device, a privacy disclosure level of the first device, and a user demand level, wherein the user demand level is used to indicate a demand level for a user of the first device to change a pseudonym certificate.
In a sixth aspect, an apparatus for replacing a pseudonym certificate is provided, the apparatus comprising a determination unit for determining a replacement cycle of the pseudonym certificate, the replacement cycle being associated with a real-time status parameter of the first device, and a processing unit for controlling the replacement of the pseudonym certificate when the replacement cycle has arrived.
With reference to the sixth aspect, in certain implementations of the sixth aspect, the real-time status parameter includes at least one of a speed of the first device, a traffic density around the first device, a privacy disclosure level of the first device, and a user demand level, wherein the user demand level is used to indicate a demand level for a user of the first device to change a pseudonym certificate.
With reference to the sixth aspect, in some implementations of the sixth aspect, the apparatus further includes an obtaining unit, where the obtaining unit is configured to obtain first information, where the first information is used to instruct a first device to replace a pseudonym certificate, the first information is associated with a first area where the first device is located and/or an operating state of the first device, and the processing unit is configured to control replacement of the pseudonym certificate according to the first information.
With reference to the sixth aspect, in some implementations of the sixth aspect, the first area includes a second area, the second area is an area associated with a location of interest to a user of the first device, and the obtaining unit is configured to receive the first information from a first roadside device when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold, the first roadside device being a roadside device closest to the first device in the first area.
With reference to the sixth aspect, in certain implementation manners of the sixth aspect, the first area includes a first signal intersection, and the processing unit is configured to control replacement of the pseudonym certificate when a running speed of the first device in the first area is less than or equal to a preset speed threshold.
With reference to the sixth aspect, in certain implementations of the sixth aspect, the processing unit is configured to control replacement of the pseudonym certificate when the first device is started.
In a seventh aspect, there is provided an apparatus for replacing a pseudonym certificate, the apparatus comprising a memory for storing a computer program, and a processor for executing the computer program stored in the memory to cause the apparatus to perform a method as in any of the possible implementations of the first or third aspects.
In an eighth aspect, there is provided an apparatus for replacing a pseudonym certificate, the apparatus comprising a memory for storing a computer program, and a processor for executing the computer program stored in the memory to cause the apparatus to perform the method as in any one of the possible implementations of the second aspect.
A ninth aspect provides an intelligent driving apparatus comprising means as in any one of the possible implementations of the fourth, sixth or seventh aspects.
With reference to the ninth aspect, in certain implementations of the ninth aspect, the intelligent driving apparatus is a vehicle.
In a tenth aspect, a server is provided, the server comprising an apparatus as in any one of the possible implementations of the fifth or eighth aspect.
With reference to the tenth aspect, in certain implementations of the tenth aspect, the server is a cloud server, or is a server disposed in a roadside device.
In an eleventh aspect, a computer program product is provided, the computer program product comprising computer program code for causing a computer to perform the method of any one of the possible implementations of the first to third aspects when the computer program code is run on the computer.
It should be noted that the above-mentioned computer program code may be stored in whole or in part on a first storage medium, where the first storage medium may be packaged together with the processor or may be packaged separately from the processor.
In a twelfth aspect, there is provided a computer readable medium storing instructions that, when executed by a processor, cause the processor to implement a method as in any one of the possible implementations of the first to third aspects.
In a thirteenth aspect, a chip is provided, the chip comprising circuitry for performing the method of any one of the possible implementations of the first to third aspects.
FIG. 1 is a schematic diagram of a system framework for replacing pseudonymous certificates provided by an embodiment of the present application;
FIG. 2 is a schematic flow chart of a method of replacing a pseudonym certificate provided by an embodiment of the application;
FIG. 3 is a further schematic flow chart of a method of replacing a pseudonym certificate provided by an embodiment of the application;
FIG. 4 is a further schematic flow chart of a method of replacing a pseudonym certificate provided by an embodiment of the application;
FIG. 5 is a further schematic flow chart diagram of a method of replacing a pseudonym certificate provided by an embodiment of the application;
FIG. 6 is a further schematic flow chart diagram of a method of replacing a pseudonym certificate provided by an embodiment of the application;
FIG. 7 is a schematic block diagram of an apparatus for replacing pseudonymous certificates provided by an embodiment of the present application;
FIG. 8 is a further schematic block diagram of an apparatus for replacing pseudonymous certificates provided by an embodiment of the present application;
fig. 9 is a further schematic block diagram of an apparatus for replacing a pseudonymous certificate provided by an embodiment of the application.
In the description of the embodiments of the present application, unless otherwise indicated, "/" means or, for example, a/B may represent a or B, and "and/or" herein is an association relationship describing an association object, which means that there may be three relationships, for example, a and/or B, and that there may be three cases where a exists alone, while a and B exist together, and B exists alone. In the present application, "at least one" means one or more, and "a plurality" means two or more. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (a, b, or c) of a, b, c, a-b, a-c, b-c, or a-b-c may be represented, wherein a, b, c may be single or plural.
In the embodiment of the application, prefix words such as "first" and "second" are adopted, and only for distinguishing different description objects, no limitation is imposed on the position, sequence, priority, quantity or content of the described objects. The use of ordinal words and the like in embodiments of the present application to distinguish between the prefix words used to describe an object does not limit the described object, and statements of the described object are to be read in the claims or in the context of the embodiments and should not constitute unnecessary limitations due to the use of such prefix words.
As described above, in the V2X scenario, the vehicle continuously broadcasts information such as its own driving parameters and positions to the surrounding vehicles, base stations, RSUs, and other nodes, which may be acquired by an attacker, and the attacker can determine the position of the vehicle according to the broadcast information. In the current technical background, vehicles can continuously change the pseudonym certificates used by the vehicles, so that an attacker can hardly associate the pseudonym certificates with the vehicles at corresponding positions, and further the complexity of position tracking is enhanced. However, the traditional replacement of the pseudonym certificate based on the fixed period still cannot avoid that an attacker determines the position of the vehicle according to the pseudonym certificate, and privacy disclosure such as the position of the vehicle is still easy to cause.
In order to solve the problem of vehicle privacy disclosure caused by a fixed period of the replacement of a pseudonym certificate, the current method comprises the following steps of firstly, acquiring the privacy disclosure quantity of a vehicle in a preset pseudonym period, calculating the privacy disclosure degree of the vehicle according to the privacy disclosure quantity, selecting the next pseudonym from a vehicle pseudonym set to replace and enter the next pseudonym period when the privacy disclosure degree reaches a privacy disclosure degree threshold value, and if the pseudonym is not replaced in the pseudonym period when the privacy disclosure degree does not reach the privacy disclosure degree threshold value, selecting the next pseudonym from the vehicle pseudonym set to replace and automatically entering the next pseudonym period when the inherent period arrives. If the vehicle is in a driving state, the vehicle periodically broadcasts basic safety information, a pseudonym replacement condition is determined according to the driving state of the nearby vehicle, if the pseudonym replacement condition is satisfied, the pseudonym replacement is executed, and a legal pseudonym certificate is independently calculated through cooperation with the surrounding vehicle under the condition that the RSU is not involved. In the former scheme, the privacy disclosure degree and the preset pseudonym updating period are considered as the judgment basis of the pseudonym replacement, and although the fixed period of the pseudonym certificate replacement is broken at the moment of replacing the pseudonym certificate when the privacy disclosure degree is higher, the continuous tracking of the vehicle by an attacker under the condition of grasping the renaming time interval is still difficult to avoid when the privacy disclosure degree is lower. In the latter scheme, legal pseudonym certificates are calculated independently by cooperation with surrounding vehicles without the participation of RSUs, the vehicles initiating pseudonym exchange require large communication and calculation overhead, and it is difficult to ensure that sufficient vehicles participate in the cooperation of pseudonym exchange.
In view of this, the method for replacing the pseudonym certificate provided by the embodiment of the application can determine the replacement period for replacing the pseudonym certificate according to the real-time state parameter of the intelligent driving device, and because the pseudonym replacement period is changed, an attacker cannot determine the pseudonym certificate replacement period of the intelligent driving device, so that the intelligent driving device cannot be tracked, and the safety of the intelligent driving device is improved. Further, when the intelligent driving device is in a specific running state and/or runs to a specific area, the replacement of the pseudonym certificate is controlled, so that an attacker can be prevented from continuously tracking the intelligent driving device under the condition of grasping a replacement period, and the safety of the intelligent driving device is improved.
The technical solutions in the embodiments of the present application will be described below with reference to the accompanying drawings.
Fig. 1 is an application scenario of a method for replacing a pseudonym certificate according to an embodiment of the present application, where the application scenario may include an intelligent driving device 100, a cloud server 210, and a roadside device 220.
The intelligent driving device 100 may include a perception system 140, a computing platform 150, and peripherals 160. The perception system 140 may include, among other things, one or more sensors that sense environmental information about the surroundings of the intelligent driving apparatus 100 and the intelligent driving apparatus driving parameters. For example, the perception system 140 may include a positioning system, which may be a global positioning system (global positioning system, GPS), a beidou system or other positioning system, an inertial measurement unit (inertial measurement unit, IMU). The sensing system 140 may further include one or more of a lidar, millimeter wave radar, ultrasonic radar, and camera, and the sensing system 140 may further include a wheel speed sensor, a pedal position sensor, etc. for sensing the speed and/or acceleration of the intelligent driving device.
Some or all of the functions of the intelligent driving apparatus 100 may be controlled by the computing platform 150. The computing platform 150 may include one or more processors, such as processors 151 through 15n (n is a positive integer), which are circuits with signal processing capabilities, in one implementation, which may be circuits with instruction reading and execution capabilities, such as a central processing unit (central processing unit, CPU), microprocessor, graphics processor (graphics processing unit, GPU) (which may be understood as a microprocessor), or digital signal processor (DIGITAL SIGNAL processor, DSP), etc., and in another implementation, which may implement a function through the logical relationship of hardware circuits, which may be fixed or reconfigurable, such as hardware circuits implemented by application-specific integrated circuits (ASICs) or programmable logic devices (programmable logic device, PLDs), such as field programmable gate arrays (field programmable GATE ARRAY, FPGAs). In the reconfigurable hardware circuit, the processor loads the configuration document, and the process of implementing the configuration of the hardware circuit may be understood as a process of loading instructions by the processor to implement the functions of some or all of the above units. Furthermore, a hardware circuit designed for artificial intelligence may be also be considered as an ASIC, such as a neural network processing unit (neural network processing unit, NPU), tensor processing unit (tensor processing unit, TPU), deep learning processing unit (DEEP LEARNING processing unit, DPU), etc. In addition, computing platform 150 may also include a memory for storing instructions that some or all of processors 151 through 15n may call and execute to implement corresponding functions.
The intelligent driving device 100 interacts with the cloud server 210, external sensors, other intelligent driving devices, other computer systems, or users through the peripheral device 160. Peripheral device 160 may include a wireless communication system.
The cloud server 210 may include a computing platform 211, where the computing platform 211 may include one or more processors, and the specific form and corresponding function of the one or more processors may be referred to in the above embodiments, which are not described herein.
It should be understood that the above-mentioned devices and apparatuses are only examples, and in practical applications, the above-mentioned devices and apparatuses may be added or deleted according to actual needs.
In the embodiment of the present application, the cloud server 210 may determine a replacement period of the pseudonym certificate according to the speed of the intelligent driving device 100, the traffic density near the intelligent driving device 100, the security degree (or privacy disclosure degree) of the intelligent driving device, and the user demand level, and send the replacement period to the intelligent driving device 100, so that the intelligent driving device 100 may replace the pseudonym certificate when the replacement period is reached. The cloud server 210 may further determine a replacement area of the pseudonym certificate according to a location of interest of the user of the intelligent driving device 100, and further control the road side device 220 in the area to send a pseudonym certificate replacement instruction to the intelligent driving device 100, so that the intelligent driving device 100 may perform replacement of the pseudonym certificate in the area. Further, when the roadside apparatus 220 is disposed at the traffic light intersection, the roadside apparatus 220 may also determine whether to transmit a pseudonym certificate replacement instruction to the intelligent driving apparatus 100 according to the traffic light state, and, for example, transmit a pseudonym certificate replacement instruction to surrounding intelligent driving apparatuses when the traffic light turns red, so that the intelligent driving apparatus 100 in a stopped state performs a replacement of the pseudonym certificate. The intelligent driving apparatus 100 may perform the replacement of the pseudonym certificate according to the driving scenario, in addition to the replacement of the pseudonym certificate according to the replacement cycle and the replacement instruction from the roadside apparatus 220, for example, the intelligent driving apparatus 100 may perform the replacement of the pseudonym certificate at the time of the just-started.
Fig. 2 shows a schematic flow chart of a method 200 for replacing a pseudonym certificate according to an embodiment of the application, and the method 200 can be applied to the application scenario shown in fig. 1. Illustratively, the method 200 may be performed by one or more processors in the computing platform 150 of fig. 1, the method 200 comprising:
S201, the first device obtains first information, where the first information is used to instruct the first device to replace a pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operation state of the first device.
In some possible implementations, the first device may be an intelligent driving device in the above embodiments, and the first information may be received from a roadside device.
The first area may include, for example, an area where the intelligent driving apparatus uses the pseudonym certificate less frequently, such as a signal intersection, or the first area may also include an area of interest to the user of the intelligent driving apparatus.
The operating state of the first device may, for example, comprise at least one of a driving state, a parking state, and a just-started state (i.e., a state from a power-down to a power-up state).
In some possible implementations, the first device may be a certain processor disposed in a computing platform of the intelligent driving device, and the first information may be sent to the first device by another processor in the computing platform of the intelligent driving device. In the above scenario, the first area where the first device is located may represent the first area where the intelligent driving device is located, and the operation state of the first device may represent the operation state of the intelligent driving device.
It should be noted that, the first information is associated with the first area where the first device is located and/or the operation state of the first device, which may be understood that the first information may be generated and/or obtained when it is detected that the first device is driving to a signal intersection and the signal is turned from a green light to a red light, or the first information may be generated and/or obtained when it is detected that the first device is driving to an area of interest of the user, or the first information may be generated and/or obtained when it is detected that the first device is just started. The "first device just started" may be just started after the first device parks in the parking lot, or just started after the first device is maintained, or may be other just started scenes of the first device.
In some possible implementations, the first area includes a second area, the second area being an area associated with a location of interest to a user of a first device, the first device obtaining first information including receiving the first information from a first roadside device that is closest to the first device in the first area when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold. Or the first device is one of a vehicle in a vehicle train of an adaptive cruise control system (cooperativeadaptive cruise control, CACC), the first device receives the first information from other vehicles in the CACC vehicle train when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold.
The preset distance threshold may be 5 meters, or may be 3 meters, or may be other distances, for example.
The second area may be, for example, a cluster determined according to a location of interest to the user by a clustering algorithm, wherein the location of interest to the user may be a location where the user is traveling often (e.g. traveling more than 3 times per week), or may be a location where the user is collecting or marking in an electronic map, or may be another location where the user is interested.
S202, the first device controls replacement of the pseudonym certificate according to the first information.
In one example, the first device controls the replacement of the pseudonym certificate when it receives the first information.
In yet another example, the first area includes a first signal intersection, and the first device controls the replacement of the pseudonym certificate when a speed of travel of the first device in the first area is less than or equal to a preset speed threshold.
The preset speed threshold may be, for example, 3 km/h (kilometer per hour km/h), or may be 0km/h, or may be other speeds as well.
In yet another example, the first device controls the replacement of the pseudonym certificate when the first device is booted.
In some possible implementations, the area of interest of the user includes a first signal intersection, and when the distance between the first device and the center of the cluster determined by the area of interest of the user is less than or equal to a preset distance threshold, the first device receives the first information, and further, when the running speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls to replace the pseudonym certificate.
In some possible implementations, when the first device is an intelligent driving device, the intelligent driving device may determine a replacement period of the pseudonym certificate according to a real-time status parameter of the intelligent driving device. The real-time status parameters may include at least one of a speed of the intelligent driving device, a traffic density around the intelligent driving device, a privacy disclosure level of the intelligent driving device, and a user demand level, wherein the user demand level is used to indicate a demand level for a user of the intelligent driving device to replace a pseudonym certificate.
According to the method for replacing the pseudonym certificate, when the intelligent driving equipment is in a specific running state and/or runs to a specific area, the pseudonym certificate is controlled to be replaced, so that an attacker can be prevented from continuously tracking the intelligent driving equipment under the condition of grasping a replacement period, and the safety of the intelligent driving equipment is improved.
Fig. 3 shows a schematic flow chart of a method 300 for replacing a pseudonym certificate according to an embodiment of the application, and the method 300 can be applied to the application scenario shown in fig. 1. Illustratively, the method 300 may be performed by one or more processors in the computing platform 211 in fig. 1, or may also be performed by the roadside device 220 shown in fig. 1. The method 300 includes:
S301, the second device generates first information, where the first information is used to instruct the first device to replace a pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operation state of the first device.
In some possible implementations, the second device may be a road side device in the foregoing embodiment, or may also be a cloud server in the foregoing embodiment.
In some possible implementations, the second device may be a certain processor provided in a computing platform of the intelligent driving device.
By way of example, the second device generating the first information may include at least one of generating the first information when the first device is acquired to travel to the traffic light intersection and the traffic light is changed from a green light to a red light, generating the first information when the first device is acquired to travel to the area of interest of the user, or generating the first information when the first device is acquired to just start up the first device.
The signal light is illustratively a signal light of the traveling direction of the first device.
In some possible implementations, the information acquired by the second device may be a result of detection by the second device, or may be sent to the second device by another device, which is not specifically limited in the embodiments of the present application.
S302, the second device sends the first information to the first device.
In some possible implementations, the first information is transmitted at the second device to the first device via the third device. In an example, the first device is an intelligent driving device, the second device is a cloud server, and the third device is a road side device, and in some scenarios, the second device sends the first information to the first device via the third device. For example, when the first device travels to a traffic light intersection and the second device acquires information that the traffic light is changed from a green light to a red light, the second device transmits the first information to the first device via the third device, or when the first device travels to the second area and the second device acquires information that the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the second device transmits the first information to the first device via the third device. Wherein the second region may be a cluster determined from a location of interest to the user by a clustering algorithm.
According to the method for replacing the pseudonym certificate, when the intelligent driving equipment is in a specific running state and/or runs to a specific area, the first information is generated to control the intelligent driving equipment to replace the pseudonym certificate, so that an attacker can be prevented from continuously tracking the intelligent driving equipment under the condition of grasping a replacement period, and the safety of the intelligent driving equipment is improved.
The following describes in detail a specific scheme for replacing a pseudonymous certificate according to an embodiment of the present application with reference to fig. 4 to 6:
Fig. 4 shows a schematic flow chart of a method 400 for replacing a pseudonym certificate according to an embodiment of the application, where the method 400 may be applied in the application scenario shown in fig. 1, and the method 400 may be understood as an extension of the method 200 and/or the method 300, and the method 400 includes:
s401, the cloud server determines a replacement period of the pseudonym certificate according to the real-time state parameters of the intelligent driving equipment.
For example, the cloud server may include the second device in the above embodiment, and the intelligent driving device may include the first device in the above embodiment.
By way of example, the real-time status parameters may include at least one of a speed S i of the intelligent driving device, a traffic density F i around the intelligent driving device, a privacy disclosure level P i of the intelligent driving device, and a user demand level R i for indicating a demand level for a user of the intelligent driving device to change a pseudonym certificate.
The privacy disclosure degree is determined according to the number of times that the intelligent driving device sends information to other devices and the time interval for sending the information.
Illustratively, privacy disclosureWherein "×" denotes convolution calculation, P denotes a privacy disclosure threshold, T denotes a replacement period of a pseudonym certificate, β denotes an average interval time of transmission information, Γ (α) is a Gamma function, and T denotes time.
Illustratively, a multiple linear regression model of the pseudonym replacement time interval of the intelligent driving device may be constructed, further, the replacement period T i of the pseudonym certificate may be determined according to the least squares method by the following formula:
Where ε N (0, σ 2),β 1 to β 4 are the weights respectively determined for S i、F i、P i、R i for intelligent driving device i.
S402, the cloud server sends information of a pseudonym certificate replacement period to the intelligent driving equipment.
In some possible implementations, the cloud server sends the information of the pseudonym certificate replacement cycle to the intelligent driving device every fixed time period. The fixed duration may be, for example, 5 minutes, or may be 10 minutes, or may be other durations as well.
In some possible implementations, when the replacement period determined by the cloud server is different from the previously determined replacement period, information of the pseudonym certificate replacement period is sent to the intelligent driving device.
S403, the intelligent driving device replaces the pseudonym certificate according to the replacement period.
Illustratively, the intelligent driving device changes the pseudonym certificate when the change period arrives.
S404, when the crossing signal lamp turns red, the first RSU generates first indication information for replacing the kana certificate.
In some possible implementations, the first indication information may be one of the first information in the above embodiments.
S405, the first RSU sends the first indication information of the replacement pseudonym certificate to the intelligent driving device.
S406, the intelligent driving device replaces the pseudonym certificate according to the first indication information.
In some possible implementations, the intelligent driving device changes the pseudonym certificate when the driving speed of the intelligent driving device is less than or equal to a preset speed threshold.
And S407, the cloud server determines the replacement area of the pseudonym certificate according to the place of interest of the user of the intelligent driving equipment.
In some possible implementations, the cloud server processes the set of places of interest to the user using a clustering algorithm according to the places of interest to the user, determines clusters, and controls the intelligent driving device to perform a pseudonym certificate replacement at the clusters.
S408, the cloud server sends region indication information to the second RSU, wherein the region indication information is used for indicating the second RSU of the replacement region to send indication information of replacing the pseudonym certificate to the intelligent driving equipment.
In some possible implementations, the second RSU and the first RSU are the same roadside device.
S409, the second RSU sends second indication information for replacing the pseudonym certificate to the intelligent driving device.
In some possible implementations, the second indication information may be one of the first information in the above embodiments.
S410, the intelligent driving device replaces the pseudonym certificate according to the second indication information.
It should be noted that, S401 to S403, S404 to S406, and S407 to S410 may be executed simultaneously, or may be executed sequentially, and the embodiment of the present application is not limited to the sequential execution sequence between S401 to S403, S404 to S406, and S407 to S410.
According to the method for replacing the pseudonym certificate, the cloud server determines the replacement period for replacing the pseudonym certificate according to the real-time state parameters of the intelligent driving equipment and indicates the replacement period to the intelligent driving equipment, so that on one hand, an attacker cannot determine the replacement period of the pseudonym certificate of the intelligent driving equipment, further cannot track the intelligent driving equipment, the safety of the intelligent driving equipment is improved, on the other hand, the intelligent driving equipment does not need to determine the replacement period by itself, and the calculation expense of the intelligent driving equipment is saved. In addition, when the intelligent driving equipment changes the pseudonym certificate according to the replacement period, the pseudonym certificate can be changed in a specific area according to the indication information of the road side equipment, so that the calculation cost of the intelligent driving equipment can be saved, and the problem that the user privacy is revealed due to tracking of an attacker on the intelligent driving equipment can be further prevented.
Fig. 5 shows a schematic flowchart of a method 500 for replacing a pseudonym certificate according to an embodiment of the application, where the method 500 may be performed by an intelligent driving device, and the method 500 may be understood as an example when S401 to S403 are performed simultaneously with S404 to S406, or S401 to S403 are performed simultaneously with S407 to S410. The method 500 includes:
s501, it is determined whether the first information is received.
The first information may be, for example, first information in the method 200 and/or the method 300 described above, and may include, for example, first indication information or second indication information in the method 400.
Specifically, if the first information is received, S503 is executed, otherwise S502 is executed.
S502, judging whether the replacement period of the pseudonym certificate is reached.
The replacement cycle may be, for example, the replacement cycle in the above-described embodiment.
Specifically, S503 is performed when the replacement cycle of the pseudonym certificate arrives, otherwise S502 is continued (or in some possible implementations S501 is performed).
S503, placing the old pseudonym certificate at the tail part of the pseudonym set, and taking out a new pseudonym certificate from the head part of the pseudonym set as the pseudonym certificate used for the next communication.
S504, the time of next replacement of the pseudonym certificate is determined.
Illustratively, the time of next replacement of the pseudonym certificate is determined based on the current time and the replacement cycle. For example, if the replacement period is 30 minutes, the time of the next more pseudonym certificate is 30 minutes after the current time.
It will be appreciated that between the present time and a time 30 minutes later, the intelligent driving apparatus receives the first information, and the replacement of the pseudonym certificate is performed according to the first information.
It should be understood that S503 is completed, which represents that the replacement of the pseudonym certificate is completed. It is also understood that before the intelligent driving apparatus performs S501, a set of kanas has been acquired, the set of kanas including a plurality of kana certificates.
Fig. 6 shows a schematic flow chart of a method 600 for replacing a pseudonym certificate provided by an embodiment of the application, which method 600 may be performed by an intelligent driving device, which method 600 comprises:
S601, judging whether the intelligent driving equipment is just started.
Specifically, if the intelligent driving apparatus has just started, S604 is executed, otherwise S602 is executed.
For example, the intelligent driving apparatus may be in a state of being started immediately after a long flameout, the intelligent driving apparatus may be located in a parking lot when flameout, or the intelligent driving apparatus may be located in a maintenance factory when flameout, which is not particularly limited by the embodiment of the present application.
S602, judging whether the pseudonym certificate is out of date when the intelligent driving equipment is in a driving state.
Specifically, if the pseudonym certificate expires, S604 is performed, otherwise S603 is performed.
The driving state may include, for example, the speed of the intelligent driving device being non-zero, or the speed of the intelligent driving device being in a driving (D) range, or an idle (N) range, although being zero, i.e., the intelligent driving device being in a temporary parking state.
S603, judging whether the replacement period of the pseudonym certificate is reached.
Specifically, if the replacement cycle of the pseudonym certificate arrives, S604 is performed, otherwise S603 (or in some possible implementations S602) is performed.
S604, placing the old pseudonym certificate at the tail part of the pseudonym set, and taking out a new pseudonym certificate from the head part of the pseudonym set as the pseudonym certificate used for the next communication.
S605, discarding the old pseudonym certificate, and taking out a new pseudonym certificate from the pseudonym set head as the pseudonym certificate used for the next communication.
S606, determining the next time of replacing the pseudonym certificate.
Illustratively, the time of next replacement of the pseudonym certificate is determined based on the current time and the replacement cycle. For example, if the replacement period is 30 minutes, the time of the next more pseudonym certificate is 30 minutes after the current time.
It will be appreciated that between the present time and a time 30 minutes later, the intelligent driving apparatus determines that the pseudonym certificate is expired, and then performs replacement of the pseudonym certificate.
According to the method for replacing the pseudonym certificate, which is provided by the embodiment of the application, the pseudonym certificate is not replaced for a long time before the intelligent driving equipment is started, and the current pseudonym certificate is not safe enough to be directly used for communication after the intelligent driving equipment is started, so that the pseudonym certificate is replaced when the intelligent driving equipment is just started, and the safety of the intelligent driving equipment is improved.
In various embodiments of the application, where terminology and/or descriptions of the various embodiments are consistent and may be referred to each other, unless specifically indicated as such and where logical conflict, features of different embodiments may be combined to form new embodiments in accordance with their inherent logical relationships.
The method provided by the embodiment of the application is described in detail above with reference to fig. 1 to 6. The apparatus provided by the embodiment of the present application will be described in detail with reference to fig. 7 to 9. It should be understood that the descriptions of the apparatus embodiments and the descriptions of the method embodiments correspond to each other, and thus, descriptions of details not described may be referred to the above method embodiments, which are not repeated herein for brevity.
Fig. 7 shows a schematic block diagram of an apparatus 700 for replacing a pseudonym certificate according to an embodiment of the application, the apparatus 700 comprising an acquisition unit 710 and a processing unit 720.
The apparatus 700 may include means for performing the method of fig. 2,6, or 7. And, each unit in the apparatus 700 and the other operations and/or functions described above are respectively for implementing the flow of the corresponding method embodiment in fig. 2,6 or 7.
Wherein, when the apparatus 700 is used to perform the method 200 in fig. 2, the obtaining unit 710 may be used to perform S201 in the method 200, and the processing unit 720 may be used to perform S202 in the method 200.
Specifically, the obtaining unit 710 is configured to obtain first information, where the first information is used to instruct a first device to replace a pseudonym certificate, the first information is associated with a first area where the first device is located and/or an operation state of the first device, and the processing unit 720 is configured to control replacement of the pseudonym certificate according to the first information.
In some possible implementations, the first area includes a second area, the second area being an area associated with a location of interest to a user of the first device, and the obtaining unit 720 is configured to receive the first information from a first roadside device, which is a roadside device closest to the first device in the first area, when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold.
In some possible implementations, the first area includes a first signal intersection, and the processing unit 720 is configured to control replacement of the pseudonym certificate when a traveling speed of the first device in the first area is less than or equal to a preset speed threshold.
In some possible implementations the processing unit 720 is arranged to control the replacement of the pseudonym certificate when the first device is started.
In some possible implementations the apparatus further comprises a determining unit for determining a replacement period of the pseudonym certificate, the replacement period being associated with a real-time status parameter of the first device, the processing unit 720 being further adapted to control the replacement of the pseudonym certificate when the replacement period arrives.
In some possible implementations, the real-time status parameter includes at least one of a speed of the first device, a traffic density around the first device, a privacy disclosure level of the first device, and a user demand level, wherein the user demand level is used to indicate a demand level for a user of the first device to change a pseudonym certificate.
In a specific implementation, the operations performed by the acquiring unit 710 and the processing unit 720 may be performed by the same processor, or may be performed by different processors, for example, performed by multiple processors respectively. In a specific implementation, the one or more processors may be a processor disposed in a vehicle, or may be a processor disposed in another vehicle-mounted terminal. In an example, the apparatus 700 may be a chip disposed in a vehicle or other vehicle-mounted terminal. In yet another example, the apparatus 700 described above may be a computing platform 150 as shown in fig. 1 disposed in a smart driving device.
Fig. 8 shows a schematic block diagram of an apparatus 800 for replacing a pseudonymous certificate according to an embodiment of the application, the apparatus 800 comprising a generation unit 810 and a transceiving unit 820.
The apparatus 800 may include means for performing the method of fig. 3, or may further include means for performing the method performed by the cloud end server or RSU of fig. 4. And, each unit in the apparatus 800 and the other operations and/or functions described above are respectively for implementing the flow of the corresponding method embodiment in fig. 3 or fig. 4.
Wherein, when the apparatus 800 is used to perform the method 300 in fig. 3, the generating unit 810 may be used to perform S301 in the method 300, and the transceiving unit 820 may be used to perform S302 in the method 300.
Specifically, the generating unit 810 is configured to generate first information, where the first information is used to instruct a first device to replace a pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operation state of the first device, and the transceiver unit 820 is configured to send the first information to the first device.
In some possible implementations, the first area includes a second area, the second area being an area associated with a location of interest according to a user of the first device, the second device being a road side device of the first area closest to the first device, the transceiver unit 820 is configured to send the first information to the first device when a distance between the first device and a center of the second area is less than or equal to a preset distance threshold.
In some possible implementations, the first area includes a first signal intersection, the apparatus further includes an obtaining unit, and the generating unit 810 is configured to generate the first information when the obtaining unit obtains information that a signal at the first signal intersection turns red.
In some possible implementations, the transceiver unit 820 is configured to send the first information to the first device via a third device.
In some possible implementations, the apparatus further includes an acquiring unit configured to acquire information of the first area and/or information of an operation state of the first device.
In some possible implementations, the apparatus further includes an acquisition unit configured to acquire a real-time status parameter of the first device, and a determination unit configured to determine a replacement period of the pseudonym certificate according to the real-time status parameter, and the transceiver unit 820 is further configured to send information of the replacement period to the first device.
In some possible implementations, the real-time status parameter includes at least one of a speed of the first device, a traffic density around the first device, a privacy disclosure level of the first device, and a user demand level, wherein the user demand level is used to indicate a demand level for a user of the first device to change a pseudonym certificate.
In a specific implementation, the operations performed by the generating unit 810 and the transceiver unit 820 may be performed by the same processor, or may be performed by different processors, for example, performed by multiple processors respectively. For example, in a specific implementation, the one or more processors may be processors disposed in a cloud server or a roadside device. In some possible implementations, the apparatus 800 may also be a processor provided in an intelligent driving device. In an example, the apparatus 800 may be a chip disposed in a cloud server or a roadside device, for example, the apparatus 800 may be a computing platform 211 disposed in the cloud server 210 shown in fig. 1. In yet another example, the apparatus 800 may be a chip disposed in an intelligent driving device, for example, the apparatus 800 may be disposed on the computing platform 150 shown in fig. 1.
It should be understood that the division of the units in the above apparatus is only a division of a logic function, and may be fully or partially integrated into one physical entity or may be physically separated. Furthermore, the units in the device may be implemented in the form of processor-invoked software, e.g. the device comprises a processor, which is connected to a memory, in which instructions are stored, and which invokes the instructions stored in the memory to implement any of the above methods or to implement the functions of the units of the device, wherein the processor is e.g. a general purpose processor, such as a CPU or a microprocessor, and the memory is a memory within the device or a memory outside the device. Or the units in the device may be implemented in the form of hardware circuits, where the functions of some or all of the units may be implemented by a design of a hardware circuit, where the hardware circuit may be understood as one or more processors, for example, in one implementation, the hardware circuit is an ASIC, where the functions of some or all of the units are implemented by a design of a logic relationship between elements in the circuit, and in another implementation, the hardware circuit may be implemented by a PLD, where an FPGA, for example, may include a large number of logic gates, and where the connection relationship between the logic gates is configured by a configuration file, so as to implement the functions of some or all of the units. All units of the above device may be realized in the form of processor calling software, or in the form of hardware circuits, or in part in the form of processor calling software, and in the rest in the form of hardware circuits.
Each of the units in the above apparatus may be one or more processors (or processing circuits) configured to implement the above methods, e.g., CPU, GPU, NPU, TPU, DPU, microprocessors, DSP, ASIC, FPGA, or a combination of at least two of these processor forms.
Furthermore, the units in the above apparatus may be integrated together in whole or in part, or may be implemented independently. In one implementation, these units are integrated together and implemented in the form of a system-on-a-chip (SOC). The SOC may include at least one processor for implementing any of the methods above or for implementing the functions of the units of the apparatus, where the at least one processor may be of different types, including, for example, a CPU and an FPGA, a CPU and an artificial intelligence processor, a CPU and a GPU, and the like.
Fig. 9 is a schematic block diagram of an apparatus for replacing a pseudonym certificate according to an embodiment of the application. The apparatus 900 for replacing a pseudonym certificate shown in fig. 9 may include a processor 910, a transceiver 920, and a memory 930. The processor 910, the transceiver 920, and the memory 930 are connected through an internal connection path, the memory 930 is used for storing instructions, and the processor 910 is used for executing the instructions stored in the memory 930, so that the transceiver 920 receives/transmits a part of parameters. In some possible implementations, the memory 930 may be coupled to the processor 910 by an interface or may be integrated with the processor 910.
It should be noted that the transceiver 920 may include, but is not limited to, a transceiver device such as an input/output interface (i/o interface) to implement communication between the device 900 and other devices or communication networks.
The memory 930 may be a Read Only Memory (ROM), a static storage device, a dynamic storage device, or a random access memory (random access memory, RAM).
Transceiver 920 enables communication between apparatus 900 and other devices or communication networks using a transceiver apparatus such as, but not limited to, a transceiver.
In some possible implementations, the apparatus 900 may be disposed in the computing platform 150 shown in fig. 1, or may also be disposed in the computing platform 211 shown in fig. 1, or may also be disposed in the roadside device 220 shown in fig. 1.
The embodiment of the application also provides an intelligent driving device, which may include the apparatus 700 or the apparatus 900, and in some possible implementations, the intelligent driving device may further include the apparatus 800.
In some possible implementations, the smart device may be a vehicle.
The embodiment of the application also provides a server, and the intelligent driving device can comprise the device 800 or the device 900.
In some possible implementations, the server is a cloud server, or a server provided in a roadside device.
The embodiment of the application provides a system for replacing a pseudonym certificate, which can comprise the intelligent driving equipment and the server in the embodiment.
Embodiments of the present application also provide a computer program product comprising computer program code to, when run on a computer, cause the computer to implement the method of embodiments of the present application.
Embodiments of the present application also provide a computer-readable storage medium storing computer instructions that, when executed on a computer, cause the computer to implement a method in embodiments of the present application.
The embodiment of the application also provides a chip which comprises a circuit and is used for executing the method in the embodiment of the application.
In implementation, the steps of the above method may be performed by integrated logic circuits of hardware in a processor or by instructions in the form of software. The method disclosed in connection with the embodiments of the present application may be directly embodied as a hardware processor executing or may be executed by a combination of hardware and software modules in the processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or power-on erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory, and the processor reads the information in the memory and, in combination with its hardware, performs the steps of the above method. To avoid repetition, a detailed description is not provided herein.
Those of ordinary skill in the art will appreciate that the various illustrative elements and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware, or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the solution. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
It will be clear to those skilled in the art that, for convenience and brevity of description, specific working procedures of the above-described systems, apparatuses and units may refer to corresponding procedures in the foregoing method embodiments, and are not repeated herein.
In the several embodiments provided by the present application, it should be understood that the disclosed systems, devices, and methods may be implemented in other manners. For example, the apparatus embodiments described above are merely illustrative, e.g., the division of the elements is merely a logical function division, and there may be additional divisions when actually implemented, e.g., multiple elements or components may be combined or integrated into another system, or some features may be omitted or not performed. Alternatively, the coupling or direct coupling or communication connection shown or discussed with each other may be an indirect coupling or communication connection via some interfaces, devices or units, which may be in electrical, mechanical or other form.
The units described as separate units may or may not be physically separate, and units shown as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
In addition, each functional unit in the embodiments of the present application may be integrated in one processing unit, or each unit may exist alone physically, or two or more units may be integrated in one unit.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on such understanding, the technical solution of the present application may be embodied in essence or a part of the technical solution in the form of a software product stored in a storage medium, including several instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present application. The storage medium includes various media capable of storing program codes such as a U disk, a mobile hard disk, a ROM, a RAM, a magnetic disk or an optical disk.
The foregoing is merely illustrative of the present application, and the present application is not limited thereto, and any person skilled in the art will readily recognize that variations or substitutions are within the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (30)
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/CN2022/131478 WO2024098402A1 (en) | 2022-11-11 | 2022-11-11 | Method for replacing pseudonym certificate, apparatus and system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN119856448A true CN119856448A (en) | 2025-04-18 |
Family
ID=91031714
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202280100005.4A Pending CN119856448A (en) | 2022-11-11 | 2022-11-11 | Method, device and system for replacing pseudonym certificate |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN119856448A (en) |
| WO (1) | WO2024098402A1 (en) |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107396285B (en) * | 2017-07-12 | 2020-09-04 | 中国科学院深圳先进技术研究院 | Vehicle privacy protection method, device, equipment and storage medium |
| US11223605B2 (en) * | 2018-02-05 | 2022-01-11 | Onboard Security, Inc. | Method and system for connected vehicle communication |
| US11240659B2 (en) * | 2019-12-09 | 2022-02-01 | Intel Corporation | Privacy protection mechanisms for connected vehicles |
| CN113923651B (en) * | 2021-12-14 | 2022-02-25 | 北京金睛云华科技有限公司 | Vehicle pseudonym replacement method, apparatus and computer-readable storage medium |
-
2022
- 2022-11-11 CN CN202280100005.4A patent/CN119856448A/en active Pending
- 2022-11-11 WO PCT/CN2022/131478 patent/WO2024098402A1/en not_active Ceased
Also Published As
| Publication number | Publication date |
|---|---|
| WO2024098402A1 (en) | 2024-05-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11597393B2 (en) | Systems, methods, and devices for driving control | |
| CN109769207B (en) | System and method for sharing computing power in dynamic networking of mobile equipment | |
| CN111436034B (en) | On-demand formation of micro-clouds for fixed vehicles | |
| US10567923B2 (en) | Computation service for mobile nodes in a roadway environment | |
| US20200258386A1 (en) | Vehicle parking spot availability prediction based on vehicle-to-anything enabled machine learning | |
| US20200286382A1 (en) | Data-to-camera (d2c) based filters for improved object detection in images based on vehicle-to-everything communication | |
| US11792687B2 (en) | Message management for cooperative driving among connected vehicles | |
| US12008895B2 (en) | Vehicle-to-everything (V2X) misbehavior detection using a local dynamic map data model | |
| CN110647164A (en) | Assisting flying drones in selecting and approaching vehicles to achieve improved flight distances | |
| US12233900B2 (en) | Edge system for providing local dynamic map data | |
| US12345533B2 (en) | Estimation of accident intensity for vehicles | |
| JP2020075695A (en) | Vehicle-to-Everything data transfer for automated vehicles | |
| US11495064B2 (en) | Value-anticipating cooperative perception with an intelligent transportation system station | |
| US12330658B2 (en) | Identifying an origin of abnormal driving behavior for improved vehicle operation | |
| CN110944298B (en) | V2X full duplex location assistance for vehicle to all V2X recipients | |
| EP3588816B1 (en) | Reducing adjacent channel interference for wireless vehicular messages | |
| US12333456B2 (en) | Decentralized parking fulfillment service | |
| KR20220113391A (en) | Intersection trajectory determination and messaging | |
| JP7768101B2 (en) | Message control device and message control method | |
| EP4282173A1 (en) | Vehicle-to-everything (v2x) misbehavior detection using a local dynamic map data model | |
| CN119856448A (en) | Method, device and system for replacing pseudonym certificate | |
| US20220244725A1 (en) | Autonomous trailing logistical support vehicle | |
| US12425827B2 (en) | Managing processing of a basic safety message | |
| JP2021125141A (en) | Safe driving degree evaluation device, safe driving degree evaluation method, safe driving degree evaluation program, and storage medium | |
| CN113132074B (en) | Information transmission method, communication device and system, computer readable storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |