WO2024098402A1 - Method for replacing pseudonym certificate, apparatus and system - Google Patents

Method for replacing pseudonym certificate, apparatus and system Download PDF

Info

Publication number
WO2024098402A1
WO2024098402A1 PCT/CN2022/131478 CN2022131478W WO2024098402A1 WO 2024098402 A1 WO2024098402 A1 WO 2024098402A1 CN 2022131478 W CN2022131478 W CN 2022131478W WO 2024098402 A1 WO2024098402 A1 WO 2024098402A1
Authority
WO
WIPO (PCT)
Prior art keywords
information
area
pseudonym certificate
replacement
pseudonym
Prior art date
Application number
PCT/CN2022/131478
Other languages
French (fr)
Chinese (zh)
Inventor
刘晓伟
汪洋一舟
鲁广顺
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2022/131478 priority Critical patent/WO2024098402A1/en
Publication of WO2024098402A1 publication Critical patent/WO2024098402A1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials

Definitions

  • the present application relates to the field of Internet of Vehicles security, and more specifically, to a method, device and system for replacing a pseudonym certificate.
  • V2X vehicle to everything
  • the vehicle continuously broadcasts its own driving parameters and location information to surrounding vehicles, base stations, RSU and other nodes, which may be obtained by attackers.
  • the attacker can determine the location of the vehicle based on the above broadcast information, thereby further damaging the driver's privacy security through the association between the vehicle and the driver.
  • the current common method is to use pseudonymous certificate authentication to resolve the threat to vehicle security posed by attackers.
  • Vehicles can make it difficult for attackers to associate the pseudonym certificates with the vehicles at the corresponding locations by constantly changing the pseudonym certificates they use, thereby increasing the complexity of location tracking.
  • the traditional pseudonym certificate replacement based on a fixed period still cannot prevent attackers from determining the location of the vehicle based on the pseudonym certificates, and it is still easy to cause privacy leaks such as vehicle location.
  • the embodiments of the present application provide a method, device, and system for replacing a pseudonym certificate, which can reduce the probability of attackers continuously tracking smart driving devices and causing smart privacy leakage, and help improve the security of smart driving devices.
  • the method provided in the present application can be applied to an intelligent driving device, which can be a vehicle in a broad sense, such as a means of transportation (such as commercial vehicles, passenger cars, trucks, motorcycles, airplanes, flying cars, trains, ships, etc.), industrial vehicles (such as forklifts, trailers, tractors, etc.), engineering vehicles (such as excavators, bulldozers, cranes, etc.), agricultural equipment (such as mowers, harvesters, etc.), amusement equipment, toy vehicles, etc.
  • a means of transportation such as commercial vehicles, passenger cars, trucks, motorcycles, airplanes, flying cars, trains, ships, etc.
  • industrial vehicles such as forklifts, trailers, tractors, etc.
  • engineering vehicles such as excavators, bulldozers, cranes, etc.
  • agricultural equipment such as mowers, harvesters, etc.
  • amusement equipment toy vehicles, etc.
  • toy vehicles etc.
  • the present application does not specifically limit the type of vehicle.
  • a method for replacing a pseudonym certificate is provided, which method may be executed by an intelligent driving device; or, alternatively, may be executed by a chip or circuit for an intelligent driving device, which is not limited in the present application.
  • the method includes: a first device acquires first information, the first information is used to instruct the first device to replace a pseudonym certificate, the first information is associated with a first area where the first device is located and/or an operating state of the first device; the first device controls the replacement of the pseudonym certificate according to the first information.
  • the replacement of the pseudonym certificate is controlled, which can prevent attackers from continuously tracking the first device when they know the replacement cycle, thereby helping to improve the security of the first device.
  • the first device may be an intelligent driving device, or the first device may be a processor disposed in the intelligent driving device.
  • the area where the first device is located is the area where the intelligent driving device is located; and the operating state of the first device is the operating state of the intelligent driving device.
  • the first information is associated with the first area where the first device is located and/or the operating state of the first device” can be understood as: the first information is generated and/or obtained when the first device is located in the first area, and/or the first information is generated and/or obtained when the first device is in a certain operating state.
  • the certain operating state may include at least one of a driving state, a power-on parking state, and a just-started state.
  • the first area may include at least one of the following areas: an area where pseudonym certificates are used less frequently, an area where the first device often travels, and an area determined based on places of interest to a user of the first device.
  • the first information may be received from a roadside device; or, the first information may also be obtained from other processors of the intelligent driving device.
  • the first area includes a second area
  • the second area is an area associated with a place of interest to a user of the first device
  • the first device obtains first information, including: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first device receives the first information from a first roadside device, and the first roadside device is the roadside device that is closest to the first device in the first area.
  • the preset distance threshold may be 5 meters, or 3 meters, or other distances.
  • the second area is an area associated with a place of interest to the user of the first device” can be understood as: the second area is a cluster determined according to the place of interest to the user of the first device, or the second area is a place of interest to the user of the first device.
  • the first device may also obtain the first information from other devices, for example, from other intelligent driving devices.
  • an adaptive pseudonym certificate replacement scheme can be designed for the first device according to the places of interest to the user, which helps to improve the user experience.
  • the first device may be tracked in combination with the pseudonym certificate replacement cycle.
  • the replacement of the pseudonym certificate is controlled, which can increase the difficulty for the attacker to break the relationship between the old and new pseudonym certificates of the vehicle, help reduce the probability of the attacker obtaining the privacy of the first device, and further improve the security of the first device.
  • the first area includes a first traffic light intersection
  • the first device controls the replacement of the pseudonym certificate according to the first information, including: when the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
  • the first traffic light intersection is a place of interest to the user, or a second area associated with the place of interest to the user.
  • the first device receives the first information; further, when the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
  • the first device receives the first information when the traffic light at the first traffic light intersection turns red; further, when the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
  • the traffic light is a traffic light in the driving direction of the first device. For example, if the first device needs to go straight from south to north at the first traffic light intersection, the traffic light can be a traffic light indicating north-south straight driving at the first traffic light intersection.
  • the preset speed threshold may be 3 km/h, or may be 0 km/h, or may be other speeds.
  • the replacement of the pseudonym certificate can be controlled, thereby improving the security of the first device while ensuring that the communication of the first device is not affected.
  • the first device controls the replacement of the pseudonym certificate according to the first information, including: when the first device is started, the first device controls the replacement of the pseudonym certificate.
  • the first device when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first device receives the first information, and shuts down the engine and powers off after receiving the first information. Since the first device does not need to communicate with other devices when shutting down the engine, there is no need to replace the pseudonym certificate. Furthermore, when the first device is started in the second area, the first device controls the replacement of the pseudonym certificate.
  • the pseudonym certificate may not be replaced for a long time.
  • the previous pseudonym certificate is directly used, which is easier to be tracked by attackers. Therefore, replacing the pseudonym certificate when the first device is started helps to improve the security of the first device.
  • the method also includes: the first device determines a replacement cycle of the pseudonym certificate, and the replacement cycle is associated with a real-time status parameter of the first device; when the replacement cycle arrives, the first device controls the replacement of the pseudonym certificate.
  • the replacement cycle of the pseudonym certificate can be determined according to the real-time status parameters of the first device. Since the pseudonym replacement cycle is variable, attackers cannot determine the replacement cycle of the pseudonym certificate of the first device, and thus cannot track the first device, which helps to improve the security of the first device.
  • the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  • a method for replacing a pseudonym certificate is provided, which can be executed by a cloud server, or by a chip or circuit used for a cloud server.
  • the method can also be executed by a roadside device, or by a chip or circuit using a roadside device, which is not limited in this application.
  • the method includes: a second device generates first information, the first information is used to instruct the first device to change the pseudonym certificate, the first information is associated with a first area where the first device is located and/or an operating state of the first device; the second device sends the first information to the first device.
  • a first message is sent to the first device to control the first device to replace the pseudonym certificate. This can prevent attackers from continuously tracking the first device when they know the replacement cycle, thereby helping to improve the security of the first device.
  • the first area includes a second area
  • the second area is an area associated with places of interest to users of the first device
  • the second device is a roadside device in the first area that is closest to the first device
  • the second device sends the first information to the first device, including: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the second device sends the first information to the first device.
  • instruction information instructing the first device to replace the pseudonym certificate is generated in a specific area and sent to the first device, so that the first device replaces the pseudonym certificate in the specific area according to the instruction information of the second device.
  • the first area includes a first traffic light intersection
  • the second device generates the first information, including: when the second device obtains information that the traffic light at the first traffic light intersection turns red, the second device generates the first information.
  • the traffic light is a traffic light for the driving direction of the first device.
  • the red turn of the traffic light at the first traffic light intersection may be detected by the second device, or may be indicated by other devices.
  • the first device when the first device is driving and stops at an intersection, since the need for the first device to communicate with other devices is relatively small in this scenario, the first device can be instructed to replace the pseudonym certificate, thereby improving the security of the first device while ensuring that the communication of the first device is not affected.
  • the second device sending the first information to the first device includes: the second device sending the first information to the first device via a third device.
  • the second device is a cloud server
  • the third device is a roadside device.
  • the third device may be a roadside device in an area where the first device is traveling.
  • the second device may send the information instructing the first device to change its pseudonym certificate to the first device via a third device.
  • the method further includes: the second device acquiring information about the first area and/or information about an operating status of the first device.
  • the second device may obtain information about the first area and/or information about the operating status of the first device from the first device; alternatively, the second device may also detect the first area where the first device is located and/or the operating status of the first device by itself.
  • the method also includes: the second device obtains real-time status parameters of the first device; the second device determines a replacement cycle of the pseudonym certificate based on the real-time status parameters; and the second device sends information about the replacement cycle to the first device.
  • the second device can determine the replacement cycle of the pseudonym certificate according to the real-time status parameters of the first device. Since the pseudonym replacement cycle is variable, the attacker cannot determine the replacement cycle of the pseudonym certificate of the first device, and thus cannot track the first device, which helps to improve the security of the first device. In addition, the first device does not need to determine the replacement cycle by itself, which helps to save the computing overhead of the first device.
  • the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  • a method for replacing a pseudonym certificate may include: a first device determines a replacement cycle of the pseudonym certificate, wherein the replacement cycle is associated with a real-time status parameter of the first device; and when the replacement cycle arrives, the first device controls the replacement of the pseudonym certificate.
  • the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  • the first device obtains first information, where the first information is used to instruct the first device to replace the pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operating status of the first device; the first device controls the replacement of the pseudonym certificate according to the first information.
  • the first area includes a second area
  • the second area is an area associated with a place of interest to a user of the first device
  • the first device obtains first information, including: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first device receives the first information from a first roadside device, and the first roadside device is the roadside device that is closest to the first device in the first area.
  • the first area includes a first traffic light intersection
  • the first device controls the replacement of the pseudonym certificate according to the first information, including: when the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
  • the first device controls the replacement of the pseudonym certificate according to the first information, including: when the first device is started, the first device controls the replacement of the pseudonym certificate.
  • a device for replacing a pseudonym certificate comprising an acquisition unit and a processing unit; wherein the acquisition unit is used to acquire first information, the first information is used to instruct a first device to replace a pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operating status of the first device; the processing unit is used to control the replacement of the pseudonym certificate according to the first information.
  • the first area includes a second area
  • the second area is an area associated with a place of interest to a user of the first device
  • the acquisition unit is used to: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, receive the first information from a first roadside device, the first roadside device being the roadside device that is closest to the first device in the first area.
  • the first area includes a first traffic light intersection
  • the processing unit is used to control the replacement of the pseudonym certificate when the driving speed of the first device in the first area is less than or equal to a preset speed threshold.
  • the processing unit is used to: when the first device is started, control the replacement of the pseudonym certificate.
  • the device also includes a determination unit, used to: determine a replacement cycle of the pseudonym certificate, and the replacement cycle is associated with the real-time status parameters of the first device; the processing unit is also used to: control the replacement of the pseudonym certificate when the replacement cycle arrives.
  • the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  • a device for replacing a pseudonym certificate comprising a generating unit and a transceiver unit; wherein the generating unit is used to: generate first information, the first information being used to instruct a first device to replace a pseudonym certificate, the first information being associated with a first area where the first device is located and/or an operating status of the first device; the transceiver unit being used to send the first information to the first device.
  • the first area includes a second area
  • the second area is an area associated with places of interest to users of the first device
  • the second device is a roadside device in the first area that is closest to the first device
  • the transceiver unit is used to send the first information to the first device when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold.
  • the first area includes a first traffic light intersection
  • the device also includes an acquisition unit
  • the generation unit is used to generate the first information when the acquisition unit acquires information that the traffic light at the first traffic light intersection turns red.
  • the transceiver unit is used to: send the first information to the first device via a third device.
  • the apparatus further includes an acquisition unit, which is used to: acquire information about the first area and/or information about the operating status of the first device.
  • the device also includes an acquisition unit and a determination unit, the acquisition unit is used to: obtain the real-time status parameters of the first device; the determination unit is used to: determine the replacement cycle of the pseudonym certificate based on the real-time status parameters; the transceiver unit is also used to: send information about the replacement cycle to the first device.
  • the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage degree of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  • a device for replacing a pseudonym certificate comprising a determination unit and a processing unit, the determination unit being used to: determine a replacement cycle of the pseudonym certificate, the replacement cycle being associated with a real-time status parameter of the first device; the processing unit being also used to: control the replacement of the pseudonym certificate when the replacement cycle arrives.
  • the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  • the device also includes an acquisition unit; the acquisition unit is used to acquire first information, the first information is used to instruct the first device to replace the pseudonym certificate, and the first information is associated with the first area where the first device is located and/or the operating status of the first device; the processing unit is used to control the replacement of the pseudonym certificate according to the first information.
  • the first area includes a second area
  • the second area is an area associated with a place of interest to a user of the first device
  • the acquisition unit is used to: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, receive the first information from a first roadside device, the first roadside device being the roadside device that is closest to the first device in the first area.
  • the first area includes a first traffic light intersection
  • the processing unit is used to control the replacement of the pseudonym certificate when the driving speed of the first device in the first area is less than or equal to a preset speed threshold.
  • the processing unit is used to: when the first device is started, control the replacement of the pseudonym certificate.
  • a device for replacing a pseudonym certificate comprising: a memory for storing a computer program; a processor for executing the computer program stored in the memory, so that the device performs a method in any possible implementation of the first aspect or the third aspect.
  • a device for replacing a pseudonym certificate comprising: a memory for storing a computer program; and a processor for executing the computer program stored in the memory, so that the device performs a method as in any possible implementation of the second aspect.
  • an intelligent driving device which includes an apparatus as in any possible implementation of the fourth aspect, the sixth aspect or the seventh aspect.
  • the intelligent driving device is a vehicle.
  • a server comprising a device as in any possible implementation of the fifth aspect or the eighth aspect.
  • the server is a cloud server, or a server set in a roadside device.
  • a computer program product comprising: a computer program code, when the computer program code is run on a computer, the computer executes the method in any possible implementation of the first to third aspects.
  • the above-mentioned computer program code may be stored in whole or in part on a first storage medium, wherein the first storage medium may be packaged together with the processor or may be packaged separately from the processor.
  • a computer-readable medium stores instructions, and when the instructions are executed by a processor, the processor implements the method in any possible implementation of the first to third aspects.
  • a chip comprising a circuit for executing a method in any possible implementation of the first to third aspects above.
  • FIG1 is a schematic diagram of a system framework for replacing a pseudonym certificate provided in an embodiment of the present application
  • FIG2 is a schematic flow chart of a method for replacing a pseudonym certificate provided in an embodiment of the present application
  • FIG3 is another schematic flow chart of a method for replacing a pseudonym certificate provided in an embodiment of the present application
  • FIG4 is another schematic flow chart of a method for replacing a pseudonym certificate provided in an embodiment of the present application.
  • FIG5 is another schematic flow chart of the method for replacing a pseudonym certificate provided in an embodiment of the present application.
  • FIG6 is another schematic flow chart of the method for replacing a pseudonym certificate provided in an embodiment of the present application.
  • FIG7 is a schematic block diagram of an apparatus for replacing a pseudonym certificate according to an embodiment of the present application.
  • FIG8 is another schematic block diagram of an apparatus for replacing a pseudonym certificate provided in an embodiment of the present application.
  • FIG. 9 is another schematic block diagram of the apparatus for replacing a pseudonym certificate provided in an embodiment of the present application.
  • At least one of a, b, or c can mean: a, b, c, a-b, a-c, b-c, or a-b-c, where a, b, c can be single or multiple.
  • prefixes such as "first" and “second” used in the embodiments of the present application are only used to distinguish different description objects, and have no limiting effect on the position, order, priority, quantity or content of the described objects.
  • the use of prefixes such as ordinal numbers used to distinguish description objects in the embodiments of the present application does not constitute a limitation on the described objects. For the statement of the described objects, please refer to the description in the context of the claims or embodiments, and the use of such prefixes should not constitute an unnecessary limitation.
  • the vehicle regularly broadcasts basic safety information, determines the pseudonym replacement conditions based on the driving state of nearby vehicles, and executes the pseudonym replacement if the pseudonym replacement conditions are met; without the participation of RSU, the legal pseudonym certificate is independently calculated through collaboration with surrounding vehicles.
  • the privacy leakage degree and the predetermined pseudonym update cycle are considered as the basis for judging the pseudonym change.
  • the legitimate pseudonym certificate is independently calculated through cooperation with surrounding vehicles without the participation of RSU.
  • the vehicle initiating the pseudonym change requires large communication and computing overhead, and it is difficult to ensure that enough vehicles participate in the cooperation of pseudonym change.
  • a method for replacing a pseudonym certificate provided in an embodiment of the present application can determine the replacement cycle of the pseudonym certificate according to the real-time status parameters of the intelligent driving device. Since the pseudonym replacement cycle is variable, attackers cannot determine the pseudonym certificate replacement cycle of the intelligent driving device, and thus cannot track the intelligent driving device, which helps to improve the safety of the intelligent driving device. Furthermore, when the intelligent driving device is in a specific operating state and/or travels to a specific area, controlling the replacement of the pseudonym certificate can prevent attackers from continuously tracking the intelligent driving device when they know the replacement cycle, which helps to improve the safety of the intelligent driving device.
  • FIG1 is an application scenario of a method for replacing a pseudonym certificate provided in an embodiment of the present application.
  • an intelligent driving device 100 a cloud server 210 , and a roadside device 220 may be included.
  • the intelligent driving device 100 may include a perception system 140, a computing platform 150, and a peripheral device 160.
  • the perception system 140 may include one or more sensors for sensing environmental information about the surroundings of the intelligent driving device 100 and driving parameters of the intelligent driving device.
  • the perception system 140 may include a positioning system, which may be a global positioning system (GPS), a Beidou system or other positioning systems, or an inertial measurement unit (IMU).
  • the perception system 140 may also include one or more of a laser radar, a millimeter wave radar, an ultrasonic radar, and a camera device; the perception system 140 may also include a wheel speed sensor, a pedal position sensor, etc., for sensing the speed and/or acceleration of the intelligent driving device.
  • the computing platform 150 may include one or more processors, such as processors 151 to 15n (n is a positive integer).
  • the processor is a circuit with signal processing capability.
  • the processor may be a circuit with instruction reading and execution capability, such as a central processing unit (CPU), a microprocessor, a graphics processing unit (GPU) (which can be understood as a microprocessor), or a digital signal processor (DSP); in another implementation, the processor may implement certain functions through the logical relationship of a hardware circuit, and the logical relationship of the hardware circuit is fixed or reconfigurable, such as a hardware circuit implemented by an application-specific integrated circuit (ASIC) or a programmable logic device (PLD), such as a field programmable gate array (FPGA).
  • ASIC application-specific integrated circuit
  • PLD programmable logic device
  • the process of the processor loading a configuration document to implement the hardware circuit configuration can be understood as the process of the processor loading instructions to implement the functions of some or all of the above units.
  • it can also be a hardware circuit designed for artificial intelligence, which can be understood as an ASIC, such as a neural network processing unit (NPU), a tensor processing unit (TPU), a deep learning processing unit (DPU), etc.
  • the computing platform 150 can also include a memory, the memory is used to store instructions, and some or all of the processors 151 to 15n can call the instructions in the memory and execute the instructions to implement the corresponding functions.
  • the intelligent driving device 100 interacts with the cloud server 210, external sensors, other intelligent driving devices, other computer systems or users through the peripheral device 160.
  • the peripheral device 160 may include a wireless communication system.
  • the cloud server 210 may include a computing platform 211 , and the computing platform 211 may include one or more processors.
  • the specific forms and corresponding functions of the one or more processors may refer to the description in the above embodiments, and will not be repeated here.
  • the cloud server 210 can determine the replacement cycle of the pseudonym certificate according to the speed of the intelligent driving device 100, the traffic density near the intelligent driving device 100, the safety level (or privacy leakage) of the intelligent driving device, and the user demand level, and send the replacement cycle to the intelligent driving device 100, so that the intelligent driving device 100 can replace the pseudonym certificate when the replacement cycle is reached.
  • the cloud server 210 can also determine the replacement area of the pseudonym certificate according to the location of interest to the user of the intelligent driving device 100, and then control the roadside device 220 in the area to send a pseudonym certificate replacement instruction to the intelligent driving device 100, so that the intelligent driving device 100 can replace the pseudonym certificate in the area.
  • the roadside device 220 can also determine whether to send a pseudonym certificate replacement instruction to the intelligent driving device 100 according to the state of the signal light. For example, when the signal light turns red, a pseudonym certificate replacement instruction is sent to the surrounding intelligent driving devices, so that the intelligent driving device 100 in the parking state replaces the pseudonym certificate.
  • the intelligent driving device 100 can also replace the pseudonym certificate according to the driving scenario. For example, the intelligent driving device 100 can replace the pseudonym certificate when it is just started.
  • FIG2 shows a schematic flow chart of a method 200 for replacing a pseudonym certificate provided in an embodiment of the present application.
  • the method 200 can be applied to the application scenario shown in FIG1.
  • the method 200 can be executed by one or more processors in the computing platform 150 in FIG1.
  • the method 200 includes:
  • a first device obtains first information, where the first information is used to instruct the first device to change a pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operating state of the first device.
  • the first device may be the intelligent driving device in the above embodiment, and the first information may be received from a roadside device.
  • the first area may include an area where the intelligent driving device uses the pseudonym certificate less frequently, such as a traffic light intersection; or, the first area may also include an area of interest to users of the intelligent driving device.
  • the operating state of the first device may include at least one of the following: a driving state, a parking state, and a just-started state (ie, a state from power-off to power-on).
  • the first device may be a processor disposed in a computing platform of the intelligent driving device, and the first information may be sent to the first device by another processor in the computing platform of the intelligent driving device.
  • the first area where the first device is located may represent the first area where the intelligent driving device is located, and the operating state of the first device may represent the operating state of the intelligent driving device.
  • the first information is associated with the first area where the first device is located and/or the operating state of the first device, which can be understood as follows: the first information may be generated and/or obtained when it is detected that the first device has driven to a traffic light intersection and the traffic light has changed from green to red; or, the first information may be generated and/or obtained when it is detected that the first device has driven to an area of interest to the user; or, the first information may be generated and/or obtained when it is detected that the first device has just been started.
  • “the first device has just been started” may mean that the first device has just been started after parking in a parking lot, or it may also mean that the first device has just been started after maintenance, or it may also mean other scenarios where the first device has just been started.
  • the first area includes a second area
  • the second area is an area associated with a location of interest to a user of the first device
  • the first device obtains the first information, including: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first device receives the first information from a first roadside device, the first roadside device being the roadside device closest to the first device in the first area.
  • the first device is a vehicle in an adaptive cruise control (CACC) vehicle queue, then when the distance between the first device and the center of the second area is less than or equal to the preset distance threshold, the first device receives the first information from other vehicles in the CACC vehicle queue.
  • CACC adaptive cruise control
  • the preset distance threshold may be 5 meters, or 3 meters, or other distances.
  • the second area may be a cluster determined according to places of interest to the user through a clustering algorithm, wherein the places of interest to the user may be places where the user frequently travels (for example, more than three times a week), or places that the user has collected or marked in an electronic map, or other places of interest to the user.
  • S202 The first device controls the replacement of the pseudonym certificate according to the first information.
  • the first device when the first device receives the first information, it controls the replacement of the pseudonym certificate.
  • the first area includes a first traffic light intersection, and when a driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
  • the preset speed threshold may be 3 kilometers per hour (kilometer per hour, km/h), or may be 0 km/h, or may be other speeds.
  • the first device when the first device is started, the first device controls the replacement of the pseudonym certificate.
  • the area of interest to the user includes a first traffic light intersection.
  • the first device receives first information; further, when the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
  • the intelligent driving device may determine the replacement cycle of the pseudonym certificate according to the real-time state parameter of the intelligent driving device.
  • the real-time state parameter may include at least one of the following: the speed of the intelligent driving device, the traffic density around the intelligent driving device, the privacy leakage of the intelligent driving device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the intelligent driving device to replace the pseudonym certificate.
  • a method for replacing a pseudonym certificate controls the replacement of a pseudonym certificate when the intelligent driving device is in a specific operating state and/or travels to a specific area. This can prevent attackers from continuously tracking the intelligent driving device when they know the replacement cycle, thereby helping to improve the security of the intelligent driving device.
  • FIG3 shows a schematic flow chart of a method 300 for replacing a pseudonym certificate provided in an embodiment of the present application.
  • the method 300 can be applied to the application scenario shown in FIG1 .
  • the method 300 can be executed by one or more processors in the computing platform 211 in FIG1 , or can also be executed by the roadside device 220 shown in FIG1 .
  • the method 300 includes:
  • a second device generates first information, where the first information is used to instruct the first device to change a pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operating state of the first device.
  • the second device may be the roadside device in the above embodiment, or may also be the cloud server in the above embodiment.
  • the second device may be a processor provided in a computing platform of the intelligent driving device.
  • the second device generating the first information may include at least one of the following: when the second device obtains information that the first device drives to a traffic light intersection and the traffic light turns from green to red, the second device generates the first information; or, when the second device obtains information that the first device drives to an area of interest to the user, the second device generates the first information; or, when the second device obtains information that the first device has just started, the second device generates the first information.
  • the signal light is a signal light for the driving direction of the first device.
  • the information obtained by the second device may be a result of detection by the second device, or may be sent to the second device by other devices, which is not specifically limited in the embodiments of the present application.
  • S302 The second device sends the first information to the first device.
  • the second device sends the first information to the first device via the third device.
  • the first device is an intelligent driving device
  • the second device is a cloud server
  • the third device is a roadside device.
  • the second device sends the first information to the first device via the third device.
  • the first device drives to a traffic light intersection and the second device obtains information that the traffic light turns from green to red
  • the second device sends the first information to the first device via the third device
  • the second area can be a cluster determined according to the places of interest to the user through a clustering algorithm.
  • a method for replacing a pseudonym certificate provided in an embodiment of the present application generates first information when the intelligent driving device is in a specific operating state and/or travels to a specific area to control the intelligent driving device to replace the pseudonym certificate. This can prevent attackers from continuously tracking the intelligent driving device when they know the replacement cycle, thereby helping to improve the security of the intelligent driving device.
  • FIG4 shows a schematic flow chart of a method 400 for replacing a pseudonym certificate provided in an embodiment of the present application.
  • the method 400 can be applied to the application scenario shown in FIG1 .
  • the method 400 can be understood as an extension of the method 200 and/or the method 300 .
  • the method 400 includes:
  • the cloud server determines the replacement cycle of the pseudonym certificate according to the real-time status parameters of the intelligent driving device.
  • the cloud server may include the second device in the above embodiment
  • the intelligent driving device may include the first device in the above embodiment.
  • the real-time status parameter may include at least one of the following: the speed S i of the intelligent driving device, the traffic density F i around the intelligent driving device, the privacy leakage degree P i of the intelligent driving device, and the user demand level R i , wherein the user demand level is used to indicate the demand level of the user of the intelligent driving device to change the pseudonym certificate.
  • the privacy leakage degree is determined based on the number of times the intelligent driving device sends information to other devices and the time interval between sending information.
  • the privacy leakage For example, the privacy leakage Among them, “*” represents convolution calculation, P represents the privacy leakage threshold, T represents the replacement cycle of the pseudonym certificate, ⁇ represents the average interval time for sending information, ⁇ ( ⁇ ) is the Gamma function, and t represents time.
  • a multivariate linear regression model of the pseudonym replacement time interval of the intelligent driving device may be constructed. Further, the replacement period Ti of the pseudonym certificate may be determined by the least square method using the following formula:
  • ⁇ N(0, ⁇ 2 ), ⁇ 1 to ⁇ 4 are the weights of S i , Fi , Pi , and Ri determined for the intelligent driving device i, respectively.
  • the cloud server sends information about the pseudonym certificate replacement cycle to the intelligent driving device.
  • the cloud server sends information about the pseudonym certificate replacement cycle to the intelligent driving device at fixed intervals.
  • the fixed interval may be 5 minutes, 10 minutes, or other intervals.
  • the replacement cycle determined by the cloud server is different from the previously determined replacement cycle, information on the pseudonym certificate replacement cycle is sent to the intelligent driving device.
  • the intelligent driving device replaces the pseudonym certificate according to the replacement cycle.
  • the intelligent driving device replaces the pseudonym certificate.
  • the first indication information may be one of the first information in the above-mentioned embodiments.
  • the first RSU sends first instruction information for replacing the pseudonym certificate to the intelligent driving device.
  • S406 The intelligent driving device replaces the pseudonym certificate according to the first instruction information.
  • the intelligent driving device when the driving speed of the intelligent driving device is less than or equal to a preset speed threshold, the intelligent driving device replaces the pseudonym certificate.
  • the cloud server determines a replacement area for the pseudonym certificate according to the location of interest to the user of the smart driving device.
  • the cloud server uses a clustering algorithm to process a set of places of interest to the user based on the places of interest to the user, determines a cluster, and controls the smart driving device to replace the pseudonym certificate at the cluster.
  • the cloud server sends area indication information to the second RSU, where the area indication information is used to instruct the second RSU in the replacement area to send indication information for replacing the pseudonym certificate to the intelligent driving device.
  • the second RSU and the first RSU are the same roadside equipment.
  • the second RSU sends second instruction information for replacing the pseudonym certificate to the intelligent driving device.
  • the second indication information may be one of the first information in the above-mentioned embodiments.
  • S410 The intelligent driving device replaces the pseudonym certificate according to the second instruction information.
  • S401 to S403, S404 to S406, and S407 to S410 can be executed simultaneously, or can be executed sequentially.
  • the embodiment of the present application does not limit the execution order of S401 to S403, S404 to S406, and S407 to S410.
  • the present application provides a method for replacing a pseudonym certificate.
  • the cloud server determines the replacement cycle of the pseudonym certificate according to the real-time status parameters of the intelligent driving device, and indicates the replacement cycle to the intelligent driving device. On the one hand, it can indicate the changed pseudonym certificate replacement cycle to the intelligent driving device, so that attackers cannot determine the pseudonym certificate replacement cycle of the intelligent driving device, and thus cannot track the intelligent driving device, which helps to improve the security of the intelligent driving device; on the other hand, the intelligent driving device does not need to determine the replacement cycle by itself, which helps to save the computing overhead of the intelligent driving device.
  • the pseudonym certificate can also be replaced according to the indication information of the roadside device in a specific area, which can not only save the computing overhead of the intelligent driving device, but also further prevent the problem of attackers tracking the intelligent driving device and causing user privacy leakage.
  • FIG5 shows a schematic flow chart of a method 500 for replacing a pseudonym certificate provided in an embodiment of the present application.
  • the method 500 can be executed by an intelligent driving device.
  • the method 500 can be understood as an example of executing S401 to S403 and S404 to S406 simultaneously, or executing S401 to S403 and S407 to S410 simultaneously.
  • the method 500 includes:
  • the first information may be the first information in the above-mentioned method 200 and/or method 300, for example, may include the first indication information or the second indication information in the method 400.
  • the replacement cycle may be the replacement cycle in the above embodiment.
  • S503 is executed; otherwise, S502 is continued to be executed (or, in some possible implementations, S501 is executed).
  • the time of changing the pseudonym certificate next time is determined according to the current time and the change cycle. For example, if the change cycle is 30 minutes, the time of changing the pseudonym certificate next time is 30 minutes after the current time.
  • S503 means that the replacement of the pseudonym certificate is completed. It can also be understood that before the intelligent driving device executes S501, a pseudonym set has been obtained, and the pseudonym set includes multiple pseudonym certificates.
  • FIG6 shows a schematic flow chart of a method 600 for replacing a pseudonym certificate provided in an embodiment of the present application.
  • the method 600 may be executed by an intelligent driving device.
  • the method 600 includes:
  • the intelligent driving device may be in a state of just starting up after being turned off for a long time.
  • the intelligent driving device may be in a parking lot when it is turned off, or the intelligent driving device may be in a repair shop when it is turned off. This embodiment of the present application does not specifically limit this.
  • S602 When the intelligent driving device is in driving state, determine whether the pseudonym certificate is expired.
  • the driving state may include that the speed of the intelligent driving device is not zero; or, although the speed of the intelligent driving device is zero, it is in driving (drive, D) gear, or neutral (neutral, N) gear, that is, the intelligent driving device is in a temporary parking state.
  • execute S604 if the replacement period of the pseudonym certificate arrives, execute S604; otherwise, execute S603 (or in some possible implementations, execute S602).
  • the time of changing the pseudonym certificate next time is determined according to the current time and the change cycle. For example, if the change cycle is 30 minutes, the time of changing the pseudonym certificate next time is 30 minutes after the current time.
  • An embodiment of the present application provides a method for replacing a pseudonym certificate.
  • the pseudonym certificate Before the intelligent driving device is started, the pseudonym certificate has not been replaced for a long time. After the intelligent driving device is started, directly using the current pseudonym certificate for communication may not be safe enough. Therefore, replacing the pseudonym certificate when it is just started helps to improve the security of the intelligent driving device.
  • FIG. 7 shows a schematic block diagram of an apparatus 700 for replacing a pseudonym certificate provided in an embodiment of the present application.
  • the apparatus 700 includes an acquisition unit 710 and a processing unit 720 .
  • the device 700 may include units for executing the method in Figure 2, Figure 6 or Figure 7.
  • each unit in the device 700 and the above-mentioned other operations and/or functions are respectively for implementing the process of the corresponding method embodiment in Figure 2, Figure 6 or Figure 7.
  • the acquisition unit 710 may be used to execute S201 in the method 200
  • the processing unit 720 may be used to execute S202 in the method 200 .
  • the acquisition unit 710 is used to acquire first information, which is used to instruct the first device to replace the pseudonym certificate, and the first information is associated with the first area where the first device is located and/or the operating status of the first device; the processing unit 720 is used to control the replacement of the pseudonym certificate according to the first information.
  • the first area includes a second area, which is an area associated with a place of interest to a user of the first device
  • the acquisition unit 720 is used to: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, receive the first information from a first roadside device, and the first roadside device is the roadside device that is closest to the first device in the first area.
  • the first area includes a first signal light intersection
  • the processing unit 720 is used to control the replacement of the pseudonym certificate when the driving speed of the first device in the first area is less than or equal to a preset speed threshold.
  • the processing unit 720 is used to: when the first device is started, control the replacement of the pseudonym certificate.
  • the apparatus further includes a determination unit for determining a replacement cycle of the pseudonym certificate, wherein the replacement cycle is associated with a real-time status parameter of the first device; the processing unit 720 is further used for controlling the replacement of the pseudonym certificate when the replacement cycle arrives.
  • the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  • the operations performed by the acquisition unit 710 and the processing unit 720 can be performed by the same processor, or can be performed by different processors, for example, respectively performed by multiple processors.
  • the one or more processors can be processors set in the vehicle computer, or can also be processors set in other vehicle terminals.
  • the device 700 can be a chip set in the vehicle computer or other vehicle terminals.
  • the device 700 can be a computing platform 150 as shown in Figure 1 set in the intelligent driving device.
  • FIG8 shows a schematic block diagram of an apparatus 800 for replacing a pseudonym certificate provided in an embodiment of the present application.
  • the apparatus 800 includes a generating unit 810 and a transceiver unit 820 .
  • the device 800 may include a unit for executing the method of FIG3, or may also include a unit for executing the method executed by the cloud server or RSU in FIG4.
  • each unit in the device 800 and the above-mentioned other operations and/or functions are respectively for implementing the process of the corresponding method embodiment in FIG3 or FIG4.
  • the generating unit 810 may be used to execute S301 in the method 300
  • the transceiving unit 820 may be used to execute S302 in the method 300 .
  • the generating unit 810 is used to: generate first information, the first information is used to instruct the first device to change the pseudonym certificate, the first information is associated with the first area where the first device is located and/or the operating status of the first device; the transceiver unit 820 is used to send the first information to the first device.
  • the first area includes a second area, which is an area associated with places of interest to users of the first device, and the second device is a roadside device in the first area that is closest to the first device.
  • the transceiver unit 820 is used to send the first information to the first device when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold.
  • the first area includes a first signal light intersection
  • the device further includes an acquisition unit
  • the generation unit 810 is used to generate the first information when the acquisition unit acquires information that the signal light at the first signal light intersection turns red.
  • the transceiver unit 820 is used to send the first information to the first device via a third device.
  • the apparatus further includes an acquisition unit, which is configured to acquire information about the first area and/or information about an operating status of the first device.
  • the apparatus further includes an acquisition unit and a determination unit, wherein the acquisition unit is used to: acquire the real-time status parameters of the first device; the determination unit is used to: determine the replacement cycle of the pseudonym certificate according to the real-time status parameters; the transceiver unit 820 is also used to: send information about the replacement cycle to the first device.
  • the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  • the operations performed by the above-mentioned generation unit 810 and the transceiver unit 820 can be performed by the same processor, or can also be performed by different processors, for example, respectively performed by multiple processors.
  • the above-mentioned one or more processors can be processors arranged in a cloud server or a roadside device.
  • the above-mentioned device 800 can also be a processor arranged in an intelligent driving device.
  • the above-mentioned device 800 can be a chip arranged in a cloud server or a roadside device.
  • the above-mentioned device 800 can be a computing platform 211 arranged in the cloud server 210 shown in Figure 1.
  • the above-mentioned device 800 can be a chip arranged in an intelligent driving device.
  • the above-mentioned device 800 can be a computing platform 150 arranged in Figure 1.
  • the division of the units in the above device is only a division of logical functions. In actual implementation, they can be fully or partially integrated into one physical entity, or they can be physically separated.
  • the units in the device can be implemented in the form of a processor calling software; for example, the device includes a processor, the processor is connected to a memory, and instructions are stored in the memory.
  • the processor calls the instructions stored in the memory to implement any of the above methods or realize the functions of the units of the device, wherein the processor is, for example, a general-purpose processor, such as a CPU or a microprocessor, and the memory is a memory in the device or a memory outside the device.
  • the units in the device can be implemented in the form of hardware circuits, and the functions of some or all of the units can be realized by designing the hardware circuits.
  • the hardware circuit can be understood as one or more processors; for example, in one implementation, the hardware circuit is an ASIC, and the functions of some or all of the above units are realized by designing the logical relationship of the components in the circuit; for another example, in another implementation, the hardware circuit can be implemented by PLD.
  • FPGA as an example, it can include a large number of logic gate circuits, and the connection relationship between the logic gate circuits is configured through the configuration file, so as to realize the functions of some or all of the above units. All units of the above device may be implemented entirely in the form of a processor calling software, or entirely in the form of a hardware circuit, or partially in the form of a processor calling software and the rest in the form of a hardware circuit.
  • Each unit in the above device may be one or more processors (or processing circuits) configured to implement the above method, such as: CPU, GPU, NPU, TPU, DPU, microprocessor, DSP, ASIC, FPGA, or a combination of at least two of these processor forms.
  • processors or processing circuits configured to implement the above method, such as: CPU, GPU, NPU, TPU, DPU, microprocessor, DSP, ASIC, FPGA, or a combination of at least two of these processor forms.
  • the units in the above device can be fully or partially integrated together, or can be implemented independently. In one implementation, these units are integrated together and implemented in the form of a system-on-a-chip (SOC).
  • SOC may include at least one processor for implementing any of the above methods or implementing the functions of each unit of the device.
  • the type of the at least one processor may be different, for example, including a CPU and an FPGA, a CPU and an artificial intelligence processor, a CPU and a GPU, etc.
  • FIG9 is a schematic block diagram of an apparatus for replacing a pseudonym certificate according to an embodiment of the present application.
  • the apparatus 900 for replacing a pseudonym certificate shown in FIG9 may include: a processor 910, a transceiver 920, and a memory 930.
  • the processor 910, the transceiver 920, and the memory 930 are connected via an internal connection path, the memory 930 is used to store instructions, the processor 910 is used to execute the instructions stored in the memory 930, and the transceiver 920 receives/sends some parameters.
  • the memory 930 may be coupled to the processor 910 via an interface, or may be integrated with the processor 910.
  • transceiver 920 may include but is not limited to a transceiver device such as an input/output interface to achieve communication between the device 900 and other devices or communication networks.
  • Memory 930 can be a read-only memory (ROM), a static storage device, a dynamic storage device or a random access memory (RAM).
  • ROM read-only memory
  • RAM random access memory
  • the transceiver 920 uses a transceiver device such as, but not limited to, a transceiver to implement communication between the apparatus 900 and other devices or a communication network.
  • a transceiver device such as, but not limited to, a transceiver to implement communication between the apparatus 900 and other devices or a communication network.
  • the device 900 may be arranged in the computing platform 150 shown in FIG. 1 , or may be arranged in the computing platform 211 shown in FIG. 1 , or may be arranged in the roadside equipment 220 shown in FIG. 1 .
  • An embodiment of the present application further provides an intelligent driving device, which may include the above-mentioned device 700, or the above-mentioned device 900; in some possible implementations, the intelligent driving device may also include the above-mentioned device 800.
  • the smart device may be a vehicle.
  • An embodiment of the present application also provides a server, and the intelligent driving device may include the above-mentioned device 800, or the above-mentioned device 900.
  • the server is a cloud server, or a server installed in a roadside device.
  • An embodiment of the present application provides a system for replacing a pseudonym certificate, which may include the intelligent driving device and server in the above embodiment.
  • the embodiment of the present application also provides a computer program product, which includes a computer program code.
  • the computer program code runs on a computer, the computer implements the method in the embodiment of the present application.
  • the embodiment of the present application also provides a computer-readable storage medium, which stores computer instructions.
  • the computer instructions When the computer instructions are executed on a computer, the computer implements the method in the embodiment of the present application.
  • the embodiment of the present application also provides a chip, including a circuit, for executing the method in the embodiment of the present application.
  • each step of the above method can be completed by an integrated logic circuit of hardware in a processor or an instruction in the form of software.
  • the method disclosed in conjunction with the embodiment of the present application can be directly embodied as a hardware processor for execution, or a combination of hardware and software modules in a processor for execution.
  • the software module can be located in a storage medium mature in the art such as a random access memory, a flash memory, a read-only memory, a programmable read-only memory, or a power-on erasable programmable memory, a register, etc.
  • the storage medium is located in a memory, and the processor reads the information in the memory and completes the steps of the above method in conjunction with its hardware. To avoid repetition, it is not described in detail here.
  • the disclosed systems, devices and methods can be implemented in other ways.
  • the device embodiments described above are only schematic.
  • the division of the units is only a logical function division. There may be other division methods in actual implementation, such as multiple units or components can be combined or integrated into another system, or some features can be ignored or not executed.
  • Another point is that the mutual coupling or direct coupling or communication connection shown or discussed can be through some interfaces, indirect coupling or communication connection of devices or units, which can be electrical, mechanical or other forms.
  • the units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place or distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
  • each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
  • the functions are implemented in the form of software functional units and sold or used as independent products, they can be stored in a computer-readable storage medium.
  • the technical solution of the present application can essentially or part of the technical solution can be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for a computer device (which can be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in each embodiment of the present application.
  • the aforementioned storage medium includes: various media that can store program codes, such as USB flash drives, mobile hard drives, ROM, RAM, magnetic disks, or optical disks.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Traffic Control Systems (AREA)

Abstract

A method for replacing a pseudonym certificate, an apparatus and a system. The method comprises: a first device acquires first information, the first information being used for instructing the first device to replace a pseudonym certificate, and the first information being associated with a first region where the first device is located and/or the operating state of the first device; and, according to the first information, the first device performs control to replace the pseudonym certificate. The method of the present application can be applied to intelligent driving devices such as intelligent vehicles and electric vehicles, and can prevent attackers from continuously tracking the first device when knowing the replacement period, helping to improve the security of the first device.

Description

更换假名证书的方法、装置和系统Method, device and system for replacing pseudonymous certificate 技术领域Technical Field
本申请涉及车联网安全领域,更具体地,涉及一种更换假名证书的方法、装置和系统。The present application relates to the field of Internet of Vehicles security, and more specifically, to a method, device and system for replacing a pseudonym certificate.
背景技术Background technique
随着智能驾驶技术的发展,可以通过车对外界(vehicle to everything,V2X)通信网络与周边车辆、基站、路侧设备(road side unit,RSU)等节点进行信息交互,以辅助驾驶。在V2X场景中,车辆不断向周边车辆、基站、RSU等节点广播自身的行驶参数和位置等信息,可能会被攻击者获取,攻击者根据上述广播信息可以确定车辆的位置,从而通过车辆与驾驶员的关联进一步损害驾驶员的隐私安全。为避免攻击者跟踪车辆位置从而导致驾驶员隐私被侵犯,目前常见方法是使用通过假名证书认证解决攻击者对车辆安全的威胁。With the development of intelligent driving technology, information can be exchanged with surrounding vehicles, base stations, road side units (RSU) and other nodes through the vehicle to everything (V2X) communication network to assist driving. In the V2X scenario, the vehicle continuously broadcasts its own driving parameters and location information to surrounding vehicles, base stations, RSU and other nodes, which may be obtained by attackers. The attacker can determine the location of the vehicle based on the above broadcast information, thereby further damaging the driver's privacy security through the association between the vehicle and the driver. In order to prevent attackers from tracking the vehicle's location and thus infringing the driver's privacy, the current common method is to use pseudonymous certificate authentication to resolve the threat to vehicle security posed by attackers.
车辆可以通过不断更改它们所使用的假名证书,使得攻击者难以将假名证书和对应位置上的车辆关联起来,进而加强位置跟踪的复杂性。但是,传统的基于固定周期的假名证书更换,仍然无法避免攻击者根据假名证书确定车辆的位置,仍然容易造成车辆位置等隐私泄露。Vehicles can make it difficult for attackers to associate the pseudonym certificates with the vehicles at the corresponding locations by constantly changing the pseudonym certificates they use, thereby increasing the complexity of location tracking. However, the traditional pseudonym certificate replacement based on a fixed period still cannot prevent attackers from determining the location of the vehicle based on the pseudonym certificates, and it is still easy to cause privacy leaks such as vehicle location.
鉴于此,一种能够提升车辆安全的更换假名证书的方案亟待开发。In view of this, a solution for replacing pseudonymous certificates that can improve vehicle safety needs to be developed urgently.
发明内容Summary of the invention
本申请实施例提供一种更换假名证书的方法、装置和系统,能够降低攻击者对智能驾驶设备进行持续跟踪导致智能隐私泄露的几率,有助于提高智能驾驶设备的安全。The embodiments of the present application provide a method, device, and system for replacing a pseudonym certificate, which can reduce the probability of attackers continuously tracking smart driving devices and causing smart privacy leakage, and help improve the security of smart driving devices.
本申请提供的方法可以应用于智能驾驶设备中,该智能驾驶设备可以为广义概念上的车辆,可以是交通工具(如汽车商用车、乘用车、卡车、摩托车、飞机飞行车、火车、轮船等),工业车辆(如:叉车、挂车、牵引车等),工程车辆(如挖掘机、推土车、吊车等),农用设备(如割草机、收割机等),游乐设备,玩具车辆等,本申请对车辆的类型不作具体限定。The method provided in the present application can be applied to an intelligent driving device, which can be a vehicle in a broad sense, such as a means of transportation (such as commercial vehicles, passenger cars, trucks, motorcycles, airplanes, flying cars, trains, ships, etc.), industrial vehicles (such as forklifts, trailers, tractors, etc.), engineering vehicles (such as excavators, bulldozers, cranes, etc.), agricultural equipment (such as mowers, harvesters, etc.), amusement equipment, toy vehicles, etc. The present application does not specifically limit the type of vehicle.
第一方面,提供了更换假名证书的方法,该方法可以由智能驾驶设备执行;或者,也可以由用于智能驾驶设备的芯片或电路执行,本申请对此不作限定。In a first aspect, a method for replacing a pseudonym certificate is provided, which method may be executed by an intelligent driving device; or, alternatively, may be executed by a chip or circuit for an intelligent driving device, which is not limited in the present application.
该方法包括:第一设备获取第一信息,该第一信息用于指示该第一设备更换假名证书,该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联;该第一设备根据该第一信息控制进行假名证书的更换。The method includes: a first device acquires first information, the first information is used to instruct the first device to replace a pseudonym certificate, the first information is associated with a first area where the first device is located and/or an operating state of the first device; the first device controls the replacement of the pseudonym certificate according to the first information.
在上述技术方案中,在第一设备处于特定的运行状态,和/或行驶至特定区域时,控制进行假名证书的更换,能够预防攻击者在掌握更换周期的情况下,对第一设备进行持续跟踪,有助于提高第一设备的安全。In the above technical solution, when the first device is in a specific operating state and/or travels to a specific area, the replacement of the pseudonym certificate is controlled, which can prevent attackers from continuously tracking the first device when they know the replacement cycle, thereby helping to improve the security of the first device.
示例性地,第一设备可以为智能驾驶设备,或者第一设备也可以为设置于智能驾驶设 备中的某个处理器。在第一设备为设置于智能驾驶设备中的处理器时,第一设备所处的区域为智能驾驶设备所处区域;第一设备的运行状态为智能驾驶设备的运行状态。Exemplarily, the first device may be an intelligent driving device, or the first device may be a processor disposed in the intelligent driving device. When the first device is a processor disposed in the intelligent driving device, the area where the first device is located is the area where the intelligent driving device is located; and the operating state of the first device is the operating state of the intelligent driving device.
示例性地,“该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联”可以理解为:该第一信息是在该第一设备所处的第一区域时生成和/或获取的,和/或该第一信息是该第一设备处于某一运行状态时生成和/或获取的。其中,某一运行状态可以包括行驶状态、上电停车状态、刚启动状态中的至少一个。Exemplarily, “the first information is associated with the first area where the first device is located and/or the operating state of the first device” can be understood as: the first information is generated and/or obtained when the first device is located in the first area, and/or the first information is generated and/or obtained when the first device is in a certain operating state. The certain operating state may include at least one of a driving state, a power-on parking state, and a just-started state.
示例性地,该第一区域可以包括如下至少一种区域:使用假名证书的频率较低的区域,第一设备经常行驶的区域,根据第一设备的用户感兴趣的地点确定的区域。Exemplarily, the first area may include at least one of the following areas: an area where pseudonym certificates are used less frequently, an area where the first device often travels, and an area determined based on places of interest to a user of the first device.
在一些可能的实现方式中,第一信息可以为从路侧设备处接收的;或者,第一信息也可以为从智能驾驶设备的其他处理器处获取的。In some possible implementations, the first information may be received from a roadside device; or, the first information may also be obtained from other processors of the intelligent driving device.
结合第一方面,在第一方面的某些实现方式中,该第一区域包括第二区域,该第二区域为与该第一设备的用户感兴趣的地点相关联的区域,该第一设备获取第一信息,包括:在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,该第一设备从第一路侧设备处接收该第一信息,该第一路侧设备为该第一区域中与该第一设备距离最近的路侧设备。In combination with the first aspect, in certain implementations of the first aspect, the first area includes a second area, the second area is an area associated with a place of interest to a user of the first device, and the first device obtains first information, including: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first device receives the first information from a first roadside device, and the first roadside device is the roadside device that is closest to the first device in the first area.
示例性地,预设距离阈值可以为5米,或者也可以为3米,或者还可以为其他距离。Exemplarily, the preset distance threshold may be 5 meters, or 3 meters, or other distances.
示例性地,“该第二区域为与该第一设备的用户感兴趣的地点相关联的区域”可以理解为:该第二区域为根据第一设备的用户感兴趣的地点确定的聚簇,或者,该第二区域为第一设备的用户感兴趣的地点。Exemplarily, “the second area is an area associated with a place of interest to the user of the first device” can be understood as: the second area is a cluster determined according to the place of interest to the user of the first device, or the second area is a place of interest to the user of the first device.
需要说明的是,该第一设备也可以从其他设备处获取该第一信息,例如,从其他智能驾驶设备处获取该第一信息。It should be noted that the first device may also obtain the first information from other devices, for example, from other intelligent driving devices.
在上述技术方案中,能够根据用户感兴趣的地点为第一设备设计自适应的假名证书的更换方案,有助于提高用户体验。此外,在攻击者获取用户感兴趣的地点相关信息后,可能结合假名证书更换周期对第一设备进行跟踪。在第一设备行驶至用户感兴趣的地点相关联的区域时,控制进行假名证书的更换,能够增大攻击者攻破车辆新旧假名证书关系的难度,有助于降低攻击者获取第一设备的隐私的几率,进一步提升第一设备的安全性。In the above technical solution, an adaptive pseudonym certificate replacement scheme can be designed for the first device according to the places of interest to the user, which helps to improve the user experience. In addition, after the attacker obtains the relevant information of the places of interest to the user, the first device may be tracked in combination with the pseudonym certificate replacement cycle. When the first device travels to the area associated with the places of interest to the user, the replacement of the pseudonym certificate is controlled, which can increase the difficulty for the attacker to break the relationship between the old and new pseudonym certificates of the vehicle, help reduce the probability of the attacker obtaining the privacy of the first device, and further improve the security of the first device.
结合第一方面,在第一方面的某些实现方式中,该第一区域包括第一信号灯路口,该第一设备根据该第一信息控制进行假名证书的更换,包括:在该第一设备在该第一区域的行驶速度小于或等于预设速度阈值时,该第一设备控制进行假名证书的更换。In combination with the first aspect, in certain implementations of the first aspect, the first area includes a first traffic light intersection, and the first device controls the replacement of the pseudonym certificate according to the first information, including: when the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
在一些可能的实现方式中,该第一信号灯路口为用户感兴趣的地点,或者为与用户感兴趣的地点相关联的第二区域,则在该第一设备与该第一信号灯路口之间的距离小于或等于预设距离阈值时,该第一设备从接收该第一信息;进一步地,在该第一设备在该第一区域的行驶速度小于或等于预设速度阈值时,该第一设备控制进行假名证书的更换。In some possible implementations, the first traffic light intersection is a place of interest to the user, or a second area associated with the place of interest to the user. When the distance between the first device and the first traffic light intersection is less than or equal to a preset distance threshold, the first device receives the first information; further, when the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
在一些可能的实现方式中,第一设备在第一信号灯路口的信号灯变红时,接收第一信息;进一步地,在该第一设备在该第一区域的行驶速度小于或等于预设速度阈值时,该第一设备控制进行假名证书的更换。示例性地,该信号灯为第一设备行驶方向的信号灯。例如,第一设备在第一信号灯路口处需由南向北直行,则该信号灯可以为该第一信号灯路口处指示南北向直行的信号灯。In some possible implementations, the first device receives the first information when the traffic light at the first traffic light intersection turns red; further, when the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate. Exemplarily, the traffic light is a traffic light in the driving direction of the first device. For example, if the first device needs to go straight from south to north at the first traffic light intersection, the traffic light can be a traffic light indicating north-south straight driving at the first traffic light intersection.
示例性地,该预设速度阈值可以为3km/h,或者也可以为0km/h,或者还可以为其他 速度。Exemplarily, the preset speed threshold may be 3 km/h, or may be 0 km/h, or may be other speeds.
在上述技术方案中,在第一设备行驶过程中,在路口停车时,由于在此场景下,第一设备与其他设备进行通信的需求较小,因此可以控制进行假名证书的更换,能够在保证第一设备通信不受影响的前提下,提高第一设备的安全性。In the above technical solution, when the first device is driving and stops at an intersection, since the need for the first device to communicate with other devices is relatively small in this scenario, the replacement of the pseudonym certificate can be controlled, thereby improving the security of the first device while ensuring that the communication of the first device is not affected.
结合第一方面,在第一方面的某些实现方式中,该第一设备根据该第一信息控制进行假名证书的更换,包括:在该第一设备启动时,该第一设备控制进行假名证书的更换。In combination with the first aspect, in some implementations of the first aspect, the first device controls the replacement of the pseudonym certificate according to the first information, including: when the first device is started, the first device controls the replacement of the pseudonym certificate.
在一些可能的实现方式中,在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,该第一设备接收该第一信息,在第一设备接收到第一信息之后熄火下电。由于第一设备熄火时无需与其他设备进行通信,因此无需更换假名证书。进一步地,第一设备在该第二区域启动时,该第一设备控制进行假名证书的更换。In some possible implementations, when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first device receives the first information, and shuts down the engine and powers off after receiving the first information. Since the first device does not need to communicate with other devices when shutting down the engine, there is no need to replace the pseudonym certificate. Furthermore, when the first device is started in the second area, the first device controls the replacement of the pseudonym certificate.
在上述技术方案中,第一设备在启动之前,由于不需要与其他设备进行通信,因此可能长时间未更换假名证书,在第一设备启动后直接使用之前的假名证书,比较容易被攻击者跟踪,因此在第一设备启动时进行假名证书更换,有助于提升第一设备的安全性。In the above technical solution, before the first device is started, it does not need to communicate with other devices, so the pseudonym certificate may not be replaced for a long time. After the first device is started, the previous pseudonym certificate is directly used, which is easier to be tracked by attackers. Therefore, replacing the pseudonym certificate when the first device is started helps to improve the security of the first device.
结合第一方面,在第一方面的某些实现方式中,该方法还包括:该第一设备确定假名证书的更换周期,该更换周期与该第一设备的实时状态参数相关联;该第一设备在该更换周期到达时,控制进行假名证书的更换。In combination with the first aspect, in certain implementations of the first aspect, the method also includes: the first device determines a replacement cycle of the pseudonym certificate, and the replacement cycle is associated with a real-time status parameter of the first device; when the replacement cycle arrives, the first device controls the replacement of the pseudonym certificate.
在上述技术方案中,能够根据第一设备的实时状态参数确定更换假名证书的更换周期,由于该假名更换周期是变化的,使得攻击者无法确定第一设备假名证书的更换周期,进而无法对第一设备进行跟踪,有助于提升第一设备的安全性。In the above technical solution, the replacement cycle of the pseudonym certificate can be determined according to the real-time status parameters of the first device. Since the pseudonym replacement cycle is variable, attackers cannot determine the replacement cycle of the pseudonym certificate of the first device, and thus cannot track the first device, which helps to improve the security of the first device.
结合第一方面,在第一方面的某些实现方式中,该实时状态参数包括如下至少一项:该第一设备的速度,该第一设备周围的车流密度,该第一设备的隐私泄露度,以及用户需求等级,其中,该用户需求等级用于指示该第一设备的用户更换假名证书的需求等级。In combination with the first aspect, in certain implementations of the first aspect, the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
第二方面,提供了一种更换假名证书的方法,该方法可以由云端服务器执行,或者也可以由用于云端服务器的芯片或电路执行。在一些可能的实现方式中,该方法也可以由路侧设备执行,或者也可以由应用路侧设备的芯片或电路执行,本申请对此不作限定。In a second aspect, a method for replacing a pseudonym certificate is provided, which can be executed by a cloud server, or by a chip or circuit used for a cloud server. In some possible implementations, the method can also be executed by a roadside device, or by a chip or circuit using a roadside device, which is not limited in this application.
该方法包括:第二设备生成第一信息,该第一信息用于指示第一设备更换假名证书,该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联;该第二设备向该第一设备发送该第一信息。The method includes: a second device generates first information, the first information is used to instruct the first device to change the pseudonym certificate, the first information is associated with a first area where the first device is located and/or an operating state of the first device; the second device sends the first information to the first device.
在上述技术方案中,在第一设备处于特定的运行状态,和/或行驶至特定区域时,向第一设备发送第一信息,以控制第一设备进行假名证书的更换,能够预防攻击者在掌握更换周期的情况下,对第一设备进行持续跟踪,有助于提高第一设备的安全。In the above technical solution, when the first device is in a specific operating state and/or travels to a specific area, a first message is sent to the first device to control the first device to replace the pseudonym certificate. This can prevent attackers from continuously tracking the first device when they know the replacement cycle, thereby helping to improve the security of the first device.
结合第二方面,在第二方面的某些实现方式中,该第一区域包括第二区域,该第二区域为根据该第一设备的用户感兴趣的地点相关联的区域,该第二设备为该第一区域中与该第一设备距离最近的路侧设备,该第二设备向该第一设备发送该第一信息,包括:在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,该第二设备向该第一设备发送该第一信息。In combination with the second aspect, in certain implementations of the second aspect, the first area includes a second area, the second area is an area associated with places of interest to users of the first device, the second device is a roadside device in the first area that is closest to the first device, and the second device sends the first information to the first device, including: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the second device sends the first information to the first device.
在上述技术方案中,在特定区域生成指示第一设备更换假名证书的指示信息,并发送给第一设备,以使得第一设备在特定区域根据第二设备的指示信息进行假名证书更换,不仅能够节约第一设备的计算开销,还能进一步预防攻击者对第一设备的跟踪导致用户隐私 泄露的问题。In the above technical solution, instruction information instructing the first device to replace the pseudonym certificate is generated in a specific area and sent to the first device, so that the first device replaces the pseudonym certificate in the specific area according to the instruction information of the second device. This can not only save the computing overhead of the first device, but also further prevent the attacker from tracking the first device and causing the user privacy leakage.
结合第二方面,在第二方面的某些实现方式中,该第一区域包括第一信号灯路口,该第二设备生成第一信息,包括:该第二设备获取到第一信号灯路口的信号灯变红的信息时,该第二设备生成该第一信息。In combination with the second aspect, in certain implementations of the second aspect, the first area includes a first traffic light intersection, and the second device generates the first information, including: when the second device obtains information that the traffic light at the first traffic light intersection turns red, the second device generates the first information.
示例性地,该信号灯为第一设备行驶方向的信号灯。Exemplarily, the traffic light is a traffic light for the driving direction of the first device.
示例性地,第一信号灯路口的信号灯变红可以为第二设备检测到的,或者也可以为其他设备指示的。Exemplarily, the red turn of the traffic light at the first traffic light intersection may be detected by the second device, or may be indicated by other devices.
在上述技术方案中,在第一设备行驶过程中,在路口停车时,由于在此场景下,第一设备与其他设备进行通信的需求较小,因此可以指示第一设备进行假名证书的更换,能够在保证第一设备通信不受影响的前提下,提高第一设备的安全性。In the above technical solution, when the first device is driving and stops at an intersection, since the need for the first device to communicate with other devices is relatively small in this scenario, the first device can be instructed to replace the pseudonym certificate, thereby improving the security of the first device while ensuring that the communication of the first device is not affected.
结合第二方面,在第二方面的某些实现方式中,该第二设备向该第一设备发送该第一信息,包括:该第二设备经由第三设备向该第一设备发送该第一信息。In combination with the second aspect, in some implementations of the second aspect, the second device sending the first information to the first device includes: the second device sending the first information to the first device via a third device.
示例性地,第二设备为云端服务器,第三设备为路侧设备,例如,该第三设备可以为第一设备所行驶的区域的路侧设备。Exemplarily, the second device is a cloud server, and the third device is a roadside device. For example, the third device may be a roadside device in an area where the first device is traveling.
在一些可能的实现方式中,第二设备不便于直接向第一设备发送指示其更换假名证书的信息,则可以通过第三设备向第一设备发送该指示第一设备更换假名证书的信息。In some possible implementations, if it is inconvenient for the second device to directly send information instructing the first device to change its pseudonym certificate, the second device may send the information instructing the first device to change its pseudonym certificate to the first device via a third device.
结合第二方面,在第二方面的某些实现方式中,该方法还包括:该第二设备获取该第一区域的信息和/或该第一设备的运行状态的信息。In combination with the second aspect, in some implementations of the second aspect, the method further includes: the second device acquiring information about the first area and/or information about an operating status of the first device.
示例性地,第二设备可以从第一设备处获取该第一区域的信息和/或该第一设备的运行状态的信息;或者,第二设备也可以自己检测第一设备所处的第一区域和/或第一设备的运行状态。Exemplarily, the second device may obtain information about the first area and/or information about the operating status of the first device from the first device; alternatively, the second device may also detect the first area where the first device is located and/or the operating status of the first device by itself.
结合第二方面,在第二方面的某些实现方式中,该方法还包括:该第二设备获取该第一设备的实时状态参数;该第二设备根据该实时状态参数确定假名证书的更换周期;该第二设备向该第一设备发送该更换周期的信息。In combination with the second aspect, in certain implementations of the second aspect, the method also includes: the second device obtains real-time status parameters of the first device; the second device determines a replacement cycle of the pseudonym certificate based on the real-time status parameters; and the second device sends information about the replacement cycle to the first device.
在上述技术方案中,第二设备能够根据第一设备的实时状态参数确定更换假名证书的更换周期,由于该假名更换周期是变化的,使得攻击者无法确定第一设备假名证书的更换周期,进而无法对第一设备进行跟踪,有助于提升第一设备的安全性;此外,无需第一设备自己确定更换周期,有助于节省第一设备的计算开销。In the above technical solution, the second device can determine the replacement cycle of the pseudonym certificate according to the real-time status parameters of the first device. Since the pseudonym replacement cycle is variable, the attacker cannot determine the replacement cycle of the pseudonym certificate of the first device, and thus cannot track the first device, which helps to improve the security of the first device. In addition, the first device does not need to determine the replacement cycle by itself, which helps to save the computing overhead of the first device.
结合第二方面,在第二方面的某些实现方式中,该实时状态参数包括如下至少一项:该第一设备的速度,该第一设备周围的车流密度,该第一设备的隐私泄露度,以及用户需求等级,其中,该用户需求等级用于指示该第一设备的用户更换假名证书的需求等级。In combination with the second aspect, in certain implementations of the second aspect, the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
第三方面,提供了一种更换假名证书的方法,该方法可以包括:第一设备确定假名证书的更换周期,该更换周期与该第一设备的实时状态参数相关联;该第一设备在该更换周期到达时,控制进行假名证书的更换。According to a third aspect, a method for replacing a pseudonym certificate is provided, which may include: a first device determines a replacement cycle of the pseudonym certificate, wherein the replacement cycle is associated with a real-time status parameter of the first device; and when the replacement cycle arrives, the first device controls the replacement of the pseudonym certificate.
结合第三方面,在第三方面的某些实现方式中,该实时状态参数包括如下至少一项:该第一设备的速度,该第一设备周围的车流密度,该第一设备的隐私泄露度,以及用户需求等级,其中,该用户需求等级用于指示该第一设备的用户更换假名证书的需求等级。In combination with the third aspect, in certain implementations of the third aspect, the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
结合第三方面,在第三方面的某些实现方式中,该第一设备获取第一信息,该第一信息用于指示该第一设备更换假名证书,该第一信息与该第一设备所处的第一区域和/或该 第一设备的运行状态相关联;该第一设备根据该第一信息控制进行假名证书的更换。In combination with the third aspect, in certain implementations of the third aspect, the first device obtains first information, where the first information is used to instruct the first device to replace the pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operating status of the first device; the first device controls the replacement of the pseudonym certificate according to the first information.
结合第三方面,在第三方面的某些实现方式中,该第一区域包括第二区域,该第二区域为与该第一设备的用户感兴趣的地点相关联的区域,该第一设备获取第一信息,包括:在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,该第一设备从第一路侧设备处接收该第一信息,该第一路侧设备为该第一区域中与该第一设备距离最近的路侧设备。In combination with the third aspect, in certain implementations of the third aspect, the first area includes a second area, the second area is an area associated with a place of interest to a user of the first device, and the first device obtains first information, including: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first device receives the first information from a first roadside device, and the first roadside device is the roadside device that is closest to the first device in the first area.
结合第三方面,在第三方面的某些实现方式中,该第一区域包括第一信号灯路口,该第一设备根据该第一信息控制进行假名证书的更换,包括:在该第一设备在该第一区域的行驶速度小于或等于预设速度阈值时,该第一设备控制进行假名证书的更换。In combination with the third aspect, in certain implementations of the third aspect, the first area includes a first traffic light intersection, and the first device controls the replacement of the pseudonym certificate according to the first information, including: when the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
结合第三方面,在第三方面的某些实现方式中,该第一设备根据该第一信息控制进行假名证书的更换,包括:在该第一设备启动时,该第一设备控制进行假名证书的更换。In combination with the third aspect, in certain implementations of the third aspect, the first device controls the replacement of the pseudonym certificate according to the first information, including: when the first device is started, the first device controls the replacement of the pseudonym certificate.
第四方面,提供了一种更换假名证书的装置,该装置包括获取单元和处理单元;其中,该获取单元用于获取第一信息,该第一信息用于指示第一设备更换假名证书,该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联;该处理单元用于根据该第一信息控制进行假名证书的更换。In a fourth aspect, a device for replacing a pseudonym certificate is provided, the device comprising an acquisition unit and a processing unit; wherein the acquisition unit is used to acquire first information, the first information is used to instruct a first device to replace a pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operating status of the first device; the processing unit is used to control the replacement of the pseudonym certificate according to the first information.
结合第四方面,在第四方面的某些实现方式中,该第一区域包括第二区域,该第二区域为与该第一设备的用户感兴趣的地点相关联的区域,该获取单元用于:在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,从第一路侧设备处接收该第一信息,该第一路侧设备为该第一区域中与该第一设备距离最近的路侧设备。In combination with the fourth aspect, in certain implementations of the fourth aspect, the first area includes a second area, the second area is an area associated with a place of interest to a user of the first device, and the acquisition unit is used to: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, receive the first information from a first roadside device, the first roadside device being the roadside device that is closest to the first device in the first area.
结合第四方面,在第四方面的某些实现方式中,该第一区域包括第一信号灯路口,该处理单元用于:在该第一设备在该第一区域的行驶速度小于或等于预设速度阈值时,控制进行假名证书的更换。In combination with the fourth aspect, in certain implementations of the fourth aspect, the first area includes a first traffic light intersection, and the processing unit is used to control the replacement of the pseudonym certificate when the driving speed of the first device in the first area is less than or equal to a preset speed threshold.
结合第四方面,在第四方面的某些实现方式中,该处理单元用于:在该第一设备启动时,控制进行假名证书的更换。In combination with the fourth aspect, in certain implementations of the fourth aspect, the processing unit is used to: when the first device is started, control the replacement of the pseudonym certificate.
结合第四方面,在第四方面的某些实现方式中,该装置还包括确定单元,用于:确定假名证书的更换周期,该更换周期与该第一设备的实时状态参数相关联;该处理单元还用于:在该更换周期到达时,控制进行假名证书的更换。In combination with the fourth aspect, in certain implementations of the fourth aspect, the device also includes a determination unit, used to: determine a replacement cycle of the pseudonym certificate, and the replacement cycle is associated with the real-time status parameters of the first device; the processing unit is also used to: control the replacement of the pseudonym certificate when the replacement cycle arrives.
结合第四方面,在第四方面的某些实现方式中,该实时状态参数包括如下至少一项:该第一设备的速度,该第一设备周围的车流密度,该第一设备的隐私泄露度,以及用户需求等级,其中,该用户需求等级用于指示该第一设备的用户更换假名证书的需求等级。In combination with the fourth aspect, in certain implementations of the fourth aspect, the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
第五方面,提供了一种更换假名证书的装置,该装置包括生成单元和收发单元;其中,该生成单元用于:生成第一信息,该第一信息用于指示第一设备更换假名证书,该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联;该收发单元用于向该第一设备发送该第一信息。In a fifth aspect, a device for replacing a pseudonym certificate is provided, the device comprising a generating unit and a transceiver unit; wherein the generating unit is used to: generate first information, the first information being used to instruct a first device to replace a pseudonym certificate, the first information being associated with a first area where the first device is located and/or an operating status of the first device; the transceiver unit being used to send the first information to the first device.
结合第五方面,在第五方面的某些实现方式中,该第一区域包括第二区域,该第二区域为根据该第一设备的用户感兴趣的地点相关联的区域,该第二设备为该第一区域中与该第一设备距离最近的路侧设备,该收发单元用于:在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,向该第一设备发送该第一信息。In combination with the fifth aspect, in certain implementations of the fifth aspect, the first area includes a second area, the second area is an area associated with places of interest to users of the first device, the second device is a roadside device in the first area that is closest to the first device, and the transceiver unit is used to send the first information to the first device when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold.
结合第五方面,在第五方面的某些实现方式中,该第一区域包括第一信号灯路口,该 装置还包括获取单元,该生成单元用于:在该获取单元获取到第一信号灯路口的信号灯变红的信息时,生成该第一信息。In combination with the fifth aspect, in certain implementations of the fifth aspect, the first area includes a first traffic light intersection, and the device also includes an acquisition unit, and the generation unit is used to generate the first information when the acquisition unit acquires information that the traffic light at the first traffic light intersection turns red.
结合第五方面,在第五方面的某些实现方式中,该收发单元用于:经由第三设备向该第一设备发送该第一信息。In combination with the fifth aspect, in certain implementations of the fifth aspect, the transceiver unit is used to: send the first information to the first device via a third device.
结合第五方面,在第五方面的某些实现方式中,该装置还包括获取单元,该获取单元用于:获取该第一区域的信息和/或该第一设备的运行状态的信息。In combination with the fifth aspect, in some implementations of the fifth aspect, the apparatus further includes an acquisition unit, which is used to: acquire information about the first area and/or information about the operating status of the first device.
结合第五方面,在第五方面的某些实现方式中,该装置还包括获取单元和确定单元,该获取单元用于:获取该第一设备的实时状态参数;该确定单元用于:根据该实时状态参数确定假名证书的更换周期;该收发单元还用于:向该第一设备发送该更换周期的信息。In combination with the fifth aspect, in certain implementations of the fifth aspect, the device also includes an acquisition unit and a determination unit, the acquisition unit is used to: obtain the real-time status parameters of the first device; the determination unit is used to: determine the replacement cycle of the pseudonym certificate based on the real-time status parameters; the transceiver unit is also used to: send information about the replacement cycle to the first device.
结合第五方面,在第五方面的某些实现方式中,该实时状态参数包括如下至少一项:该第一设备的速度,该第一设备周围的车流密度,该第一设备的隐私泄露度,以及用户需求等级,其中,该用户需求等级用于指示该第一设备的用户更换假名证书的需求等级。In combination with the fifth aspect, in certain implementations of the fifth aspect, the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage degree of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
第六方面,提供了一种更换假名证书的装置,该装置包括确定单元和处理单元,该确定单元用于:确定假名证书的更换周期,该更换周期与该第一设备的实时状态参数相关联;该处理单元还用于:在该更换周期到达时,控制进行假名证书的更换。In the sixth aspect, a device for replacing a pseudonym certificate is provided, the device comprising a determination unit and a processing unit, the determination unit being used to: determine a replacement cycle of the pseudonym certificate, the replacement cycle being associated with a real-time status parameter of the first device; the processing unit being also used to: control the replacement of the pseudonym certificate when the replacement cycle arrives.
结合第六方面,在第六方面的某些实现方式中,该实时状态参数包括如下至少一项:该第一设备的速度,该第一设备周围的车流密度,该第一设备的隐私泄露度,以及用户需求等级,其中,该用户需求等级用于指示该第一设备的用户更换假名证书的需求等级。In combination with the sixth aspect, in certain implementations of the sixth aspect, the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
结合第六方面,在第六方面的某些实现方式中,该装置还包括获取单元;该获取单元用于获取第一信息,该第一信息用于指示第一设备更换假名证书,该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联;该处理单元用于根据该第一信息控制进行假名证书的更换。In combination with the sixth aspect, in certain implementations of the sixth aspect, the device also includes an acquisition unit; the acquisition unit is used to acquire first information, the first information is used to instruct the first device to replace the pseudonym certificate, and the first information is associated with the first area where the first device is located and/or the operating status of the first device; the processing unit is used to control the replacement of the pseudonym certificate according to the first information.
结合第六方面,在第六方面的某些实现方式中,该第一区域包括第二区域,该第二区域为与该第一设备的用户感兴趣的地点相关联的区域,该获取单元用于:在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,从第一路侧设备处接收该第一信息,该第一路侧设备为该第一区域中与该第一设备距离最近的路侧设备。In combination with the sixth aspect, in certain implementations of the sixth aspect, the first area includes a second area, the second area is an area associated with a place of interest to a user of the first device, and the acquisition unit is used to: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, receive the first information from a first roadside device, the first roadside device being the roadside device that is closest to the first device in the first area.
结合第六方面,在第六方面的某些实现方式中,该第一区域包括第一信号灯路口,该处理单元用于:在该第一设备在该第一区域的行驶速度小于或等于预设速度阈值时,控制进行假名证书的更换。In combination with the sixth aspect, in certain implementations of the sixth aspect, the first area includes a first traffic light intersection, and the processing unit is used to control the replacement of the pseudonym certificate when the driving speed of the first device in the first area is less than or equal to a preset speed threshold.
结合第六方面,在第六方面的某些实现方式中,该处理单元用于:在该第一设备启动时,控制进行假名证书的更换。In combination with the sixth aspect, in certain implementations of the sixth aspect, the processing unit is used to: when the first device is started, control the replacement of the pseudonym certificate.
第七方面,提供了一种更换假名证书的装置,该装置包括:存储器,用于存储计算机程序;处理器,用于执行该存储器中存储的计算机程序,以使得该装置执行如第一方面或第三方面中任一种可能实现方式中的方法。In a seventh aspect, a device for replacing a pseudonym certificate is provided, the device comprising: a memory for storing a computer program; a processor for executing the computer program stored in the memory, so that the device performs a method in any possible implementation of the first aspect or the third aspect.
第八方面,提供了一种更换假名证书的装置,该装置包括:存储器,用于存储计算机程序;处理器,用于执行该存储器中存储的计算机程序,以使得该装置执行如第二方面中任一种可能实现方式中的方法。In an eighth aspect, a device for replacing a pseudonym certificate is provided, the device comprising: a memory for storing a computer program; and a processor for executing the computer program stored in the memory, so that the device performs a method as in any possible implementation of the second aspect.
第九方面,提供了一种智能驾驶设备,该智能驾驶设备包括如第四方面、第六方面或第七方面中任一种可能实现方式中的装置。In a ninth aspect, an intelligent driving device is provided, which includes an apparatus as in any possible implementation of the fourth aspect, the sixth aspect or the seventh aspect.
结合第九方面,在第九方面的某些实现方式中,该智能驾驶设备为车辆。In combination with the ninth aspect, in certain implementations of the ninth aspect, the intelligent driving device is a vehicle.
第十方面,提供了一种服务器,该服务器包括如第五方面或第八方面中任一种可能实现方式中的装置。In a tenth aspect, a server is provided, comprising a device as in any possible implementation of the fifth aspect or the eighth aspect.
结合第十方面,在第十方面的某些实现方式中,该服务器为云端服务器,或者为设置在路侧设备中的服务器。In combination with the tenth aspect, in certain implementations of the tenth aspect, the server is a cloud server, or a server set in a roadside device.
第十一方面,提供了一种计算机程序产品,上述计算机程序产品包括:计算机程序代码,当上述计算机程序代码在计算机上运行时,使得计算机执行上述第一方面至第三方面中任一种可能实现方式中的方法。In the eleventh aspect, a computer program product is provided, the computer program product comprising: a computer program code, when the computer program code is run on a computer, the computer executes the method in any possible implementation of the first to third aspects.
需要说明的是,上述计算机程序代码可以全部或部分存储在第一存储介质上,其中第一存储介质可以与处理器封装在一起的,也可以与处理器单独封装。It should be noted that the above-mentioned computer program code may be stored in whole or in part on a first storage medium, wherein the first storage medium may be packaged together with the processor or may be packaged separately from the processor.
第十二方面,提供了一种计算机可读介质,上述计算机可读介质存储有指令,当上述指令被处理器执行时,使得处理器实现上述第一方面至第三方面中任一种可能实现方式中的方法。In the twelfth aspect, a computer-readable medium is provided, wherein the computer-readable medium stores instructions, and when the instructions are executed by a processor, the processor implements the method in any possible implementation of the first to third aspects.
第十三方面,提供了一种芯片,该芯片包括电路,该电路用于执行上述第一方面至第三方面中任一种可能实现方式中的方法。In a thirteenth aspect, a chip is provided, the chip comprising a circuit for executing a method in any possible implementation of the first to third aspects above.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
图1是本申请实施例提供的更换假名证书的系统框架的示意图;FIG1 is a schematic diagram of a system framework for replacing a pseudonym certificate provided in an embodiment of the present application;
图2是本申请实施例提供的更换假名证书的方法的示意性流程图;FIG2 is a schematic flow chart of a method for replacing a pseudonym certificate provided in an embodiment of the present application;
图3是本申请实施例提供的更换假名证书的方法的又一示意性流程图;FIG3 is another schematic flow chart of a method for replacing a pseudonym certificate provided in an embodiment of the present application;
图4是本申请实施例提供的更换假名证书的方法的又一示意性流程图;FIG4 is another schematic flow chart of a method for replacing a pseudonym certificate provided in an embodiment of the present application;
图5是本申请实施例提供的更换假名证书的方法的再一示意性流程图;FIG5 is another schematic flow chart of the method for replacing a pseudonym certificate provided in an embodiment of the present application;
图6是本申请实施例提供的更换假名证书的方法的再一示意性流程图;FIG6 is another schematic flow chart of the method for replacing a pseudonym certificate provided in an embodiment of the present application;
图7是本申请实施例提供的更换假名证书的装置的示意性框图;FIG7 is a schematic block diagram of an apparatus for replacing a pseudonym certificate according to an embodiment of the present application;
图8是本申请实施例提供的更换假名证书的装置的又一示意性框图;FIG8 is another schematic block diagram of an apparatus for replacing a pseudonym certificate provided in an embodiment of the present application;
图9是本申请实施例提供的更换假名证书的装置的再一示意性框图。FIG. 9 is another schematic block diagram of the apparatus for replacing a pseudonym certificate provided in an embodiment of the present application.
具体实施方式Detailed ways
在本申请实施例的描述中,除非另有说明,“/”表示或的意思,例如,A/B可以表示A或B;本文中的“和/或”是一种描述关联对象的关联关系,表示可以存在三种关系,例如,A和/或B,可以表示:单独存在A,同时存在A和B,单独存在B这三种情况。本申请中,“至少一个”是指一个或者多个,“多个”是指两个或两个以上。“以下至少一项(个)”或其类似表达,是指的这些项中的任意组合,包括单项(个)或复数项(个)的任意组合。例如,a,b,或c中的至少一项(个),可以表示:a,b,c,a-b,a-c,b-c,或a-b-c,其中a,b,c可以是单个,也可以是多个。In the description of the embodiments of the present application, unless otherwise specified, "/" means or, for example, A/B can mean A or B; "and/or" in this article is a kind of association relationship that describes associated objects, indicating that three relationships can exist, for example, A and/or B can mean: A exists alone, A and B exist at the same time, and B exists alone. In the present application, "at least one" means one or more, and "multiple" means two or more. "At least one of the following items" or similar expressions refers to any combination of these items, including any combination of single items or plural items. For example, at least one of a, b, or c can mean: a, b, c, a-b, a-c, b-c, or a-b-c, where a, b, c can be single or multiple.
本申请实施例中采用诸如“第一”、“第二”的前缀词,仅仅为了区分不同的描述对象,对被描述对象的位置、顺序、优先级、数量或内容等没有限定作用。本申请实施例中对序数词等用于区分描述对象的前缀词的使用不对所描述对象构成限制,对所描述对象的陈述参见权利要求或实施例中上下文的描述,不应因为使用这种前缀词而构成多余的限制。The prefixes such as "first" and "second" used in the embodiments of the present application are only used to distinguish different description objects, and have no limiting effect on the position, order, priority, quantity or content of the described objects. The use of prefixes such as ordinal numbers used to distinguish description objects in the embodiments of the present application does not constitute a limitation on the described objects. For the statement of the described objects, please refer to the description in the context of the claims or embodiments, and the use of such prefixes should not constitute an unnecessary limitation.
如上所述,V2X场景中,车辆不断向周边车辆、基站、RSU等节点广播自身的行驶参数和位置等信息,可能会被攻击者获取,攻击者根据上述广播信息可以确定车辆的位置。当前技术背景下,车辆可以通过不断更改它们所使用的假名证书,使得攻击者难以将假名证书和对应位置上的车辆关联起来,进而加强位置跟踪的复杂性。但是,传统的基于固定周期的假名证书更换,仍然无法避免攻击者根据假名证书确定车辆的位置,仍然容易造成车辆位置等隐私泄露。As mentioned above, in the V2X scenario, vehicles continuously broadcast their own driving parameters and location information to surrounding vehicles, base stations, RSU and other nodes, which may be obtained by attackers. Attackers can determine the location of the vehicle based on the above broadcast information. Under the current technical background, vehicles can continuously change the pseudonym certificates they use, making it difficult for attackers to associate the pseudonym certificates with the vehicles at the corresponding locations, thereby increasing the complexity of location tracking. However, the traditional fixed-cycle replacement of pseudonym certificates still cannot prevent attackers from determining the location of the vehicle based on the pseudonym certificates, and it is still easy to cause privacy leaks such as vehicle location.
为了解决假名证书更换的固定周期导致的车辆隐私泄露的问题,当前方法有以下两种:其一,在预设的假名周期内,获取车辆的隐私泄露量,根据隐私泄露量计算车辆的隐私泄露度,当隐私泄露度达到隐私泄露度阈值时,从车辆假名集中选择下一个假名进行更换并进入下一个假名周期;如果在假名周期内,在隐私泄露度未达到隐私泄露度阈值时,不更换假名,则等到固有周期到达时才从车辆假名集中选择下一个假名进行更换并自动进入下一个假名周期。其二,若车辆处于行驶状态,则车辆定期广播基本安全信息,根据附近车辆的行驶状态确定假名更换条件,若满足假名更换条件,则执行假名更换;在没有RSU参与的情况下,通过与周围车辆的协作,独立地计算出合法的假名证书。前一种方案中,考虑了隐私泄露度和预定假名更新周期作为假名更换的判断依据,虽然在隐私泄露度较高时,更换假名证书的时刻打破了假名证书更换的固定周期,但是在隐私泄露度较低时,其仍然难以避免攻击者在掌握更名时间间隔情况下对车辆持续跟踪。后一种方案中,无需RSU的参与,通过与周围车辆的协作,独立地计算出合法的假名证书,发起假名更换的车辆需要较大的通信和计算开销,并且难以保证足够的车辆参与假名更换的合作。In order to solve the problem of vehicle privacy leakage caused by the fixed cycle of pseudonym certificate replacement, there are two current methods: First, within the preset pseudonym cycle, obtain the privacy leakage of the vehicle, calculate the privacy leakage degree of the vehicle based on the privacy leakage, and when the privacy leakage degree reaches the privacy leakage threshold, select the next pseudonym from the vehicle pseudonym set to replace and enter the next pseudonym cycle; if within the pseudonym cycle, when the privacy leakage degree does not reach the privacy leakage threshold, the pseudonym is not replaced, and the next pseudonym is selected from the vehicle pseudonym set to replace and automatically enter the next pseudonym cycle when the inherent cycle arrives. Second, if the vehicle is in a driving state, the vehicle regularly broadcasts basic safety information, determines the pseudonym replacement conditions based on the driving state of nearby vehicles, and executes the pseudonym replacement if the pseudonym replacement conditions are met; without the participation of RSU, the legal pseudonym certificate is independently calculated through collaboration with surrounding vehicles. In the former scheme, the privacy leakage degree and the predetermined pseudonym update cycle are considered as the basis for judging the pseudonym change. Although when the privacy leakage degree is high, the time of replacing the pseudonym certificate breaks the fixed cycle of pseudonym certificate replacement, when the privacy leakage degree is low, it is still difficult to prevent the attacker from continuously tracking the vehicle when the name change time interval is known. In the latter scheme, the legitimate pseudonym certificate is independently calculated through cooperation with surrounding vehicles without the participation of RSU. The vehicle initiating the pseudonym change requires large communication and computing overhead, and it is difficult to ensure that enough vehicles participate in the cooperation of pseudonym change.
鉴于此,本申请实施例提供的一种更换假名证书的方法,能够根据智能驾驶设备的实时状态参数确定更换假名证书的更换周期,由于该假名更换周期是变化的,使得攻击者无法确定智能驾驶设备的假名证书更换周期,进而无法对智能驾驶设备进行跟踪,有助于提升智能驾驶设备的安全性。进一步地,在智能驾驶设备处于特定的运行状态,和/或行驶至特定区域时,控制进行假名证书的更换,能够预防攻击者在掌握更换周期的情况下,对智能驾驶设备进行持续跟踪,有助于提高智能驾驶设备安全。In view of this, a method for replacing a pseudonym certificate provided in an embodiment of the present application can determine the replacement cycle of the pseudonym certificate according to the real-time status parameters of the intelligent driving device. Since the pseudonym replacement cycle is variable, attackers cannot determine the pseudonym certificate replacement cycle of the intelligent driving device, and thus cannot track the intelligent driving device, which helps to improve the safety of the intelligent driving device. Furthermore, when the intelligent driving device is in a specific operating state and/or travels to a specific area, controlling the replacement of the pseudonym certificate can prevent attackers from continuously tracking the intelligent driving device when they know the replacement cycle, which helps to improve the safety of the intelligent driving device.
下面将结合附图,对本申请实施例中的技术方案进行描述。The technical solutions in the embodiments of the present application will be described below in conjunction with the accompanying drawings.
图1是本申请实施例提供的一种更换假名证书的方法的应用场景,在该应用场景中,可以包括智能驾驶设备100、云端服务器210和路侧设备220。FIG1 is an application scenario of a method for replacing a pseudonym certificate provided in an embodiment of the present application. In this application scenario, an intelligent driving device 100 , a cloud server 210 , and a roadside device 220 may be included.
智能驾驶设备100可以包括感知系统140、计算平台150和外围设备160。其中,感知系统140可以包括感测关于智能驾驶设备100周边的环境信息以及智能驾驶设备行驶参数的一种或多种传感器。例如,感知系统140可以包括定位系统,定位系统可以是全球定位系统(global positioning system,GPS),也可以是北斗系统或者其他定位系统、惯性测量单元(inertial measurement unit,IMU)。感知系统140还可以包括激光雷达、毫米波雷达、超声雷达以及摄像装置中的一种或者多种;感知系统140还可以包括轮速传感器、踏板位置传感器等,用于感测智能驾驶设备的速度和/或加速度。The intelligent driving device 100 may include a perception system 140, a computing platform 150, and a peripheral device 160. The perception system 140 may include one or more sensors for sensing environmental information about the surroundings of the intelligent driving device 100 and driving parameters of the intelligent driving device. For example, the perception system 140 may include a positioning system, which may be a global positioning system (GPS), a Beidou system or other positioning systems, or an inertial measurement unit (IMU). The perception system 140 may also include one or more of a laser radar, a millimeter wave radar, an ultrasonic radar, and a camera device; the perception system 140 may also include a wheel speed sensor, a pedal position sensor, etc., for sensing the speed and/or acceleration of the intelligent driving device.
智能驾驶设备100的部分或所有功能可以由计算平台150控制。计算平台150可包括一个或多个处理器,例如处理器151至15n(n为正整数),处理器是一种具有信号的处理能力的电路,在一种实现中,处理器可以是具有指令读取与运行能力的电路,例如中央处理单元(central processing unit,CPU)、微处理器、图形处理器(graphics processing unit, GPU)(可以理解为一种微处理器)、或数字信号处理器(digital signal processor,DSP)等;在另一种实现中,处理器可以通过硬件电路的逻辑关系实现一定功能,该硬件电路的逻辑关系是固定的或可以重构的,例如处理器为专用集成电路(application-specific integrated circuit,ASIC)或可编程逻辑器件(programmable logic device,PLD)实现的硬件电路,例如现场可编程门阵列(field programmable gate array,FPGA)。在可重构的硬件电路中,处理器加载配置文档,实现硬件电路配置的过程,可以理解为处理器加载指令,以实现以上部分或全部单元的功能的过程。此外,还可以是针对人工智能设计的硬件电路,其可以理解为一种ASIC,例如神经网络处理单元(neural network processing unit,NPU)、张量处理单元(tensor processing unit,TPU)、深度学习处理单元(deep learning processing unit,DPU)等。此外,计算平台150还可以包括存储器,存储器用于存储指令,处理器151至15n中的部分或全部处理器可以调用存储器中的指令,执行指令,以实现相应的功能。Some or all functions of the intelligent driving device 100 may be controlled by the computing platform 150. The computing platform 150 may include one or more processors, such as processors 151 to 15n (n is a positive integer). The processor is a circuit with signal processing capability. In one implementation, the processor may be a circuit with instruction reading and execution capability, such as a central processing unit (CPU), a microprocessor, a graphics processing unit (GPU) (which can be understood as a microprocessor), or a digital signal processor (DSP); in another implementation, the processor may implement certain functions through the logical relationship of a hardware circuit, and the logical relationship of the hardware circuit is fixed or reconfigurable, such as a hardware circuit implemented by an application-specific integrated circuit (ASIC) or a programmable logic device (PLD), such as a field programmable gate array (FPGA). In a reconfigurable hardware circuit, the process of the processor loading a configuration document to implement the hardware circuit configuration can be understood as the process of the processor loading instructions to implement the functions of some or all of the above units. In addition, it can also be a hardware circuit designed for artificial intelligence, which can be understood as an ASIC, such as a neural network processing unit (NPU), a tensor processing unit (TPU), a deep learning processing unit (DPU), etc. In addition, the computing platform 150 can also include a memory, the memory is used to store instructions, and some or all of the processors 151 to 15n can call the instructions in the memory and execute the instructions to implement the corresponding functions.
智能驾驶设备100通过外围设备160与云端服务器210、外部传感器、其他智能驾驶设备、其他计算机系统或用户之间进行交互。外围设备160可以包括无线通信系统。The intelligent driving device 100 interacts with the cloud server 210, external sensors, other intelligent driving devices, other computer systems or users through the peripheral device 160. The peripheral device 160 may include a wireless communication system.
云端服务器210可以包括计算平台211,计算平台211可以包括一个或多个处理器,该一个或多个处理器的具体形态及相应功能可以参考上述实施例中的描述,在此不再赘述。The cloud server 210 may include a computing platform 211 , and the computing platform 211 may include one or more processors. The specific forms and corresponding functions of the one or more processors may refer to the description in the above embodiments, and will not be repeated here.
应理解,上述装置及设备仅为一个示例,实际应用中,上述装置和设备有可能根据实际需要添加或删除。It should be understood that the above-mentioned devices and equipment are only examples. In actual applications, the above-mentioned devices and equipment may be added or deleted according to actual needs.
在本申请实施例中,云端服务器210可以根据智能驾驶设备100的速度、智能驾驶设备100附近的车流密度、智能驾驶设备的安全程度(或称隐私泄露度)以及用户需求等级,确定假名证书的更换周期,并将该更换周期发送至智能驾驶设备100,以使得智能驾驶设备100可以在该更换周期达到时进行假名证书的更换。云端服务器210还可以根据智能驾驶设备100的用户感兴趣的地点确定假名证书的更换区域,进而控制该区域的路侧设备220向智能驾驶设备100发送假名证书更换指示,以使得智能驾驶设备100可以在该区域进行假名证书的更换。此外,在路侧设备220设置于信号灯交叉路口时,路侧设备220还可以根据信号灯状态确定是否向智能驾驶设备100发送假名证书更换指示,示例性地,在信号灯变为红色时,向周围智能驾驶设备发送假名证书更换指示,以使得处于停车状态的智能驾驶设备100进行假名证书的更换。智能驾驶设备100除了根据更换周期,以及来自路侧设备220的更换指示进行假名证书的更换以外,还可以根据驾驶场景进行假名证书的更换,例如,智能驾驶设备100可以在刚启动时进行假名证书的更换。In an embodiment of the present application, the cloud server 210 can determine the replacement cycle of the pseudonym certificate according to the speed of the intelligent driving device 100, the traffic density near the intelligent driving device 100, the safety level (or privacy leakage) of the intelligent driving device, and the user demand level, and send the replacement cycle to the intelligent driving device 100, so that the intelligent driving device 100 can replace the pseudonym certificate when the replacement cycle is reached. The cloud server 210 can also determine the replacement area of the pseudonym certificate according to the location of interest to the user of the intelligent driving device 100, and then control the roadside device 220 in the area to send a pseudonym certificate replacement instruction to the intelligent driving device 100, so that the intelligent driving device 100 can replace the pseudonym certificate in the area. In addition, when the roadside device 220 is set at a signal light intersection, the roadside device 220 can also determine whether to send a pseudonym certificate replacement instruction to the intelligent driving device 100 according to the state of the signal light. For example, when the signal light turns red, a pseudonym certificate replacement instruction is sent to the surrounding intelligent driving devices, so that the intelligent driving device 100 in the parking state replaces the pseudonym certificate. In addition to replacing the pseudonym certificate according to the replacement cycle and the replacement instruction from the roadside device 220, the intelligent driving device 100 can also replace the pseudonym certificate according to the driving scenario. For example, the intelligent driving device 100 can replace the pseudonym certificate when it is just started.
图2示出了本申请实施例提供的一种更换假名证书的方法200的示意性流程图,该方法200可以应用于图1所示的应用场景中。示例性地,方法200可以由图1中的计算平台150中的某一个或多个处理器执行,该方法200包括:FIG2 shows a schematic flow chart of a method 200 for replacing a pseudonym certificate provided in an embodiment of the present application. The method 200 can be applied to the application scenario shown in FIG1. Exemplarily, the method 200 can be executed by one or more processors in the computing platform 150 in FIG1. The method 200 includes:
S201,第一设备获取第一信息,该第一信息用于指示该第一设备更换假名证书,该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联。S201, a first device obtains first information, where the first information is used to instruct the first device to change a pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operating state of the first device.
在一些可能的实现方式中,该第一设备可以为上述实施例中的智能驾驶设备,该第一信息可以为从路侧设备处接收到的。In some possible implementations, the first device may be the intelligent driving device in the above embodiment, and the first information may be received from a roadside device.
示例性地,该第一区域可以包括智能驾驶设备使用假名证书频率较低的区域,例如,信号灯路口;或者,该第一区域也可以包括智能驾驶设备的用户感兴趣的区域。Exemplarily, the first area may include an area where the intelligent driving device uses the pseudonym certificate less frequently, such as a traffic light intersection; or, the first area may also include an area of interest to users of the intelligent driving device.
示例性地,第一设备的运行状态可以包括如下至少一种:行驶状态,停车状态,刚启动状态(即由下电转为上电的状态)。Exemplarily, the operating state of the first device may include at least one of the following: a driving state, a parking state, and a just-started state (ie, a state from power-off to power-on).
在一些可能的实现方式中,该第一设备可以为设置于智能驾驶设备的计算平台中的某个处理器,该第一信息可以为智能驾驶设备的计算平台中的另一个处理器发送给第一设备的。在上述场景下,第一设备所处的第一区域可以代表智能驾驶设备所处的第一区域,第一设备的运行状态可以代表智能驾驶设备的运行状态。In some possible implementations, the first device may be a processor disposed in a computing platform of the intelligent driving device, and the first information may be sent to the first device by another processor in the computing platform of the intelligent driving device. In the above scenario, the first area where the first device is located may represent the first area where the intelligent driving device is located, and the operating state of the first device may represent the operating state of the intelligent driving device.
需要说明的是,该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联,可以理解为:该第一信息可以是检测到第一设备行驶至信号灯路口,且信号灯由绿灯转为红灯时生成和/或获取的;或者,该第一信息可以是检测到第一设备行驶至用户感兴趣的区域时生成和/或获取的;或者,该第一信息可以是检测到第一设备刚启动时生成和/或获取的。其中,“第一设备刚启动”可以为第一设备在停车场停车后刚启动,或者也可以为第一设备维修后的刚启动,或者也可以为第一设备的其他刚启动的场景。It should be noted that the first information is associated with the first area where the first device is located and/or the operating state of the first device, which can be understood as follows: the first information may be generated and/or obtained when it is detected that the first device has driven to a traffic light intersection and the traffic light has changed from green to red; or, the first information may be generated and/or obtained when it is detected that the first device has driven to an area of interest to the user; or, the first information may be generated and/or obtained when it is detected that the first device has just been started. Among them, "the first device has just been started" may mean that the first device has just been started after parking in a parking lot, or it may also mean that the first device has just been started after maintenance, or it may also mean other scenarios where the first device has just been started.
在一些可能的实现方式中,该第一区域包括第二区域,该第二区域为与第一设备的用户感兴趣的地点相关联的区域,该第一设备获取第一信息,包括:在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,该第一设备从第一路侧设备处接收该第一信息,该第一路侧设备为该第一区域中与该第一设备距离最近的路侧设备。或者,该第一设备为自适应巡航控制系统(cooperativeadaptive cruise control,CACC)车辆队列中的一个车辆,则在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,该第一设备从CACC车辆队列中其他车辆处接收该第一信息。In some possible implementations, the first area includes a second area, the second area is an area associated with a location of interest to a user of the first device, and the first device obtains the first information, including: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first device receives the first information from a first roadside device, the first roadside device being the roadside device closest to the first device in the first area. Alternatively, the first device is a vehicle in an adaptive cruise control (CACC) vehicle queue, then when the distance between the first device and the center of the second area is less than or equal to the preset distance threshold, the first device receives the first information from other vehicles in the CACC vehicle queue.
示例性地,预设距离阈值可以为5米,或者也可以为3米,或者还可以为其他距离。Exemplarily, the preset distance threshold may be 5 meters, or 3 meters, or other distances.
示例性地,该第二区域可以为根据通过聚类算法根据用户感兴趣的地点确定的聚簇,其中,该用户感兴趣的地点可以为用户经常行驶(例如每周行驶超过3次)的地点,或者也可以为用户在电子地图中收藏或标记的地点,或者也可以为用户感兴趣的其他地点。Exemplarily, the second area may be a cluster determined according to places of interest to the user through a clustering algorithm, wherein the places of interest to the user may be places where the user frequently travels (for example, more than three times a week), or places that the user has collected or marked in an electronic map, or other places of interest to the user.
S202,该第一设备根据该第一信息控制进行假名证书的更换。S202: The first device controls the replacement of the pseudonym certificate according to the first information.
一示例中,该第一设备接收到第一信息时,控制进行假名证书的更换。In one example, when the first device receives the first information, it controls the replacement of the pseudonym certificate.
又一示例中,该第一区域包括第一信号灯路口,在第一设备在该第一区域的行驶速度小于或等于预设速度阈值时,该第一设备控制进行假名证书的更换。In another example, the first area includes a first traffic light intersection, and when a driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
示例性地,该预设速度阈值可以为3公里每小时(kilometer per hour,km/h),或者也可以为0km/h,或者还可以为其他速度。Exemplarily, the preset speed threshold may be 3 kilometers per hour (kilometer per hour, km/h), or may be 0 km/h, or may be other speeds.
再一示例中,在第一设备启动时,该第一设备控制进行假名证书的更换。In yet another example, when the first device is started, the first device controls the replacement of the pseudonym certificate.
在一些可能的实现方式中,用户感兴趣的区域包括第一信号灯路口,则在第一设备与用户感兴趣的区域确定聚簇的中心之间的距离小于或等于预设距离阈值时,第一设备接收到第一信息;进一步地,在第一设备在该第一区域的行驶速度小于或等于预设速度阈值时,该第一设备控制进行假名证书的更换。In some possible implementations, the area of interest to the user includes a first traffic light intersection. When the distance between the first device and the center of the cluster determined in the area of interest to the user is less than or equal to a preset distance threshold, the first device receives first information; further, when the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
在一些可能的实现方式中,在第一设备为智能驾驶设备时,该智能驾驶设备可以根据智能驾驶设备的实时状态参数确定假名证书的更换周期。其中,该实时状态参数可以包括如下至少一项:该智能驾驶设备的速度,该智能驾驶设备周围的车流密度,该智能驾驶设备的隐私泄露度,以及用户需求等级,其中,用户需求等级用于指示该智能驾驶设备的用户更换假名证书的需求等级。In some possible implementations, when the first device is an intelligent driving device, the intelligent driving device may determine the replacement cycle of the pseudonym certificate according to the real-time state parameter of the intelligent driving device. The real-time state parameter may include at least one of the following: the speed of the intelligent driving device, the traffic density around the intelligent driving device, the privacy leakage of the intelligent driving device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the intelligent driving device to replace the pseudonym certificate.
本申请实施例提供的一种更换假名证书的方法,在智能驾驶设备处于特定的运行状态,和/或行驶至特定区域时,控制进行假名证书的更换,能够预防攻击者在掌握更换周期的情况下,对智能驾驶设备进行持续跟踪,有助于提高智能驾驶设备的安全。A method for replacing a pseudonym certificate provided in an embodiment of the present application controls the replacement of a pseudonym certificate when the intelligent driving device is in a specific operating state and/or travels to a specific area. This can prevent attackers from continuously tracking the intelligent driving device when they know the replacement cycle, thereby helping to improve the security of the intelligent driving device.
图3示出了本申请实施例提供的一种更换假名证书的方法300的示意性流程图,该方法300可以应用于图1所示的应用场景中。示例性地,方法300可以由图1中的计算平台211中的某一或多个处理器执行,或者也可以由图1中所示的路侧设备220执行。该方法300包括:FIG3 shows a schematic flow chart of a method 300 for replacing a pseudonym certificate provided in an embodiment of the present application. The method 300 can be applied to the application scenario shown in FIG1 . Exemplarily, the method 300 can be executed by one or more processors in the computing platform 211 in FIG1 , or can also be executed by the roadside device 220 shown in FIG1 . The method 300 includes:
S301,第二设备生成第一信息,该第一信息用于指示该第一设备更换假名证书,该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联。S301, a second device generates first information, where the first information is used to instruct the first device to change a pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operating state of the first device.
在一些可能的实现方式中,该第二设备可以为上述实施例中的路侧设备,或者也可以为上述实施例中的云端服务器。In some possible implementations, the second device may be the roadside device in the above embodiment, or may also be the cloud server in the above embodiment.
在一些可能的实现方式中,该第二设备可以为设置于智能驾驶设备的计算平台中的某个处理器。In some possible implementations, the second device may be a processor provided in a computing platform of the intelligent driving device.
示例性地,第二设备生成第一信息可以包括如下至少一项:在获取到第一设备行驶至信号灯路口,且信号灯由绿灯转为红灯的信息时,第二设备生成该第一信息;或者,在获取到第一设备行驶至用户感兴趣的区域的信息时,第二设备生成该第一信息;或者,在获取到第一设备刚启动的信息时,第二设备生成该第一信息。Exemplarily, the second device generating the first information may include at least one of the following: when the second device obtains information that the first device drives to a traffic light intersection and the traffic light turns from green to red, the second device generates the first information; or, when the second device obtains information that the first device drives to an area of interest to the user, the second device generates the first information; or, when the second device obtains information that the first device has just started, the second device generates the first information.
示例性地,上述信号灯为第一设备行驶方向的信号灯。Exemplarily, the signal light is a signal light for the driving direction of the first device.
在一些可能实现方式中,第二设备获取的各信息,可以为第二设备检测的结果,或者也可以为其他设备发送给第二设备的,本申请实施例对此不作具体限定。In some possible implementations, the information obtained by the second device may be a result of detection by the second device, or may be sent to the second device by other devices, which is not specifically limited in the embodiments of the present application.
S302,该第二设备向该第一设备发送该第一信息。S302: The second device sends the first information to the first device.
在一些可能的实现方式中,在第二设备经由第三设备向第一设备发送该第一信息。示例性地,第一设备为智能驾驶设备,第二设备为云端服务器,第三设备为路侧设备,则在某些场景下,第二设备经由第三设备向第一设备发送该第一信息。例如,在第一设备行驶至信号灯路口,第二设备获取到信号灯由绿灯转为红灯的信息时,第二设备经由第三设备向第一设备发送该第一信息;或者,在第一设备行驶至第二区域,在第二设备获取到第一设备与第二区域的中心之间的距离小于或等于预设距离阈值的信息时,第二设备经由第三设备向第一设备发送该第一信息。其中,该第二区域可以为根据通过聚类算法根据用户感兴趣的地点确定的聚簇。In some possible implementations, the second device sends the first information to the first device via the third device. Exemplarily, the first device is an intelligent driving device, the second device is a cloud server, and the third device is a roadside device. In some scenarios, the second device sends the first information to the first device via the third device. For example, when the first device drives to a traffic light intersection and the second device obtains information that the traffic light turns from green to red, the second device sends the first information to the first device via the third device; or, when the first device drives to the second area and the second device obtains information that the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the second device sends the first information to the first device via the third device. The second area can be a cluster determined according to the places of interest to the user through a clustering algorithm.
本申请实施例提供的一种更换假名证书的方法,在智能驾驶设备处于特定的运行状态,和/或行驶至特定区域时,生成第一信息,以控制智能驾驶设备进行假名证书的更换,能够预防攻击者在掌握更换周期的情况下,对智能驾驶设备进行持续跟踪,有助于提高智能驾驶设备的安全。A method for replacing a pseudonym certificate provided in an embodiment of the present application generates first information when the intelligent driving device is in a specific operating state and/or travels to a specific area to control the intelligent driving device to replace the pseudonym certificate. This can prevent attackers from continuously tracking the intelligent driving device when they know the replacement cycle, thereby helping to improve the security of the intelligent driving device.
以下结合图4至图6,对本申请实施例提供的一种更换假名证书的具体方案作详细说明:The following is a detailed description of a specific solution for replacing a pseudonym certificate provided in an embodiment of the present application in conjunction with FIGS. 4 to 6 :
图4示出了本申请实施例提供的一种更换假名证书的方法400的示意性流程图,该方法400可以应用于图1所示的应用场景中,该方法400可以理解为对方法200和/或方法300的扩展,该方法400包括:FIG4 shows a schematic flow chart of a method 400 for replacing a pseudonym certificate provided in an embodiment of the present application. The method 400 can be applied to the application scenario shown in FIG1 . The method 400 can be understood as an extension of the method 200 and/or the method 300 . The method 400 includes:
S401,云端服务器根据智能驾驶设备的实时状态参数确定假名证书的更换周期。S401, the cloud server determines the replacement cycle of the pseudonym certificate according to the real-time status parameters of the intelligent driving device.
示例性地,该云端服务器可以包括上述实施例中的第二设备,该智能驾驶设备可以包括上述实施例中的第一设备。Exemplarily, the cloud server may include the second device in the above embodiment, and the intelligent driving device may include the first device in the above embodiment.
示例性地,该实时状态参数可以包括如下至少一项:该智能驾驶设备的速度S i,该智能驾驶设备周围的车流密度F i,该智能驾驶设备的隐私泄露度P i,以及用户需求等级R i,其中,用户需求等级用于指示该智能驾驶设备的用户更换假名证书的需求等级。 Exemplarily, the real-time status parameter may include at least one of the following: the speed S i of the intelligent driving device, the traffic density F i around the intelligent driving device, the privacy leakage degree P i of the intelligent driving device, and the user demand level R i , wherein the user demand level is used to indicate the demand level of the user of the intelligent driving device to change the pseudonym certificate.
其中,隐私泄露度为根据智能驾驶设备向其他设备发送信息的次数和发送信息的时间间隔确定的。Among them, the privacy leakage degree is determined based on the number of times the intelligent driving device sends information to other devices and the time interval between sending information.
示例性地,隐私泄露度
Figure PCTCN2022131478-appb-000001
其中,“*”表示卷积计算,P代表隐私泄露度阈值,T代表假名证书的更换周期,β表示发送信息的平均间隔时间,Γ(α)为Gamma函数,t表示时间。 For example, the privacy leakage
Figure PCTCN2022131478-appb-000001
Among them, “*” represents convolution calculation, P represents the privacy leakage threshold, T represents the replacement cycle of the pseudonym certificate, β represents the average interval time for sending information, Γ(α) is the Gamma function, and t represents time.
示例性地,可以构建智能驾驶设备的假名更换时间间隔的多元线性回归模型,进一步地,通过如下公式根据最小二乘法确定假名证书的更换周期T iExemplarily, a multivariate linear regression model of the pseudonym replacement time interval of the intelligent driving device may be constructed. Further, the replacement period Ti of the pseudonym certificate may be determined by the least square method using the following formula:
Figure PCTCN2022131478-appb-000002
Figure PCTCN2022131478-appb-000002
其中,ε∈N(0,σ 2),β 1至β 4分别是为智能驾驶设备i确定的S i、F i、P i、R i所占权重。 Wherein, ε∈N(0,σ 2 ), β 1 to β 4 are the weights of S i , Fi , Pi , and Ri determined for the intelligent driving device i, respectively.
S402,云端服务器向智能驾驶设备发送假名证书更换周期的信息。S402, the cloud server sends information about the pseudonym certificate replacement cycle to the intelligent driving device.
在一些可能的实现方式中,云端服务器每隔固定时长向智能驾驶设备发送该假名证书更换周期的信息。示例性地,该固定时长可以为5分钟,或者可以为10分钟,或者还可以为其他时长。In some possible implementations, the cloud server sends information about the pseudonym certificate replacement cycle to the intelligent driving device at fixed intervals. For example, the fixed interval may be 5 minutes, 10 minutes, or other intervals.
在一些可能的实现方式中,云端服务器确定的更换周期与之前确定的更换周期不同时,向智能驾驶设备发送该假名证书更换周期的信息。In some possible implementations, when the replacement cycle determined by the cloud server is different from the previously determined replacement cycle, information on the pseudonym certificate replacement cycle is sent to the intelligent driving device.
S403,智能驾驶设备根据更换周期更换假名证书。S403, the intelligent driving device replaces the pseudonym certificate according to the replacement cycle.
示例性地,在更换周期到达时,智能驾驶设备更换假名证书。Exemplarily, when the replacement period arrives, the intelligent driving device replaces the pseudonym certificate.
S404,第一RSU在路口信号灯变为红色时,生成更换假名证书的第一指示信息。S404: When the traffic light at the intersection turns red, the first RSU generates first indication information for replacing the pseudonym certificate.
在一些可能的实现方式中,该第一指示信息可以为上述实施例中第一信息的一种。In some possible implementations, the first indication information may be one of the first information in the above-mentioned embodiments.
S405,第一RSU向智能驾驶设备发送该更换假名证书的第一指示信息。S405: The first RSU sends first instruction information for replacing the pseudonym certificate to the intelligent driving device.
S406,智能驾驶设备根据该第一指示信息更换假名证书。S406: The intelligent driving device replaces the pseudonym certificate according to the first instruction information.
在一些可能的实现方式中,在智能驾驶设备的行驶速度小于或等于预设速度阈值时,该智能驾驶设备更换假名证书。In some possible implementations, when the driving speed of the intelligent driving device is less than or equal to a preset speed threshold, the intelligent driving device replaces the pseudonym certificate.
S407,云端服务器根据智能驾驶设备的用户感兴趣的地点确定假名证书的更换区域。S407, the cloud server determines a replacement area for the pseudonym certificate according to the location of interest to the user of the smart driving device.
在一些可能的实现方式中,云端服务器根据用户感兴趣的地点,对用户感兴趣的地点集合使用聚类算法处理,确定聚簇,并控制智能驾驶设备在该聚簇处进行假名证书更换。In some possible implementations, the cloud server uses a clustering algorithm to process a set of places of interest to the user based on the places of interest to the user, determines a cluster, and controls the smart driving device to replace the pseudonym certificate at the cluster.
S408,云端服务器向第二RSU发送区域指示信息,该区域指示信息用于指示该更换区域的第二RSU向智能驾驶设备发送更换假名证书的指示信息。S408, the cloud server sends area indication information to the second RSU, where the area indication information is used to instruct the second RSU in the replacement area to send indication information for replacing the pseudonym certificate to the intelligent driving device.
在一些可能的实现方式中,该第二RSU和该第一RSU为同一路侧设备。In some possible implementations, the second RSU and the first RSU are the same roadside equipment.
S409,第二RSU向智能驾驶设备发送更换假名证书的第二指示信息。S409: The second RSU sends second instruction information for replacing the pseudonym certificate to the intelligent driving device.
在一些可能的实现方式中,该第二指示信息可以为上述实施例中第一信息的一种。In some possible implementations, the second indication information may be one of the first information in the above-mentioned embodiments.
S410,智能驾驶设备根据第二指示信息更换假名证书。S410: The intelligent driving device replaces the pseudonym certificate according to the second instruction information.
需要说明的是,S401至S403、S404至S406、S407至S410可以同时执行,或者也可以先后执行,本申请实施例不限定S401至S403、S404至S406、S407至S410之间的先后执行顺序。It should be noted that S401 to S403, S404 to S406, and S407 to S410 can be executed simultaneously, or can be executed sequentially. The embodiment of the present application does not limit the execution order of S401 to S403, S404 to S406, and S407 to S410.
本申请提供的一种更换假名证书的方法,云端服务器根据智能驾驶设备的实时状态参数确定更换假名证书的更换周期,并向智能驾驶设备指示该更换周期,一方面能够为智能驾驶设备指示变化的假名证书更换周期,使得攻击者无法确定智能驾驶设备的假名证书更换周期,进而无法对智能驾驶设备进行跟踪,有助于提升智能驾驶设备的安全性;另一方面无需智能驾驶设备自己确定更换周期,有助于节省智能驾驶设备的计算开销。此外,在智能驾驶设备根据更换周期更换假名证书时,在特定区域还能根据路侧设备的指示信息进行假名证书更换,不仅能够节约智能驾驶设备的计算开销,还能进一步预防攻击者对智能驾驶设备的跟踪导致用户隐私泄露的问题。The present application provides a method for replacing a pseudonym certificate. The cloud server determines the replacement cycle of the pseudonym certificate according to the real-time status parameters of the intelligent driving device, and indicates the replacement cycle to the intelligent driving device. On the one hand, it can indicate the changed pseudonym certificate replacement cycle to the intelligent driving device, so that attackers cannot determine the pseudonym certificate replacement cycle of the intelligent driving device, and thus cannot track the intelligent driving device, which helps to improve the security of the intelligent driving device; on the other hand, the intelligent driving device does not need to determine the replacement cycle by itself, which helps to save the computing overhead of the intelligent driving device. In addition, when the intelligent driving device replaces the pseudonym certificate according to the replacement cycle, the pseudonym certificate can also be replaced according to the indication information of the roadside device in a specific area, which can not only save the computing overhead of the intelligent driving device, but also further prevent the problem of attackers tracking the intelligent driving device and causing user privacy leakage.
图5示出了本申请实施例提供的一种更换假名证书的方法500的示意性流程图,该方法500可以由智能驾驶设备执行,该方法500可以理解为S401至S403与S404至S406同时执行,或者S401至S403与S407至S410同时执行时的一种示例。该方法500包括:FIG5 shows a schematic flow chart of a method 500 for replacing a pseudonym certificate provided in an embodiment of the present application. The method 500 can be executed by an intelligent driving device. The method 500 can be understood as an example of executing S401 to S403 and S404 to S406 simultaneously, or executing S401 to S403 and S407 to S410 simultaneously. The method 500 includes:
S501,判断是否接收到第一信息。S501, determining whether first information is received.
示例性地,该第一信息可以为上述方法200和/或方法300中的第一信息,例如可以包括方法400中的第一指示信息或者第二指示信息。Exemplarily, the first information may be the first information in the above-mentioned method 200 and/or method 300, for example, may include the first indication information or the second indication information in the method 400.
具体地,若接收到第一信息,则执行S503,否则执行S502。Specifically, if the first information is received, execute S503, otherwise execute S502.
S502,判断假名证书的更换周期是否到达。S502, determining whether the replacement period of the pseudonym certificate has arrived.
示例性地,该更换周期可以为上述实施例中的更换周期。Exemplarily, the replacement cycle may be the replacement cycle in the above embodiment.
具体地,在假名证书的更换周期到达时,执行S503,否则,继续执行S502(或者,在一些可能的实现方式中,执行S501)。Specifically, when the replacement period of the pseudonym certificate arrives, S503 is executed; otherwise, S502 is continued to be executed (or, in some possible implementations, S501 is executed).
S503,将旧假名证书放到假名集尾部,从假名集头部取出一个新的假名证书,作为下次通信使用的假名证书。S503, putting the old pseudonym certificate at the end of the pseudonym set, taking out a new pseudonym certificate from the head of the pseudonym set as the pseudonym certificate used for the next communication.
S504,确定下次更换假名证书的时刻。S504, determining the time for replacing the pseudonym certificate next time.
示例性地,下次更换假名证书的时刻为根据当前时刻和更换周期确定的。例如,更换周期为30分钟,则下次更假名证书的时刻为当前时刻的30分钟后的时刻。Exemplarily, the time of changing the pseudonym certificate next time is determined according to the current time and the change cycle. For example, if the change cycle is 30 minutes, the time of changing the pseudonym certificate next time is 30 minutes after the current time.
应理解,在当前时刻至30分钟之后的时刻之间,智能驾驶设备接收到第一信息,则根据第一信息进行假名证书的更换。It should be understood that between the current moment and the moment 30 minutes later, when the intelligent driving device receives the first information, the pseudonym certificate is replaced according to the first information.
应理解,S503执行完毕即代表假名证书更换完成。还可以理解的是,在智能驾驶设备执行S501之前,已获取假名集,该假名集中包括多个假名证书。It should be understood that the completion of S503 means that the replacement of the pseudonym certificate is completed. It can also be understood that before the intelligent driving device executes S501, a pseudonym set has been obtained, and the pseudonym set includes multiple pseudonym certificates.
图6示出了本申请实施例提供的一种更换假名证书的方法600的示意性流程图,该方法600可以由智能驾驶设备执行,该方法600包括:FIG6 shows a schematic flow chart of a method 600 for replacing a pseudonym certificate provided in an embodiment of the present application. The method 600 may be executed by an intelligent driving device. The method 600 includes:
S601,判断智能驾驶设备是否刚启动。S601, determining whether the intelligent driving device has just been started.
具体地,若智能驾驶设备刚启动,则执行S604;否则,执行S602。Specifically, if the intelligent driving device has just been started, execute S604; otherwise, execute S602.
示例性地,智能驾驶设备可能在经过长时间熄火后刚启动状态,该智能驾驶设备在熄火时可能位于停车场,或者该智能驾驶设备在熄火时也可以处于维修厂,本申请实施例对此不作具体限定。For example, the intelligent driving device may be in a state of just starting up after being turned off for a long time. The intelligent driving device may be in a parking lot when it is turned off, or the intelligent driving device may be in a repair shop when it is turned off. This embodiment of the present application does not specifically limit this.
S602,智能驾驶设备处于行驶状态时,判断假名证书是否过期。S602: When the intelligent driving device is in driving state, determine whether the pseudonym certificate is expired.
具体地,若假名证书过期,则执行S604;否则,执行S603。Specifically, if the pseudonym certificate expires, execute S604; otherwise, execute S603.
示例性地,该行驶状态可以包括智能驾驶设备的速度不为零;或者,智能驾驶设备的速度虽然为零,但是处于行驶(drive,D)档,或者空(neutral,N)档,即智能驾驶设备处于临时停车状态。Exemplarily, the driving state may include that the speed of the intelligent driving device is not zero; or, although the speed of the intelligent driving device is zero, it is in driving (drive, D) gear, or neutral (neutral, N) gear, that is, the intelligent driving device is in a temporary parking state.
S603,判断假名证书的更换周期是否到达。S603, determining whether the replacement period of the pseudonym certificate has arrived.
具体地,若假名证书的更换周期到达,则执行S604;否则,执行S603(或者在一些可能的实现方式中,执行S602)。Specifically, if the replacement period of the pseudonym certificate arrives, execute S604; otherwise, execute S603 (or in some possible implementations, execute S602).
S604,将旧假名证书放到假名集尾部,从假名集头部取出一个新的假名证书,作为下次通信使用的假名证书。S604, putting the old pseudonym certificate at the end of the pseudonym set, taking out a new pseudonym certificate from the head of the pseudonym set as the pseudonym certificate used for the next communication.
S605,丢弃旧假名证书,从假名集头部取出一个新的假名证书,作为下次通信使用的假名证书。S605, discard the old pseudonym certificate, take out a new pseudonym certificate from the pseudonym set header, and use it as the pseudonym certificate for the next communication.
S606,确定下次更换假名证书的时刻。S606, determining the time for replacing the pseudonym certificate next time.
示例性地,下次更换假名证书的时刻为根据当前时刻和更换周期确定的。例如,更换周期为30分钟,则下次更假名证书的时刻为当前时刻的30分钟后的时刻。Exemplarily, the time of changing the pseudonym certificate next time is determined according to the current time and the change cycle. For example, if the change cycle is 30 minutes, the time of changing the pseudonym certificate next time is 30 minutes after the current time.
应理解,在当前时刻至30分钟之后的时刻之间,智能驾驶设备确定假名证书过期,则进行假名证书的更换。It should be understood that between the current moment and the moment 30 minutes later, if the intelligent driving device determines that the pseudonym certificate has expired, the pseudonym certificate will be replaced.
本申请实施例提供的一种更换假名证书的方法,智能驾驶设备在启动之前,长时间未更换假名证书,在智能驾驶设备启动后直接使用当前假名证书进行通信可能不够安全,因此在刚启动时进行假名证书更换,有助于提升智能驾驶设备的安全性。An embodiment of the present application provides a method for replacing a pseudonym certificate. Before the intelligent driving device is started, the pseudonym certificate has not been replaced for a long time. After the intelligent driving device is started, directly using the current pseudonym certificate for communication may not be safe enough. Therefore, replacing the pseudonym certificate when it is just started helps to improve the security of the intelligent driving device.
在本申请的各个实施例中,如果没有特殊说明以及逻辑冲突,各个实施例之间的术语和/或描述具有一致性、且可以相互引用,不同的实施例中的技术特征根据其内在的逻辑关系可以组合形成新的实施例。In the various embodiments of the present application, unless otherwise specified or provided for by logic, the terms and/or descriptions between the various embodiments are consistent and may be referenced to each other, and the technical features in different embodiments may be combined to form new embodiments according to their inherent logical relationships.
上文中结合图1至图6详细说明了本申请实施例提供的方法。下面将结合图7至图9详细说明本申请实施例提供的装置。应理解,装置实施例的描述与方法实施例的描述相互对应,因此,未详细描述的内容可以参见上文方法实施例,为了简洁,这里不再赘述。The method provided by the embodiment of the present application is described in detail above in conjunction with Figures 1 to 6. The device provided by the embodiment of the present application will be described in detail below in conjunction with Figures 7 to 9. It should be understood that the description of the device embodiment corresponds to the description of the method embodiment. Therefore, the content not described in detail can be referred to the method embodiment above, and for the sake of brevity, it will not be repeated here.
图7示出了本申请实施例提供的更换假名证书的装置700的示意性框图,该装置700包括获取单元710和处理单元720。FIG. 7 shows a schematic block diagram of an apparatus 700 for replacing a pseudonym certificate provided in an embodiment of the present application. The apparatus 700 includes an acquisition unit 710 and a processing unit 720 .
该装置700可以包括用于执行图2、图6或图7中的方法的单元。并且,该装置700中的各单元和上述其他操作和/或功能分别为了实现图2、图6或图7中相应方法实施例的流程。The device 700 may include units for executing the method in Figure 2, Figure 6 or Figure 7. In addition, each unit in the device 700 and the above-mentioned other operations and/or functions are respectively for implementing the process of the corresponding method embodiment in Figure 2, Figure 6 or Figure 7.
其中,当该装置700用于执行图2中的方法200时,获取单元710可用于执行方法200中的S201,处理单元720可用于执行方法200中的S202。When the device 700 is used to execute the method 200 in FIG. 2 , the acquisition unit 710 may be used to execute S201 in the method 200 , and the processing unit 720 may be used to execute S202 in the method 200 .
具体地,该获取单元710用于获取第一信息,该第一信息用于指示第一设备更换假名证书,该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联;该处理单元720用于根据该第一信息控制进行假名证书的更换。Specifically, the acquisition unit 710 is used to acquire first information, which is used to instruct the first device to replace the pseudonym certificate, and the first information is associated with the first area where the first device is located and/or the operating status of the first device; the processing unit 720 is used to control the replacement of the pseudonym certificate according to the first information.
在一些可能的实现方式中,该第一区域包括第二区域,该第二区域为与该第一设备的用户感兴趣的地点相关联的区域,该获取单元720用于:在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,从第一路侧设备处接收该第一信息,该第一路侧设备为该第一区域中与该第一设备距离最近的路侧设备。In some possible implementations, the first area includes a second area, which is an area associated with a place of interest to a user of the first device, and the acquisition unit 720 is used to: when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, receive the first information from a first roadside device, and the first roadside device is the roadside device that is closest to the first device in the first area.
在一些可能的实现方式中,该第一区域包括第一信号灯路口,该处理单元720用于:在该第一设备在该第一区域的行驶速度小于或等于预设速度阈值时,控制进行假名证书的更换。In some possible implementations, the first area includes a first signal light intersection, and the processing unit 720 is used to control the replacement of the pseudonym certificate when the driving speed of the first device in the first area is less than or equal to a preset speed threshold.
在一些可能的实现方式中,该处理单元720用于:在该第一设备启动时,控制进行假名证书的更换。In some possible implementations, the processing unit 720 is used to: when the first device is started, control the replacement of the pseudonym certificate.
在一些可能的实现方式中,该装置还包括确定单元,用于:确定假名证书的更换周期,该更换周期与该第一设备的实时状态参数相关联;该处理单元720还用于:在该更换周期到达时,控制进行假名证书的更换。In some possible implementations, the apparatus further includes a determination unit for determining a replacement cycle of the pseudonym certificate, wherein the replacement cycle is associated with a real-time status parameter of the first device; the processing unit 720 is further used for controlling the replacement of the pseudonym certificate when the replacement cycle arrives.
在一些可能的实现方式中,该实时状态参数包括如下至少一项:该第一设备的速度,该第一设备周围的车流密度,该第一设备的隐私泄露度,以及用户需求等级,其中,该用户需求等级用于指示该第一设备的用户更换假名证书的需求等级。In some possible implementations, the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
在具体实现过程中,上述获取单元710和处理单元720所执行的各项操作可以由同一个处理器执行,或者,也可以由不同的处理器执行,例如分别由多个处理器执行。示例性地,在具体实现过程中,上述一个或多个处理器可以为设置在车机中的处理器,或者也可以为设置在其他车载终端中的处理器。一示例中,上述装置700可以为设置在车机或者其他车载终端中的芯片。又一示例中,上述装置700可以为设置在智能驾驶设备中如图1所示的计算平台150。In the specific implementation process, the operations performed by the acquisition unit 710 and the processing unit 720 can be performed by the same processor, or can be performed by different processors, for example, respectively performed by multiple processors. Exemplarily, in the specific implementation process, the one or more processors can be processors set in the vehicle computer, or can also be processors set in other vehicle terminals. In one example, the device 700 can be a chip set in the vehicle computer or other vehicle terminals. In another example, the device 700 can be a computing platform 150 as shown in Figure 1 set in the intelligent driving device.
图8示出了本申请实施例提供的更换假名证书的装置800的示意性框图,该装置800包括生成单元810和收发单元820。FIG8 shows a schematic block diagram of an apparatus 800 for replacing a pseudonym certificate provided in an embodiment of the present application. The apparatus 800 includes a generating unit 810 and a transceiver unit 820 .
该装置800可以包括用于执行图3的方法的单元,或者还可以包括用于执行图4中云端服务器或RSU执行的方法的单元。并且,该装置800中的各单元和上述其他操作和/或功能分别为了实现图3中或图4中相应方法实施例的流程。The device 800 may include a unit for executing the method of FIG3, or may also include a unit for executing the method executed by the cloud server or RSU in FIG4. In addition, each unit in the device 800 and the above-mentioned other operations and/or functions are respectively for implementing the process of the corresponding method embodiment in FIG3 or FIG4.
其中,当该装置800用于执行图3中的方法300时,生成单元810可用于执行方法300中的S301,收发单元820可用于执行方法300中的S302。When the device 800 is used to execute the method 300 in FIG. 3 , the generating unit 810 may be used to execute S301 in the method 300 , and the transceiving unit 820 may be used to execute S302 in the method 300 .
具体地,该生成单元810用于:生成第一信息,该第一信息用于指示第一设备更换假名证书,该第一信息与该第一设备所处的第一区域和/或该第一设备的运行状态相关联;该收发单元820用于向该第一设备发送该第一信息。Specifically, the generating unit 810 is used to: generate first information, the first information is used to instruct the first device to change the pseudonym certificate, the first information is associated with the first area where the first device is located and/or the operating status of the first device; the transceiver unit 820 is used to send the first information to the first device.
在一些可能的实现方式中,该第一区域包括第二区域,该第二区域为根据该第一设备的用户感兴趣的地点相关联的区域,该第二设备为该第一区域中与该第一设备距离最近的路侧设备,该收发单元820用于:在该第一设备与该第二区域的中心之间的距离小于或等于预设距离阈值时,向该第一设备发送该第一信息。In some possible implementations, the first area includes a second area, which is an area associated with places of interest to users of the first device, and the second device is a roadside device in the first area that is closest to the first device. The transceiver unit 820 is used to send the first information to the first device when the distance between the first device and the center of the second area is less than or equal to a preset distance threshold.
在一些可能的实现方式中,该第一区域包括第一信号灯路口,该装置还包括获取单元,该生成单元810用于:在该获取单元获取到第一信号灯路口的信号灯变红的信息时,生成该第一信息。In some possible implementations, the first area includes a first signal light intersection, the device further includes an acquisition unit, and the generation unit 810 is used to generate the first information when the acquisition unit acquires information that the signal light at the first signal light intersection turns red.
在一些可能的实现方式中,该收发单元820用于:经由第三设备向该第一设备发送该第一信息。In some possible implementations, the transceiver unit 820 is used to send the first information to the first device via a third device.
在一些可能的实现方式中,该装置还包括获取单元,该获取单元用于:获取该第一区域的信息和/或该第一设备的运行状态的信息。In some possible implementations, the apparatus further includes an acquisition unit, which is configured to acquire information about the first area and/or information about an operating status of the first device.
在一些可能的实现方式中,该装置还包括获取单元和确定单元,该获取单元用于:获 取该第一设备的实时状态参数;该确定单元用于:根据该实时状态参数确定假名证书的更换周期;该收发单元820还用于:向该第一设备发送该更换周期的信息。In some possible implementations, the apparatus further includes an acquisition unit and a determination unit, wherein the acquisition unit is used to: acquire the real-time status parameters of the first device; the determination unit is used to: determine the replacement cycle of the pseudonym certificate according to the real-time status parameters; the transceiver unit 820 is also used to: send information about the replacement cycle to the first device.
在一些可能的实现方式中,该实时状态参数包括如下至少一项:该第一设备的速度,该第一设备周围的车流密度,该第一设备的隐私泄露度,以及用户需求等级,其中,该用户需求等级用于指示该第一设备的用户更换假名证书的需求等级。In some possible implementations, the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
在具体实现过程中,上述生成单元810和收发单元820所执行的各项操作可以由同一个处理器执行,或者,也可以由不同的处理器执行,例如分别由多个处理器执行。示例性地,在具体实现过程中,上述一个或多个处理器可以为设置在云端服务器或路侧设备中的处理器。在一些可能的实现方式中,上述装置800也可以为设置在智能驾驶设备中的处理器。一示例中,上述装置800可以为设置在云端服务器或路侧设备中的芯片,例如,上述装置800可以为设置在图1中所示的云端服务器210中的计算平台211。又一示例中,上述装置800可以为设置在智能驾驶设备中的芯片,例如,上述装置800可以为设置在如图1所示的计算平台150。In the specific implementation process, the operations performed by the above-mentioned generation unit 810 and the transceiver unit 820 can be performed by the same processor, or can also be performed by different processors, for example, respectively performed by multiple processors. Exemplarily, in the specific implementation process, the above-mentioned one or more processors can be processors arranged in a cloud server or a roadside device. In some possible implementations, the above-mentioned device 800 can also be a processor arranged in an intelligent driving device. In one example, the above-mentioned device 800 can be a chip arranged in a cloud server or a roadside device. For example, the above-mentioned device 800 can be a computing platform 211 arranged in the cloud server 210 shown in Figure 1. In another example, the above-mentioned device 800 can be a chip arranged in an intelligent driving device. For example, the above-mentioned device 800 can be a computing platform 150 arranged in Figure 1.
应理解,以上装置中各单元的划分仅是一种逻辑功能的划分,实际实现时可以全部或部分集成到一个物理实体上,也可以物理上分开。此外,装置中的单元可以以处理器调用软件的形式实现;例如装置包括处理器,处理器与存储器连接,存储器中存储有指令,处理器调用存储器中存储的指令,以实现以上任一种方法或实现该装置各单元的功能,其中处理器例如为通用处理器,例如CPU或微处理器,存储器为装置内的存储器或装置外的存储器。或者,装置中的单元可以以硬件电路的形式实现,可以通过对硬件电路的设计实现部分或全部单元的功能,该硬件电路可以理解为一个或多个处理器;例如,在一种实现中,该硬件电路为ASIC,通过对电路内元件逻辑关系的设计,实现以上部分或全部单元的功能;再如,在另一种实现中,该硬件电路为可以通过PLD实现,以FPGA为例,其可以包括大量逻辑门电路,通过配置文件来配置逻辑门电路之间的连接关系,从而实现以上部分或全部单元的功能。以上装置的所有单元可以全部通过处理器调用软件的形式实现,或全部通过硬件电路的形式实现,或部分通过处理器调用软件的形式实现,剩余部分通过硬件电路的形式实现。It should be understood that the division of the units in the above device is only a division of logical functions. In actual implementation, they can be fully or partially integrated into one physical entity, or they can be physically separated. In addition, the units in the device can be implemented in the form of a processor calling software; for example, the device includes a processor, the processor is connected to a memory, and instructions are stored in the memory. The processor calls the instructions stored in the memory to implement any of the above methods or realize the functions of the units of the device, wherein the processor is, for example, a general-purpose processor, such as a CPU or a microprocessor, and the memory is a memory in the device or a memory outside the device. Alternatively, the units in the device can be implemented in the form of hardware circuits, and the functions of some or all of the units can be realized by designing the hardware circuits. The hardware circuit can be understood as one or more processors; for example, in one implementation, the hardware circuit is an ASIC, and the functions of some or all of the above units are realized by designing the logical relationship of the components in the circuit; for another example, in another implementation, the hardware circuit can be implemented by PLD. Taking FPGA as an example, it can include a large number of logic gate circuits, and the connection relationship between the logic gate circuits is configured through the configuration file, so as to realize the functions of some or all of the above units. All units of the above device may be implemented entirely in the form of a processor calling software, or entirely in the form of a hardware circuit, or partially in the form of a processor calling software and the rest in the form of a hardware circuit.
以上装置中的各单元可以是被配置成实施以上方法的一个或多个处理器(或处理电路),例如:CPU、GPU、NPU、TPU、DPU、微处理器、DSP、ASIC、FPGA,或这些处理器形式中至少两种的组合。Each unit in the above device may be one or more processors (or processing circuits) configured to implement the above method, such as: CPU, GPU, NPU, TPU, DPU, microprocessor, DSP, ASIC, FPGA, or a combination of at least two of these processor forms.
此外,以上装置中的各单元可以全部或部分可以集成在一起,或者可以独立实现。在一种实现中,这些单元集成在一起,以片上系统(system-on-a-chip,SOC)的形式实现。该SOC中可以包括至少一个处理器,用于实现以上任一种方法或实现该装置各单元的功能,该至少一个处理器的种类可以不同,例如包括CPU和FPGA,CPU和人工智能处理器,CPU和GPU等。In addition, the units in the above device can be fully or partially integrated together, or can be implemented independently. In one implementation, these units are integrated together and implemented in the form of a system-on-a-chip (SOC). The SOC may include at least one processor for implementing any of the above methods or implementing the functions of each unit of the device. The type of the at least one processor may be different, for example, including a CPU and an FPGA, a CPU and an artificial intelligence processor, a CPU and a GPU, etc.
图9是本申请实施例的一种更换假名证书的装置的示意性框图。图9所示的更换假名证书的装置900可以包括:处理器910、收发器920以及存储器930。其中,处理器910、收发器920以及存储器930通过内部连接通路相连,该存储器930用于存储指令,该处理器910用于执行该存储器930存储的指令,以收发器920接收/发送部分参数。在一些可能的实现方式中,存储器930既可以和处理器910通过接口耦合,也可以和处理器910集 成在一起。FIG9 is a schematic block diagram of an apparatus for replacing a pseudonym certificate according to an embodiment of the present application. The apparatus 900 for replacing a pseudonym certificate shown in FIG9 may include: a processor 910, a transceiver 920, and a memory 930. The processor 910, the transceiver 920, and the memory 930 are connected via an internal connection path, the memory 930 is used to store instructions, the processor 910 is used to execute the instructions stored in the memory 930, and the transceiver 920 receives/sends some parameters. In some possible implementations, the memory 930 may be coupled to the processor 910 via an interface, or may be integrated with the processor 910.
需要说明的是,上述收发器920可以包括但不限于输入/输出接口(input/output interface)一类的收发装置,来实现装置900与其他设备或通信网络之间的通信。It should be noted that the above-mentioned transceiver 920 may include but is not limited to a transceiver device such as an input/output interface to achieve communication between the device 900 and other devices or communication networks.
存储器930可以是只读存储器(read only memory,ROM),静态存储设备,动态存储设备或者随机存取存储器(random access memory,RAM)。Memory 930 can be a read-only memory (ROM), a static storage device, a dynamic storage device or a random access memory (RAM).
收发器920使用例如但不限于收发器一类的收发装置,来实现装置900与其他设备或通信网络之间的通信。The transceiver 920 uses a transceiver device such as, but not limited to, a transceiver to implement communication between the apparatus 900 and other devices or a communication network.
在一些可能的实现方式中,该装置900可以设置于图1所示的计算平台150中,或者也可以设置于图1所示的计算平台211中,或者还可以设置在图1所示的路侧设备220中。In some possible implementations, the device 900 may be arranged in the computing platform 150 shown in FIG. 1 , or may be arranged in the computing platform 211 shown in FIG. 1 , or may be arranged in the roadside equipment 220 shown in FIG. 1 .
本申请实施例还提供一种智能驾驶设备,该智能驾驶设备可以包括上述装置700,或者上述装置900;在一些可能的实现方式中,该智能驾驶设备还可以包括上述装置800。An embodiment of the present application further provides an intelligent driving device, which may include the above-mentioned device 700, or the above-mentioned device 900; in some possible implementations, the intelligent driving device may also include the above-mentioned device 800.
在一些可能的实现方式中,该智能设备可以为车辆。In some possible implementations, the smart device may be a vehicle.
本申请实施例还提供一种服务器,该智能驾驶设备可以包括上述装置800,或者上述装置900。An embodiment of the present application also provides a server, and the intelligent driving device may include the above-mentioned device 800, or the above-mentioned device 900.
在一些可能的实现方式中,该服务器为云端服务器,或者为设置在路侧设备中的服务器。In some possible implementations, the server is a cloud server, or a server installed in a roadside device.
本申请实施例提供一种更换假名证书的系统,该系统可以包括上述实施例中的智能驾驶设备和服务器。An embodiment of the present application provides a system for replacing a pseudonym certificate, which may include the intelligent driving device and server in the above embodiment.
本申请实施例还提供一种计算机程序产品,该计算机程序产品包括计算机程序代码,当计算机程序代码在计算机上运行时,使得计算机实现本申请实施例中的方法。The embodiment of the present application also provides a computer program product, which includes a computer program code. When the computer program code runs on a computer, the computer implements the method in the embodiment of the present application.
本申请实施例还提供一种计算机可读存储介质,该计算机可读介质存储有计算机指令,当计算机指令在计算机上运行时,使得计算机实现本申请实施例中的方法。The embodiment of the present application also provides a computer-readable storage medium, which stores computer instructions. When the computer instructions are executed on a computer, the computer implements the method in the embodiment of the present application.
本申请实施例还提供一种芯片,包括电路,用于执行本申请实施例中的方法。The embodiment of the present application also provides a chip, including a circuit, for executing the method in the embodiment of the present application.
在实现过程中,上述方法的各步骤可以通过处理器中的硬件的集成逻辑电路或者软件形式的指令完成。结合本申请实施例所公开的方法可以直接体现为硬件处理器执行完成,或者用处理器中的硬件及软件模块组合执行完成。软件模块可以位于随机存储器,闪存、只读存储器,可编程只读存储器或者上电可擦写可编程存储器、寄存器等本领域成熟的存储介质中。该存储介质位于存储器,处理器读取存储器中的信息,结合其硬件完成上述方法的步骤。为避免重复,这里不再详细描述。In the implementation process, each step of the above method can be completed by an integrated logic circuit of hardware in a processor or an instruction in the form of software. The method disclosed in conjunction with the embodiment of the present application can be directly embodied as a hardware processor for execution, or a combination of hardware and software modules in a processor for execution. The software module can be located in a storage medium mature in the art such as a random access memory, a flash memory, a read-only memory, a programmable read-only memory, or a power-on erasable programmable memory, a register, etc. The storage medium is located in a memory, and the processor reads the information in the memory and completes the steps of the above method in conjunction with its hardware. To avoid repetition, it is not described in detail here.
本领域普通技术人员可以意识到,结合本文中所公开的实施例描述的各示例的单元及算法步骤,能够以电子硬件、或者计算机软件和电子硬件的结合来实现。这些功能究竟以硬件还是软件方式来执行,取决于技术方案的特定应用和设计约束条件。专业技术人员可以对每个特定的应用来使用不同方法来实现所描述的功能,但是这种实现不应认为超出本申请的范围。Those of ordinary skill in the art will appreciate that the units and algorithm steps of each example described in conjunction with the embodiments disclosed herein can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are performed in hardware or software depends on the specific application and design constraints of the technical solution. Professional and technical personnel can use different methods to implement the described functions for each specific application, but such implementation should not be considered to be beyond the scope of this application.
所属领域的技术人员可以清楚地了解到,为描述的方便和简洁,上述描述的系统、装置和单元的具体工作过程,可以参考前述方法实施例中的对应过程,在此不再赘述。Those skilled in the art can clearly understand that, for the convenience and brevity of description, the specific working processes of the systems, devices and units described above can refer to the corresponding processes in the aforementioned method embodiments and will not be repeated here.
在本申请所提供的几个实施例中,应该理解到,所揭露的系统、装置和方法,可以通过其它的方式实现。例如,以上所描述的装置实施例仅仅是示意性的,例如,所述单元的划分,仅仅为一种逻辑功能划分,实际实现时可以有另外的划分方式,例如多个单元或组 件可以结合或者可以集成到另一个系统,或一些特征可以忽略,或不执行。另一点,所显示或讨论的相互之间的耦合或直接耦合或通信连接可以是通过一些接口,装置或单元的间接耦合或通信连接,可以是电性,机械或其它的形式。In the several embodiments provided in the present application, it should be understood that the disclosed systems, devices and methods can be implemented in other ways. For example, the device embodiments described above are only schematic. For example, the division of the units is only a logical function division. There may be other division methods in actual implementation, such as multiple units or components can be combined or integrated into another system, or some features can be ignored or not executed. Another point is that the mutual coupling or direct coupling or communication connection shown or discussed can be through some interfaces, indirect coupling or communication connection of devices or units, which can be electrical, mechanical or other forms.
所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部单元来实现本实施例方案的目的。The units described as separate components may or may not be physically separated, and the components shown as units may or may not be physical units, that is, they may be located in one place or distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of this embodiment.
另外,在本申请各个实施例中的各功能单元可以集成在一个处理单元中,也可以是各个单元单独物理存在,也可以两个或两个以上单元集成在一个单元中。In addition, each functional unit in each embodiment of the present application may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.
所述功能如果以软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本申请的技术方案本质上或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、ROM、RAM、磁碟或者光盘等各种可以存储程序代码的介质。If the functions are implemented in the form of software functional units and sold or used as independent products, they can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present application can essentially or part of the technical solution can be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for a computer device (which can be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in each embodiment of the present application. The aforementioned storage medium includes: various media that can store program codes, such as USB flash drives, mobile hard drives, ROM, RAM, magnetic disks, or optical disks.
以上所述,仅为本申请的具体实施方式,但本申请的保护范围并不局限于此,任何熟悉本技术领域的技术人员在本申请揭露的技术范围内,可轻易想到变化或替换,都应涵盖在本申请的保护范围之内。因此,本申请的保护范围应以所述权利要求的保护范围为准。The above is only a specific implementation of the present application, but the protection scope of the present application is not limited thereto. Any person skilled in the art who is familiar with the present technical field can easily think of changes or substitutions within the technical scope disclosed in the present application, which should be included in the protection scope of the present application. Therefore, the protection scope of the present application should be based on the protection scope of the claims.

Claims (30)

  1. 一种更换假名证书的方法,其特征在于,包括:A method for replacing a pseudonym certificate, comprising:
    第一设备获取第一信息,所述第一信息用于指示所述第一设备更换假名证书,所述第一信息与所述第一设备所处的第一区域和/或所述第一设备的运行状态相关联;The first device acquires first information, where the first information is used to instruct the first device to change the pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operating state of the first device;
    所述第一设备根据所述第一信息控制进行假名证书的更换。The first device controls the replacement of the pseudonym certificate according to the first information.
  2. 如权利要求1所述的方法,其特征在于,所述第一区域包括第二区域,所述第二区域为与所述第一设备的用户感兴趣的地点相关联的区域,所述第一设备获取第一信息,包括:The method according to claim 1, wherein the first area includes a second area, the second area is an area associated with a location of interest to a user of the first device, and the first device acquires the first information, comprising:
    在所述第一设备与所述第二区域的中心之间的距离小于或等于预设距离阈值时,所述第一设备从第一路侧设备处接收所述第一信息,所述第一路侧设备为所述第一区域中与所述第一设备距离最近的路侧设备。When the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first device receives the first information from a first roadside device, which is a roadside device closest to the first device in the first area.
  3. 如权利要求1或2所述的方法,其特征在于,所述第一区域包括第一信号灯路口,所述第一设备根据所述第一信息控制进行假名证书的更换,包括:The method according to claim 1 or 2, wherein the first area includes a first signal light intersection, and the first device controls the replacement of the pseudonym certificate according to the first information, comprising:
    在所述第一设备在所述第一区域的行驶速度小于或等于预设速度阈值时,所述第一设备控制进行假名证书的更换。When the driving speed of the first device in the first area is less than or equal to a preset speed threshold, the first device controls the replacement of the pseudonym certificate.
  4. 如权利要求1或2所述的方法,其特征在于,所述第一设备根据所述第一信息控制进行假名证书的更换,包括:The method according to claim 1 or 2, characterized in that the first device controls the replacement of the pseudonym certificate according to the first information, comprising:
    在所述第一设备启动时,所述第一设备控制进行假名证书的更换。When the first device is started, the first device controls the replacement of the pseudonym certificate.
  5. 如权利要求1至4中任一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 1 to 4, characterized in that the method further comprises:
    所述第一设备确定假名证书的更换周期,所述更换周期与所述第一设备的实时状态参数相关联;The first device determines a replacement period of the pseudonym certificate, wherein the replacement period is associated with a real-time status parameter of the first device;
    所述第一设备在所述更换周期到达时,控制进行假名证书的更换。The first device controls the replacement of the pseudonym certificate when the replacement period arrives.
  6. 如权利要求5所述的方法,其特征在于,所述实时状态参数包括如下至少一项:所述第一设备的速度,所述第一设备周围的车流密度,所述第一设备的隐私泄露度,以及用户需求等级,其中,所述用户需求等级用于指示所述第一设备的用户更换假名证书的需求等级。The method as claimed in claim 5 is characterized in that the real-time status parameters include at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  7. 一种更换假名证书的方法,其特征在于,包括:A method for replacing a pseudonym certificate, comprising:
    第二设备生成第一信息,所述第一信息用于指示第一设备更换假名证书,所述第一信息与所述第一设备所处的第一区域和/或所述第一设备的运行状态相关联;The second device generates first information, where the first information is used to instruct the first device to change the pseudonym certificate, and the first information is associated with a first area where the first device is located and/or an operating state of the first device;
    所述第二设备向所述第一设备发送所述第一信息。The second device sends the first information to the first device.
  8. 如权利要求7所述的方法,其特征在于,所述第一区域包括第二区域,所述第二区域为根据所述第一设备的用户感兴趣的地点相关联的区域,所述第二设备为所述第一区域中与所述第一设备距离最近的路侧设备,所述第二设备向所述第一设备发送所述第一信息,包括:The method according to claim 7, wherein the first area includes a second area, the second area is an area associated with a location of interest to a user of the first device, the second device is a roadside device closest to the first device in the first area, and the second device sends the first information to the first device, comprising:
    在所述第一设备与所述第二区域的中心之间的距离小于或等于预设距离阈值时,所述第二设备向所述第一设备发送所述第一信息。When the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the second device sends the first information to the first device.
  9. 如权利要求7或8所述的方法,其特征在于,所述第一区域包括第一信号灯路口, 所述第二设备生成第一信息,包括:The method according to claim 7 or 8, wherein the first area includes a first signal light intersection, and the second device generates the first information, including:
    所述第二设备获取到第一信号灯路口的信号灯变红的信息时,所述第二设备生成所述第一信息。When the second device obtains information that the traffic light at the first traffic light intersection turns red, the second device generates the first information.
  10. 如权利要求7至9中任一项所述的方法,其特征在于,所述第二设备向所述第一设备发送所述第一信息,包括:The method according to any one of claims 7 to 9, wherein the second device sends the first information to the first device, comprising:
    所述第二设备经由第三设备向所述第一设备发送所述第一信息。The second device sends the first information to the first device via a third device.
  11. 如权利要求7至10中任一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 7 to 10, characterized in that the method further comprises:
    所述第二设备获取所述第一区域的信息和/或所述第一设备的运行状态的信息。The second device obtains information about the first area and/or information about the operating status of the first device.
  12. 如权利要求7至11中任一项所述的方法,其特征在于,所述方法还包括:The method according to any one of claims 7 to 11, characterized in that the method further comprises:
    所述第二设备获取所述第一设备的实时状态参数;The second device obtains the real-time status parameter of the first device;
    所述第二设备根据所述实时状态参数确定假名证书的更换周期;The second device determines a replacement period of the pseudonym certificate according to the real-time status parameter;
    所述第二设备向所述第一设备发送所述更换周期的信息。The second device sends the information of the replacement cycle to the first device.
  13. 如权利要求12所述的方法,其特征在于,所述实时状态参数包括如下至少一项:所述第一设备的速度,所述第一设备周围的车流密度,所述第一设备的隐私泄露度,以及用户需求等级,其中,所述用户需求等级用于指示所述第一设备的用户更换假名证书的需求等级。The method as claimed in claim 12 is characterized in that the real-time status parameters include at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  14. 一种更换假名证书的装置,其特征在于,包括获取单元和处理单元;A device for replacing a pseudonym certificate, characterized in that it comprises an acquisition unit and a processing unit;
    其中,所述获取单元用于获取第一信息,所述第一信息用于指示第一设备更换假名证书,所述第一信息与所述第一设备所处的第一区域和/或所述第一设备的运行状态相关联;The acquisition unit is used to acquire first information, where the first information is used to instruct the first device to change the pseudonym certificate, and the first information is associated with the first area where the first device is located and/or the operating state of the first device;
    所述处理单元用于根据所述第一信息控制进行假名证书的更换。The processing unit is used to control the replacement of the pseudonym certificate according to the first information.
  15. 如权利要求14所述的装置,其特征在于,所述第一区域包括第二区域,所述第二区域为与所述第一设备的用户感兴趣的地点相关联的区域,所述获取单元用于:The apparatus according to claim 14, wherein the first area includes a second area, the second area is an area associated with a location of interest to a user of the first device, and the acquiring unit is configured to:
    在所述第一设备与所述第二区域的中心之间的距离小于或等于预设距离阈值时,从第一路侧设备处接收所述第一信息,所述第一路侧设备为所述第一区域中与所述第一设备距离最近的路侧设备。When the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first information is received from a first roadside device, which is a roadside device closest to the first device in the first area.
  16. 如权利要求14或15所述的装置,其特征在于,所述第一区域包括第一信号灯路口,所述处理单元用于:The device according to claim 14 or 15, wherein the first area includes a first signal light intersection, and the processing unit is used to:
    在所述第一设备在所述第一区域的行驶速度小于或等于预设速度阈值时,控制进行假名证书的更换。When the driving speed of the first device in the first area is less than or equal to a preset speed threshold, control is performed to replace the pseudonym certificate.
  17. 如权利要求14或15所述的装置,其特征在于,所述处理单元用于:The device according to claim 14 or 15, characterized in that the processing unit is used to:
    在所述第一设备启动时,控制进行假名证书的更换。When the first device is started, the pseudonym certificate is replaced.
  18. 如权利要求14至17中任一项所述的装置,其特征在于,所述装置还包括确定单元,用于:The device according to any one of claims 14 to 17, characterized in that the device further comprises a determining unit, configured to:
    确定假名证书的更换周期,所述更换周期与所述第一设备的实时状态参数相关联;Determining a replacement period of the pseudonym certificate, wherein the replacement period is associated with a real-time status parameter of the first device;
    所述处理单元还用于:在所述更换周期到达时,控制进行假名证书的更换。The processing unit is further used for controlling the replacement of the pseudonym certificate when the replacement period arrives.
  19. 如权利要求18所述的装置,其特征在于,所述实时状态参数包括如下至少一项:所述第一设备的速度,所述第一设备周围的车流密度,所述第一设备的隐私泄露度,以及用户需求等级,其中,所述用户需求等级用于指示所述第一设备的用户更换假名证书的需求等级。The device as described in claim 18 is characterized in that the real-time status parameter includes at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  20. 一种更换假名证书的装置,其特征在于,包括生成单元和收发单元;A device for replacing a pseudonym certificate, characterized in that it comprises a generating unit and a transceiver unit;
    其中,所述生成单元用于:生成第一信息,所述第一信息用于指示第一设备更换假名证书,所述第一信息与所述第一设备所处的第一区域和/或所述第一设备的运行状态相关联;The generating unit is used to: generate first information, the first information is used to instruct the first device to change the pseudonym certificate, and the first information is associated with the first area where the first device is located and/or the operating state of the first device;
    所述收发单元用于向所述第一设备发送所述第一信息。The transceiver unit is used to send the first information to the first device.
  21. 如权利要求20所述的装置,其特征在于,所述第一区域包括第二区域,所述第二区域为根据所述第一设备的用户感兴趣的地点相关联的区域,所述第二设备为所述第一区域中与所述第一设备距离最近的路侧设备,所述收发单元用于:The apparatus according to claim 20, wherein the first area includes a second area, the second area is an area associated with a location of interest to a user of the first device, the second device is a roadside device closest to the first device in the first area, and the transceiver unit is used to:
    在所述第一设备与所述第二区域的中心之间的距离小于或等于预设距离阈值时,向所述第一设备发送所述第一信息。When the distance between the first device and the center of the second area is less than or equal to a preset distance threshold, the first information is sent to the first device.
  22. 如权利要求20或21所述的装置,其特征在于,所述第一区域包括第一信号灯路口,所述装置还包括获取单元,所述生成单元用于:The device according to claim 20 or 21, characterized in that the first area includes a first signal light intersection, the device further includes an acquisition unit, and the generation unit is used to:
    在所述获取单元获取到第一信号灯路口的信号灯变红的信息时,生成所述第一信息。When the acquiring unit acquires information that the traffic light at the first traffic light intersection turns red, the first information is generated.
  23. 如权利要求20至22中任一项所述的装置,其特征在于,所述收发单元用于:The device according to any one of claims 20 to 22, characterized in that the transceiver unit is used to:
    经由第三设备向所述第一设备发送所述第一信息。The first information is sent to the first device via a third device.
  24. 如权利要求20至23中任一项所述的装置,其特征在于,所述装置还包括获取单元,所述获取单元用于:The device according to any one of claims 20 to 23, characterized in that the device further comprises an acquisition unit, wherein the acquisition unit is used to:
    获取所述第一区域的信息和/或所述第一设备的运行状态的信息。Acquire information about the first area and/or information about the operating status of the first device.
  25. 如权利要求20至24中任一项所述的装置,其特征在于,所述装置还包括获取单元和确定单元,所述获取单元用于:The device according to any one of claims 20 to 24, characterized in that the device further comprises an acquisition unit and a determination unit, wherein the acquisition unit is used to:
    获取所述第一设备的实时状态参数;Obtaining real-time status parameters of the first device;
    所述确定单元用于:根据所述实时状态参数确定假名证书的更换周期;The determining unit is used to: determine a replacement cycle of the pseudonym certificate according to the real-time status parameter;
    所述收发单元还用于:向所述第一设备发送所述更换周期的信息。The transceiver unit is further used to send information about the replacement cycle to the first device.
  26. 如权利要求25所述的装置,其特征在于,所述实时状态参数包括如下至少一项:所述第一设备的速度,所述第一设备周围的车流密度,所述第一设备的隐私泄露度,以及用户需求等级,其中,所述用户需求等级用于指示所述第一设备的用户更换假名证书的需求等级。The device as described in claim 25 is characterized in that the real-time status parameters include at least one of the following: the speed of the first device, the traffic density around the first device, the privacy leakage of the first device, and the user demand level, wherein the user demand level is used to indicate the demand level of the user of the first device to change the pseudonym certificate.
  27. 一种更换假名证书的装置,其特征在于,包括:A device for replacing a pseudonym certificate, comprising:
    存储器,用于存储计算机程序;Memory for storing computer programs;
    处理器,用于执行所述存储器中存储的计算机程序,以使得所述装置执行如权利要求1至6中任一项所述的方法,或者执行如权利要求7至13中任一项所述的方法。A processor, configured to execute a computer program stored in the memory, so that the apparatus performs the method according to any one of claims 1 to 6, or performs the method according to any one of claims 7 to 13.
  28. 一种智能驾驶设备,其特征在于,包括如权利要求14至19中任一项所述的装置。An intelligent driving device, characterized in that it comprises the device as described in any one of claims 14 to 19.
  29. 一种服务器,其特征在于,包括如权利要求20至26中任一项所述的装置。A server, characterized by comprising the device as described in any one of claims 20 to 26.
  30. 一种计算机可读存储介质,其特征在于,其上存储有指令,所述指令被处理器执行时,以使得处理器实现如权利要求1至6中任一项所述的方法,或者执行如权利要求7至13中任一项所述的方法。A computer-readable storage medium, characterized in that instructions are stored thereon, and when the instructions are executed by a processor, the processor implements the method as claimed in any one of claims 1 to 6, or executes the method as claimed in any one of claims 7 to 13.
PCT/CN2022/131478 2022-11-11 2022-11-11 Method for replacing pseudonym certificate, apparatus and system WO2024098402A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CN2022/131478 WO2024098402A1 (en) 2022-11-11 2022-11-11 Method for replacing pseudonym certificate, apparatus and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2022/131478 WO2024098402A1 (en) 2022-11-11 2022-11-11 Method for replacing pseudonym certificate, apparatus and system

Publications (1)

Publication Number Publication Date
WO2024098402A1 true WO2024098402A1 (en) 2024-05-16

Family

ID=91031714

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2022/131478 WO2024098402A1 (en) 2022-11-11 2022-11-11 Method for replacing pseudonym certificate, apparatus and system

Country Status (1)

Country Link
WO (1) WO2024098402A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107396285A (en) * 2017-07-12 2017-11-24 中国科学院深圳先进技术研究院 Vehicle method for secret protection, device, equipment and storage medium
US20190245831A1 (en) * 2018-02-05 2019-08-08 Onboard Security, Inc. Method and system for connected vehicle communication
US20200162901A1 (en) * 2019-12-09 2020-05-21 Intel Corporation Privacy protection mechanisms for connected vehicles
CN113923651A (en) * 2021-12-14 2022-01-11 北京金睛云华科技有限公司 Vehicle pseudonym replacement method, apparatus and computer-readable storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107396285A (en) * 2017-07-12 2017-11-24 中国科学院深圳先进技术研究院 Vehicle method for secret protection, device, equipment and storage medium
US20190245831A1 (en) * 2018-02-05 2019-08-08 Onboard Security, Inc. Method and system for connected vehicle communication
US20200162901A1 (en) * 2019-12-09 2020-05-21 Intel Corporation Privacy protection mechanisms for connected vehicles
CN113923651A (en) * 2021-12-14 2022-01-11 北京金睛云华科技有限公司 Vehicle pseudonym replacement method, apparatus and computer-readable storage medium

Similar Documents

Publication Publication Date Title
US11727691B2 (en) System and method for three-dimensional (3D) object detection
US11704007B2 (en) Computer-assisted or autonomous driving vehicles social network
JP6658803B2 (en) Human density estimation based on pedestrian safety messages
EP3886470A1 (en) Devices and methods for updating maps in autonomous driving systems in bandwidth constrained networks
CN110914707B (en) System and method for vehicle position and velocity estimation based on camera and LIDAR data
US10953881B2 (en) System and method for automated lane change control for autonomous vehicles
US20190164018A1 (en) System and method for drivable road surface representation generation using multimodal sensor data
US10953880B2 (en) System and method for automated lane change control for autonomous vehicles
US20190367019A1 (en) System and method for proximate vehicle intention prediction for autonomous vehicles
CN110356327B (en) Method and apparatus for generating situational awareness map using cameras from different vehicles
CN111386216A (en) Lane motion randomization for autonomous vehicles
CN111984283A (en) Software updating device and software updating method
EP4020318A1 (en) Validation and training service for dynamic environment perception based on local high confidence information
US20220111865A1 (en) Driver scoring system and method using optimum path deviation
EP4261707A1 (en) Data processing method and device, and computer readable storage medium
WO2024098402A1 (en) Method for replacing pseudonym certificate, apparatus and system
CN113038363A (en) Resource multiplexing method, terminal and related equipment
EP4254320A1 (en) Image processing method and apparatus, and storage medium
CN113132074B (en) Information transmission method, communication device and system, computer readable storage medium
US20220332324A1 (en) Identifying an origin of abnormal driving behavior for improved vehicle operation
US11182652B2 (en) Methods and system for inferring perception based on augmented feature maps of a perception network
US11703870B2 (en) Method for computing maneuvers drivable space using piecewise semantic aggregation of trajectories
US20240027203A1 (en) Trip simulator for increased time-efficiency when charging
CN112527002B (en) Monitoring device and monitoring method
US20220371660A1 (en) Method for lateral control assistance to enable one-handed driving of a vehicle

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22964870

Country of ref document: EP

Kind code of ref document: A1