WO2012119305A1 - 用于在智能交通系统中进行收费认证的系统和方法 - Google Patents
用于在智能交通系统中进行收费认证的系统和方法 Download PDFInfo
- Publication number
- WO2012119305A1 WO2012119305A1 PCT/CN2011/071600 CN2011071600W WO2012119305A1 WO 2012119305 A1 WO2012119305 A1 WO 2012119305A1 CN 2011071600 W CN2011071600 W CN 2011071600W WO 2012119305 A1 WO2012119305 A1 WO 2012119305A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- authentication
- unit
- vehicle
- authentication tag
- tag
- Prior art date
Links
Images
Classifications
-
- G—PHYSICS
- G07—CHECKING-DEVICES
- G07B—TICKET-ISSUING APPARATUS; FARE-REGISTERING APPARATUS; FRANKING APPARATUS
- G07B15/00—Arrangements or apparatus for collecting fares, tolls or entrance fees at one or more control points
- G07B15/06—Arrangements for road pricing or congestion charging of vehicles or vehicle users, e.g. automatic toll systems
- G07B15/063—Arrangements for road pricing or congestion charging of vehicles or vehicle users, e.g. automatic toll systems using wireless information transmission between the vehicle and a fixed station
Definitions
- the present invention relates to a system and method for implementing an electronic non-stop charging (ETC) technology in an Intelligent Transportation System (ITS), and more particularly to preventing illegal use of an onboard unit (OBU, On) by performing charging authentication. Board Unit) The system and method of making payments.
- ETC electronic non-stop charging
- ITS Intelligent Transportation System
- OBU onboard unit
- Board Unit The system and method of making payments.
- the on-board unit fixedly mounted on the vehicle and the roadside unit (RSU, Road Side) located at the toll booth Unit) to implement electronic toll collection (ETC) technology.
- the OBU is one of the most critical components in the ETC electronic toll collection system, in which important information such as the identifier of the OBU (the identifier is the unique serial number assigned to the OBU), user information, vehicle information, and user transaction password are recorded.
- the RSU of the toll booth will read the relevant information recorded in the OBU to complete the debit transaction.
- the relevant information recorded in the OBU cannot be arbitrarily falsified, which requires that the OBU installed on the vehicle must have corresponding tampering measures to avoid the OBU. It was stolen and used on other vehicles for payment operations.
- the tamper measures adopted include magnetic induction tampering and mechanical tampering.
- the magnetic induction tampering mainly causes the OBU to change the tamper-evident position when the OBU is removed and disconnected by the two magnetic components, thereby judging that the OBU has undergone a change.
- the mechanical tampering is mainly caused by the disconnection and suction of the mechanical button switch, so that the OBU will change the tamper-proof position when it is removed, thereby judging that the OBU has undergone a change.
- the principles of the above two tamper measures are the same, and the way in which the OBU causes tamper-evident changes when removed by physical means has the following disadvantages:
- the mechanical structure design is more complicated.
- In the magnetic induction tampering mode in addition to the OBU body, it is necessary to install another magnetic component, which is structurally separable.
- In the mechanical tampering mode an additional mechanical guide rod is required on the OBU body to trigger the tamper button inside the OBU. It can be seen that the above two methods need to additionally install more complicated tamper parts in order to ensure the reliability of tampering.
- the installation method is not flexible.
- the OBU needs to select an optimal angle during installation and mount it on the windshield of the car at this angle, and the OBU cannot be easily moved once installed. This results in a limited installation location of the OBU, and it will affect the appearance and line of sight to a certain extent after being attached to the windshield. It also limits the expansion of OBU in functions and applications.
- the existing OBU tamper-proof method has the disadvantages of large occupied space, complicated structure, limited installation mode, and poor detachment reliability. Therefore, there is a need for a technical solution that overcomes the above drawbacks and ensures that the OBU is not arbitrarily stolen.
- the object of the present invention is to provide a technical solution for preventing theft or tampering of the vehicle-mounted unit by physical means in the prior art, by installing mutually matched vehicle-mounted units and certification labels on the vehicle, and performing the vehicle-mounted unit and the certification label.
- Electronic certification to provide a safe and effective way to deduct transactions, thus preventing the vehicle unit from being illegally stolen.
- a system for charging authentication in an intelligent transportation system comprising: an onboard unit mounted on a vehicle for performing a charge transaction at the toll booth; an authentication label, Mounted on the vehicle and arranged to match the onboard unit, wherein the authentication tag is for performing authentication with the onboard unit by wirelessly communicating with the onboard unit for determining the onboard unit and the authentication Whether the tags match, wherein when the result of the authentication is that the in-vehicle unit matches the authentication tag, the in-vehicle unit is allowed to continue to operate.
- the result of the authentication is that the in-vehicle unit does not match the authentication tag, the in-vehicle unit enters a failed state, thereby failing to perform the deduction. Fee transaction.
- the authentication tag and the authentication performed by the onboard unit may include authentication of the onboard unit by the authentication tag and/or authentication of the authentication tag by the onboard unit.
- the authentication tag and the onboard unit can encrypt the data transmission during the authentication process.
- the authentication tag and the vehicle unit can communicate wirelessly according to radio frequency identification technology, Bluetooth technology, short-range communication technology or Wi-Fi technology.
- the authentication tag may perform authentication with the onboard unit by wirelessly communicating with the onboard unit before the onboard unit performs the charge transaction, during the execution of the charge transaction, or after performing the charge transaction.
- an onboard unit mounted on a vehicle for charging authentication in an intelligent transportation system comprising: an onboard unit communication module for being mounted on the same vehicle
- the authentication tag performs wireless communication;
- the in-vehicle unit authentication module is configured to perform authentication with the authentication tag by wireless communication between the in-vehicle unit communication module and the authentication tag, thereby determining whether the in-vehicle unit and the authentication tag match, wherein when the result of the authentication is the on-board unit When the authentication tag is matched, the in-vehicle unit is allowed to continue to operate.
- the result of the authentication is that the in-vehicle unit does not match the authentication tag, the in-vehicle unit enters a failure state, so that the debit transaction cannot be performed.
- an authentication tag mounted on a vehicle for charging authentication in an intelligent transportation system comprising: an authentication tag communication module for mounting on the same vehicle
- the in-vehicle unit performs wireless communication;
- the authentication label authentication module is configured to perform authentication with the in-vehicle unit by wireless communication of the authentication label communication module and the in-vehicle unit, thereby determining whether the in-vehicle unit and the authentication label match, wherein when the result of the authentication is the on-board unit
- the authentication tag causes the in-vehicle unit to continue to operate, otherwise the authentication tag causes the in-vehicle unit to enter a failed state.
- a method for charging authentication in an intelligent transportation system comprising: installing an onboard unit and an authentication tag on a vehicle, the onboard unit being configured to execute at a toll booth Deduction transaction, the authentication tag is set to match the onboard unit; the onboard unit enters an authentication process in which the authentication tag performs wireless communication with the onboard unit to perform authentication with the onboard unit to determine the onboard unit Whether the matching with the authentication label, wherein when the result of the authentication is that the onboard unit matches the authentication label, the onboard unit is allowed to continue the operation, and when the result of the authentication is that the onboard unit does not match the authentication label, the onboard unit enters a failure state, thereby failing to Perform a deduction transaction.
- the authentication tag and the authentication performed by the onboard unit may include authentication of the onboard unit by the authentication tag and/or authentication of the authentication tag by the onboard unit.
- the authentication label and the authentication performed by the onboard unit may include: the onboard unit calculates a verification code using an encryption key and vehicle information stored in the onboard unit based on a predetermined encryption algorithm; the onboard unit stores the onboard unit pre-stored in the onboard unit The identifier of the identifier and the authentication tag, and the verification code calculated by the onboard unit are sent to the authentication tag; the identifier of the onboard unit received by the authentication tag, the identifier of the authentication tag, and the verification code are pre-stored in the authentication tag.
- the identifier of the in-vehicle unit, the identifier of the authentication tag, and the verification code are compared; when the identifier of the received in-vehicle unit, the identifier of the authentication tag, and the verification code and the identifier of the on-board unit previously stored in the authentication tag, When the identifier of the authentication tag and the verification code are the same, the authentication tag transmits the confirmation information to the onboard unit and the identifier of the authentication tag stored in the authentication tag in advance; otherwise, the authentication tag sends an error message to the onboard unit to cause the onboard unit to enter the invalidation.
- the vehicle unit The received confirmation information and the identifier of the authentication tag are compared with the identifier of the authentication tag stored in advance in the in-vehicle unit; when the identifier of the received authentication tag is associated with the identifier of the authentication tag previously stored in the in-vehicle unit At the same time, the onboard unit continues to operate; otherwise, the onboard unit enters a failed state, so that the charge transaction cannot be performed.
- the authentication tag and the authentication performed by the onboard unit may include: the onboard unit calculates a verification code using an encryption key and vehicle information stored in the onboard unit based on a predetermined encryption algorithm, and the onboard unit generates a random number; the onboard unit will advance The identifier of the in-vehicle unit stored in the in-vehicle unit and the identifier of the authentication tag, the verification code calculated by the on-board unit, and the generated random number are transmitted to the authentication tag; the identifier of the in-vehicle unit to be received by the authentication tag, the authentication tag The identifier, the verification code are compared with the identifier of the onboard unit pre-stored in the authentication label, the identifier of the authentication label, and the verification code; when the identifier of the received vehicle unit, the identifier of the authentication label, and the verification code are When the identifier of the in-vehicle unit, the identifier of the authentication tag, and the verification code stored in advance in the authentication tag are the same,
- Another verification code obtained by encrypting; otherwise, the authentication label is
- the loading unit transmits an error message to cause the onboard unit to enter a failure state, thereby failing to perform the charge transaction; the onboard unit compares the received confirmation information and the identifier of the authentication tag with the identifier of the authentication tag previously stored in the onboard unit, And decrypting the another verification code to obtain a decrypted random number; when the identifier of the received authentication tag is the same as the identifier of the authentication tag stored in the in-vehicle unit in advance and the decrypted random number is generated by the onboard unit When the transmitted random numbers are the same, the onboard unit continues to operate; otherwise, the onboard unit enters a failed state, so that the charge transaction cannot be performed.
- corresponding settings eg, storing information related to authentication and constructing components for executing the corresponding authentication method
- corresponding settings may be performed when the onboard unit and its corresponding authentication label are shipped or issued, so that the vehicle is on the vehicle.
- the technical solution of the invention does not require additional installation of complex tamper-evident members, and can be designed and secured by a special process and algorithm to ensure the safety and reliability of the certification process. Since the authentication label only needs to have the corresponding authentication and wireless communication functions, its volume can be designed to be small, and can be randomly placed within the effective wireless communication range, and the vehicle unit does not have to be kept in a fixed position. This increases the flexibility of the installation and facilitates the expansion of the functions and applications of the onboard unit.
- FIG. 1 is a block diagram showing a system for performing charging authentication in an intelligent transportation system, according to an exemplary embodiment of the present invention
- FIG. 2 is a block diagram showing an onboard unit mounted on a vehicle according to an exemplary embodiment of the present invention
- FIG. 3 is a block diagram showing an authentication tag mounted on a vehicle according to an exemplary embodiment of the present invention
- FIG. 4 illustrates an example of performing charging authentication in an intelligent transportation system according to an exemplary embodiment of the present invention
- FIG. 5 illustrates an example of performing charging authentication in an intelligent transportation system according to another exemplary embodiment of the present invention
- FIG. 6 illustrates an example of performing charging authentication in an intelligent transportation system according to another exemplary embodiment of the present invention.
- FIG. 1 is a block diagram showing a system for performing charge authentication in an intelligent transportation system, according to an exemplary embodiment of the present invention.
- a system for charging authentication in an intelligent transportation system includes: an onboard unit 100 installed on a vehicle for performing a charge transaction at a toll booth; an authentication label 200 that is mounted on the vehicle and is configured to match the on-board unit 100, wherein the authentication tag 200 is configured to perform authentication with the on-vehicle unit 100 by wirelessly communicating with the on-board unit 100, the authentication being It is determined whether the in-vehicle unit 100 matches the authentication tag 200, wherein when the result of the authentication is that the in-vehicle unit 100 matches the authentication tag 200, the in-vehicle unit 100 is allowed to continue the operation, and when the result of the authentication is that the in-vehicle unit 100 and the authentication tag 200 are not When matching, the onboard unit 100 enters a failure state, so that the charge transaction cannot be performed.
- the vehicle-mounted unit 100 and the authentication tag 200 can communicate using any suitable short-range wireless communication protocol, for example, radio frequency identification (RFID).
- RFID radio frequency identification
- Short-range wireless communication technologies such as Bluetooth communication, short-range communication (NFC), and Wi-Fi technology can be applied to the present invention.
- any one-way authentication method or two-way authentication method can be applied to the present invention, that is, whether the in-vehicle unit 100 pairs the authentication tag.
- the authentication is performed, or the authentication label 200 performs authentication on the onboard unit 100, or the mutual authentication between the onboard unit 100 and the authentication label 200 or the mutual authentication by means of a third party, as described above, as long as the determination of the onboard unit 100 and the authentication label can be achieved. Whether or not the technical effect of 200 is matched can be applied to the technical solution of the present invention.
- various encryption technologies can also be introduced into the authentication process of the in-vehicle unit 100 and the authentication tag 200.
- the authentication tag 200 can be installed in a cab of a vehicle to perform wireless communication with the in-vehicle unit 100 located outside the cab.
- FIGS. 2 and 3 respectively show block diagrams of the onboard unit 100 and the authentication tag 200 mounted on the vehicle, according to an exemplary embodiment of the present invention.
- the in-vehicle unit 100 includes: an in-vehicle unit communication module 110 for wirelessly communicating with an authentication tag 200 installed on the same vehicle; an in-vehicle unit authentication module 120 for passing The in-vehicle unit communication module 110 performs wireless communication with the authentication tag 200 to perform authentication with the authentication tag 200, thereby determining whether the in-vehicle unit 100 matches the authentication tag 200.
- the onboard unit 100 may further include an onboard unit memory (not shown) for storing related information required to perform authentication.
- the authentication tag 200 includes: an authentication tag communication module 210 for wirelessly communicating with the in-vehicle unit 100 mounted on the same vehicle; the authentication tag authentication module 220 And for performing authentication with the in-vehicle unit 100 by the wireless communication of the authentication tag communication module 210 and the in-vehicle unit 200, thereby determining whether the in-vehicle unit 100 matches the authentication tag 200.
- the authentication tag 200 may further include an authentication tag memory (not shown) for storing relevant information required to perform authentication.
- the internal structures of the above-described on-board unit 100 and the authentication tag 200 are merely exemplary, and various equivalent modifications may be made to the above-described structure of the on-vehicle unit 100 and the authentication tag 200 for those skilled in the art, for example, A corresponding storage area is provided in the onboard unit authentication module 120 and the authentication label authentication module 220 to implement the functions of the onboard unit memory and the authentication tag memory. Since the vehicle unit 100 and the authentication label 200 can communicate with any applicable short-range wireless communication protocol, the vehicle-mounted unit communication module 110 and the authentication label communication module 210 can be respectively a corresponding RFID communication module, a Bluetooth communication module, and an NFC module. Wait.
- the authentication tag 200 performs authentication on the in-vehicle unit 100 to determine whether the in-vehicle unit 100 matches the authentication tag 200.
- the in-vehicle unit 100 enters the authentication process in step S10 before the on-board unit 100 performs the deduction transaction. Then, in step S20, the in-vehicle unit authentication module 120 in the in-vehicle unit 100 transmits the authentication information to the authentication tag 200 via the in-vehicle unit communication module 110, where the authentication tag 200 uses the authentication information to determine the in-vehicle unit 100 and the authentication in step S30. Whether the tag 200 matches.
- the same authentication information (for example, a unique identifier of the in-vehicle unit 100) may be separately stored in the in-vehicle unit 100 and the authentication tag 200 in advance, in which case the authentication tag authentication module 220 will pass the authentication tag.
- the authentication information received by the communication module 210 from the in-vehicle unit communication module 110 is compared with the authentication information stored in advance in the authentication tag 200 to determine whether the in-vehicle unit 100 matches the authentication tag 200.
- step S30 If the authentication result in step S30 is that the in-vehicle unit 100 matches the authentication tag 200 (that is, the authentication information received from the in-vehicle unit 100 is the same as the authentication information stored in the authentication tag 200), then in step S40, the tag authentication module 220 is authenticated.
- the "confirmation" information is transmitted to the in-vehicle unit 100 by the authentication tag communication module 210, and after the in-vehicle unit communication module 110 receives the "confirmation" information, the in-vehicle unit 100 starts execution of the deduction transaction in step S50.
- step S30 if the authentication result in step S30 is that the in-vehicle unit 100 does not match the authentication tag 200 (that is, the authentication information received from the in-vehicle unit 100 is not the same as the authentication information stored in the authentication tag 200), then in step S60
- the authentication label authentication module 220 transmits "error" information to the vehicle-mounted unit 100 through the authentication label communication module 210. After the vehicle-mounted unit communication module 110 receives the "error" information, the vehicle-mounted unit 100 enters a failure state in step S70, so that the buckle cannot be executed. Fee transaction.
- the present invention is not limited thereto.
- a person skilled in the art can solve the technical problem of the present invention in a similar manner by adopting a scheme in which the onboard unit 100 performs authentication on the authentication tag 200 before performing the charge transaction.
- the authentication tag 200 performs authentication with the onboard unit 100 by wirelessly communicating with the onboard unit 100 before the onboard unit 100 performs the charge transaction,
- the invention is not limited thereto.
- the authentication tag 200 can be performed with the onboard unit 100 at least one of the three steps of performing the charge transaction, the execution of the charge transaction, or the execution of the charge transaction.
- Wireless communication is performed with the onboard unit 100 to perform authentication.
- the security of the chargeback transaction can be ensured by taking the method of performing the authentication before the execution of the chargeback transaction and after the execution of the chargeback transaction, that is, only the onboard unit 200 that is authenticated to match each time is allowed to perform the corresponding
- the operation of the vehicle unit 100 enters a failure state, so that the charge transaction cannot be performed.
- an exemplary embodiment of the present invention installs an authentication label in the same vehicle, which is authenticated with the on-board unit, and only when the authentication result is that the two match each other The unit begins to perform the corresponding operation. Accordingly, in order to further improve the reliability and security of the authentication process, corresponding encryption processing may be performed on the data transmission in the authentication process, thereby further preventing data from being illegally stolen.
- the authentication process of the authentication tag by the in-vehicle unit may be increased (or the authentication process of the authentication tag to the in-vehicle unit may be added after the in-vehicle unit performs authentication on the authentication tag), That is, in order to further improve the reliability, the authentication process is set to the mutual authentication between the in-vehicle unit and the authentication tag.
- the in-vehicle unit 100 enters the authentication process in step S100 before the on-board unit 100 performs the deduction transaction. Then, in step S200, the onboard unit authentication module 120 in the in-vehicle unit 100 transmits "verification code and authentication information" to the authentication tag 200 via the in-vehicle unit communication module 110, where the authentication tag 200 uses the "verification code and" in step S300. The authentication information is used to determine whether the in-vehicle unit 100 matches the authentication tag 200.
- the identifier of the in-vehicle unit 100 (which may be a unique serial number assigned to the in-vehicle unit 100) may be stored in the in-vehicle unit 100 in advance, and the identifier of the authentication tag 200 may be further stored in the in-vehicle unit 100. (It can be a unique serial number assigned to the authentication tag 200). Accordingly, in the authentication tag 200 set to match the in-vehicle unit 100, the identifier of the above-described on-board unit 100 and the identifier of the authentication tag 200 are also stored, respectively. Further, the vehicle unit 100 may also store vehicle information and an encryption key for encrypting the vehicle information.
- a verification code calculated using the encryption key and the vehicle information based on a predetermined encryption algorithm f is also stored in the authentication tag 200 in advance.
- the onboard unit authentication module 120 in the in-vehicle unit 100 may calculate a verification code using the encryption key and the vehicle information based on the predetermined encryption algorithm f in step S200, and transmit the verification code to the authentication label 200 through the in-vehicle unit communication module 110.
- the verification code and the authentication information" the authentication information herein may include an identifier of the in-vehicle unit 100 stored in advance in the in-vehicle unit 100, and may further include an identifier of the authentication tag 200 previously stored in the in-vehicle unit 100.
- the authentication tag authentication module 220 transmits the "verification code and authentication information" received from the in-vehicle unit communication module 110 through the authentication tag communication module 210 with the verification code and authentication information (including the vehicle in advance) stored in the authentication tag 200.
- the identifier of the unit 100 and the identifier of the authentication tag 200 are compared to determine if the onboard unit 100 matches the authentication tag 200.
- step S400 the authentication tag authentication module 220 transmits "error" information to the onboard unit 100 through the authentication tag communication module 210. After the onboard unit communication module 110 receives the "error" information, the onboard unit 100 enters a failure state in step S500, thereby Unable to perform debit transaction.
- the authentication tag authentication module 220 transmits "confirmation information and authentication information" to the on-vehicle unit 100 through the authentication tag communication module 210, where the authentication information may include the identifier of the authentication tag 200 previously stored in the authentication tag 200. .
- the in-vehicle unit authentication module 120 uses the "confirmation information and the authentication information" to determine whether the in-vehicle unit 100 matches the authentication tag 200 in step S700. In this case, the in-vehicle unit authentication module 120 compares the received authentication information with the authentication information stored in advance in the in-vehicle unit 100 to determine whether the in-vehicle unit 100 matches the authentication tag 200.
- step S700 If the authentication result in step S700 is that the in-vehicle unit 100 matches the authentication tag 200 (that is, the authentication information received from the authentication tag 200 is the same as the authentication information stored in the in-vehicle unit 100), the in-vehicle unit 100 starts execution in step S800. Deduction transaction. On the other hand, if the authentication result at step S700 is that the in-vehicle unit 100 does not match the authentication tag 200 (that is, the authentication information received from the authentication tag 200 is different from the authentication information stored in the in-vehicle unit 100), the process proceeds to step S500. The onboard unit 100 enters a failed state, so that the charge transaction cannot be performed.
- the authentication process of the authentication tag 200 by the in-vehicle unit 100 may be omitted, that is, if the authentication result in step S300 is that the in-vehicle unit 100 matches the authentication tag 200, the authentication tag authentication module 220 may be used only by the authentication tag communication module 210.
- the unit 100 transmits "confirmation information", and the in-vehicle unit 100 directly proceeds to step S800 after receiving the above-mentioned "confirmation information".
- the charge authentication is performed in the intelligent transportation system shown in FIG.
- the authentication tag 200 performs authentication with the onboard unit 100 by wirelessly communicating with the onboard unit 100 before the onboard unit 100 performs the charge transaction
- the invention is not limited thereto. It should be understood by those skilled in the art that the authentication tag 200 can be performed with the onboard unit 100 at least one of the three steps of performing the charge transaction, the execution of the charge transaction, or the execution of the charge transaction. Wireless communication is performed with the onboard unit 100 to perform authentication.
- the security of the chargeback transaction can be ensured by taking the manner in which the authentication is performed both before the execution of the chargeback transaction and after the execution of the chargeback transaction, that is, only the onboard unit 200 that is authenticated to match each time is allowed to proceed. Corresponding operation, otherwise the onboard unit 100 enters a failure state, so that the charge transaction cannot be performed.
- the present invention can perform more complicated encryption measures in the authentication process between the onboard unit 100 and the authentication unit 200.
- An example of performing charging authentication in an intelligent transportation system according to another exemplary embodiment of the present invention will be described below with reference to FIG.
- the in-vehicle unit 100 enters the authentication process in step S1000 before the onboard unit 100 performs the deduction transaction. Then, in step S2000, the onboard unit authentication module 120 in the in-vehicle unit 100 transmits "verification code 1, authentication information, and random number" to the authentication tag 200 through the in-vehicle unit communication module 110, where the authentication tag 200 uses the above in step S3000. "Verification Code 1" and "Authentication Information" are used to determine whether the in-vehicle unit 100 matches the authentication tag 200.
- the identifier of the in-vehicle unit 100 (which may be a unique serial number assigned to the in-vehicle unit 100) may be stored in the in-vehicle unit 100 in advance, and the identifier of the authentication tag 200 may be further stored in the in-vehicle unit 100. (It can be a unique serial number assigned to the authentication tag 200). Accordingly, in the authentication tag 200 set to match the in-vehicle unit 100, the identifier of the above-described on-board unit 100 and the identifier of the authentication tag 200 are also stored, respectively. Further, the vehicle unit 100 may also store vehicle information and an encryption key for encrypting the vehicle information.
- a verification code 1 calculated using the encryption key and the vehicle information based on a predetermined encryption algorithm f is also stored in advance.
- the onboard unit authentication module 120 in the in-vehicle unit 100 may calculate the verification code 1 using the encryption key and the vehicle information based on the predetermined encryption algorithm f in step S2000, and simultaneously generate a random number, and then communicate through the vehicle unit.
- the module 110 transmits "verification code 1, authentication information, and random number" to the authentication tag 200, where the authentication information may include an identifier of the in-vehicle unit 100 stored in advance in the in-vehicle unit 100, and may further include being stored in the in-vehicle unit 100 in advance. The identifier of the authentication tag 200 in .
- the authentication tag authentication module 220 will "verify code 1" and "authentication information” received from the in-vehicle unit communication module 110 through the authentication tag communication module 210 and the verification code 1 and authentication stored in advance in the authentication tag 200.
- the information (including the identifier of the onboard unit 100 and the identifier of the authentication tag 200) is compared to determine whether the onboard unit 100 matches the authentication tag 200.
- step S3000 If the authentication result at step S3000 is that the in-vehicle unit 100 does not match the authentication tag 200 (that is, the verification code 1 and the authentication information received from the on-vehicle unit 100 are not identical to the verification code 1 and the authentication information stored in the authentication tag 200) Then, in step S4000, the authentication label authentication module 220 transmits "error" information to the vehicle-mounted unit 100 through the authentication label communication module 210. After the vehicle-mounted unit communication module 110 receives the "error" information, the vehicle-mounted unit 100 enters a failure state in step S5000. Therefore, the deduction transaction cannot be performed.
- the authentication tag authentication module 220 encrypts the received random number based on a certain encryption algorithm f1 to generate the verification code 2, and sends the confirmation message to the onboard unit 100 through the authentication tag communication module 210.
- Authentication information and verification code 2 the authentication information herein may include an identifier of the authentication tag 200 previously stored in the authentication tag 200.
- the onboard unit authentication module 120 determines the onboard unit 100 and the authentication using the "confirmation information, authentication information, and verification code 2" in step S7000. Whether the tag 200 matches. In this case, the in-vehicle unit authentication module 120 compares the received authentication information with the authentication information stored in advance in the in-vehicle unit 100 to determine whether the in-vehicle unit 100 matches the authentication tag 200, and verifies the verification based on the encryption algorithm f1. The code 2 is decrypted to acquire a random number, and the acquired random number is compared with a random number previously generated by the onboard unit authentication module 120 and transmitted to the authentication tag 200.
- step S7000 If the authentication result at step S7000 is that the in-vehicle unit 100 matches the authentication tag 200 (that is, the authentication information received from the authentication tag 200 is the same as the authentication information stored in the in-vehicle unit 100 and the random number obtained by decrypting the verification code 2 is The random number generated and transmitted by the in-vehicle unit authentication module 120 is the same), and in step S8000, the in-vehicle unit 100 starts executing the deduction transaction.
- step S7000 if the authentication result at step S7000 is that the in-vehicle unit 100 does not match the authentication tag 200 (that is, the authentication information received from the authentication tag 200 is different from the authentication information stored in the in-vehicle unit 100 or passes the verification code 2 If the random number obtained by the decryption is different from the random number previously generated and transmitted by the onboard unit authentication module 120, the process proceeds to step S5000, and the in-vehicle unit 100 enters a failure state, so that the charge transaction cannot be performed.
- the authentication process of the authentication tag 200 by the onboard unit 100 may be omitted, that is, if the authentication result in step S3000 is that the in-vehicle unit 100 matches the authentication tag 200, only the authentication tag authentication module 220 may be in the car by the authentication tag communication module 210.
- the unit 100 transmits "confirmation information", and the in-vehicle unit 100 directly proceeds to step S8000 after receiving the above-mentioned "confirmation information". Further, in the example in which the charge authentication is performed in the intelligent transportation system shown in FIG.
- the authentication tag 200 performs authentication with the onboard unit 100 by wirelessly communicating with the onboard unit 100 before the onboard unit 100 performs the charge transaction
- the invention is not limited thereto. It should be understood by those skilled in the art that the authentication tag 200 can be performed with the onboard unit 100 at least one of the three steps of performing the charge transaction, the execution of the charge transaction, or the execution of the charge transaction. Wireless communication is performed with the onboard unit 100 to perform authentication.
- the security of the chargeback transaction can be ensured by taking the manner in which the authentication is performed both before the execution of the chargeback transaction and after the execution of the chargeback transaction, that is, only the onboard unit 200 that is authenticated to match each time is allowed to proceed. Corresponding operation, otherwise the onboard unit 100 enters a failure state, so that the charge transaction cannot be performed.
- the above shows a system for charging authentication in an intelligent transportation system and corresponding apparatus and method according to an exemplary embodiment of the present invention.
- the onboard unit since the onboard unit must be authenticated with the authentication tag configured to match it, and the corresponding operation can be performed only after confirming the match, the stolen in-vehicle unit or the vehicle whose data has been tampered with The unit cannot pass the certification process, and the deduction transaction cannot be performed, thereby preventing the illegal disassembly and tampering of the onboard unit accordingly.
- corresponding settings may be performed when the onboard unit and its corresponding authentication label are shipped or issued, so that the vehicle is on the vehicle. After the matching vehicle unit and the certification label are installed, theft or tampering of the vehicle unit can be prevented.
- the technical solution of the invention does not require additional installation of complex tamper-evident members, and can be designed and secured by a special process and algorithm to ensure the safety and reliability of the certification process. Since the authentication label only needs to have the corresponding authentication and wireless communication functions, its volume can be designed to be small, and can be randomly placed within the effective wireless communication range, and the vehicle unit does not have to be kept in a fixed position. This increases the flexibility of the installation and facilitates the expansion of the functions and applications of the onboard unit.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Business, Economics & Management (AREA)
- Finance (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Devices For Checking Fares Or Tickets At Control Points (AREA)
Abstract
提供一种用于在智能交通系统中进行收费认证的系统和方法,所述系统包括:车载单元,其安装于车辆上,用于在收费站执行扣费交易;认证标签,其安装于所述车辆上并被设置为与所述车载单元匹配,其中,所述认证标签用于通过与车载单元进行无线通信来与车载单元执行认证,所述认证用于确定车载单元与认证标签是否匹配,其中,当认证的结果是车载单元与认证标签匹配时,车载单元被允许继续操作,当认证的结果是车载单元与认证标签不匹配时,车载单元进入失效状态,从而无法执行扣费交易。本发明可应用于智能交通系统中以在电子不停车收费方案中防止车载单元被盗用。
Description
本发明涉及如何在智能交通系统(ITS)中实现电子不停车收费(ETC)技术的系统和方法,尤其涉及一种通过进行收费认证来防止非法使用车载单元(OBU,On
Board Unit)进行付费的系统和方法。
在现有的智能交通系统中,通过固定安装在车辆上的车载单元(OBU)以及位于收费站的路侧单元(RSU,Road Side
Unit)来实现电子不停车收费(ETC)技术。OBU作为ETC电子收费系统中最为关键的部件之一,其中记录有OBU的标识符(所述标识符为分配给OBU的唯一序列号)、用户信息、车辆信息以及用户交易密码等重要信息。当安装有OBU的车辆经过ETC收费站的时候,收费站的RSU将读取OBU中记录的相关信息来完成扣款交易。因此,现有的OBU在设置完成并安装于车辆上之后,记录在OBU中的相关信息是无法被随意篡改的,这就要求安装在车辆上的OBU必须具有相应的防拆措施,以避免OBU被盗取并用在其他的车辆上进行付费操作。
在目前的ETC系统中,为了保证OBU不被非法盗用,采取的防拆措施包括磁感应防拆和机械防拆这两种方式。磁感应防拆主要通过两个带磁性的部件的吸合和断开使得OBU在拆除时将产生防拆位的改变,从而判断OBU产生过异动。而机械防拆主要通过机械按键开关的断开和吸合使得OBU在拆除时将产生防拆位的改变,从而判断OBU产生过异动。从某种意义上来说上述两种防拆措施的原理是一样的,而这种通过物理手段使OBU在拆除时产生防拆位改变的方式具有以下缺点:
1、机械结构设计较复杂。在磁感应防拆方式中,除了OBU主体之外,还需要安装另外一个带磁性的部件,而这二者在结构上是可以分离的。在机械防拆方式中,需要在OBU主体上额外安装一个机械导杆来触发OBU内部的防拆按键。由此可见,上述两种方式为了保证防拆的可靠性均需额外安装比较复杂的防拆部件。
2、可靠性较低。对于磁感应防拆方式,只要保证OBU与所述另外一个带磁性的部件不分离就可保持防拆位不发生异动。这样,可通过在使得磁性部件不分离的情况下将OBU整体掀起以达到拆除OBU且防拆位又不失效的目的,以致磁感应方式没有起到防拆的作用。而对于机械防拆方式,存在机械按键失效而导致防拆失效的隐患。
3、安装方式不灵活。当采用这两种防拆方式时,OBU在安装的时候需选择好一个最佳角度并以该角度贴装在汽车挡风玻璃上,且一旦安装之后OBU就无法轻易移动。这样就导致OBU的安装位置局限性很大、且贴在挡风玻璃上之后会在一定程度上影响美观和视线。同时也限制了OBU在功能和应用上的扩展。
综上所述,现有的OBU防拆方式存在占用空间大、结构复杂、安装方式受限和防拆可靠性差的弊端。因此,需要一种能够克服上述缺陷且确保OBU不会被任意盗用的技术方案。
本发明的目的在于提供一种替代现有技术中通过物理手段来防止车载单元被盗用或篡改的技术方案,通过在车辆上安装互相匹配的车载单元和认证标签,并进行车载单元与认证标签的电子认证来提供安全有效的扣费交易方式,从而防止车载单元被非法盗用。
根据本发明的一方面,提供一种用于在智能交通系统中进行收费认证的系统,所述系统包括:车载单元,其安装于车辆上,用于在收费站执行扣费交易;认证标签,其安装于所述车辆上并被设置为与所述车载单元匹配,其中,所述认证标签用于通过与车载单元进行无线通信来与车载单元执行认证,所述认证用于确定车载单元与认证标签是否匹配,其中,当认证的结果是车载单元与认证标签匹配时,车载单元被允许继续操作,当认证的结果是车载单元与认证标签不匹配时,车载单元进入失效状态,从而无法执行扣费交易。
所述认证标签与车载单元执行的认证可包括认证标签对车载单元的认证和/或车载单元对认证标签的认证。
认证标签和车载单元可对认证过程中的数据传输进行加密处理。
认证标签与车载单元可按照射频识别技术、蓝牙技术、短距通信技术或Wi-Fi技术进行无线通信。
在车载单元执行扣费交易前、执行扣费交易过程中或执行扣费交易后三者中的至少一个阶段,所述认证标签可通过与车载单元进行无线通信来与车载单元执行认证。
根据本发明的另一方面,提供一种安装在车辆上以用于在智能交通系统中进行收费认证的车载单元,所述车载单元包括:车载单元通信模块,用于与安装在同一车辆上的认证标签进行无线通信;车载单元认证模块,用于通过车载单元通信模块与认证标签的无线通信来与认证标签执行认证,从而确定车载单元与认证标签是否匹配,其中,当认证的结果是车载单元与认证标签匹配时,车载单元被允许继续操作,当认证的结果是车载单元与认证标签不匹配时,车载单元进入失效状态,从而无法执行扣费交易。
根据本发明的另一方面,提供一种安装在车辆上以用于在智能交通系统中进行收费认证的认证标签,所述认证标签包括:认证标签通信模块,用于与安装在同一车辆上的车载单元进行无线通信;认证标签认证模块,用于通过认证标签通信模块与车载单元的无线通信来与车载单元执行认证,从而确定车载单元与认证标签是否匹配,其中,当认证的结果是车载单元与认证标签匹配时,认证标签促使车载单元继续操作,否则,认证标签促使车载单元进入失效状态。
根据本发明的另一方面,提供一种用于在智能交通系统中进行收费认证的方法,所述方法包括:将车载单元和认证标签安装于车辆上,所述车载单元用于在收费站执行扣费交易,所述认证标签被设置为与所述车载单元匹配;车载单元进入认证过程,在所述认证过程中,认证标签与车载单元进行无线通信来与车载单元执行认证,从而确定车载单元与认证标签是否匹配,其中,当认证的结果是车载单元与认证标签匹配时,车载单元被允许继续操作,当认证的结果是车载单元与认证标签不匹配时,车载单元进入失效状态,从而无法执行扣费交易。
所述认证标签与车载单元执行的认证可包括认证标签对车载单元的认证和/或车载单元对认证标签的认证。
所述认证标签与车载单元执行的认证可包括:车载单元基于预定加密算法,利用存储在车载单元中的加密密钥和车辆信息计算出验证码;车载单元将预先存储在车载单元中的车载单元的标识符和认证标签的标识符、由车载单元计算出的验证码发送到认证标签;认证标签将接收到的车载单元的标识符、认证标签的标识符以及验证码与预先存储在认证标签中的车载单元的标识符、认证标签的标识符以及验证码进行比较;当接收到的车载单元的标识符、认证标签的标识符以及验证码与预先存储在认证标签中的车载单元的标识符、认证标签的标识符以及验证码均相同时,认证标签向车载单元发送确认信息和预先存储在认证标签中的认证标签的标识符;否则,认证标签向车载单元发送出错信息以促使车载单元进入失效状态,从而无法执行扣费交易;车载单元将接收到的确认信息和认证标签的标识符与预先存储在车载单元中的认证标签的标识符进行比较;当接收到的认证标签的标识符与预先存储在车载单元中的认证标签的标识符相同时,车载单元继续操作;否则,车载单元进入失效状态,从而无法执行扣费交易。
所述认证标签与车载单元执行的认证可包括:车载单元基于预定加密算法,利用存储在车载单元中的加密密钥和车辆信息计算出验证码,并且车载单元产生一个随机数;车载单元将预先存储在车载单元中的车载单元的标识符和认证标签的标识符、由车载单元计算出的验证码和产生的随机数发送到认证标签;认证标签将接收到的车载单元的标识符、认证标签的标识符、验证码与预先存储在认证标签中的车载单元的标识符、认证标签的标识符以及验证码进行比较;当接收到的车载单元的标识符、认证标签的标识符以及验证码与预先存储在认证标签中的车载单元的标识符、认证标签的标识符以及验证码均相同时,认证标签向车载单元发送确认信息、预先存储在认证标签中的认证标签的标识符以及对随机数进行加密而获得的另一验证码;否则,认证标签向车载单元发送出错信息以促使车载单元进入失效状态,从而无法执行扣费交易;车载单元将接收到的确认信息和认证标签的标识符与预先存储在车载单元中的认证标签的标识符进行比较,并对所述另一验证码进行解密以获得解密的随机数;当接收到的认证标签的标识符与预先存储在车载单元中的认证标签的标识符相同且解密的随机数与车载单元产生并发送的随机数相同时,车载单元继续操作;否则,车载单元进入失效状态,从而无法执行扣费交易。
根据本发明的示例性实施例,由于车载单元必须与被配置为与其匹配的认证标签进行认证,且只有在确认匹配之后才能够执行相应的操作,因此,盗用的车载单元或数据被篡改的车载单元均无法通过认证过程,也就无法执行扣费交易,从而相应地防止了对车载单元的非法拆卸和篡改。在本发明的技术方案中,可在车载单元以及与其相应的认证标签出厂或发行时进行相应的设置(如,存储认证有关的信息并构建用于执行相应认证方法的部件),这样在车辆上安装好匹配的车载单元和认证标签之后,就可以防止对车载单元的盗取或篡改。本发明的技术方案不需要额外安装复杂的防拆构件,且可通过专门的流程和算法设计来保证认证过程的安全性和可靠性。由于认证标签只需要具备相应的认证和无线通信功能,因此,其体积可设计得比较小,并且可被随意地安置在有效的无线通信范围之内,同时,车载单元也不必保持在固定位置,这样就增加了安装的灵活性,同时便于使车载单元的功能和应用得到多方面的扩展。
通过下面结合附图进行的对实施例的描述,本发明的上述和/或其它目的和优点将会变得更加清楚,其中:
图1是示出根据本发明示例性实施例的用于在智能交通系统中进行收费认证的系统的框图;
图2是示出根据本发明示例性实施例的安装在车辆上的车载单元的框图;
图3是示出根据本发明示例性实施例的安装在车辆上的认证标签的框图;
图4示出根据本发明示例性实施例的在智能交通系统中进行收费认证的示例;
图5示出根据本发明另一示例性实施例的在智能交通系统中进行收费认证的示例;
图6示出根据本发明另一示例性实施例的在智能交通系统中进行收费认证的示例。
现将详细描述本发明的实施例,所述实施例的示例在附图中示出,其中,相同的标号始终指的是相同的部件。以下将通过参照附图来说明所述实施例,以便解释本发明。
图1是示出根据本发明示例性实施例的用于在智能交通系统中进行收费认证的系统的框图。如图1所示,根据本发明示例性实施例的用于在智能交通系统中进行收费认证的系统包括:车载单元100,其安装于车辆上,用于在收费站执行扣费交易;认证标签200,其安装于所述车辆上并被设置为与所述车载单元100匹配,其中,所述认证标签200用于通过与车载单元100进行无线通信来与车载单元100执行认证,所述认证用于确定车载单元100与认证标签200是否匹配,其中,当认证的结果是车载单元100与认证标签200匹配时,车载单元100被允许继续操作,当认证的结果是车载单元100与认证标签200不匹配时,车载单元100进入失效状态,从而无法执行扣费交易。
应注意:在图1所示的用于在智能交通系统中进行收费认证的系统中,车载单元100与认证标签200之间可采用任何适用的短程无线通信协议进行通信,例如,射频识别(RFID)、蓝牙(Bluetooth)通信、短距通信(NFC)、Wi-Fi技术等短程无线通信技术均可被应用于本发明中。此外,在车载单元100与认证标签200之间基于无线传输的数据执行认证时,任意单向认证方式或双向认证方式均可应用于本发明中,也就是说,不论是车载单元100对认证标签200进行认证,还是认证标签200对车载单元100执行认证,或者是车载单元100与认证标签200之间直接相互认证或借助于第三方来彼此认证,上述方式只要能够实现确定车载单元100与认证标签200是否匹配的技术效果,则均可应用于本发明的技术方案中。而为了进一步提高认证的安全性和可靠性,还可将各种加密技术引入车载单元100与认证标签200的认证过程中。由于短程无线通信可在几米甚至十几米的范围内保证有效性,因此,作为一种优选方式,可将认证标签200安装于车辆的驾驶室内,从而与位于驾驶室外的车载单元100进行无线通信。
作为示例,图2和图3分别示出根据本发明示例性实施例的安装在车辆上的车载单元100和认证标签200的框图。
如图2所示,根据本发明示例性实施例的车载单元100包括:车载单元通信模块110,用于与安装在同一车辆上的认证标签200进行无线通信;车载单元认证模块120,用于通过车载单元通信模块110与认证标签200的无线通信来与认证标签200执行认证,从而确定车载单元100与认证标签200是否匹配。其中,当认证的结果是车载单元100与认证标签200匹配时,车载单元100被允许继续操作,当认证的结果是车载单元100与认证标签200不匹配时,车载单元100进入失效状态,从而无法执行扣费交易。除此之外,车载单元100还可包括车载单元存储器(未示出),用于存储执行认证所需的相关信息。
另一方面,如图3所示,根据本发明示例性实施例的认证标签200包括:认证标签通信模块210,用于与安装在同一车辆上的车载单元100进行无线通信;认证标签认证模块220,用于通过认证标签通信模块210与车载单元200的无线通信来与车载单元100执行认证,从而确定车载单元100与认证标签200是否匹配。其中,当认证的结果是车载单元100与认证标签200匹配时,车载单元100被允许继续操作,当认证的结果是车载单元100与认证标签200不匹配时,车载单元100进入失效状态,从而无法执行扣费交易。除此之外,认证标签200还可包括认证标签存储器(未示出),用于存储执行认证所需的相关信息。
应理解:上述车载单元100和认证标签200的内部结构仅仅是示例性的,对于本领域技术人员而言,可对车载单元100和认证标签200的上述结构进行各种等同的变型,例如,可在车载单元认证模块120和认证标签认证模块220中设置相应的存储区域来实现车载单元存储器和认证标签存储器的功能。由于车载单元100与认证标签200之间可采用任何适用的短程无线通信协议进行通信,因此,车载单元通信模块110和认证标签通信模块210可分别为相应的RFID通信模块、Bluetooth通信模块、NFC模块等。
以下将结合图4到图6来描述根据本发明示例性实施例的在智能交通系统中进行收费认证的示例。
在图4所示的在智能交通系统中进行收费认证的示例中,认证标签200对车载单元100执行认证,以确定车载单元100与认证标签200是否匹配。
具体说来,当车辆进入ETC收费站时,在车载单元100执行扣费交易之前,在步骤S10,车载单元100进入认证过程。然后,在步骤S20,车载单元100中的车载单元认证模块120通过车载单元通信模块110向认证标签200发送认证信息,这里,认证标签200在步骤S30使用所述认证信息来确定车载单元100与认证标签200是否匹配。作为一种实施方式,可预先在车载单元100和认证标签200中分别存储相同的认证信息(例如,车载单元100的唯一标识符),在这种情况下,认证标签认证模块220将通过认证标签通信模块210从车载单元通信模块110接收的认证信息与预先存储在认证标签200中的认证信息进行比较,以确定车载单元100与认证标签200是否匹配。如果在步骤S30的认证结果是车载单元100与认证标签200匹配(即,从车载单元100接收的认证信息与存储在认证标签200中的认证信息相同),则在步骤S40,认证标签认证模块220通过认证标签通信模块210向车载单元100发送“确认”信息,在车载单元通信模块110接收到“确认”信息之后,车载单元100在步骤S50开始执行扣费交易。另一方面,如果在步骤S30的认证结果是车载单元100与认证标签200不匹配(即,从车载单元100接收的认证信息与存储在认证标签200中的认证信息不相同),则在步骤S60,认证标签认证模块220通过认证标签通信模块210向车载单元100发送“出错”信息,在车载单元通信模块110接收到“出错”信息之后,车载单元100在步骤S70进入失效状态,从而无法执行扣费交易。
应注意,在图4所示的在智能交通系统中进行收费认证的示例中,虽然采用了由认证标签200对车载单元100执行认证的方式,但本发明并非受限于此。本领域技术人员可按照类似的方式,采用由车载单元100在执行扣费交易前对认证标签200执行认证的方案来解决本发明的技术问题。此外,在图4所示的在智能交通系统中进行收费认证的示例中,虽然所述认证标签200在车载单元100执行扣费交易前通过与车载单元100进行无线通信来与车载单元100执行认证,但本发明并非受限于此。本领域技术人员应理解:在车载单元100执行扣费交易前、执行扣费交易过程中或执行扣费交易后三者中的至少一个阶段,所述认证标签200均可通过与车载单元100进行无线通信来与车载单元100执行认证。例如,可通过采取在执行扣费交易前和执行扣费交易后均执行认证的方式来确保扣费交易的安全性,即,只有每次均被认证为匹配的车载单元200才被允许进行相应的操作,否则车载单元100进入失效状态,从而无法执行扣费交易。
为了避免因采用物理手段防止车载单元被拆除而带来的缺陷,本发明的示例性实施例在相同车辆中安装认证标签,其与车载单元进行认证,并只有认证结果为两者互相匹配时车载单元才开始执行相应的操作。相应地,为了进一步提高认证过程的可靠性和安全性,可针对认证过程中的数据传输进行相应的加密处理,从而进一步防止数据被非法盗取。此外,作为附加过程,可在认证标签对车载单元执行认证之后,增加车载单元对认证标签的认证过程(或可在车载单元对认证标签执行认证之后,增加认证标签对车载单元的认证过程),即,为了进一步提高可靠性,将认证过程设置为车载单元与认证标签之间的双向认证。
以下将参照图5来描述根据本发明另一示例性实施例的在智能交通系统中进行收费认证的示例。
在图5所示的在智能交通系统中进行收费认证的示例中,需要在车载单元100与认证标签200之间执行双向认证,并且在执行认证时,可额外传送经过加密处理的验证码,从而进一步确保认证过程的安全性和可靠性。
具体说来,当车辆进入ETC收费站时,在车载单元100执行扣费交易之前,在步骤S100,车载单元100进入认证过程。然后,在步骤S200,车载单元100中的车载单元认证模块120通过车载单元通信模块110向认证标签200发送“验证码和认证信息”,这里,认证标签200在步骤S300使用所述“验证码和认证信息”来确定车载单元100与认证标签200是否匹配。作为一种实施方式,可预先在车载单元100中存储车载单元100的标识符(其可以是分配给车载单元100的唯一序列号),还可在车载单元100中进一步存储认证标签200的标识符(其可以是分配给认证标签200的唯一序列号)。相应地,在被设置为与车载单元100匹配的认证标签200中,也分别存储上述车载单元100的标识符和认证标签200的标识符。此外,车载单元100中还可存储车辆信息以及用于对车辆信息进行加密的加密密钥。相应地,在认证标签200中还预先存储有基于预定的加密算法f,利用所述加密密钥和车辆信息计算出的验证码。这里,车载单元100中的车载单元认证模块120可在步骤S200基于预定的加密算法f,利用所述加密密钥和车辆信息计算出验证码,并通过车载单元通信模块110向认证标签200发送“验证码和认证信息”,这里的认证信息可包括预先存储在车载单元100中的车载单元100的标识符,并还可包括预先存储在车载单元100中的认证标签200的标识符。在这种情况下,认证标签认证模块220将通过认证标签通信模块210从车载单元通信模块110接收的“验证码和认证信息”与预先存储在认证标签200中的验证码和认证信息(包括车载单元100的标识符和认证标签200的标识符)进行比较以确定车载单元100与认证标签200是否匹配。如果在步骤S300的认证结果是车载单元100与认证标签200不匹配(即,从车载单元100接收的验证码和认证信息与存储在认证标签200中的验证码和认证信息并非完全相同),则在步骤S400,认证标签认证模块220通过认证标签通信模块210向车载单元100发送“出错”信息,在车载单元通信模块110接收到“出错”信息之后,车载单元100在步骤S500进入失效状态,从而无法执行扣费交易。另一方面,如果在步骤S300的认证结果是车载单元100与认证标签200匹配(即,从车载单元100接收的验证码和认证信息与存储在认证标签200中的验证码和认证信息全部相同),则在步骤S600,认证标签认证模块220通过认证标签通信模块210向车载单元100发送“确认信息和认证信息”,这里的认证信息可包括预先存储在认证标签200中的认证标签200的标识符。在车载单元通信模块110接收到“确认信息和认证信息”之后,车载单元认证模块120在步骤S700使用所述“确认信息和认证信息”来确定车载单元100与认证标签200是否匹配。在这种情况下,车载单元认证模块120将接收的认证信息与预先存储在车载单元100中的认证信息进行比较以确定车载单元100与认证标签200是否匹配。如果在步骤S700的认证结果是车载单元100与认证标签200匹配(即,从认证标签200接收的认证信息与存储在车载单元100中的认证信息相同),则在步骤S800,车载单元100开始执行扣费交易。另一方面,如果在步骤S700的认证结果是车载单元100与认证标签200不匹配(即,从认证标签200接收的认证信息与存储在车载单元100中的认证信息不相同),则进入步骤S500,车载单元100进入失效状态,从而无法执行扣费交易。
对于图5所示的在智能交通系统中进行收费认证的示例,本领域的技术人员可进行相应的各种变型。例如,可省略车载单元100对认证标签200的认证过程,即,如果在步骤S300的认证结果是车载单元100与认证标签200匹配,可仅由认证标签认证模块220通过认证标签通信模块210向车载单元100发送“确认信息”,并且车载单元100在接收到上述“确认信息”之后直接进入步骤S800。此外,在图5所示的在智能交通系统中进行收费认证的示例中,虽然所述认证标签200在车载单元100执行扣费交易前通过与车载单元100进行无线通信来与车载单元100执行认证,但本发明并非受限于此。本领域技术人员应理解:在车载单元100执行扣费交易前、执行扣费交易过程中或执行扣费交易后三者中的至少一个阶段,所述认证标签200均可通过与车载单元100进行无线通信来与车载单元100执行认证。例如,可通过采取在执行扣费交易前和执行扣费交易后均执行认证的方式来确保扣费交易的安全性,即,只有每次均被认证为匹配的车载单元200才被允许继续进行相应的操作,否则车载单元100进入失效状态,从而无法执行扣费交易。
此外,为了进一步提高认证过程的安全性和可靠性,本发明可在车载单元100与认证单元200之间的认证过程中进行更为复杂的加密措施。以下将参照图6来描述根据本发明另一示例性实施例的在智能交通系统中进行收费认证的示例。
在图6所示的在智能交通系统中进行收费认证的示例中,需要在车载单元100与认证标签200之间执行双向认证,并且在执行认证时,可额外传送经过加密处理的验证码,并引入对随机数的加密和解密处理,从而进一步确保认证过程的安全性和可靠性。
具体说来,当车辆进入ETC收费站时,在车载单元100执行扣费交易之前,在步骤S1000,车载单元100进入认证过程。然后,在步骤S2000,车载单元100中的车载单元认证模块120通过车载单元通信模块110向认证标签200发送“验证码1、认证信息和随机数”,这里,认证标签200在步骤S3000使用所述“验证码1”和“认证信息”来确定车载单元100与认证标签200是否匹配。作为一种实施方式,可预先在车载单元100中存储车载单元100的标识符(其可以是分配给车载单元100的唯一序列号),还可在车载单元100中进一步存储认证标签200的标识符(其可以是分配给认证标签200的唯一序列号)。相应地,在被设置为与车载单元100匹配的认证标签200中,也分别存储上述车载单元100的标识符和认证标签200的标识符。此外,车载单元100中还可存储车辆信息以及用于对车辆信息进行加密的加密密钥。相应地,在认证标签200中还预先存储有基于预定的加密算法f,利用所述加密密钥和车辆信息计算出的验证码1。这里,车载单元100中的车载单元认证模块120可在步骤S2000基于预定的加密算法f,利用所述加密密钥和车辆信息计算出验证码1,并同时产生一随机数,随后通过车载单元通信模块110向认证标签200发送“验证码1、认证信息和随机数”,这里的认证信息可包括预先存储在车载单元100中的车载单元100的标识符,并还可包括预先存储在车载单元100中的认证标签200的标识符。在这种情况下,认证标签认证模块220将通过认证标签通信模块210从车载单元通信模块110接收的“验证码1”和“认证信息”与预先存储在认证标签200中的验证码1和认证信息(包括车载单元100的标识符和认证标签200的标识符)进行比较以确定车载单元100与认证标签200是否匹配。如果在步骤S3000的认证结果是车载单元100与认证标签200不匹配(即,从车载单元100接收的验证码1和认证信息与存储在认证标签200中的验证码1和认证信息并非完全相同),则在步骤S4000,认证标签认证模块220通过认证标签通信模块210向车载单元100发送“出错”信息,在车载单元通信模块110接收到“出错”信息之后,车载单元100在步骤S5000进入失效状态,从而无法执行扣费交易。另一方面,如果在步骤S3000的认证结果是车载单元100与认证标签200匹配(即,从车载单元100接收的验证码1和认证信息与存储在认证标签200中的验证码1和认证信息全部相同),则在步骤S6000,认证标签认证模块220基于某种加密算法f1对接收到的随机数进行加密,以产生验证码2,并通过认证标签通信模块210向车载单元100发送“确认信息、认证信息和验证码2”,这里的认证信息可包括预先存储在认证标签200中的认证标签200的标识符。在车载单元通信模块110接收到“确认信息、认证信息和验证码2”之后,车载单元认证模块120在步骤S7000使用所述“确认信息、认证信息和验证码2”来确定车载单元100与认证标签200是否匹配。在这种情况下,车载单元认证模块120将接收的认证信息与预先存储在车载单元100中的认证信息进行比较以确定车载单元100与认证标签200是否匹配,并基于所述加密算法f1对验证码2进行解密,以获取随机数,并将获取的随机数与之前由车载单元认证模块120产生并发送给认证标签200的随机数进行比较。如果在步骤S7000的认证结果是车载单元100与认证标签200匹配(即,从认证标签200接收的认证信息与存储在车载单元100中的认证信息相同且通过对验证码2解密得到的随机数与之前由车载单元认证模块120产生并发送的随机数相同),则在步骤S8000,车载单元100开始执行扣费交易。另一方面,如果在步骤S7000的认证结果是车载单元100与认证标签200不匹配(即,从认证标签200接收的认证信息与存储在车载单元100中的认证信息不相同或通过对验证码2解密得到的随机数与之前由车载单元认证模块120产生并发送的随机数不相同),则进入步骤S5000,车载单元100进入失效状态,从而无法执行扣费交易。
对于图6所示的在智能交通系统中进行收费认证的示例,本领域的技术人员可进行相应的各种变型。例如,可省略车载单元100对认证标签200的认证过程,即,如果在步骤S3000的认证结果是车载单元100与认证标签200匹配,可仅由认证标签认证模块220通过认证标签通信模块210向车载单元100发送“确认信息”,并且车载单元100在接收到上述“确认信息”之后直接进入步骤S8000。此外,在图6所示的在智能交通系统中进行收费认证的示例中,虽然所述认证标签200在车载单元100执行扣费交易前通过与车载单元100进行无线通信来与车载单元100执行认证,但本发明并非受限于此。本领域技术人员应理解:在车载单元100执行扣费交易前、执行扣费交易过程中或执行扣费交易后三者中的至少一个阶段,所述认证标签200均可通过与车载单元100进行无线通信来与车载单元100执行认证。例如,可通过采取在执行扣费交易前和执行扣费交易后均执行认证的方式来确保扣费交易的安全性,即,只有每次均被认证为匹配的车载单元200才被允许继续进行相应的操作,否则车载单元100进入失效状态,从而无法执行扣费交易。
以上示出了根据本发明示例性实施例在智能交通系统中进行收费认证的系统以及相应的设备和方法。根据本发明的示例性实施例,由于车载单元必须与被配置为与其匹配的认证标签进行认证,且只有在确认匹配之后才能够执行相应的操作,因此,盗用的车载单元或数据被篡改的车载单元均无法通过认证过程,也就无法执行扣费交易,从而相应地防止了对车载单元的非法拆卸和篡改。在本发明的技术方案中,可在车载单元以及与其相应的认证标签出厂或发行时进行相应的设置(如,存储认证有关的信息并构建用于执行相应认证方法的部件),这样在车辆上安装好匹配的车载单元和认证标签之后,就可以防止对车载单元的盗取或篡改。本发明的技术方案不需要额外安装复杂的防拆构件,且可通过专门的流程和算法设计来保证认证过程的安全性和可靠性。由于认证标签只需要具备相应的认证和无线通信功能,因此,其体积可设计得比较小,并且可被随意地安置在有效的无线通信范围之内,同时,车载单元也不必保持在固定位置,这样就增加了安装的灵活性,同时便于使车载单元的功能和应用得到多方面的扩展。
本发明的以上各个实施例仅仅是示例性的,而本发明并不受限于此。本领域技术人员应该理解:任何在执行扣费交易之前需经过车载单元与认证标签之间的认证过程的方式均落入本发明的范围之中。在不脱离本发明的原理和精神的情况下,可对这些实施例进行改变,其中,本发明的范围在权利要求及其等同物中限定。
Claims (12)
- 一种用于在智能交通系统中进行收费认证的系统,所述系统包括:车载单元,其安装于车辆上,用于在收费站执行扣费交易;认证标签,其安装于所述车辆上并被设置为与所述车载单元匹配,其中,所述认证标签用于通过与车载单元进行无线通信来与车载单元执行认证,所述认证用于确定车载单元与认证标签是否匹配,其中,当认证的结果是车载单元与认证标签匹配时,车载单元被允许继续操作,当认证的结果是车载单元与认证标签不匹配时,车载单元进入失效状态,从而无法执行扣费交易。
- 如权利要求1所述的系统,其中,所述认证标签与车载单元执行的认证包括认证标签对车载单元的认证和/或车载单元对认证标签的认证。
- 如权利要求1所述的系统,其中,认证标签和车载单元对认证过程中的数据传输进行加密处理。
- 如权利要求1所述的系统,其中,认证标签与车载单元按照射频识别技术、蓝牙技术、短距通信技术或Wi-Fi技术进行无线通信。
- 如权利要求1所述的系统,其中,在车载单元执行扣费交易前、执行扣费交易过程中或执行扣费交易后三者中的至少一个阶段,所述认证标签通过与车载单元进行无线通信来与车载单元执行认证。
- 一种安装在车辆上以用于在智能交通系统中进行收费认证的车载单元,所述车载单元包括:车载单元通信模块,用于与安装在同一车辆上的认证标签进行无线通信;车载单元认证模块,用于通过车载单元通信模块与认证标签的无线通信来与认证标签执行认证,从而确定车载单元与认证标签是否匹配,其中,当认证的结果是车载单元与认证标签匹配时,车载单元被允许继续操作,当认证的结果是车载单元与认证标签不匹配时,车载单元进入失效状态,从而无法执行扣费交易。
- 一种安装在车辆上以用于在智能交通系统中进行收费认证的认证标签,所述认证标签包括:认证标签通信模块,用于与安装在同一车辆上的车载单元进行无线通信;认证标签认证模块,用于通过认证标签通信模块与车载单元的无线通信来与车载单元执行认证,从而确定车载单元与认证标签是否匹配,其中,当认证的结果是车载单元与认证标签匹配时,认证标签促使车载单元继续操作,否则,认证标签促使车载单元进入失效状态。
- 一种用于在智能交通系统中进行收费认证的方法,所述方法包括:将车载单元和认证标签安装于车辆上,所述车载单元用于在收费站执行扣费交易,所述认证标签被设置为与所述车载单元匹配;车载单元进入认证过程,在所述认证过程中,认证标签与车载单元进行无线通信来与车载单元执行认证,从而确定车载单元与认证标签是否匹配,其中,当认证的结果是车载单元与认证标签匹配时,车载单元被允许继续操作,当认证的结果是车载单元与认证标签不匹配时,车载单元进入失效状态,从而无法执行扣费交易。
- 如权利要求8所述的方法,其中,所述认证标签与车载单元执行的认证包括认证标签对车载单元的认证和/或车载单元对认证标签的认证。
- 如权利要求8所述的方法,其中,所述认证标签与车载单元执行的认证包括:车载单元基于预定加密算法,利用存储在车载单元中的加密密钥和车辆信息计算出验证码;车载单元将预先存储在车载单元中的车载单元的标识符和认证标签的标识符、由车载单元计算出的验证码发送到认证标签;认证标签将接收到的车载单元的标识符、认证标签的标识符以及验证码与预先存储在认证标签中的车载单元的标识符、认证标签的标识符以及验证码进行比较;当接收到的车载单元的标识符、认证标签的标识符以及验证码与预先存储在认证标签中的车载单元的标识符、认证标签的标识符以及验证码均相同时,认证标签向车载单元发送确认信息和预先存储在认证标签中的认证标签的标识符;否则,认证标签向车载单元发送出错信息以促使车载单元进入失效状态,从而无法执行扣费交易;车载单元将接收到的确认信息和认证标签的标识符与预先存储在车载单元中的认证标签的标识符进行比较;当接收到的认证标签的标识符与预先存储在车载单元中的认证标签的标识符相同时,车载单元继续操作;否则,车载单元进入失效状态,从而无法执行扣费交易。
- 如权利要求9所述的方法,其中,所述认证标签与车载单元执行的认证包括:车载单元基于预定加密算法,利用存储在车载单元中的加密密钥和车辆信息计算出验证码,并且车载单元产生一个随机数;车载单元将预先存储在车载单元中的车载单元的标识符和认证标签的标识符、由车载单元计算出的验证码和产生的随机数发送到认证标签;认证标签将接收到的车载单元的标识符、认证标签的标识符、验证码与预先存储在认证标签中的车载单元的标识符、认证标签的标识符以及验证码进行比较;当接收到的车载单元的标识符、认证标签的标识符以及验证码与预先存储在认证标签中的车载单元的标识符、认证标签的标识符以及验证码均相同时,认证标签向车载单元发送确认信息、预先存储在认证标签中的认证标签的标识符以及对随机数进行加密而获得的另一验证码;否则,认证标签向车载单元发送出错信息以促使车载单元进入失效状态,从而无法执行扣费交易;车载单元将接收到的确认信息和认证标签的标识符与预先存储在车载单元中的认证标签的标识符进行比较,并对所述另一验证码进行解密以获得解密的随机数;当接收到的认证标签的标识符与预先存储在车载单元中的认证标签的标识符相同且解密的随机数与车载单元产生并发送的随机数相同时,车载单元继续操作;否则,车载单元进入失效状态,从而无法执行扣费交易。
- 如权利要求8所述的方法,其中,在车载单元执行扣费交易前、执行扣费交易过程中或执行扣费交易后三者中的至少一个阶段,所述车载单元进入认证过程。
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2011/071600 WO2012119305A1 (zh) | 2011-03-08 | 2011-03-08 | 用于在智能交通系统中进行收费认证的系统和方法 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
PCT/CN2011/071600 WO2012119305A1 (zh) | 2011-03-08 | 2011-03-08 | 用于在智能交通系统中进行收费认证的系统和方法 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2012119305A1 true WO2012119305A1 (zh) | 2012-09-13 |
Family
ID=46797413
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2011/071600 WO2012119305A1 (zh) | 2011-03-08 | 2011-03-08 | 用于在智能交通系统中进行收费认证的系统和方法 |
Country Status (1)
Country | Link |
---|---|
WO (1) | WO2012119305A1 (zh) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2901409A4 (en) * | 2012-09-28 | 2016-03-30 | Intel Corp | SYSTEMS AND METHOD FOR PRODUCING INVENTORIES FOR USE ON THE ROAD |
CN111222602A (zh) * | 2019-12-31 | 2020-06-02 | 航天信息股份有限公司 | 一种用于与车载单元进行安全通信的方法及系统 |
CN113011870A (zh) * | 2021-02-02 | 2021-06-22 | 北京易路行技术有限公司 | 通过etc天线进行用户卡圈存的方法及装置 |
CN113496045A (zh) * | 2020-04-03 | 2021-10-12 | 华为技术有限公司 | 对obu的拆装状态进行判断的方法、obu、车辆以及存储介质 |
CN114844687A (zh) * | 2022-04-15 | 2022-08-02 | 深圳汇辰软件有限公司 | 一种认证方法、电子设备及存储介质 |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004102667A (ja) * | 2002-09-10 | 2004-04-02 | Mitsubishi Heavy Ind Ltd | 通行料金収受システム |
CN101123456A (zh) * | 2006-08-09 | 2008-02-13 | 北京握奇数据系统有限公司 | 基于wlan的etc系统车载单元与路边单元的通信方法 |
CN101299280A (zh) * | 2008-06-06 | 2008-11-05 | 深圳市金溢科技有限公司 | 双制式etc路侧设备及其通信方法 |
CN101859446A (zh) * | 2010-06-09 | 2010-10-13 | 北京握奇数据系统有限公司 | 车辆认证方法、装置及系统 |
-
2011
- 2011-03-08 WO PCT/CN2011/071600 patent/WO2012119305A1/zh active Application Filing
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2004102667A (ja) * | 2002-09-10 | 2004-04-02 | Mitsubishi Heavy Ind Ltd | 通行料金収受システム |
CN101123456A (zh) * | 2006-08-09 | 2008-02-13 | 北京握奇数据系统有限公司 | 基于wlan的etc系统车载单元与路边单元的通信方法 |
CN101299280A (zh) * | 2008-06-06 | 2008-11-05 | 深圳市金溢科技有限公司 | 双制式etc路侧设备及其通信方法 |
CN101859446A (zh) * | 2010-06-09 | 2010-10-13 | 北京握奇数据系统有限公司 | 车辆认证方法、装置及系统 |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP2901409A4 (en) * | 2012-09-28 | 2016-03-30 | Intel Corp | SYSTEMS AND METHOD FOR PRODUCING INVENTORIES FOR USE ON THE ROAD |
CN111222602A (zh) * | 2019-12-31 | 2020-06-02 | 航天信息股份有限公司 | 一种用于与车载单元进行安全通信的方法及系统 |
CN111222602B (zh) * | 2019-12-31 | 2023-10-13 | 航天信息股份有限公司 | 一种用于与车载单元进行安全通信的方法及系统 |
CN113496045A (zh) * | 2020-04-03 | 2021-10-12 | 华为技术有限公司 | 对obu的拆装状态进行判断的方法、obu、车辆以及存储介质 |
CN113011870A (zh) * | 2021-02-02 | 2021-06-22 | 北京易路行技术有限公司 | 通过etc天线进行用户卡圈存的方法及装置 |
CN113011870B (zh) * | 2021-02-02 | 2024-05-07 | 北京易路行技术有限公司 | 通过etc天线进行用户卡圈存的方法及装置 |
CN114844687A (zh) * | 2022-04-15 | 2022-08-02 | 深圳汇辰软件有限公司 | 一种认证方法、电子设备及存储介质 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102184575B (zh) | 用于在智能交通系统中进行收费认证的系统和方法 | |
RU2506642C2 (ru) | Тахограф, бортовой блок для сбора за пользование дорогой (maut-on-board-unit), индикаторный прибор и система | |
EP2498225B1 (en) | Road toll system and method | |
JP4950246B2 (ja) | 車両充電システム | |
US20130293349A1 (en) | User/vehicle-id for associating access rights and privileges | |
WO2012119305A1 (zh) | 用于在智能交通系统中进行收费认证的系统和方法 | |
CN110191415B (zh) | 一种车辆信息的加密方法、车载设备及服务器 | |
KR101565848B1 (ko) | 이동 단말기를 이용한 차량 제어 방법 및 장치 | |
KR20200128188A (ko) | 차량 액세스 제어 서비스 및 플랫폼 | |
CN112888607B (zh) | 辨识输送的乘客和货物的方法和设备 | |
JP2004227145A (ja) | 車両盗難防止システム、車両盗難防止方法およびプログラム | |
CN112785734B (zh) | 基于双向认证的电子不停车收费系统和方法 | |
US20210359845A1 (en) | Improved vehicle communication | |
KR20150079232A (ko) | 무선랜 장치 및 상기 무선랜 장치를 이용한 차량 인증 방법 | |
CN201984541U (zh) | 用于进行收费认证的系统、车载单元和认证标签 | |
JP7095321B2 (ja) | サーバ装置および配送システム | |
JP2012172325A (ja) | 車両のスマートキーシステム、スマートキーによる車両の操作方法およびプログラム | |
CN113442870A (zh) | 车载单元的停用方法、装置、存储介质及终端 | |
CN112652097B (zh) | 商用车远程防盗系统及其工作方法 | |
JP2005081995A (ja) | 車載端末装置及び車両の運行管理システム | |
JP2012041713A (ja) | 車両の遠隔制御システム及び遠隔制御方法 | |
JP5269408B2 (ja) | 盗用防止装置 | |
JP2004237814A (ja) | 電子ナンバープレート認識システム | |
JP6147984B2 (ja) | 電子キー登録システム | |
TW201933850A (zh) | 車載通信裝置及費用收取方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 11860692 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 11860692 Country of ref document: EP Kind code of ref document: A1 |