WO2022155803A1

WO2022155803A1 - Data encryption method, data transmission method, related apparatuses and device

Info

Publication number: WO2022155803A1
Application number: PCT/CN2021/072808
Authority: WO
Inventors: 耿峰; 李江琪; 李民; 李�泳
Original assignee: 华为技术有限公司
Priority date: 2021-01-20
Filing date: 2021-01-20
Publication date: 2022-07-28
Also published as: CN115088232A

Abstract

Provided are a data encryption method, a data transmission method, related apparatuses and a device, which are applicable to the technical field of communications. Data transmitted between a plurality of nodes is encrypted, thereby improving the security of data transmission between the plurality of nodes. The method comprises: firstly, acquiring vehicle service data of a target vehicle, and N data transmission nodes for transmitting the vehicle service data; then, encrypting (N-n)th encrypted vehicle service data by using a data transmission key of an nth data transmission node, so as to obtain (N-n+1)th encrypted vehicle service data, wherein the nth data transmission node is a data transmission node, the transmission order of which is the nth, among the N data transmission nodes, and zeroth encrypted vehicle service data is the vehicle service data; encrypting (N-1)th encrypted vehicle service data by using a data transmission key of a first data transmission node, so as to obtain Nth encrypted vehicle service data; and sending the Nth encrypted vehicle service data to the first data transmission node, wherein N ≥ 2, and N ≥ n ≥ 1.

Description

Data encryption method, data transmission method, related apparatus and equipment

technical field

The embodiments of the present application relate to the field of communication technologies, and in particular, to a data encryption method, a data transmission method, related apparatuses, and devices.

Background technique

In recent years, with the rapid development of Information and Communication Technology (ICT), the scale of personal data flow has also reached a new height. On the one hand, such a development trend makes it easier for individuals to ignore the possible data transmission violations when using systems and products and services. On the other hand, enterprises or organizations are also more difficult to evaluate and manage. Social impacts and potential risk consequences. Second, traditional cars lack data protection control systems because they are not connected to the Internet and are less associated with personal data. In addition, due to the communication architecture, traditional terminals and existing data protection control systems in the computer industry cannot be directly applied to automobiles. With the development of smart cars, there are more and more business scenarios where data needs to be uploaded from the car to the cloud. Therefore, the industry urgently needs a systematic method for car data control.

At present, a category label can be added to the user's vehicle service data to identify the category of the vehicle service data, and then the electronic control unit (Electronic control unit, ECU) runs a program that processes the vehicle service data. After processing the relevant data, the label carried in the data packet is detected at the data outlet to determine the type of vehicle service data sent by the program.

However, since only the data type of the vehicle service data needs to be judged by the ECU, and there is usually data transmission across multiple nodes in the smart car architecture, a method for controlling the data transmission of vehicle service data between multiple nodes is urgently needed.

SUMMARY OF THE INVENTION

Embodiments of the present application provide a method for data encryption, a method for data transmission, and related apparatuses and devices, which are used to encrypt data transmitted between multiple nodes and improve the security of data transmission between multiple nodes.

In a first aspect, the present application provides a method for data encryption, and the method is applied to a target vehicle. In the method, vehicle service data of the target vehicle is obtained first, and then N data transmission nodes that transmit the vehicle service data are obtained, Then, use the data transmission key of the nth data transmission node to encrypt the N-nth encrypted vehicle service data to obtain the N-n+1th encrypted vehicle service data, and the nth data transmission node is the nth transmission order of the N data transmission nodes. The data transmission node, the transmission order is the order in which the N data transmission nodes transmit the vehicle service data, the 0th encrypted vehicle service data is the vehicle service data, and the N-1th encrypted vehicle service data is encrypted using the data transmission key of the first data transmission node. The data is encrypted to obtain the Nth encrypted vehicle service data, and the Nth encrypted vehicle service data is sent to the first data transmission node, where N≥2 and N≥n≥1. It should be understood that the data transmission key described in this application may be symmetric or asymmetric, which is not specifically limited here.

In this embodiment, the data transmitted between multiple data transmission nodes is encrypted in sequence, the data transmission key corresponding to the data transmission node is used for each encryption, and each encryption is performed after the previous encryption. based on the obtained results, thereby improving the security of the vehicle service data, thereby improving the security of the data transmission of the vehicle service data among multiple data transmission nodes.

In a possible implementation, it is necessary to use the data transmission key of the nth data transmission node to encrypt the N-nth encrypted vehicle service data and the communication credential of the nth data transmission node to obtain the N-n+1th encrypted vehicle service data data, the communication credential of the nth data transmission node indicates the transmission conditions of the N-nth encrypted vehicle service data at the nth data transmission node.

In this embodiment, the communication credential of the data transmission node also needs to be encrypted, because the communication credential of the nth data transmission node indicates the transmission condition of the N-nth encrypted vehicle service data at the nth data transmission node, and the vehicle service data is The data transmission of the vehicle service data is performed only when the transmission conditions of the data transmission node are met, and the conditions for data transmission between multiple data transmission nodes are controlled according to the communication credentials, thereby improving the data transmission of vehicle service data among multiple nodes. security.

In a possible implementation, when n is equal to N, the nth data transmission node is a transmission node outside the vehicle, and the first data transmission node is a transmission node inside the vehicle.

In this embodiment, the encryption of the data transmitted between the transmission node inside the vehicle and the transmission node outside the vehicle is realized, so as to ensure that the vehicle service data transmitted to the transmission node outside the vehicle is encrypted, so as to improve the target value of the vehicle service data. Security of data transmission inside the vehicle and outside the target vehicle.

In a second aspect, the present application provides a method for data transmission, and the method is applied to a data transmission node. In this method, first, the data transmission node receives encrypted vehicle service data, and then obtains decrypted encrypted vehicle service data. The decrypted encrypted vehicle service data is obtained by decrypting the encrypted vehicle service data using the data transmission key of the data transmission node, and the decrypted encrypted vehicle service data is encrypted using the data transmission key of the next data transmission node. The encrypted vehicle service data obtained later, or the decrypted encrypted vehicle service data is the vehicle service data.

In this embodiment, since the received encrypted vehicle service data is obtained by sequentially encrypting the data transmitted between multiple data transmission nodes, the security of the encrypted vehicle service data is high, thereby improving the data Transmission security. Secondly, the decrypted encrypted vehicle service data can be the vehicle service data that provides the service, or the data that needs to be further decrypted. Therefore, at the next data transmission node, it is also necessary to use the data transmission key of the next data transmission node to decrypt The encrypted vehicle service data is decrypted, thereby further improving the security of data transmission.

In a possible implementation manner, the decrypted encrypted vehicle service data and the communication credential of the data transmission node are obtained, and the decrypted encrypted vehicle service data and the communication credential of the data transmission node are obtained by using the data transmission key of the data transmission node Obtained after decrypting the encrypted vehicle service data, the communication credential of the data transmission node indicates the transmission conditions of the decrypted encrypted vehicle service data in the data transmission node. When the transmission conditions of the decrypted encrypted vehicle service data in the data transmission node are satisfied, the data transmission node will send the decrypted encrypted vehicle service data to the next data transmission node.

In this embodiment, the decrypted encrypted vehicle service data is sent to the next data transmission node only when the transmission conditions of the decrypted encrypted vehicle service data in the data transmission node are satisfied, and the data transmission between the data transmission nodes is controlled according to the communication credential. conditions for data transmission between, thereby improving the security of data transmission.

In a possible implementation, when the data transmission node is a high computing power node, that is, when the data transmission node has the decryption capability required by the technical solution provided by the present application, the data transmission node needs to receive the data transmission key of the data transmission node , and decrypt the encrypted vehicle service data by using the data transmission key of the data transmission node, so as to obtain the decrypted encrypted vehicle service data and the communication certificate of the data transmission node.

In this embodiment, the encrypted vehicle service data is decrypted at the data transmission node using the data transmission key of the data transmission node, so that the decryption process can be performed directly at the data transmission node, and the efficiency of the decryption process is improved, thereby improving the data transmission efficiency.

In a possible implementation, when the data transmission node is a low computing power node, that is, the data transmission node does not have the decryption capability required by the technical solution provided by this application, the data transmission node needs to send encrypted vehicle service data to the decryption module , the decryption module decrypts the encrypted vehicle service data using the data transmission key of the data transmission node, and obtains the decrypted encrypted vehicle service data and the communication certificate of the data transmission node, and then the data transmission node receives the decrypted encrypted data sent by the decryption module. Vehicle service data and communication credentials for data transfer nodes.

In this embodiment, the data transmission node does not perform the decryption operation. By sending the encrypted vehicle service data to the decryption module, the decryption process is performed in the decryption module. By receiving the decrypted encrypted vehicle service data sent by the decryption module and the data of the data transmission node The communication credential is used to obtain the decryption result, thereby improving the feasibility of this scheme.

In a third aspect, a data encryption device is provided, and the data encryption device is applied to a target vehicle. The data encryption apparatus has some or all of the functions of implementing the first aspect and any possible implementation manner of the first aspect. For example, the function of the data encryption apparatus may have the function of independently implementing any one of the embodiments in this application. The functions can be implemented by hardware, or can be implemented by hardware executing corresponding software. The hardware or software includes one or more units or modules corresponding to the above functions.

In one embodiment, the data encryption device includes:

The acquisition module is used to acquire the vehicle service data of the target vehicle;

The acquisition module is also used to acquire N data transmission nodes that transmit vehicle service data, where N≥2;

The encryption module is used to encrypt the N-nth encrypted vehicle service data by using the data transmission key of the nth data transmission node to obtain the N-n+1th encrypted vehicle service data, wherein, N≥n≥1, the nth data transmission The node is the nth data transmission node in the transmission order among the N data transmission nodes, the transmission order is the order in which the N data transmission nodes transmit the vehicle service data, and the 0th encrypted vehicle service data is the vehicle service data;

A sending module, configured to send the Nth encrypted vehicle service data to the first data transmission node, wherein the Nth encrypted vehicle service data is encrypted by using the data transmission key of the first data transmission node to encrypt the N-1th encrypted vehicle service data owned.

In a possible implementation manner, the encryption module is specifically configured to use the data transmission key of the nth data transmission node to encrypt the N-nth encrypted vehicle service data and the communication credential of the nth data transmission node to obtain the N-nth data transmission node. +1 Encrypted vehicle service data, wherein the communication credential of the nth data transmission node indicates the transmission conditions of the N-nth encrypted vehicle service data at the nth data transmission node.

In a possible implementation manner, when n is equal to N, the nth data transmission node is an external transmission node of the vehicle;

The first data transfer node is a transfer node inside the vehicle.

In a fourth aspect, a data transmission device is provided, and the data transmission device is applied to a data transmission node. The data transmission apparatus has some or all of the functions of implementing the second aspect and any possible implementation manner of the second aspect. For example, the function of the data transmission apparatus may have the function of independently implementing any one of the embodiments in this application. The functions can be implemented by hardware, or can be implemented by hardware executing corresponding software. The hardware or software includes one or more units or modules corresponding to the above functions.

In one embodiment, the data transmission device includes:

A receiving module for receiving encrypted vehicle service data;

The obtaining module is used to obtain the decrypted encrypted vehicle service data, wherein the decrypted encrypted vehicle service data is obtained after decrypting the encrypted vehicle service data using the data transmission key of the data transmission node, and the decrypted encrypted vehicle service data is obtained. The data is encrypted using the data transmission key of the next data transmission node.

In a possible implementation manner, the data transmission apparatus further includes a sending module;

The obtaining module is specifically configured to obtain the decrypted encrypted vehicle service data and the communication certificate of the data transmission node, wherein the decrypted encrypted vehicle service data and the communication certificate of the data transmission node are encrypted using the data transmission key of the data transmission node. Obtained after the vehicle service data is decrypted, the communication credential of the data transmission node indicates the transmission conditions of the decrypted encrypted vehicle service data in the data transmission node;

The sending module is used to send the decrypted encrypted vehicle service data to the next data transmission node when the transmission condition of the decrypted encrypted vehicle service data in the data transmission node is satisfied after the obtaining module obtains the decrypted encrypted vehicle service data and the communication certificate of the data transmission node Decrypted encrypted vehicle service data.

In a possible implementation manner, the receiving module is further configured to receive the data transmission key of the data transmission node;

The obtaining module is specifically configured to decrypt the encrypted vehicle service data by using the data transmission key of the data transmission node, and obtain the decrypted encrypted vehicle service data and the communication certificate of the data transmission node.

In a possible implementation, an acquisition module is specifically configured to send encrypted vehicle service data to a decryption module;

Receive the decrypted encrypted vehicle service data and the communication credentials of the data transmission node sent by the decryption module.

In a fifth aspect, a data encryption device is provided, including a processor. The processor is coupled to the memory and can be used to execute instructions in the memory to implement the method in any one of the possible implementations of the first aspect above. Optionally, the data encryption apparatus further includes a memory. Optionally, the data encryption apparatus further includes a communication interface, the processor is coupled to the communication interface, and the communication interface is used for inputting and/or outputting information, and the information includes at least one of instructions and data.

In an implementation manner, the data encryption apparatus is a data processing device. When the data encryption device is a data processing device, the communication interface may be a transceiver, or an input/output interface.

Optionally, the transceiver may be a transceiver circuit. Optionally, the input/output interface may be an input/output circuit.

In another implementation manner, the data encryption device is a chip or a chip system configured in a data processing device. When the data encryption device is a chip or a chip system configured in a data processing device, the communication interface may be an input/output interface, an interface circuit, an output circuit, an input circuit, a pin or a related circuit. The processor may also be embodied as a processing circuit or a logic circuit.

In a sixth aspect, a data transmission device is provided, including a processor. The processor is coupled to the memory and can be used to execute instructions in the memory to implement the method in any of the possible implementations of the second aspect above. Optionally, the data transmission device further includes a memory. Optionally, the data transmission device further includes a communication interface, the processor is coupled to the communication interface, and the communication interface is used for inputting and/or outputting information, and the information includes at least one of instructions and data.

In an implementation manner, the data transmission apparatus is a data processing device. When the data transmission device is a data processing device, the communication interface may be a transceiver, or an input/output interface.

In another implementation manner, the data transmission apparatus is a chip or a chip system configured in a data processing device. When the data transmission device is a chip or a chip system configured in a data processing device, the communication interface may be an input/output interface, an interface circuit, an output circuit, an input circuit, a pin or a related circuit. The processor may also be embodied as a processing circuit or a logic circuit.

In a seventh aspect, a processor is provided, including: an input circuit, an output circuit, and a processing circuit. The processing circuit is configured to receive a signal through the input circuit and transmit a signal through the output circuit, so that the processor executes the method in any of the possible implementation manners of the first aspect, or executes the second A method in any of the possible implementations of an aspect.

In a specific implementation process, the above-mentioned processor may be a chip, the input circuit may be an input pin, the output circuit may be an output pin, and the processing circuit may be a transistor, a gate circuit, a flip-flop, and various logic circuits. The input signal received by the input circuit may be received and input by, for example, but not limited to, a receiver, the signal output by the output circuit may be, for example, but not limited to, output to and transmitted by a transmitter, and the input circuit and output The circuit can be the same circuit that acts as an input circuit and an output circuit at different times. The embodiments of the present application do not limit the specific implementation manners of the processor and various circuits.

In an eighth aspect, a data encryption device is provided, including a communication interface and a processor. The communication interface is coupled with the processor. The communication interface is used to input and/or output information. The information includes at least one of instructions and data. The processor is configured to execute a computer program, so that the data encryption apparatus executes the method in any of the possible implementations of the first aspect.

Optionally, there are one or more processors and one or more memories.

In a ninth aspect, a data transmission device is provided, including a communication interface and a processor. The communication interface is coupled with the processor. The communication interface is used to input and/or output information. The information includes at least one of instructions and data. The processor is configured to execute a computer program to cause the data encryption apparatus to perform the method in any of the possible implementations of the second aspect.

Optionally, there are one or more processors and one or more memories.

In a tenth aspect, a data encryption apparatus is provided, including a processor and a memory. The processor is configured to read instructions stored in the memory, and can receive signals through a receiver and transmit signals through a transmitter, so that the apparatus performs the method in any possible implementation manner of the first aspect.

Optionally, there are one or more processors and one or more memories.

Optionally, the memory may be integrated with the processor, or the memory may be provided separately from the processor.

In an eleventh aspect, a data transmission device is provided, including a processor and a memory. The processor is configured to read instructions stored in the memory, and can receive signals through a receiver and transmit signals through a transmitter, so that the apparatus performs the method in any possible implementation manner of the second aspect.

Optionally, there are one or more processors and one or more memories.

In the specific implementation process, the memory can be a non-transitory memory, such as a read only memory (ROM), which can be integrated with the processor on the same chip, or can be separately set in different On the chip, the embodiment of the present application does not limit the type of the memory and the setting manner of the memory and the processor.

It should be understood that the relevant information exchange process, for example, sending a message may be a process of outputting a message from the processor, and receiving a message may be a process of inputting a received message to the processor. Specifically, the information output by the processing can be output to the transmitter, and the input information received by the processor can be from the receiver. Among them, the transmitter and the receiver may be collectively referred to as a transceiver.

The data encryption device and the data transmission device in the above eighth to eleventh aspects may be chips, and the processor may be implemented by hardware or software. When implemented by hardware, the processor may be a logic circuit. , integrated circuit, etc.; when implemented by software, the processor may be a general-purpose processor, implemented by reading software codes stored in a memory, which may be integrated in the processor or located outside the processor , exist independently.

A twelfth aspect provides a computer program product, the computer program product comprising: a computer program (also referred to as code, or instructions), when the computer program is executed, causes the computer to execute the above-mentioned first aspect. The method in any one of the possible implementations, or the method in any one of the possible implementations of the second aspect above.

A thirteenth aspect provides a computer-readable storage medium, where the computer-readable storage medium stores a computer program (also referred to as code, or instruction), when it runs on a computer, causing the computer to execute the above-mentioned first The method in any one of the possible implementations of the aspect, or the method in any of the possible implementations of the second aspect above is performed.

In a fourteenth aspect, the present application provides a chip system, the chip system includes a processor and an interface, the interface is used to obtain a program or an instruction, and the processor is used to call the program or instruction to implement or support data processing The device implements the functions involved in the first aspect, or invokes the program or instructions to implement or support the data processing device to implement the functions involved in the second aspect.

In a possible design, the chip system further includes a memory for storing necessary program instructions and data of the data processing device. The chip system may be composed of chips, or may include chips and other discrete devices.

It should be noted that, the beneficial effects brought by the implementations of the third aspect to the fourteenth aspect of the present application can be understood with reference to the implementations of the first aspect and the second aspect, and thus are not repeated.

Description of drawings

1 is a schematic structural diagram of a system framework in an embodiment of the application;

2 is a schematic flowchart of a method for controlling vehicle service data transmission in an embodiment of the application;

3 is another schematic flowchart of a method for controlling vehicle service data transmission in an embodiment of the application;

4 is a schematic diagram of a data encryption device provided by an embodiment of the present application;

FIG. 5 is a schematic diagram of a data transmission apparatus according to an embodiment of the present application.

Detailed ways

The technical solutions provided by the present application are further described below with reference to the accompanying drawings and examples. It should be understood that the system structure and service scenarios provided in the embodiments of the present application are mainly to illustrate possible implementations of the technical solutions of the present application, and should not be construed as the only limitations on the technical solutions of the present application. Those of ordinary skill in the art know that with the evolution of the system structure and the emergence of new service scenarios, the technical solutions provided in this application are also applicable to similar technical problems.

The terms "first", "second", "third", "fourth", etc. (if any) in the description and claims of this application and the above-mentioned drawings are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It is to be understood that data so used may be interchanged under appropriate circumstances so that the embodiments described herein can be practiced in sequences other than those illustrated or described herein. In addition, the terms "comprising" and "having" and any variations thereof, are intended to cover non-exclusive inclusion, for example, a process, method, system, product or device comprising a series of steps or units is not necessarily limited to those expressly listed Rather, those steps or units may include other steps or units not expressly listed or inherent to these processes, methods, products or devices.

The technical solution provided in this application is suitable for the business scenario in which vehicle service data is transmitted from inside to outside the vehicle, and the propagation paths covering vehicle service data are usually the node where the vehicle service data is located, the in-vehicle data transmission node and the out-of-vehicle data transmission node , the node where the vehicle service data is located is the original data source of the vehicle service data that needs to be transmitted outside the vehicle, and the in-vehicle data transmission node is the node that the vehicle service data must pass through in the process of in-vehicle transmission, such as a telematics BOX (Telematics BOX). , T-BOX) or gateway (Gateway), etc., the off-vehicle data transmission node needs to transmit the vehicle service data to the cloud server for storage or processing. Before the vehicle service data reaches the target application, it needs to go through another data transmission node. The data transmission node is an off-vehicle data transmission node.

In actual business scenarios, the number of data transmission nodes needs to be flexibly determined according to requirements. And due to the mechanism requirements, the node where the data transmission node is located needs to have the capability of data encryption and decryption. The data transmission node can be used to locate the propagation path of the vehicle service data in the vehicle. When the number of data transmission nodes increases, the transmission path of the vehicle service data becomes more refined, and the number of encryption and decryption that the vehicle service data needs to go through will also increase accordingly. Therefore, in actual business scenarios, it is necessary to balance the path granularity and the performance consumption brought by encryption and decryption, and deploy the number of data transmission nodes. Secondly, in the technical solution provided in this application, controlling the transmission of vehicle service data from inside the vehicle to outside the vehicle cannot be applied to the scenario of uploading personal service data to the cloud server for processing inside the vehicle. However, as long as the communication object can allow protection in terms of performance The complete operation of the control mechanism, the technical solutions provided in this application are also applicable to the scenario where the vehicle service data interacts with the terminal equipment (such as smart phones, tablet computers, etc.) outside the vehicle through Bluetooth or other short-range communication methods. Do limit.

In order to better understand a method, related device, and device for controlling vehicle service data transmission disclosed in the embodiments of this application, the technical solutions in this application will be described below with reference to the accompanying drawings in this application. First, the system architecture of the data transmission protection system used in the embodiments of the present application is described. This application can be used for a data transmission protection system composed of a vehicle end and a cloud server. A data transmission control center is deployed at the vehicle end, and the data transmission control center is responsible for the data transmission control at the vehicle level, so that the data transmission control center can perform data transmission control. Data transmission related functions such as transmission notification and data transmission policy control. In addition, a data transmission node is also deployed at the vehicle end, which is responsible for receiving the data transmission policy configuration items issued by the data transmission control center, and at the same time, detects the vehicle service data flowing through the data transmission node. Secondly, the cloud server is also deployed with data transmission nodes, which are responsible for the data transmission management, control strategy and other functions of the overall IoV service. Further, the vehicle-side data transmission control center and the cloud server data transmission node can synchronize the data transmission strategy configuration, and the data transmission node deployed by the cloud server can also detect the passing vehicle service data. In addition to the data transmission protection system, there is also a key management system (Key Management System, KMS) and a unified identity authentication service (Identity and Access Management, IAM) as the security infrastructure to support the normal operation of the data protection process. KMS and IAM are used in this application. In this embodiment, it is used to jointly generate a data security identifier, that is, a data transmission key used to ensure confidentiality of vehicle service data during transmission. In addition, KMS and IAM can also be configured in combination with data transmission policies in this embodiment of the present application. Service data is marked for data transfer.

For ease of understanding, please refer to FIG. 1 , which is a schematic diagram of a system framework in an embodiment of the application. As shown in FIG. 1 , the data transmission technical facilities include a data transmission control center, an in-vehicle KMS, and an in-vehicle IAM. The data transmission control center configures the user data transmission communication strategy. The user data transmission communication strategy includes the data transmission nodes that can transmit vehicle service data and the data transmission sequence, and then sends the user data transmission communication strategy to the in-vehicle KMS and in-vehicle IAM. The in-vehicle KMS and in-vehicle IAM authorize the communication credentials corresponding to the vehicle service data according to the user data transmission communication strategy, and then the in-vehicle KMS and in-vehicle IAM transmit the communication strategy to the data deployed on the security network boundary network element according to the user data transmission communication strategy. The transmission node issues a key, which is used to verify the communication credentials corresponding to the vehicle service data. When the vehicle service data is authenticated by the in-vehicle KMS and the in-vehicle IAM, the vehicle service data is transmitted. In the process of vehicle service data transmission, the data transmission node performs real-time detection on the vehicle service data in the vehicle and on the network boundary outside the vehicle, and verifies the communication credentials corresponding to the vehicle service data. If the transmission conditions indicated by the communication credentials satisfy the user data By transmitting the transmission conditions indicated by the communication strategy, the vehicle service data corresponding to the communication credential can be transmitted, and the vehicle service data can be updated to the communication credential of the next data transmission node, thereby completing the transmission of the vehicle service data. It should be understood that in the process of vehicle service data transmission, the in-vehicle data transmission control center can also provide users with a visualization of vehicle service data transmission according to the transmission records (such as alarms or logs) of vehicle service data detected by the data transmission node. The interface is used for the user to further control and manage the transmission of vehicle service data based on this.

It should be understood that the data processing devices described in the technical solutions provided in this application can be ECUs, terminal devices, in-vehicle devices, Bluetooth and devices deployed in cloud servers, and the data sources can be ECUs, terminal devices, in-vehicle devices, etc., data transmission nodes It can be terminal equipment, in-vehicle equipment, Bluetooth and equipment deployed in cloud servers, etc. Secondly, since the data transmission node may be a low computing power node without decryption capability, or a high computing power node with decryption capability (having the decryption capability required by the technical solution provided by this application). Therefore, if it is a node with low computing power that does not have the decryption capability, when the vehicle service data needs to be decrypted, the vehicle service data needs to be sent to the decryption module (in the embodiment of this application, IAM or KMS is used as an example) for decryption operation, Then, the decryption module returns the decrypted vehicle service data to the data transmission node, and then determines whether the decrypted vehicle service data can continue to be transmitted. If it is a node with high computing power with decryption capability, the vehicle service data can be decrypted directly at the data transmission node. The following will introduce the cases where the data transmission node is a low computing power node or a high computing power node.

The following describes the case where the data transmission node is a high computing power node with decryption capability in the embodiment of the present application, please refer to FIG. 2 , and FIG. 2 is a schematic flowchart of the method for controlling the transmission of vehicle service data in the embodiment of the present application, as shown in FIG. 2 As shown, the step of controlling vehicle service data transmission includes:

S101. The data transmission control center determines N data transmission nodes for transmitting vehicle service data and the transmission sequence according to user requirements;

In this embodiment, in the user configuration stage, the user can configure the flow permission of the vehicle service data in the vehicle through the data transmission control center, that is, select N data transmission nodes that allow the vehicle service data to flow through, and N data transmission nodes The order in which the nodes transmit the vehicle service data, and the order in which the N data transmission nodes transmit the vehicle service data is the transmission order. For example, if the transmission sequence is that the first data transmission node is transmitted to the second data transmission node, and the second data transmission node is transmitted to the third data transmission node, then the vehicle service data will be transmitted from the first data transmission node to the second data transmission node based on the transmission order. The node to the third data transmission node transmits sequentially. Secondly, the data transmission control center will also send the relevant information of the N data transmission nodes to the IAM or KMS, as well as the transmission sequence to the data source.

Specifically, the Nth data transmission node is a transmission node outside the vehicle, and the first data transmission node indicated by the transmission sequence is a transmission node inside the vehicle.

Further, if the data transmission control center has the ability to summarize all the data related to the vehicle service in the vehicle and display it to the user through the central control screen menu or other means, then the user can transfer the N data transmission nodes of the vehicle service data as required. and the transmission order to configure.

It can be understood that the data transmission nodes and the transmission sequence exemplified in the embodiments of this application are all used to understand this solution, and the number of specific data transmission nodes and the specific transmission sequence need to be flexibly determined according to user needs and actual conditions, and should not be construed as The limitations of the embodiments of the present application.

S102, IAM or KMS generates data transmission keys of N data transmission nodes;

In this embodiment, the IAM or KMS receives the related information of the N data transmission nodes from the data transmission control center, and generates the data transmission keys of the N data transmission nodes based on the relevant information of the N data transmission nodes. The keys correspond one-to-one with the data transmission nodes. It should be understood that the data transmission key described in this application may be symmetric or asymmetric, which is not specifically limited here.

Exemplarily, taking N data transmission nodes including a first data transmission node, a second data transmission node and a third data transmission node as an example for description, then the IAM or KMS can generate the data transmission key of the first data transmission node, The data transmission key of the second data transmission node, and the data transmission key of the third data transmission node. It should be understood that only three data transmission nodes are described in the foregoing example. In practical applications, if the number of data transmission nodes that allow vehicle service data to flow through is determined, then the number of corresponding data transmission keys generated is the same, and the specific number is here Not limited.

Specifically, the generation method of the data transmission key set is determined by the KMS. For example, the key material preset in the KMS is used to generate the data transmission key of each data transmission node, or the data transmission key of each data transmission node can be randomly generated in real time. The data transmission key, so the specific generation method of the data transmission key set should not be construed as a limitation of this embodiment of the present application.

S103, the IAM or KMS sends the data transmission key to the corresponding data transmission node and sends the data transmission keys of the N data transmission nodes to the data source;

In this embodiment, the IAM or KMS sends the data transmission key generated in step S102 to the corresponding data transmission node, and sends the data transmission keys of the N data transmission nodes to the data source.

Exemplarily, taking N data transmission nodes including a first data transmission node, a second data transmission node and a third data transmission node as an example for description, then the data transmission key of the first data transmission node can be obtained through step S102, The data transmission key of the second data transmission node and the data transmission key of the third data transmission node, so the IAM or KMS needs to send the data transmission key of the first data transmission node to the first data transmission. Or the KMS needs to send the data transmission key of the second data transmission node to the second data transmission, and the third data transmission to send the data transmission key of the third data transmission node, and the data transmission key of the first data transmission node, The data transmission key of the second data transmission node and the data transmission key of the third data transmission node are sent to the data source. It should be understood that the foregoing example only describes sending the corresponding data transmission keys to three data transmission nodes. In practical applications, if the number of data transmission nodes through which the vehicle service data is allowed to flow is determined, then the corresponding data transmission keys that need to be sent are determined. The number of keys is the same, so the number of corresponding data transmission keys to be sent is not limited here.

S104, IAM or KMS generates communication credentials of N data transmission nodes;

In this embodiment, the IAM or KMS receives the relevant information of the N data transmission nodes from the data transmission control center, and can also generate the communication credentials of the N data transmission nodes based on the relevant information of the N data transmission nodes, and the communication credential is the same as that of the N data transmission nodes. The data transmission nodes are in one-to-one correspondence, and each communication credential indicates the transmission conditions of the decrypted encrypted vehicle service data at the data transmission node.

Exemplarily, the data transmission node set includes a first data transmission node, a second data transmission node and a third data transmission node as an example for description. If the communication certificate of the first data transmission node indicates that the transmission is performed between 14:00 and 15:00, that is, the transmission condition of the first data transmission node is that the decrypted encrypted vehicle service data needs to be between 14:00 and 15:00. For transmission, if the decrypted encrypted vehicle service data is between 14:00 and 15:00, the first data transmission node sends the decrypted encrypted vehicle service data to the next data transmission node. Data is not transmitted between 14:00 and 15:00. Secondly, if the communication certificate of the second data transmission node indicates that the data is less than 10 megabytes (M) for transmission, that is, the transmission condition of the second data transmission node is that the size of the decrypted encrypted vehicle service data needs to be less than 10 M. If the vehicle service data is less than 10M, the second data transmission node sends the decrypted vehicle service data to the next data transmission node. If the decrypted encrypted vehicle service data is greater than or equal to 10M, data transmission is not performed. It should be understood that the foregoing examples are only used to understand this solution, and the specific communication credentials of each data transmission node are not limited herein.

It can be understood that step S102 and step S104 have no time sequence limitation, so the sequence numbers of step S102 and step S104 should not be construed as a limitation of this embodiment of the present application. The execution order is not specifically limited here.

S105, the IAM or KMS sends the communication credentials of the N data transmission nodes to the data source;

In this embodiment, the IAM or KMS sends the communication credentials of the N data transmission nodes obtained in step S104 to the data source.

In the following steps, N data transmission nodes include a first data transmission node, a second data transmission node and a third data transmission node, and the transmission sequence is that the first data transmission node transmits to the second data transmission node, and the second data transmission node transmits The third data transmission node is described as an example, and it should be understood that the number of specific data transmission nodes and the specific transmission sequence should not be construed as a limitation of the present application.

S106, the data source encrypts the vehicle service data and the communication credential of the third data transmission node by using the data transmission key of the third data transmission node to obtain the first encrypted vehicle service data;

In this embodiment, before each encryption of the data source, it is necessary to ensure that the payload of the message carries the communication credential of the data transmission node. After the data source obtains the data transmission keys of the N data transmission nodes in step S103 and the communication credentials of the N data transmission nodes obtained in step S105 and sends them to the data source, the data source needs to first obtain the data transmission keys from the N data transmission nodes. The data transmission key of the third data transmission node determines the data transmission key of the third data transmission node, and then obtains the communication credential of the third data transmission node from the communication credential of the N data transmission nodes. Thus, the data source encrypts the vehicle service data and the communication credential of the third data transmission node through the data transmission key of the third data transmission node to obtain the first encrypted vehicle service data.

S107, the data source encrypts the first encrypted vehicle service data and the communication credential of the second data transmission node by using the data transmission key of the second data transmission node to obtain the second encrypted vehicle service data;

In this embodiment, after the data source obtains the first encrypted vehicle service data through step S106, it needs to determine the data transmission key of the second data transmission node from the data transmission keys of the N data transmission nodes, and then use the data transmission keys of the N data transmission nodes to determine the data transmission key of the second data transmission node. The node's communication credential acquires the communication credential of the second data transfer node. Thus, the data source encrypts the first encrypted vehicle service data and the communication credential of the second data transmission node by using the data transmission key of the second data transmission node to obtain the second encrypted vehicle service data.

S108, the data source encrypts the second encrypted vehicle service data and the communication credential of the first data transmission node by using the data transmission key of the first data transmission node to obtain third encrypted vehicle service data;

In this embodiment, after the data source obtains the second encrypted vehicle service data through step S107, it needs to further determine the data transmission key of the first data transmission node from the data transmission keys of the N data transmission nodes, and then determine the data transmission key of the first data transmission node from the data transmission keys of the N data transmission nodes. The communication credential of the transmission node acquires the communication credential of the first data transmission node. Thus, the data source encrypts the second encrypted vehicle service data and the communication credential of the first data transmission node through the data transmission key of the first data transmission node to obtain the third encrypted vehicle service data. At this time, the encryption operation of the vehicle service data is completed, and thus the third encrypted vehicle service data obtained after encryption can be encrypted.

S109. The first data transmission node receives the third encrypted vehicle service number sent by the data source;

In this embodiment, the first data transmission node receives the third encrypted vehicle service data sent by the data source.

S110. The first data transmission node decrypts the third encrypted vehicle service data by using the data transmission key of the first data transmission node to obtain the second encrypted vehicle service data and the communication credential of the first data transmission node;

In this embodiment, after the third encrypted vehicle service data is received by the first data transmission node, the third encrypted vehicle service data needs to be decrypted by the data transmission key of the first data transmission node to obtain the second encrypted vehicle service data and a communication credential of the first data transmission node, the communication credential of the first data transmission node indicating the transmission conditions of the second encrypted vehicle service data at the first data transmission node.

S111. When the transmission condition of the second encrypted vehicle service data on the first data transmission node is satisfied, the first data transmission node sends the second encrypted vehicle service data to the second data transmission node;

In this embodiment, the first data transmission node determines whether the transmission condition of the second encrypted vehicle service data at the first data transmission node is satisfied, and when the transmission condition of the second encrypted vehicle service data at the first data transmission node is satisfied, the The second data transfer node transmits the second encrypted vehicle service data. When the transmission condition of the second encrypted vehicle service data at the first data transmission node is not satisfied, the second encrypted vehicle service data is not further transmitted, thereby improving the security of data transmission.

Exemplarily, if the communication credential of the first data transmission node indicates that transmission is performed between 14:00 and 15:00, that is, the transmission condition of the first data transmission node is that the second encrypted vehicle service data needs to be transmitted between 14:00 and 15:00: 00, when the first data transmission node decrypts the third encrypted vehicle service data to obtain the second encrypted vehicle service data, and obtains the second encrypted vehicle service data between 14:00 and 15:00, and According to the transmission sequence, it can be known that the next data transmission node is the second data transmission node, so the first data transmission node sends the second encrypted vehicle service data to the second data transmission node. Secondly, when the time when the first data transmission node decrypts the third encrypted vehicle service data to obtain the second encrypted vehicle service data is 11:30, the transmission condition of the second encrypted vehicle service data in the first data transmission node is not satisfied, The second encrypted vehicle service data needs to be intercepted without further transmission of the second encrypted vehicle service data.

It should be understood that the foregoing examples are only used to understand this solution, and data transmission needs to be flexibly determined according to the actual situation of specific transmission conditions.

S112, the second data transmission node decrypts the second encrypted vehicle service data by using the data transmission key of the second data transmission node to obtain the first encrypted vehicle service data and the communication credential of the second data transmission node;

In this embodiment, after the transmission condition of the second encrypted vehicle service data at the first data transmission node is satisfied, the second data transmission node may receive the second encrypted vehicle service data sent by the first data transmission node, and then pass the second encrypted vehicle service data through the second data transmission node. The data transmission key of the data transmission node decrypts the second encrypted vehicle service data to obtain the first encrypted vehicle service data and the communication credential of the second data transmission node, the communication credential of the second data transmission node indicating the first encrypted vehicle The transmission condition of the service data at the second data transmission node.

S113. When the transmission condition of the first encrypted vehicle service data on the second data transmission node is satisfied, the second data transmission node sends the first encrypted vehicle service data to the third data transmission node;

In this embodiment, the second data transmission node determines whether the transmission condition of the first encrypted vehicle service data at the second data transmission node is satisfied, and when the transmission condition of the first encrypted vehicle service data at the second data transmission node is satisfied, the The third data transfer node transmits the first encrypted vehicle service data. However, when the transmission condition of the first encrypted vehicle service data at the second data transmission node is not satisfied, the first encrypted vehicle service data is not further transmitted, thereby improving the security of data transmission.

Exemplarily, if the communication credentials of the second data transmission node indicate that the data is less than 10 megabytes (M) for transmission, that is, the transmission condition of the second data transmission node is that the size of the first encrypted vehicle service data needs to be less than 10 M, and when the second data When the transmission node decrypts the second encrypted vehicle service data and obtains that the size of the first encrypted vehicle service data is 8M, it is determined that the transmission conditions of the first encrypted vehicle service data in the second data transmission node are satisfied, and the next data can be known according to the transmission order. The transmission node is the third data transmission node, so the second data transmission node sends the first encrypted vehicle service data to the third data transmission node. Secondly, when the second data transmission node decrypts the second encrypted vehicle service data and obtains that the size of the first encrypted vehicle service data is 16M, the transmission conditions of the first encrypted vehicle service data in the second data transmission node are not satisfied, and the The second encrypted vehicle service data is intercepted without further transmission of the second encrypted vehicle service data.

S114, the third data transmission node decrypts the first encrypted vehicle service data by using the data transmission key of the third data transmission node to obtain the vehicle service data and the communication credential of the third data transmission node;

In this embodiment, after the transmission condition of the first encrypted vehicle service data at the second data transmission node is satisfied, the third data transmission node may receive the first encrypted vehicle service data sent by the second data transmission node, and then pass the third data transmission node through the third data transmission node. The data transmission key of the data transmission node decrypts the first encrypted vehicle service data to obtain the vehicle service data and the communication credential of the third data transmission node, the communication credential of the third data transmission node indicating that the vehicle service data is in the third data transmission node. The transport condition of the transport node.

S115. When the transmission condition of the vehicle service data at the third data transmission node is satisfied, the third data transmission node sends the vehicle service data to the next data transmission node.

In this embodiment, the third data transmission node judges whether the transmission condition of the vehicle service data in the third data transmission node is satisfied, and when the transmission condition of the vehicle service data in the third data transmission node is satisfied, it sends to the next data transmission node Vehicle service data. However, when the transmission conditions of the vehicle service data at the third data transmission node are not satisfied, the vehicle service data is not further transmitted or processed, thereby improving the security of data transmission.

Specifically, because the third data transmission node is a node deployed on the cloud server. When the architecture of the cloud server includes multiple modules, the third data transmission node of the cloud server can be used as a screening threshold for vehicle service data to enter the cloud server in practical applications, and the actual transmission destination may be a deeper module in the cloud server. , so the third data transmission node needs to transmit vehicle service data to a deeper module in the cloud server, so the next data transmission node can be a deeper module in the cloud server. Secondly, when the architecture of the cloud server is only a single module, that is, when the vehicle service data transmission destination is the third data transmission node itself, when the third data transmission node determines to satisfy the transmission conditions indicated by the communication credentials of the third data transmission node , the vehicle service data service can be provided for the target vehicle directly based on the vehicle service data. In this embodiment of the present application, the above two scenarios may be implemented, but in a cross-domain scenario, when a new domain is reached (for example, data is transmitted from a vehicle to a cloud server, the cloud server is a new domain), the At least one data transmission node is set in the new domain for judging the transmission conditions indicated by the communication credentials of the data transmission node, thereby improving the reliability and security of data transmission.

Exemplarily, if the transmission condition of the vehicle service data at the third data transmission node is that the vehicle service data is allowed to be sent to 192.168.1.1, that is, the transmission condition of the third data transmission node is that the vehicle service data can be sent to 192.168.1.1, when When the third data transmission node decrypts the first encrypted vehicle service data to obtain the vehicle service data, and the address of the next data transmission node is "192.168.1.1", the transmission conditions of the vehicle service data in the third data transmission node are satisfied, based on The data transmission sequence transmits the vehicle service data to the next data transmission node (ie, the data transmission node whose address is "192.168.1.1"). Secondly, when the third data transmission node decrypts the first encrypted vehicle service data to obtain the vehicle service data, and the address of the next data transmission node is "192.167.1.0", it is not satisfied that the vehicle service data is in the third data transmission node. The transmission conditions require that the vehicle service data be intercepted, the vehicle service data not be further transmitted, or the service of the vehicle service data not to be provided.

The following describes the case where the data transmission node is a low computing power node without decryption capability in the embodiment of the present application. Please refer to FIG. 3 , which is another schematic flowchart of the method for controlling the transmission of vehicle service data in the embodiment of the present application. As shown in FIG. 3, the steps of controlling vehicle service data transmission include:

S201, the data transmission control center determines N data transmission nodes for transmitting vehicle service data and the transmission sequence according to user requirements;

In this embodiment, the specific manner in which the data transmission control center determines the N data transmission nodes for transmitting vehicle service data and the transmission sequence according to the user's requirements is similar to step S101 , and details are not repeated here.

S202, IAM or KMS generates data transmission keys of N data transmission nodes;

In this embodiment, the specific manner in which the IAM or the KMS generates the data transmission keys of the N data transmission nodes is similar to step S102, and details are not described herein again.

S203, the IAM or KMS sends the data transmission keys of the N data transmission nodes to the data source;

In this embodiment, since the data transmission node is a low computing power node without decryption capability, the data transmission node cannot decrypt the encrypted data, so the IAM or KMS only needs to convert the data of the N data transmission nodes generated in step S202. The data transfer key is sent to the data source.

S204, IAM or KMS generates communication credentials of N data transmission nodes;

In this embodiment, the specific manner in which the IAM or the KMS generates the communication credentials of the N data transmission nodes is similar to step S104, and details are not described herein again.

It can be understood that step S202 and step S204 have no timing limitation, so the sequence numbers of step S202 and step S204 should not be construed as a limitation of this embodiment of the present application. The execution order is not specifically limited here.

S205, the IAM or KMS sends the communication credentials of the N data transmission nodes to the data source;

In this embodiment, the specific manner in which the IAM or KMS sends the communication credentials of the N data transmission nodes generated in step S204 to the data source is similar to that in step S105, and details are not repeated here.

Similar to the embodiment shown in FIG. 2 , in the following steps, N data transmission nodes include a first data transmission node, a second data transmission node and a third data transmission node, and the transmission sequence is that the first data transmission node transmits to the second data transmission node. The transmission node, the transmission of the second data transmission node to the third data transmission node is described as an example, and it should be understood that the specific number of data transmission nodes and the specific transmission order should not be construed as limitations of this application.

S206, the data source encrypts the vehicle service data and the communication credential of the third data transmission node by using the data transmission key of the third data transmission node to obtain the first encrypted vehicle service data;

In this embodiment, the data source encrypts the vehicle service data and the communication credential of the third data transmission node by using the data transmission key of the third data transmission node, and the specific method of obtaining the first encrypted vehicle service data is similar to step S106. This will not be repeated here.

S207, the data source encrypts the first encrypted vehicle service data and the communication credential of the second data transmission node by using the data transmission key of the second data transmission node to obtain the second encrypted vehicle service data;

In this embodiment, the data source encrypts the first encrypted vehicle service data and the communication credential of the second data transmission node through the data transmission key of the second data transmission node, and the specific method of obtaining the second encrypted vehicle service data and step S107 similar, and will not be repeated here.

S208, the data source encrypts the second encrypted vehicle service data and the communication credential of the first data transmission node by using the data transmission key of the first data transmission node to obtain third encrypted vehicle service data;

In this embodiment, the data source encrypts the second encrypted vehicle service data and the communication credential of the first data transmission node by using the data transmission key of the first data transmission node to obtain the specific method and steps of the third encrypted vehicle service data S108 is similar and will not be repeated here.

S209, the first data transmission node receives the third encrypted vehicle service data sent by the data source, and sends the third encrypted vehicle service data to the IAM or KMS;

In this embodiment, the first data transmission node receives the third encrypted vehicle service data sent by the data source. Since the data transmission node is a low-computing node without decryption capability, the first data transmission node needs to send the third encrypted vehicle service data to the IAM or KMS. The third encrypts the vehicle service data.

S210, the IAM or KMS decrypts the third encrypted vehicle service data through the data transmission key of the first data transmission node to obtain the second encrypted vehicle service data and the communication credential of the first data transmission node;

In this embodiment, after receiving the third encrypted vehicle service data sent by the first data transmission node, the IAM or KMS decrypts the third encrypted vehicle service data by using the data transmission key of the first data transmission node to obtain the second encrypted vehicle service data. The specific manner of encrypting the vehicle service data and the communication credential of the first data transmission node is similar to the decryption method of the first data transmission node in step S110, and details are not repeated here.

Further, after the IAM or KMS obtains the second encrypted vehicle service data and the communication credential of the first data transmission node, it is also necessary to send the second encrypted vehicle service data and the communication credential of the first data transmission node to the first data transmission node. , the communication credential of the first data transmission node indicates the transmission condition of the second encrypted vehicle service data at the first data transmission node.

S211. When the transmission condition of the second encrypted vehicle service data on the first data transmission node is satisfied, the first data transmission node sends the second encrypted vehicle service data to the second data transmission node;

In this embodiment, after receiving the second encrypted vehicle service data sent by the IAM or KMS in step S210 and the communication credential of the first data transmission node, the first data transmission node determines the second data transmission node through the communication credential of the first data transmission node. The transmission conditions of the encrypted vehicle service data at the first data transmission node are determined, and whether the transmission conditions of the second encrypted vehicle service data at the first data transmission node are satisfied, and if the transmission conditions of the second encrypted vehicle service data at the first data transmission node are satisfied When conditions are met, the second encrypted vehicle service data is sent to the second data transmission node. When the transmission condition of the second encrypted vehicle service data at the first data transmission node is not satisfied, the second encrypted vehicle service data is not further transmitted, thereby improving the security of data transmission.

The first data transmission node determines that the transmission conditions of the second encrypted vehicle service data in the first data transmission node are satisfied, and the specific method of sending the second encrypted vehicle service data to the second data transmission node is similar to step S111, and details are not repeated here. .

S212, the second data transmission node receives the second encrypted vehicle service data sent by the first data transmission node, and sends the second encrypted vehicle service data to the IAM or KMS;

In this embodiment, the second data transmission node receives the second encrypted vehicle service data sent by the first data transmission node. Since the data transmission node is a low computing power node without decryption capability, the second data transmission node needs to report to the IAM or The KMS sends the second encrypted vehicle service data.

S213, the IAM or KMS decrypts the second encrypted vehicle service data through the data transmission key of the second data transmission node to obtain the first encrypted vehicle service data and the communication credential of the second data transmission node;

In this embodiment, after receiving the second encrypted vehicle service data sent by the second data transmission node, the IAM or KMS decrypts the second encrypted vehicle service data by using the data transmission key of the second data transmission node to obtain the first encrypted vehicle service data. The specific manner of encrypting the vehicle service data and the communication credential of the second data transmission node is similar to the decryption method of the second data transmission node in step S112, and details are not repeated here.

Further, after the IAM or KMS obtains the first encrypted vehicle service data and the communication credential of the second data transmission node, it is also necessary to send the first encrypted vehicle service data and the communication credential of the second data transmission node to the second data transmission node. , the communication credentials of the second data transmission node indicate the transmission conditions of the first encrypted vehicle service data at the second data transmission node.

S214. When the transmission condition of the first encrypted vehicle service data on the second data transmission node is satisfied, the second data transmission node sends the first encrypted vehicle service data to the third data transmission node;

In this embodiment, after receiving the first encrypted vehicle service data sent by the IAM or KMS in step S213 and the communication credential of the second data transmission node, the second data transmission node determines the first data transmission node through the communication credential of the second data transmission node. Encrypt the transmission conditions of the vehicle service data at the second data transmission node, and determine whether the transmission conditions of the first encrypted vehicle service data at the second data transmission node are satisfied, and if the transmission conditions of the first encrypted vehicle service data at the second data transmission node are satisfied In transmission conditions, the first encrypted vehicle service data is transmitted to the third data transmission node.

The second data transmission node determines that the transmission condition of the first encrypted vehicle service data in the second data transmission node is satisfied, and the specific manner in which the third data transmission node sends the first encrypted vehicle service data is similar to step S113, and will not be repeated here.

S215. The third data transmission node receives the first encrypted vehicle service data sent by the second data transmission node, and sends the first encrypted vehicle service data to the IAM or KMS;

In this embodiment, the third data transmission node receives the first encrypted vehicle service data sent by the second data transmission node. Since the data transmission node is a low computing power node without decryption capability, the second data transmission node needs to report to the IAM or The KMS sends the first encrypted vehicle service data.

S216, the IAM or KMS decrypts the first encrypted vehicle service data through the data transmission key of the third data transmission node to obtain the vehicle service data and the communication credential of the third data transmission node;

In this embodiment, after receiving the first encrypted vehicle service data sent by the third data transmission node, the IAM or KMS decrypts the first encrypted vehicle service data by using the data transmission key of the third data transmission node to obtain the vehicle service data The specific manner of the data and the communication credential of the third data transfer node is similar to the decryption method of the third data transfer node in step S114, and details are not repeated here.

Further, after the IAM or KMS obtains the vehicle service data and the communication credential of the third data transmission node, it is also necessary to send the vehicle service data and the communication credential of the third data transmission node to the third data transmission node, and the third data transmission The node's communication credentials indicate the transmission conditions of the vehicle service data at the third data transmission node.

S217: When the transmission condition of the vehicle service data at the third data transmission node is satisfied, the third data transmission node sends the vehicle service data to the next data transmission node.

In this embodiment, the third data transmission node receives the vehicle service data sent by the IAM or KMS in step S216 and the communication credential of the third data transmission node, and determines that the vehicle service data is in the third data transmission node according to the communication credential of the third data transmission node. The transmission conditions of the data transmission node, and determine whether the transmission conditions of the vehicle service data in the third data transmission node are satisfied, and when the transmission conditions of the vehicle service data in the third data transmission node are satisfied, send the vehicle service to the next data transmission node. data. However, when the transmission conditions of the vehicle service data at the third data transmission node are not satisfied, the vehicle service data is not further transmitted or processed, thereby improving the security of data transmission.

Specifically, because the third data transmission node is a node deployed on the cloud server. The architecture of the cloud server may include multiple modules or a single module. When the architecture of the cloud server is different, the third data transmission node transmits the vehicle service data in different ways and for different purposes. The specific transmission method of the vehicle service data is similar to step S115. This will not be repeated here.

The solutions provided by the embodiments of the present application are described above mainly from the perspective of methods. It can be understood that, in order to implement the above-mentioned functions, the data encryption device and the data transmission device include corresponding hardware structures and/or software modules for performing each function. Those skilled in the art should easily realize that the present application can be implemented in hardware or in the form of a combination of hardware and computer software. Whether a function is performed by hardware or computer software driving hardware depends on the specific application and design constraints of the technical solution. Skilled artisans may implement the described functionality using different methods for each particular application, but such implementations should not be considered beyond the scope of this application.

In this embodiment of the present application, the data encryption device and the data transmission device may be divided into functional modules based on the foregoing method examples. For example, each functional module may be divided corresponding to each function, or two or more functions may be integrated into one processing module. middle. The above-mentioned integrated modules can be implemented in the form of hardware, and can also be implemented in the form of software function modules. It should be noted that, the division of modules in the embodiments of the present application is schematic, and is only a logical function division, and there may be other division manners in actual implementation.

The data encryption device in the present application will be described in detail below. Please refer to FIG. 4 , which is a schematic diagram of a data encryption device provided by an embodiment of the present application. As shown in FIG. 4 , the data encryption device 400 includes:

an acquisition module 401, configured to acquire vehicle service data of the target vehicle;

The acquiring module 401 is further configured to acquire N data transmission nodes that transmit vehicle service data, where N≥2;

An encryption module 402, configured to encrypt the N-nth encrypted vehicle service data using the data transmission key of the nth data transmission node to obtain the N-n+1th encrypted vehicle service data, wherein N≥n≥1, the nth data The transmission node is the nth data transmission node in the transmission order among the N data transmission nodes, the transmission order is the order in which the N data transmission nodes transmit the vehicle service data, and the 0th encrypted vehicle service data is the vehicle service data;

The sending module 403 is configured to send the Nth encrypted vehicle service data to the first data transmission node, wherein the Nth encrypted vehicle service data is performed by using the data transmission key of the first data transmission node on the N-1th encrypted vehicle service data. encrypted.

In an optional implementation manner, based on the embodiment corresponding to FIG. 4 above, in another embodiment of the data encryption device 400 provided by the embodiment of the present application, the encryption module 402 is specifically configured to use the nth data The data transmission key of the transmission node encrypts the N-nth encrypted vehicle service data and the communication credential of the nth data transmission node to obtain the N-n+1th encrypted vehicle service data, wherein the communication credential of the nth data transmission node indicates the th The transmission condition of N-n encrypted vehicle service data at the nth data transmission node.

In an optional implementation manner, based on the embodiment corresponding to FIG. 4 above, in another embodiment of the data encryption apparatus 400 provided by the embodiment of the present application, when n is equal to N, the nth data transmission node It is an external transmission node for the vehicle;

The first data transfer node is a transfer node inside the vehicle.

The data transmission device in the present application will be described in detail below. Please refer to FIG. 5. FIG. 5 is a schematic diagram of a data transmission device provided by an embodiment of the present application. As shown in FIG. 5, the data transmission device 500 includes:

a receiving module 501, configured to receive encrypted vehicle service data;

The obtaining module 502 is configured to obtain the decrypted encrypted vehicle service data, wherein the decrypted encrypted vehicle service data is obtained by decrypting the encrypted vehicle service data using the data transmission key of the data transmission node, and the decrypted encrypted vehicle service data is obtained by decrypting the encrypted vehicle service data. The service data is encrypted using the data transmission key of the next data transmission node.

In an optional implementation manner, on the basis of the embodiment corresponding to FIG. 5 above, the data transmission apparatus 500 further includes a sending module 503;

The obtaining module 502 is specifically configured to obtain the decrypted encrypted vehicle service data and the communication credential of the data transmission node, wherein the decrypted encrypted vehicle service data and the communication credential of the data transmission node are the data transmission key pair using the data transmission node Obtained after the encrypted vehicle service data is decrypted, the communication credentials of the data transmission node indicate the transmission conditions of the decrypted encrypted vehicle service data in the data transmission node;

The sending module is configured to, after the obtaining module 502 obtains the decrypted encrypted vehicle service data and the communication credential of the data transmission node, when the transmission conditions of the decrypted encrypted vehicle service data at the data transmission node are satisfied, send the data to the next data transmission node. Send decrypted encrypted vehicle service data.

In an optional implementation manner, based on the embodiment corresponding to FIG. 5 above, in another embodiment of the data transmission apparatus 500 provided by the embodiment of the present application, the receiving module 501 is further configured to receive a data transmission node the data transfer key;

The obtaining module 502 is specifically configured to decrypt the encrypted vehicle service data by using the data transmission key of the data transmission node, and obtain the decrypted encrypted vehicle service data and the communication certificate of the data transmission node.

In an optional implementation manner, based on the embodiment corresponding to FIG. 5 above, in another embodiment of the data transmission apparatus 500 provided by the embodiment of the present application, the obtaining module 502 is specifically configured to send the data to the decryption module. Encrypt vehicle service data;

In an optional implementation manner, on the basis of the embodiment corresponding to FIG. 5 above, in another embodiment of the data transmission apparatus 500 provided by the embodiment of the present application, the decrypted encrypted vehicle service data is obtained using the next It is obtained by encrypting the data transmission key of the data transmission node.

The present application further provides a data encryption apparatus, including at least one processor, and the at least one processor is configured to execute a computer program stored in a memory, so that the data encryption apparatus executes the data encryption control in any of the foregoing method embodiments The method performed by the center, data source, IAM or KMS.

It should be understood that the above data encryption device may be one or more chips. For example, the data encryption device may be a field programmable gate array (FPGA), an application specific integrated circuit (ASIC), a system on chip (SoC), or a system on chip (SoC). It can be a central processing unit (CPU), a network processor (NP), a digital signal processing circuit (DSP), or a microcontroller (microcontroller). unit, MCU), it can also be a programmable logic device (PLD) or other integrated chips.

The present application further provides a data transmission apparatus, comprising at least one processor, and the at least one processor is configured to execute a computer program stored in a memory, so that the data transmission apparatus executes the data source in any of the above method embodiments, IAM or KMS, a method performed by a first data transfer node, a second data transfer node, and a third data transfer node.

It should be understood that the above data transmission device may be one or more chips. For example, the data transmission device may be FPGA, ASIC, SoC, CPU, NP, DSP, MCU, PLD or other integrated chips.

The embodiments of the present application also provide a data encryption device, which includes a processor and a communication interface. The communication interface is coupled with the processor. The communication interface is used to input and/or output information. The information includes at least one of instructions and data. The processor is configured to execute a computer program, so that the data encryption apparatus executes the method executed by the data encryption control center, data source, IAM or KMS in any of the above method embodiments.

The embodiments of the present application also provide a data transmission device, which includes a processor and a communication interface. The communication interface is coupled with the processor. The communication interface is used to input and/or output information. The information includes at least one of instructions and data. The processor is configured to execute a computer program, so that the data transmission apparatus executes the data source, IAM or KMS, the first data transmission node, the second data transmission node and the third data transmission node in any of the above method embodiments. Methods.

The embodiments of the present application also provide a data encryption device, which includes a processor and a memory. The memory is used to store a computer program, and the processor is used to call and run the computer program from the memory, so that the data encryption device executes the data encryption control center, data source, IAM in any of the above method embodiments. or the method performed by the KMS.

Embodiments of the present application also provide a data transmission device, including a processor and a memory. The memory is used to store a computer program, and the processor is used to call and run the computer program from the memory, so that the data transmission apparatus executes the data source in any of the above method embodiments, IAM or KMS, the first A method performed by a data transfer node, a second data transfer node, and a third data transfer node.

In the implementation process, each step of the above-mentioned method can be completed by a hardware integrated logic circuit in a processor or an instruction in the form of software. The steps of the methods disclosed in conjunction with the embodiments of the present application may be directly embodied as executed by a hardware processor, or executed by a combination of hardware and software modules in the processor. The software modules may be located in random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, registers and other storage media mature in the art. The storage medium is located in the memory, and the processor reads the information in the memory, and completes the steps of the above method in combination with its hardware. To avoid repetition, detailed description is omitted here.

It should be noted that the processor in this embodiment of the present application may be an integrated circuit chip, which has a signal processing capability. In the implementation process, each step of the above method embodiments may be completed by a hardware integrated logic circuit in a processor or an instruction in the form of software. The aforementioned processors may be general purpose processors, digital signal processors (DSPs), application specific integrated circuits (ASICs), field programmable gate arrays (FPGAs) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components . The methods, steps, and logic block diagrams disclosed in the embodiments of this application can be implemented or executed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in conjunction with the embodiments of the present application may be directly embodied as executed by a hardware decoding processor, or executed by a combination of hardware and software modules in the decoding processor. The software modules may be located in random access memory, flash memory, read-only memory, programmable read-only memory or electrically erasable programmable memory, registers and other storage media mature in the art. The storage medium is located in the memory, and the processor reads the information in the memory, and completes the steps of the above method in combination with its hardware.

It can be understood that the memory in this embodiment of the present application may be a volatile memory or a non-volatile memory, or may include both volatile and non-volatile memory. The non-volatile memory may be read-only memory (ROM), programmable read-only memory (PROM), erasable programmable read-only memory (EPROM), electrically programmable Erase programmable read-only memory (electrically EPROM, EEPROM) or flash memory. Volatile memory may be random access memory (RAM), which acts as an external cache. By way of example and not limitation, many forms of RAM are available, such as static random access memory (SRAM), dynamic random access memory (DRAM), synchronous DRAM, SDRAM), double data rate synchronous dynamic random access memory (double data rate SDRAM, DDR SDRAM), enhanced synchronous dynamic random access memory (enhanced SDRAM, ESDRAM), synchronous link dynamic random access memory (synchlink DRAM, SLDRAM) ) and direct memory bus random access memory (direct rambus RAM, DR RAM). It should be noted that the memory of the systems and methods described herein is intended to include, but not be limited to, these and any other suitable types of memory.

According to the method provided by the embodiment of the present application, the present application also provides a computer program product, the computer program product includes: computer program code, when the computer program code is run on a computer, the computer is made to execute the steps shown in FIG. 2 and FIG. 3 . The method performed by each unit in the illustrated embodiment.

According to the method provided by the embodiment of the present application, the present application further provides a computer-readable storage medium, where the computer-readable storage medium stores program codes, and when the program codes are executed on a computer, the computer is made to execute FIG. 2 and FIG. 3. Methods performed by each unit in the embodiment shown.

The modules in the above-mentioned device embodiments correspond to the units in the method embodiments completely, and the corresponding modules or units perform corresponding steps. Other steps may be performed by a processing unit (processor). For functions of specific units, reference may be made to corresponding method embodiments. The number of processors may be one or more.

The terms "component", "module", "system" and the like are used in this specification to refer to a computer-related entity, hardware, firmware, a combination of hardware and software, software, or software in execution. For example, a component may be, but is not limited to, a process running on a processor, a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of illustration, both an application running on a computing device and the computing device may be components. One or more components may reside within a process and/or thread of execution, and a component may be localized on one computer and/or distributed between 2 or more computers. In addition, these components can execute from various computer readable media having various data structures stored thereon. A component may, for example, be based on a signal having one or more data packets (eg, data from two components interacting with another component between a local system, a distributed system, and/or a network, such as the Internet interacting with other systems via signals) Communicate through local and/or remote processes.

Those of ordinary skill in the art can realize that the units and algorithm steps of each example described in conjunction with the embodiments disclosed herein can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the technical solution. Skilled artisans may implement the described functionality using different methods for each particular application, but such implementations should not be considered beyond the scope of this application.

Those skilled in the art can clearly understand that, for the convenience and brevity of description, the specific working process of the above-described systems, devices and units may refer to the corresponding processes in the foregoing method embodiments, which will not be repeated here.

In the several embodiments provided in this application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the apparatus embodiments described above are only illustrative. For example, the division of the units is only a logical function division. In actual implementation, there may be other division methods. For example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored, or not implemented. On the other hand, the shown or discussed mutual coupling or direct coupling or communication connection may be through some interfaces, indirect coupling or communication connection of devices or units, and may be in electrical, mechanical or other forms.

The units described as separate components may or may not be physically separated, and components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution in this embodiment.

In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically alone, or two or more units may be integrated into one unit.

The functions, if implemented in the form of software functional units and sold or used as independent products, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application can be embodied in the form of a software product in essence, or the part that contributes to the prior art or the part of the technical solution. The computer software product is stored in a storage medium, including Several instructions are used to cause a computer device (which may be a personal computer, a server, or a network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (Read-Only Memory, ROM), random access memory (Random Access Memory, RAM), magnetic disk or optical disk and other media that can store program codes .

The above are only specific embodiments of the present application, but the protection scope of the present application is not limited to this. should be covered within the scope of protection of this application. Therefore, the protection scope of the present application should be subject to the protection scope of the claims.

Claims

A method for data encryption, the method being applied to a target vehicle, characterized in that it includes:

obtaining vehicle service data of the target vehicle;

acquiring N data transmission nodes that transmit the vehicle service data, where N≥2;

Use the data transmission key of the nth data transmission node to encrypt the N-nth encrypted vehicle service data to obtain the N-n+1th encrypted vehicle service data, where N≥n≥1, and the nth data transmission node is the The nth data transmission node in the transmission order among the N data transmission nodes, the transmission order is the order in which the N data transmission nodes transmit the vehicle service data, and the 0th encrypted vehicle service data is for the vehicle service data;

Sending the Nth encrypted vehicle service data to the first data transmission node, wherein the Nth encrypted vehicle service data is obtained by encrypting the N-1th encrypted vehicle service data using the data transmission key of the first data transmission node of.
The method according to claim 1, wherein the encrypting the N-nth encrypted vehicle service data by using the data transmission key of the nth data transmission node to obtain the N-n+1th encrypted vehicle service data, comprising:

encrypting the N-nth encrypted vehicle service data and the communication credential of the nth data transmission node using the data transmission key of the nth data transmission node to obtain the N-n+1th encrypted vehicle service data, Wherein, the communication credential of the nth data transmission node indicates the transmission condition of the N-nth encrypted vehicle service data at the nth data transmission node.
The method according to claim 1 or 2, wherein when n is equal to N, the nth data transmission node is an external transmission node of the vehicle;

The first data transmission node is a vehicle internal transmission node.
A method for data transmission, the method being applied to a data transmission node, characterized by comprising:

receive encrypted vehicle service data;

Obtain the decrypted encrypted vehicle service data, wherein the decrypted encrypted vehicle service data is obtained after decrypting the encrypted vehicle service data by using the data transmission key of the data transmission node, and the decrypted encrypted vehicle service data is obtained. The encrypted vehicle service data is data encrypted using the data transfer key of the next data transfer node.
The method according to claim 4, wherein obtaining the decrypted encrypted vehicle service data comprises:

Obtain the decrypted encrypted vehicle service data and the communication credential of the data transmission node, wherein the decrypted encrypted vehicle service data and the communication credential of the data transmission node are the data transmission key using the data transmission node Obtained after decrypting the encrypted vehicle service data, the communication credential of the data transmission node indicates the transmission conditions of the decrypted encrypted vehicle service data in the data transmission node;

After obtaining the decrypted encrypted vehicle service data and the communication credential of the data transmission node, the method further includes:

When the transmission condition of the decrypted encrypted vehicle service data in the data transmission node is satisfied, the decrypted encrypted vehicle service data is sent to the next data transmission node.
The method according to claim 5, wherein the method further comprises:

receiving the data transmission key of the data transmission node;

The obtaining of the decrypted encrypted vehicle service data and the communication credentials of the data transmission node includes:

Decrypt the encrypted vehicle service data using the data transmission key of the data transmission node to obtain the decrypted encrypted vehicle service data and the communication credential of the data transmission node.
The method according to claim 5, wherein the obtaining the decrypted encrypted vehicle service data and the communication credentials of the data transmission node comprises:

sending the encrypted vehicle service data to a decryption module;

The decrypted encrypted vehicle service data and the communication credential of the data transmission node sent by the decryption module are received.
A data encryption device, the data encryption device applied to a target vehicle, is characterized in that, comprising:

an acquisition module for acquiring vehicle service data of the target vehicle;

The acquiring module is further configured to acquire N data transmission nodes that transmit the vehicle service data, where N≥2;

An encryption module, configured to encrypt the N-nth encrypted vehicle service data by using the data transmission key of the nth data transmission node, to obtain the N-n+1th encrypted vehicle service data, wherein N≥n≥1, the nth encrypted vehicle service data is obtained. The data transmission node is the nth data transmission node in the transmission order among the N data transmission nodes, the transmission order is the order in which the N data transmission nodes transmit the vehicle service data, and the 0th encrypted vehicle service data Serve data for said vehicle;

A sending module, configured to send the Nth encrypted vehicle service data to the first data transmission node, wherein the Nth encrypted vehicle service data is the N-1th encrypted vehicle using the data transmission key of the first data transmission node The service data is encrypted.
The data encryption device according to claim 8, wherein the encryption module is specifically configured to use the data transmission key of the nth data transmission node to encrypt the N-nth vehicle service data and the nth data encrypting the communication credential of the transmission node to obtain the N-n+1th encrypted vehicle service data, wherein the communication credential of the nth data transmission node indicates that the N-nth encrypted vehicle service data is transmitted in the nth data transmission Node's transfer condition.
The data encryption device according to claim 8 or 9, wherein when n is equal to N, the nth data transmission node is an external transmission node of the vehicle;

The first data transmission node is a vehicle internal transmission node.
A data transmission device, the data transmission device applied to a data transmission node, is characterized in that, comprising:

A receiving module for receiving encrypted vehicle service data;

an acquisition module, configured to acquire decrypted encrypted vehicle service data, wherein the decrypted encrypted vehicle service data is obtained by decrypting the encrypted vehicle service data using the data transmission key of the data transmission node, The decrypted encrypted vehicle service data is data encrypted using the data transmission key of the next data transmission node.
The data transmission device according to claim 11, wherein the data transmission device further comprises a sending module;

The obtaining module is specifically configured to obtain the decrypted encrypted vehicle service data and the communication credential of the data transmission node, wherein the decrypted encrypted vehicle service data and the communication credential of the data transmission node are obtained by using the The data transmission key of the data transmission node is obtained after decrypting the encrypted vehicle service data, and the communication credential of the data transmission node indicates the transmission conditions of the decrypted encrypted vehicle service data in the data transmission node;

The sending module is configured to, after the obtaining module obtains the decrypted encrypted vehicle service data and the communication credential of the data transmission node, when the transmission of the decrypted encrypted vehicle service data at the data transmission node is satisfied When conditions are met, the decrypted encrypted vehicle service data is sent to the next data transmission node.
The data transmission device according to claim 12, wherein the receiving module is further configured to receive the data transmission key of the data transmission node;

The obtaining module is specifically configured to decrypt the encrypted vehicle service data by using the data transmission key of the data transmission node to obtain the decrypted encrypted vehicle service data and the communication credential of the data transmission node.
The data transmission device according to claim 12, wherein the acquisition module is specifically configured to send the encrypted vehicle service data to a decryption module;

The decrypted encrypted vehicle service data and the communication credential of the data transmission node sent by the decryption module are received.
A data processing device, comprising:

processor, memory, input and output interface;

the processor is coupled to the memory and the input-output interface;

The processor executes the method according to any one of claims 1 to 3, or performs the method according to any one of claims 4 to 7, by running the code in the memory.
A chip, characterized in that the chip includes at least one processor, the at least one processor is connected in communication with at least one memory, and the at least one memory stores instructions; the instructions are processed by the at least one processor The method of any one of claims 1 to 3 is performed, or, the method of any one of claims 4 to 7 is performed.
A computer-readable storage medium in which instructions are stored that, when executed on a computer, cause the computer to perform the method as claimed in any one of claims 1 to 3, or to perform the method as claimed in claims 4 to 7 The method of any of the above.