[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

CN115550880B - Exception handling method, device and storage medium for certificate of V2X device - Google Patents

Exception handling method, device and storage medium for certificate of V2X device Download PDF

Info

Publication number
CN115550880B
CN115550880B CN202211552618.XA CN202211552618A CN115550880B CN 115550880 B CN115550880 B CN 115550880B CN 202211552618 A CN202211552618 A CN 202211552618A CN 115550880 B CN115550880 B CN 115550880B
Authority
CN
China
Prior art keywords
certificate
abnormal
information
verified
reporting
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211552618.XA
Other languages
Chinese (zh)
Other versions
CN115550880A (en
Inventor
吴宇飞
张亚楠
李岩
赵万里
藏丹丹
杨发雪
张文翠
赵宗辉
张博
李志强
张旺
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhongqi Zhilian Technology Co ltd
Original Assignee
Zhongqi Zhilian Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhongqi Zhilian Technology Co ltd filed Critical Zhongqi Zhilian Technology Co ltd
Priority to CN202211552618.XA priority Critical patent/CN115550880B/en
Publication of CN115550880A publication Critical patent/CN115550880A/en
Application granted granted Critical
Publication of CN115550880B publication Critical patent/CN115550880B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • H04W12/069Authentication using certificates or pre-shared keys

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Security & Cryptography (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention relates to the technical field of vehicle communication, and discloses a method, equipment and a storage medium for exception handling of a certificate of a V2X device. The method comprises the following steps: the method comprises the steps that certificate analysis information of a certificate to be verified is obtained through V2X equipment, when the certificate to be verified is judged to be an abnormal certificate according to the certificate analysis information, corresponding abnormal reporting information is generated and sent to a certificate management platform, the abnormal reporting information sent by each V2X equipment is received through the certificate management platform, the event type of each abnormal reporting information is determined according to abnormal reference information of the abnormal certificate corresponding to each abnormal reporting information in a set time period, the abnormal certificate is processed according to corresponding preset event processing rules, automatic detection and automatic processing of each abnormal certificate are achieved, manual certificate processing is not needed, the problems that abnormal certificate processing efficiency is low and operation is complex are solved, and efficient processing of each certificate can be achieved.

Description

Exception handling method, device and storage medium for certificate of V2X device
Technical Field
The present invention relates to the field of vehicle communication technologies, and in particular, to a method, a device, and a storage medium for exception handling of a certificate of a V2X device.
Background
With the continuous improvement of the intelligentization and networking degrees of automobile and traffic infrastructure, more and more information and data need to be subjected to high-frequency information interaction among all traffic participating bodies, a Vehicle-road cooperation technology is developed, and Vehicle-road cooperation real-time information interaction in an automobile motion state is realized through the fusion of Vehicle-Vehicle and Vehicle-road body V2X (Vehicle to X) communication and a new generation internet technology.
In the V2X communication process, massive vehicle-mounted and road side terminals carry out high-frequency communication interaction, the safety of the communication process is widely concerned by the industry, and accordingly, the V2X digital certificate is adopted, identity authentication, safety transmission and integrity verification in the interaction process are achieved, and the authenticity and the integrity of data are guaranteed. Meanwhile, in order to protect privacy information of the terminal, the V2X certificate adopts a pseudonym certificate and a key derivation mechanism, and at least 20 certificates are issued for one terminal every week, so that privacy security in the using process is realized, and therefore the number of the certificates which need to be generated and managed in the V2X certificate system is far more than that of other certificate systems.
In a traditional certificate management method, a widely used x.509 certificate system generally manages abnormal situations of certificates in a manual manner. That is, when a certificate is found to have a problem, the certificate is submitted to a corresponding certificate manager, and the certificate manager manually performs operations such as analysis, verification, logout and the like. However, this method is inefficient and complex to operate, and cannot meet the use requirement in time when facing certificate services of a large number of terminal devices.
In view of the above, the present invention is particularly proposed.
Disclosure of Invention
In order to solve the technical problem, the invention provides an exception handling method, equipment and a storage medium for a certificate of a V2X device, which realize automatic detection and automatic handling of an exception certificate.
The embodiment of the invention provides a method for processing the exception of a certificate of a V2X device, which comprises the following steps:
acquiring certificate analysis information of a certificate to be verified through V2X equipment, judging whether the certificate to be verified is an abnormal certificate or not based on the certificate analysis information, and if so, generating abnormal reporting information corresponding to the abnormal certificate and sending the abnormal reporting information to a certificate management platform;
receiving abnormal reporting information sent by each V2X device through the certificate management platform, determining the event type of the abnormal reporting information according to abnormal reference information of an abnormal certificate corresponding to the abnormal reporting information in a set time period aiming at each abnormal reporting information, and processing the abnormal certificate according to a preset event processing rule corresponding to the event type.
An embodiment of the present invention provides an electronic device, including:
a processor and a memory;
the processor is used for executing the steps of the exception handling method for the certificate of the V2X device according to any embodiment by calling the program or the instruction stored in the memory.
Embodiments of the present invention provide a computer-readable storage medium, which stores a program or instructions for causing a computer to execute steps of a method for exception handling of a certificate of a V2X device according to any embodiment.
The embodiment of the invention has the following technical effects:
the method comprises the steps that certificate analysis information of a certificate to be verified is obtained through V2X equipment, when the certificate to be verified is judged to be an abnormal certificate according to the certificate analysis information, corresponding abnormal reporting information is generated and sent to a certificate management platform to achieve detection and reporting of the abnormal certificate, then the abnormal reporting information sent by each V2X equipment is received through the certificate management platform, the event type of each abnormal reporting information is determined according to abnormal reference information of the abnormal certificate corresponding to each abnormal reporting information in a set time period, the abnormal certificate is processed according to corresponding preset event processing rules, targeted processing of each abnormal certificate is achieved, automatic detection and automatic processing of each abnormal certificate are achieved, manual analysis, verification or cancellation of the certificate are not needed, the problems that in the prior art, the efficiency of abnormal certificate processing is low, the operation is complex are solved, rapid processing of each certificate can be achieved under the condition of using a large number of certificates, and the use requirements of the certificates are met in time.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of an exception handling method for a certificate of a V2X device according to an embodiment of the present invention;
fig. 2 is a flowchart of an exception handling method for a certificate of another V2X device according to an embodiment of the present invention;
fig. 3 is a flowchart of an exception handling method for a certificate of another V2X device according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of an exception handling system for a certificate of a V2X device according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a V2X device according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of a certificate management platform according to an embodiment of the present invention;
fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below. It is to be understood that the disclosed embodiments are merely exemplary of the invention, and are not intended to be exhaustive or exhaustive. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Before describing in detail the method for handling an exception for a certificate of a V2X device according to an embodiment of the present invention, a technical problem solved by the method for handling an exception for a certificate of a V2X device according to an embodiment of the present invention will be described.
In an x.509 certificate system widely used in the fields of finance, government affairs and the like, abnormal situations of certificates are generally managed in a manual mode. In the process of using the certificate, if the certificate file is found to have problems or the conditions of signature verification, encryption and decryption failure and the like exist, the certificate file is submitted to a corresponding certificate manager, and the manager analyzes the certificate content and verifies key fields such as a certificate issuing organization, a user, the validity period and the like. If the certificate has abnormity or errors, the abnormal certificate is manually issued to the certificate revocation list by a manager, and the use authority of the abnormal certificate is cancelled. The method needs to invest experienced management personnel to analyze and judge the certificate and adopt corresponding operation, and the corresponding abnormal condition processing efficiency is low and the operation is complex. When the certificate service of the vehicle-road cooperative mass terminal equipment is faced, the use requirement cannot be met, and particularly, the abnormality of the V2X certificate cannot be detected and processed in time under the condition that the vehicle runs at a high speed, so that the normal road operation can be influenced.
In order to solve the above problems, in the method for processing an exception of a certificate of a V2X device according to the embodiments of the present invention, each V2X device performs exception detection and reporting of exception information on each certificate, and a certificate management platform determines an event category corresponding to each exception reported information, and further selects a corresponding preset event processing rule to process the exception certificate, so that automatic detection and automatic processing of the exception certificate are implemented, problems of low manual processing efficiency and complex operation are solved, timeliness of exception processing of each V2X certificate is effectively improved, and safe operation of each digital certificate system is ensured.
In addition, the method provided by the embodiment of the invention can realize real-time and efficient processing of the abnormal certificate, does not need to wait for management personnel, can meet the use requirement of the certificate in time in the service scene such as high-speed driving of vehicles and the like, and avoids influencing service use.
The method for processing the exception of the certificate of the V2X equipment, provided by the embodiment of the invention, is mainly suitable for the situations of exception detection and exception processing of the certificate used by the equipment based on V2X technical communication. The exception handling method for the certificate of the V2X device provided in the embodiment of the present invention may be executed by an electronic device integrated in a car machine or a cloud platform.
Fig. 1 is a flowchart of a method for exception handling of a certificate of a V2X device according to an embodiment of the present invention. Referring to fig. 1, the method for exception handling of a certificate of a V2X device specifically includes:
s110, acquiring certificate analysis information of the certificate to be verified through the V2X equipment, judging whether the certificate to be verified is an abnormal certificate or not based on the certificate analysis information, and if so, generating abnormal reporting information corresponding to the abnormal certificate and sending the abnormal reporting information to the certificate management platform.
Wherein, the V2X device may be a device that communicates based on V2X technology; specifically, the V2X device may communicate with surrounding vehicles, devices, or base stations using an automotive wireless communication technology to obtain information such as real-time road conditions, road information, or pedestrian information.
Illustratively, the V2X devices include, but are not limited to, vehicle-mounted terminals, road infrastructure devices (e.g., road side devices, communication base stations, etc.), and user terminals.
In this embodiment, the certificate to be verified may be an own certificate or an external certificate of the V2X device. That is, each V2X device can perform anomaly detection on its own certificate or an external certificate. The self-owned certificate is a digital certificate applied by the V2X equipment to a certificate issuing authority, namely the digital certificate used by the V2X equipment; the external certificate is a digital certificate applied by other V2X devices communicating with the V2X device to a certificate issuing authority, i.e. a digital certificate used by other V2X devices.
Optionally, the obtaining of the certificate analysis information of the certificate to be verified may be: when detecting that a message sent to other V2X equipment is generated, determining a certificate used by the V2X equipment as a certificate to be verified, and acquiring certificate analysis information of the certificate to be verified; and/or when receiving messages sent by other V2X equipment, determining the certificate used by other V2X equipment as the certificate to be verified, and acquiring certificate analysis information of the certificate to be verified.
That is, for each V2X device, when it is detected that a message needs to be sent to another V2X device, the own certificate used by the device may be used as the certificate to be verified; or, when detecting that a message sent by other V2X devices is received, taking an external certificate used by the other V2X devices as a certificate to be authenticated.
By the mode, each V2X device can detect the own certificate or the external certificate, each V2X device can detect the own certificate before sending the message and detect the external certificate corresponding to the message when receiving the message, so that the certificate abnormity detection during communication is realized, and the communication safety is ensured.
Further, after acquiring the certificate analysis information of the certificate to be verified, the V2X device may check the certificate analysis information to determine whether the certificate to be verified is an abnormal certificate. The certificate parsing information may include certificate basic information, a certificate key, a certificate signature, a certificate algorithm, and issuer information. Certificate base information includes, but is not limited to, certificate version number, type, expiration date, geographic scope of validity, and application rights.
In a specific embodiment, the determining whether the certificate to be verified is an abnormal certificate based on the certificate parsing information includes: acquiring preset basic information, and comparing the certificate basic information in the certificate analysis information with the preset basic information; verifying a certificate key, a certificate signature and a certificate algorithm in the certificate analysis information; acquiring a superior certificate of a certificate to be verified based on issuer information in the certificate analysis information, and verifying a trust chain of the certificate to be verified based on the superior certificate; and judging whether the certificate to be verified is an abnormal certificate or not according to the comparison result, the verification result and the verification result.
The preset basic information may include preset contents corresponding to fields such as a certificate version number, a type, a validity period, a valid geographic range, and an application authority. Specifically, the V2X device may compare the certificate parsing information with preset basic information, and if the certificate parsing information includes content inconsistent with the preset basic information or missing content, it may be determined that the comparison result is a comparison failure.
Specifically, the certificate key, the certificate signature and the certificate algorithm in the certificate parsing information are verified, which may be to detect whether the certificate key, the certificate signature and the certificate algorithm meet preset standards, and if so, the verification result is that the verification is passed.
The issuer information may be information describing an organization that issues the certificate to be verified. Specifically, the related superior certificate of the issuing organization of the certificate to be verified can be obtained through the issuer information, and then the trust chain of the certificate to be verified is verified through the superior certificate.
It should be noted that, if the certificate to be verified is an own certificate, the V2X device may obtain the superior certificate from the local area, and if the certificate to be verified is an external certificate, the V2X device may download the superior certificate according to the link.
Further, after the comparison result, the verification result and the verification result are obtained, whether the certificate to be verified is an abnormal certificate or not can be judged according to the three results. Specifically, if at least one of the comparison result, the verification result, and the verification result has a failure result, it may be determined that the certificate to be verified is an abnormal certificate.
Further, the V2X device may generate exception report information corresponding to the exception certificate and send the exception report information to the certificate management platform. The abnormal reporting information may include certificate information of the abnormal certificate and device information of the abnormal device corresponding to the abnormal certificate. And the abnormal equipment corresponding to the abnormal certificate is the equipment using the abnormal certificate.
Through the mode, each V2X device can realize abnormal detection of the own certificate or the external certificate when having communication requirements or being in a communication state, and sends abnormal reporting information corresponding to the detected abnormal certificate to the certificate management platform for processing.
S120, receiving abnormal reporting information sent by each V2X device through a certificate management platform, determining the event type of the abnormal reporting information according to abnormal reference information of the abnormal certificate corresponding to the abnormal reporting information in a set time period aiming at each abnormal reporting information, and processing the abnormal certificate according to a preset event processing rule corresponding to the event type.
Wherein the certificate management platform may be a cloud platform. Specifically, the certificate management platform may receive exception reporting information sent by each V2X device. For each abnormal reporting information, the certificate management platform can determine abnormal reference information of the abnormal certificate corresponding to the abnormal reporting information in a set time period. The abnormal reference information of the abnormal certificate in the set time period may be information obtained by statistics according to historical abnormal reporting information sent by other V2X devices which have communicated with the abnormal device corresponding to the abnormal certificate in the set time period. For example, the abnormal reference information in the set time period may be an abnormal reporting rate or an abnormal occurrence frequency in the set time period.
Specifically, in this embodiment, the certificate management platform may collect, for each abnormal report information, historical abnormal data related to the abnormal report information, and sort the abnormal report information according to information such as time, area, related device, or frequency of occurrence of an abnormality, to obtain the abnormal reference information.
Further, the certificate management platform may determine the event type of the abnormal reported information according to the abnormal reference information. The event category may be used to indicate the event authenticity and the event severity of the abnormal report information. Each event category is provided with a corresponding preset event processing rule.
For example, the preset event processing rule may be to ignore the abnormal reporting information, revoke the usage right of the abnormal certificate, reissue the abnormal certificate or revoke the abnormal certificate, and the like.
Specifically, after determining the event type, the certificate management platform may process the abnormal certificate by using a preset event processing rule corresponding to the event type. For example, the abnormal reporting information corresponding to the abnormal certificate is ignored, and the abnormal certificate is revoked.
The embodiment has the following technical effects: the method comprises the steps that certificate analysis information of a certificate to be verified is obtained through V2X equipment, corresponding abnormal report information is generated and sent to a certificate management platform when the certificate to be verified is judged to be an abnormal certificate according to the certificate analysis information, so that the abnormal certificate is detected and reported, the abnormal report information sent by each V2X equipment is received through the certificate management platform, the event type of each abnormal report information is determined according to abnormal reference information of the abnormal certificate corresponding to each abnormal report information in a set time period, the abnormal certificate is processed according to corresponding preset event processing rules, the specific processing of each abnormal certificate is achieved, automatic detection and automatic processing of each abnormal certificate are further achieved, manual analysis, verification or logoff of the certificate are not needed, the problems that the existing technology is low in abnormal certificate processing efficiency and complex in operation are solved, rapid processing of each certificate can be achieved under the condition that a large number of certificates are used, and the use requirements of the certificates are met in time.
By the exception handling method for the certificate of the V2X equipment, provided by the embodiment of the invention, efficient exception detection of the certificate is directly realized on each V2X equipment, each V2X certificate is verified in real time, exception report information is reported, the certificate management platform determines the event type, and the exception certificate corresponding to the exception report information is processed according to the preset event processing rule corresponding to the event type, so that the uniform exception analysis, report and handling of the whole process of the V2X equipment-certificate management platform are realized, manual operation of a manager is not needed, the exception certificate handling efficiency is greatly improved, the timeliness of exception certificate handling is further improved, and the influence on certificate use is reduced.
Fig. 2 is a flowchart of another method for exception handling of a certificate of a V2X device according to an embodiment of the present invention. On the basis of the foregoing embodiments, optionally, a step of determining, by the V2X device, an abnormal degree level of the abnormal certificate corresponding to each abnormal reporting information, and determining whether the abnormal certificate needs to be reported to the certificate management platform according to the abnormal degree level is added. Referring to fig. 2, the method for exception handling of the certificate of the V2X device specifically includes:
s210, acquiring the certificate analysis information of the certificate to be verified through the V2X equipment.
S220, acquiring preset basic information, and comparing the certificate basic information in the certificate analysis information with the preset basic information.
And S230, verifying the certificate key, the certificate signature and the certificate algorithm in the certificate analysis information.
S240, acquiring a superior certificate of the certificate to be verified based on the issuer information in the certificate analysis information, and verifying the trust chain of the certificate to be verified based on the superior certificate.
And S250, judging whether the certificate to be verified is an abnormal certificate or not according to the comparison result, the verification result and the verification result.
And S260, if the certificate to be verified is an abnormal certificate, determining the abnormal degree grade of the abnormal certificate based on the certificate analysis information.
Specifically, in this embodiment, after the certificate to be verified is judged to be the abnormal certificate according to the certificate analysis information, the abnormal degree level of the abnormal certificate may also be determined according to the verification result of the certificate analysis information. Wherein, the abnormal degree grade is used for describing the abnormal degree of the abnormal certificate.
In a specific embodiment, determining the abnormal degree level of the abnormal certificate based on the certificate parsing information includes: if the comparison result is that the comparison is inconsistent and the abnormal detection frequency of the equipment corresponding to the certificate to be verified is lower than the preset frequency, determining that the abnormal degree grade of the abnormal certificate is a first-grade abnormal grade; if the comparison result is that the comparison is inconsistent and the abnormal detection frequency of the equipment corresponding to the certificate to be verified is not lower than the preset frequency, determining that the abnormal degree grade of the abnormal certificate is a secondary abnormality; if the verification result is verification failure or the verification result is verification failure, determining that the degree of abnormality of the abnormal certificate is three-level abnormality; and the second-level exception and the third-level exception represent exception report information.
The abnormal detection frequency may be a frequency at which the to-be-verified certificate is detected to be abnormal within a preset time period. The degree of abnormality of the primary abnormality is lower than that of the secondary abnormality, and the degree of abnormality of the secondary abnormality is lower than that of the tertiary abnormality.
Specifically, the primary exception may be a situation that a field in the certificate basic information is missing, an error, or the like, and only a very small number of times is detected within a certain time; the primary exception has no influence on the normal communication transmission and safe operation of the overall vehicle-road cooperative environment and the equipment. The primary exception is mostly a sporadic problem in the process of generating and transmitting messages.
The secondary abnormality can be the condition that fields in the basic information of the certificate are missing, wrong and the like, and is detected for many times within a certain time; the secondary abnormity has certain influence on the normal communication transmission and safe operation of the overall vehicle-road cooperative environment and the equipment. The secondary exception is mostly a problem and an error in the process of applying, issuing and downloading the certificate, and related certificates may need to be reissued and updated.
The third-level exception may be a certificate key, certificate signature, or certificate algorithm error, or the certificate issuing authority may be untrusted. Of course, the three-level abnormality may also be that the above condition is detected many times within a certain time, and the device corresponding to the certificate to be verified frequently sends a message. The three-level abnormity has great influence on the normal communication transmission and safe operation of the overall vehicle-road cooperative environment and the equipment. The three-level abnormality is mostly a large number of problematic V2X certificates and messages caused by human or equipment failure, misleading and threat are caused to peripheral V2X equipment, and the permission of relevant equipment for sending messages to the outside may need to be cancelled immediately.
That is, when the certificate basic information in the certificate parsing information is inconsistent with the preset basic information or there is a missing field, if the abnormal detection frequency of the certificate to be verified is lower than the preset frequency, it may be determined as a primary abnormality, and if the abnormal detection frequency of the certificate to be verified is not lower than the preset frequency, it may be determined as a secondary abnormality.
And when at least one of the certificate key, the certificate signature and the certificate algorithm in the certificate parsing information does not meet a preset standard, or when the trust chain verification of the certificate to be verified fails, determining that the certificate to be verified is a three-level exception.
By the mode, each V2X device can divide the abnormal degree grade of each abnormal certificate, and then executes corresponding operation according to the abnormal degree grade, so that the abnormal certificates of various abnormal grades are differentially processed, and safety risks or error report caused by a unified processing mode is avoided.
And S270, judging whether abnormal reporting information corresponding to the abnormal certificate is generated or not based on the abnormal degree grade, and sending the abnormal reporting information to the certificate management platform.
Specifically, after the abnormal degree grade of the abnormal certificate is determined, the V2X device may process the abnormal certificate according to a preset abnormal processing rule corresponding to the abnormal degree grade. The preset exception handling rule comprises a reporting rule and a local handling rule.
In this embodiment, the V2X device may determine, at the abnormal degree level, whether to report to the certificate management platform, that is, determine a reporting rule corresponding to the abnormal degree level, and if necessary, generate abnormal reporting information corresponding to the abnormal certificate and send the abnormal reporting information to the certificate management platform.
Besides judging whether reporting to the certificate management platform is needed, the V2X device can also determine a local processing rule corresponding to the abnormal degree level, and then the V2X device processes the abnormal device corresponding to the abnormal certificate according to the local processing rule.
Illustratively, the local processing rule corresponding to the primary exception is: the V2X equipment ignores the message using the abnormal certificate and does not receive the content of the message; the corresponding reporting rule is as follows: and not reporting related abnormal information to the certificate management platform. The local processing rule corresponding to the secondary exception is as follows: ignoring the message using the abnormal certificate on the V2X equipment, and not receiving the message content; the corresponding reporting rule is as follows: and reporting related information such as abnormal types, severity and the like of the abnormal certificate to a certificate management platform, and carrying out further analysis and adopting corresponding processing measures by the platform. The local processing rule corresponding to the three-level exception is as follows: ignoring the message using the abnormal certificate on the V2X equipment, not receiving the content of the message, and continuously detecting the abnormal certificate until the message of the abnormal certificate cannot be received or the message of the abnormal certificate cannot be generated; the corresponding reporting rule is as follows: and reporting related information such as abnormal types, severity and the like of the abnormal certificate to a certificate management platform, and carrying out further analysis and taking corresponding processing measures by the platform.
S280, receiving abnormal reporting information sent by each V2X device through a certificate management platform, determining the event type of the abnormal reporting information according to abnormal reference information of the abnormal certificate corresponding to the abnormal reporting information in a set time period aiming at each abnormal reporting information, and processing the abnormal certificate according to a preset event processing rule corresponding to the event type.
The embodiment has the following technical effects: through the V2X equipment, when the certificate to be verified is detected to be an abnormal certificate, the abnormal degree grade corresponding to the abnormal certificate is determined, and whether the abnormal certificate needs to be reported to the certificate management platform or not is determined according to the abnormal degree grade, so that the abnormal certificates of various grades are differentially processed, the safety risk or error report caused by adopting a unified processing mode is avoided, and the influence on the use of the certificate and the road communication safety is further avoided.
Fig. 3 is a flowchart of another method for exception handling of a certificate of a V2X device according to an embodiment of the present invention. On the basis of the foregoing embodiments, optionally, a process of determining, by the certificate management platform, abnormal reference information of an abnormal certificate corresponding to each abnormal reporting information in a set time period is exemplarily described. Referring to fig. 3, the method for exception handling of the certificate of the V2X device specifically includes:
s310, acquiring certificate analysis information of the certificate to be verified through the V2X equipment.
S320, acquiring preset basic information, and comparing the certificate basic information in the certificate analysis information with the preset basic information.
S330, verifying the certificate key, the certificate signature and the certificate algorithm in the certificate analysis information.
S340, acquiring a superior certificate of the certificate to be verified based on the issuer information in the certificate analysis information, and verifying the trust chain of the certificate to be verified based on the superior certificate.
And S350, judging whether the certificate to be verified is an abnormal certificate or not according to the comparison result, the verification result and the verification result.
And S360, if the certificate to be verified is an abnormal certificate, determining the abnormal degree grade of the abnormal certificate based on the certificate analysis information, and judging whether abnormal report information corresponding to the abnormal certificate is generated or not and sending the abnormal report information to the certificate management platform based on the abnormal degree grade.
And S370, receiving the abnormal reporting information sent by each V2X device through the certificate management platform, determining an abnormal device corresponding to the abnormal reporting information aiming at each abnormal reporting information, and acquiring historical abnormal data, sent by each V2X device in a set time period, aiming at the abnormal device.
The abnormal device corresponding to the abnormal reporting information may be a V2X device using an abnormal certificate corresponding to the abnormal reporting information.
Specifically, the certificate management platform may collect historical anomaly data for anomalous devices sent by each V2X device over a set period of time. Namely, other abnormal report information sent by other V2X devices communicating with the abnormal device within a set time period is acquired.
S380, determining the abnormal occurrence frequency and the abnormal reporting rate of the abnormal certificate corresponding to the abnormal reporting information based on the historical abnormal data, and taking the abnormal occurrence frequency, the abnormal reporting rate and the abnormal degree grade as abnormal reference information of the abnormal certificate in a set time period.
Specifically, the certificate management platform may calculate the abnormal occurrence frequency and the abnormal reporting rate of the abnormal certificate according to the acquired historical abnormal data. The abnormal frequency may be determined according to the quantity of the abnormal reporting information of the abnormal device in the set time period. The abnormal reporting rate can be determined according to the historical abnormal reporting information quantity of the abnormal device in the set time period and the message quantity of communication between other V2X devices and the abnormal device in the set time period.
For example, if the number of the abnormal reporting information related to the abnormal device in 1 hour is 5,1 and the number of the messages communicated with the abnormal device by other V2X devices in 1 hour is 50, it may be determined that the abnormal reporting rate is 5/50=10%.
Further, the certificate management platform may use the abnormal occurrence frequency, the abnormal reporting rate, and the abnormal degree level as the abnormal reference information of the abnormal certificate. The degree of abnormality may be determined by the V2X device, and the V2X device may carry the degree of abnormality in the sent abnormality report information.
It should be noted that the abnormal reporting rate of the abnormal certificate corresponding to the abnormal reporting information may reflect the validity of the abnormal reporting information. For example, it may be set that the abnormal reporting information with the abnormal reporting rate greater than 50% is valid abnormal information, which indicates that, in other V2X devices in which information interaction occurs with the abnormal device corresponding to the abnormal reporting information within a certain time, more than 50% of the devices report the abnormality of the abnormal device to the certificate management platform, and it may be considered that the abnormal reporting information is valid, and further analysis and measures need to be taken.
And S390, determining the event type of the abnormal reported information according to the abnormal reference information of the abnormal certificate corresponding to the abnormal reported information in a set time period, and processing the abnormal certificate according to a preset event processing rule corresponding to the event type.
In a specific embodiment, the determining, according to the abnormal reference information of the abnormal certificate corresponding to the abnormal reporting information in the set time period, an event category of the abnormal reporting information may be:
if the degree of the abnormality is of a first-level abnormality and the abnormal reporting rate is lower than the preset reporting rate, determining the event type of the abnormal reporting information as a class of event; if the degree of abnormality is a second-level abnormality, determining that the event type of the abnormal reported information is a second-level event; if the degree of the abnormality is in a three-level abnormality level and the occurrence frequency of the abnormality is less than a preset first threshold, determining that the event type of the abnormal reported information is a three-type event; and if the degree of the abnormality is in a three-level abnormality level and the occurrence frequency of the abnormality is greater than a preset first threshold, determining that the event type of the abnormal reported information is four types of events.
The event can be a first-level exception which is sporadic or is reported by mistake, and is characterized by low reporting rate of the exception and low possibility of repeated occurrence. The second type of event may refer to an abnormality with a medium frequency of occurrence of the abnormality, such as a secondary abnormality; the V2X device in which the abnormality occurs cannot be normally used due to the abnormality or error of the certificate in the partial time state. Three types of events may refer to three levels of anomalies that occur more frequently; the abnormal V2X equipment basically cannot use the abnormal certificate to complete communication identity authentication or the message sent by the abnormal certificate has great influence on other V2X equipment. Four types of events may refer to tertiary anomalies that occur with extremely high frequency; the abnormal device actively sends an abnormal message or a safety attack message, wherein the message carries viruses or other attack means, and directly poses serious threat to peripheral V2X devices.
Specifically, the preset report rate may be a preset standard report rate for determining that the exception is valid, for example, 50%. When the degree of abnormality of the abnormal reporting information is a first-level abnormality and the abnormal reporting rate is lower than the preset reporting rate, it can be determined that the effectiveness of the abnormal reporting information is low. Further, the event type of the abnormal reporting information may be determined as a type of event.
And when the abnormal degree level of the abnormal reported information is second-level abnormal, the detection frequency of the abnormal reported information can be indicated to be medium, and the event type of the abnormal reported information can be further determined as second-type events.
And when the abnormal degree level of the abnormal reported information is three-level abnormal, the abnormal reported information can indicate that the certificate key, the signature or the trust chain in the abnormal certificate corresponding to the abnormal reported information has problems, namely the abnormal certificate has safety problems. For the abnormal reporting information with the abnormal degree grade of three-level abnormality, if the abnormal occurrence frequency is less than a preset first threshold value, the event type can be determined to be three types of events, and if the abnormal occurrence frequency is greater than (or equal to) the preset first threshold value, the event type can be determined to be four types of events. The preset first threshold is a preset abnormal occurrence frequency critical value for distinguishing three types of events from four types of events.
By the method, the first-class event, the second-class event, the third-class event and the fourth-class event can be accurately divided, so that the certificate management platform can accurately judge the event category of each abnormal reported information, and further, the certificate management platform can accurately process each abnormal reported information according to the event category.
After the event type of the abnormal reported information is determined, a preset event processing rule corresponding to the event type can be further determined. For example, the certificate management platform may preset a processing rule corresponding to each category, and then when the preset event processing rule corresponding to the event category needs to be determined, match the event category with each preset category, and then use the processing rule corresponding to the matched category as the preset event processing rule corresponding to the event category.
For example, the preset event processing rule corresponding to the determined type of event may be: and maintaining the record of the abnormal equipment and the abnormal reporting information in the certificate management platform without taking direct handling measures, and keeping observation for a period of time, wherein if the abnormal reporting information does not occur any more, the abnormal reporting information can be considered to be solved.
Or, the determined preset event processing rule corresponding to the two types of events may be: marking the corresponding abnormal equipment, pushing related certificate information to a certificate application module in the certificate management platform, temporarily putting the abnormal certificate into a preset blacklist through the certificate application module, revoking the use authority of the abnormal certificate, further confirming the abnormal reason, and subsequently adopting processing modes of re-applying and issuing the certificate and the like so as to solve the problem of the current abnormal certificate.
Or, the determined preset event processing rules corresponding to the three types of events may be: the corresponding abnormal certificate and the related information of the abnormal equipment are pushed to a certificate revocation module in a certificate management platform, the abnormal certificate is placed in a regular certificate revocation list by the certificate revocation module to be revoked, each V2X equipment can obtain each abnormal certificate in the list after downloading the regular certificate revocation list regularly, and the abnormal equipment can know that the certificate of the equipment is invalid and needs to reapply and download the V2X certificate after downloading the regular certificate revocation list.
Or, the determined preset event processing rules corresponding to the four types of events may be: and pushing the corresponding abnormal certificate and the related information of the abnormal equipment to a certificate revocation module in the certificate management platform, putting the abnormal certificate into a real-time certificate revocation list by the certificate revocation module, performing real-time revocation, and pushing the abnormal certificate to other V2X equipment in the trust domain, thereby immediately revoking the external communication authority of the abnormal equipment.
In a specific embodiment, the processing the abnormal certificate according to a preset event processing rule corresponding to the event category may include: if the event type of the abnormal reporting information is a type of event, setting a processing state corresponding to the abnormal reporting information as a completion state when detecting that other abnormal reporting information of the abnormal equipment is not acquired within a preset future time period; if the event type of the abnormal reported information is a second type event, writing an abnormal certificate corresponding to the abnormal reported information into a preset blacklist to revoke the use permission of the abnormal certificate; if the event type of the abnormal reported information is three types of events, writing an abnormal certificate corresponding to the abnormal reported information into a regular certificate revocation list; and if the event type of the abnormal reported information is four types of events, writing the abnormal certificate corresponding to the abnormal reported information into a real-time certificate revocation list.
That is, if the event type of the abnormal reporting information is a type of event, the certificate management platform may continue to monitor the abnormal device corresponding to the abnormal reporting information in a preset future time period to determine whether other abnormal reporting information of the abnormal device is acquired, and if other abnormal reporting information of the abnormal device is not acquired in the preset future time period, the certificate management platform may set the processing state corresponding to the abnormal reporting information as a completion state to mark the abnormal reporting information as a resolved abnormality.
If the event category of the abnormal reporting information is the second category of events, the certificate management platform can write the abnormal certificate corresponding to the abnormal reporting information into a preset blacklist. And the abnormal certificates in the preset blacklist are the certificates which need to revoke the use authority. Further, the certificate management platform may revoke the usage right of the abnormal certificate through a preset blacklist. The certificate management platform can also send certificate reasserting request information to the abnormal equipment corresponding to the abnormal reporting information so as to enable the abnormal equipment to apply and issue the certificate again.
If the event type of the abnormal reported information is three types of events, the certificate management platform can write the abnormal certificate corresponding to the abnormal reported information into the regular certificate revocation list so as to enable the abnormal certificate to be invalid.
Wherein each abnormal certificate of the regular certificate revocation list is a revoked certificate. Specifically, the certificate management platform may actively and periodically issue the periodic certificate revocation list to each V2X device, or each V2X device actively and periodically downloads the periodic certificate revocation list, and then each V2X device may determine the failed abnormal certificate based on the periodic certificate revocation list. The V2X device using the invalidated abnormal certificate can no longer complete communication identity authentication or send a message through the abnormal certificate, and the V2X device can know that the own certificate is invalidated according to the periodic certificate revocation list, and needs to reapply and download the digital certificate.
If the event type of the abnormal reported information is four types of events, the certificate management platform can write the abnormal certificate corresponding to the abnormal reported information into the real-time certificate revocation list, so that the abnormal certificate is immediately invalid.
Wherein each abnormal certificate of the real-time certificate revocation list is a revoked certificate. Specifically, the certificate management platform may immediately issue the real-time certificate revocation list to each V2X device after updating the real-time certificate revocation list, and each V2X device may immediately determine the invalidated abnormal certificate based on the real-time certificate revocation list, so as to immediately revoke the external communication permission of the abnormal device of the abnormal certificate. The V2X device using the invalidated abnormal certificate can know that the own certificate is invalidated according to the real-time certificate revocation list, and needs to reapply and download the digital certificate.
By the method, the abnormal reported information under the first-class event, the second-class event, the third-class event and the fourth-class event can be processed respectively, and the safety risk caused by adopting a unified processing mode or the influence on certificate use is avoided. The certificate management platform determines the event category of each abnormal reported message, selects corresponding processing operations of temporary non-disposal, blacklist management, regular uniform revocation or real-time revocation according to the event category, realizes efficient processing of the abnormal certificate, ensures safe operation of the whole digital certificate system, and provides the guarantee in the aspects of abnormal analysis and certificate management for large-scale and commercial application of the V2X certificate.
The embodiment has the following technical effects: according to the method, abnormal equipment corresponding to abnormal reported information is determined according to each abnormal reported information through a certificate management platform, historical abnormal data, sent by each V2X equipment in a set time period, aiming at the abnormal equipment is obtained, abnormal occurrence frequency and abnormal reported rate are determined according to the historical abnormal data, abnormal reference information of the abnormal reported information is obtained, abnormal reported conditions of each equipment in the whole trust domain are fully considered, analysis of the abnormal reported information under the global environment is achieved, the determination accuracy of event types can be improved based on the abnormal reference information obtained through big data analysis, and accurate processing of each abnormal certificate by the certificate management platform is guaranteed.
Fig. 4 is a schematic structural diagram of a system for exception handling of a certificate of a V2X device according to an embodiment of the present invention. Referring to fig. 4, the system includes V2X devices 410 and a certificate management platform 420.
The V2X device 410 is configured to obtain certificate parsing information of a certificate to be verified, determine whether the certificate to be verified is an abnormal certificate based on the certificate parsing information, and if so, generate abnormal reporting information corresponding to the abnormal certificate and send the abnormal reporting information to the certificate management platform 420;
the certificate management platform 420 is configured to receive exception reporting information sent by each V2X device 410, determine, for each exception reporting information, an event type of the exception reporting information according to exception reference information of an exception certificate corresponding to the exception reporting information within a set time period, and process the exception certificate according to a preset event processing rule corresponding to the event type.
Optionally, the V2X device 410 includes a certificate detection module, an anomaly analysis module, and a report processing module. The certificate detection module is used for acquiring certificate analysis information of a certificate to be verified; the abnormal analysis module is used for judging whether the certificate to be verified is an abnormal certificate or not based on the certificate analysis information; and the report processing module is used for generating abnormal report information corresponding to the abnormal certificate and sending the abnormal report information to the certificate management platform.
Optionally, the certificate detection module is specifically configured to:
when detecting that a message sent to other V2X equipment is generated, determining a certificate used by the V2X equipment as a certificate to be verified, and acquiring certificate analysis information of the certificate to be verified; and/or when receiving messages sent by other V2X equipment, determining the certificate used by the other V2X equipment as a certificate to be verified, and acquiring certificate analysis information of the certificate to be verified.
Optionally, the anomaly analysis module is specifically configured to:
acquiring preset basic information, and comparing the certificate basic information in the certificate analysis information with the preset basic information; verifying a certificate key, a certificate signature and a certificate algorithm in the certificate analysis information; acquiring a superior certificate of the certificate to be verified based on the issuer information in the certificate analysis information, and verifying a trust chain of the certificate to be verified based on the superior certificate; and judging whether the certificate to be verified is an abnormal certificate or not according to the comparison result, the verification result and the verification result.
Optionally, the abnormal analysis module is further configured to determine, if the certificate to be verified is an abnormal certificate, an abnormal degree level of the abnormal certificate based on the certificate analysis information; correspondingly, the reporting processing module is further configured to determine, based on the abnormal degree level, whether to generate abnormal reporting information corresponding to the abnormal certificate and send the abnormal reporting information to the certificate management platform.
Optionally, the anomaly analysis module is further configured to determine that the degree of anomaly of the anomalous certificate is a first-level anomaly if the comparison result is that the comparison is inconsistent and the anomaly detection frequency of the device corresponding to the certificate to be verified is lower than a preset frequency; if the comparison result is that the comparison is inconsistent and the abnormal detection frequency of the equipment corresponding to the certificate to be verified is not lower than the preset frequency, determining that the abnormal degree grade of the abnormal certificate is a secondary abnormality; if the verification result is verification failure or the verification result is verification failure, determining that the abnormal degree grade of the abnormal certificate is three-grade abnormality; and generating exception reporting information by the second-level exception and the third-level exception.
Optionally, the V2X device 410 further includes a policy management module. Exemplarily, referring to fig. 5, fig. 5 is a schematic structural diagram of a V2X device provided in an embodiment of the present invention; the V2X device includes a certificate detection module 510, an exception analysis module 520, a report processing module 530, and a policy management module 540.
The policy management module 540 is configured to determine preset exception handling rules corresponding to the different exception degree levels; the preset exception handling rule comprises a reporting rule and a local handling rule.
Specifically, the exception analysis module 520 may determine a preset exception handling rule corresponding to the exception degree level of the exception certificate among the preset exception handling rules set by the policy management module 540, and then determine whether to generate the exception report information corresponding to the exception certificate according to the preset exception handling rule, and send the exception report information to the certificate management platform.
Exemplarily, referring to fig. 6, fig. 6 is a schematic structural diagram of a certificate management platform according to an embodiment of the present invention. Optionally, the certificate management platform includes an exception management module 610, an analysis processing module 620, a certificate application module 630, and a certificate revocation module 640.
The exception management module 610 is configured to receive exception reporting information sent by each V2X device, and determine, for each exception reporting information, an event type of the exception reporting information according to exception reference information of an exception certificate corresponding to the exception reporting information in a set time period;
and the analysis processing module 620 is configured to invoke a certificate application module or a certificate revocation module to process the abnormal certificate corresponding to the abnormal reporting information according to a preset event processing rule corresponding to the event type.
Optionally, the certificate application module 630 is configured to receive a certificate application request sent by each V2X device.
Optionally, the exception management module 610 is further configured to determine an exception device corresponding to the exception reporting information, and obtain historical exception data, which is sent by each V2X device within a set time period and is for the exception device; determining the abnormal occurrence frequency and the abnormal reporting rate of an abnormal certificate corresponding to the abnormal reporting information based on the historical abnormal data; and taking the abnormal occurrence frequency, the abnormal reporting rate and the abnormal degree grade as abnormal reference information of the abnormal certificate in a set time period.
Optionally, the exception management module 610 is further configured to determine that the event category of the exception report information is a class of event if the exception degree level is a first-class exception and the exception report rate is lower than a preset report rate; if the degree of abnormality is a second-level abnormality, determining that the event type of the abnormal reported information is a second-level event; if the degree of the abnormality is of a third-level abnormality and the frequency of the abnormality is less than a preset first threshold, determining that the event type of the abnormal reported information is a third-level event; and if the degree of the abnormality is in a three-level abnormality level and the frequency of the abnormality is greater than a preset first threshold, determining that the event type of the abnormal reported information is four types of events.
Optionally, the analysis processing module 620 is further configured to, if the event category of the abnormal reporting information is a type of event, reject the abnormal reporting information when it is detected that other abnormal reporting information of the abnormal device is not obtained within a preset future time period; if the event category of the abnormal reported information is a second-class event, calling a certificate application module to write an abnormal certificate corresponding to the abnormal reported information into a preset blacklist so as to revoke the use authority of the abnormal certificate; if the event type of the abnormal reported information is three types of events, calling a certificate revocation module to write an abnormal certificate corresponding to the abnormal reported information into a regular certificate revocation list; if the event type of the abnormal reporting information is four types of events, a certificate revocation module is called to write the abnormal certificate corresponding to the abnormal reporting information into a real-time certificate revocation list.
The exception handling system for the certificate of the V2X device, provided by the embodiment of the present invention, obtains certificate parsing information of the certificate to be verified through the V2X device, generates corresponding exception report information when the certificate to be verified is judged to be an exception certificate according to the certificate parsing information, sends the exception report information to the certificate management platform, so as to implement detection and report of the exception certificate, further receives the exception report information sent by each V2X device through the certificate management platform, determines an event type of each exception report information according to exception reference information of the exception certificate corresponding to each exception report information within a set time period, and handles the exception certificate according to a corresponding preset event handling rule, thereby implementing targeted handling of each exception certificate, further implementing automatic detection and automatic handling of each exception certificate, and without manually performing operations such as parsing, verification, or logoff on the certificate, and the like, thereby solving the problems of low efficiency and complex operation of processing of each exception certificate in the prior art, and further, in a mass certificate usage scenario, and satisfying the usage requirements of each certificate in time.
Fig. 7 is a schematic structural diagram of an electronic device according to an embodiment of the present invention. As shown in fig. 7, the electronic device 700 includes one or more processors 701 and memory 702.
The processor 701 may be a Central Processing Unit (CPU) or other form of processing unit having data processing capabilities and/or instruction execution capabilities, and may control other components in the electronic device 700 to perform desired functions.
Memory 702 may include one or more computer program products that may include various forms of computer-readable storage media, such as volatile memory and/or non-volatile memory. The volatile memory may include, for example, random Access Memory (RAM), cache memory (cache), and/or the like. The non-volatile memory may include, for example, read Only Memory (ROM), hard disk, flash memory, etc. One or more computer program instructions may be stored on the computer-readable storage medium and executed by the processor 701 to implement the calibration method for the vehicle-mounted BSD camera according to any of the embodiments of the present invention described above and/or other desired functions. Various contents such as initial external parameters, threshold values, etc. may also be stored in the computer-readable storage medium.
In one example, the electronic device 700 may further include: an input device 703 and an output device 704, which are interconnected by a bus system and/or other form of connection mechanism (not shown). The input device 703 may include, for example, a keyboard, a mouse, and the like. The output device 704 may output various information to the outside, including warning prompt information, braking force, and the like. The output devices 704 may include, for example, a display, speakers, a printer, and a communication network and remote output devices connected thereto, among others.
Of course, for simplicity, only some of the components of the electronic device 700 relevant to the present invention are shown in fig. 7, omitting components such as buses, input/output interfaces, and the like. In addition, electronic device 700 may include any other suitable components depending on the particular application.
In addition to the above methods and apparatus, embodiments of the present invention may also be a computer program product comprising computer program instructions which, when executed by a processor, cause the processor to perform the steps of the method of exception handling of a certificate of a V2X device as provided by any of the embodiments of the present invention.
The computer program product may write program code for carrying out operations for embodiments of the present invention in any combination of one or more programming languages, including an object oriented programming language such as Java, C + + or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's device, as a stand-alone software package, partly on the user's computing device and partly on a remote computing device, or entirely on the remote computing device or server.
Furthermore, an embodiment of the present invention may also be a computer-readable storage medium having stored thereon computer program instructions, which, when executed by a processor, cause the processor to perform the steps of the method for exception handling of a certificate of a V2X device provided by any embodiment of the present invention.
The computer readable storage medium may take any combination of one or more readable media. The readable medium may be a readable signal medium or a readable storage medium. A readable storage medium may include, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium include: an electrical connection having one or more wires, a portable disk, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.
It is to be understood that the terminology used herein is for the purpose of describing particular embodiments only, and is not intended to limit the scope of the present application. As used in this specification and the appended claims, the terms "a," "an," "the," and/or "the" are not to be taken in a singular sense, but rather are intended to include a plural sense unless the context clearly dictates otherwise. The terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, or apparatus. Without further limitation, an element defined by the phrase "comprising a … …" does not exclude the presence of additional like elements in a process, method, or apparatus that comprises the element.
It is further noted that the terms "center," "upper," "lower," "left," "right," "vertical," "horizontal," "inner," "outer," and the like are used in the orientation or positional relationship indicated in the drawings for convenience in describing the invention and for simplicity in description, and do not indicate or imply that the referenced devices or elements must have a particular orientation, be constructed and operated in a particular orientation, and thus should not be construed as limiting the invention. Unless expressly stated or limited otherwise, the terms "mounted," "connected," "coupled," and the like are to be construed broadly and encompass, for example, both fixed and removable coupling or integral coupling; can be mechanically or electrically connected; they may be connected directly or indirectly through intervening media, or they may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Finally, it should be noted that: the above embodiments are only used to illustrate the technical solution of the present invention, and not to limit the same; while the invention has been described in detail and with reference to the foregoing embodiments, it will be understood by those skilled in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some or all of the technical features may be equivalently replaced; and the modifications or the substitutions do not make the essence of the corresponding technical solutions deviate from the technical solutions of the embodiments of the present invention.

Claims (7)

1. A method for exception handling of a certificate of a V2X device, the method comprising:
acquiring certificate analysis information of a certificate to be verified through V2X equipment, judging whether the certificate to be verified is an abnormal certificate or not based on the certificate analysis information, if so, determining the abnormal degree grade of the abnormal certificate based on the certificate analysis information, and judging whether abnormal report information corresponding to the abnormal certificate is generated or not based on the abnormal degree grade and sending the abnormal report information to a certificate management platform, wherein the certificate analysis information comprises certificate basic information, a certificate key, a certificate signature, a certificate algorithm and information of a signer;
receiving abnormal reporting information sent by each V2X device through the certificate management platform, determining the event type of the abnormal reporting information according to abnormal reference information of an abnormal certificate corresponding to the abnormal reporting information in a set time period for each abnormal reporting information, and processing the abnormal certificate according to a preset event processing rule corresponding to the event type, wherein the abnormal reference information is information obtained by statistics of historical abnormal reporting information sent by other V2X devices which are communicated with the abnormal device corresponding to the abnormal certificate in the set time period, and comprises abnormal reporting rate and abnormal occurrence frequency in the set time period;
the determining the event type of the abnormal reporting information according to the abnormal reference information of the abnormal certificate corresponding to the abnormal reporting information in a set time period comprises the following steps:
if the abnormal degree grade is a first-grade abnormality and the abnormal reporting rate is lower than a preset reporting rate, determining that the event type of the abnormal reporting information is a class of event;
if the degree of abnormality is a second-level abnormality, determining that the event type of the abnormal reported information is a second-level event;
if the degree of the abnormality is of a third-level abnormality and the frequency of the abnormality is less than a preset first threshold, determining that the event type of the abnormal reported information is a third-level event;
if the degree of the abnormality is in a third-level abnormality level and the frequency of the abnormality is greater than a preset first threshold, determining that the event type of the abnormal reported information is four types of events;
the processing the abnormal certificate according to the preset event processing rule corresponding to the event category comprises the following steps:
if the event type of the abnormal reporting information is a type of event, setting a processing state corresponding to the abnormal reporting information as a completion state when detecting that other abnormal reporting information of the abnormal equipment is not obtained in a preset future time period;
if the event type of the abnormal reported information is a second type event, writing an abnormal certificate corresponding to the abnormal reported information into a preset blacklist so as to revoke the use permission of the abnormal certificate;
if the event type of the abnormal reported information is three types of events, writing an abnormal certificate corresponding to the abnormal reported information into a regular certificate revocation list;
and if the event type of the abnormal reported information is four types of events, writing the abnormal certificate corresponding to the abnormal reported information into a real-time certificate revocation list.
2. The method according to claim 1, wherein the determining whether the certificate to be verified is an abnormal certificate based on the certificate parsing information includes:
acquiring preset basic information, and comparing the certificate basic information in the certificate analysis information with the preset basic information;
verifying a certificate key, a certificate signature and a certificate algorithm in the certificate analysis information;
acquiring a superior certificate of the certificate to be verified based on the issuer information in the certificate analysis information, and verifying a trust chain of the certificate to be verified based on the superior certificate;
and judging whether the certificate to be verified is an abnormal certificate or not according to the comparison result, the verification result and the verification result.
3. The method of claim 2, wherein determining the degree of abnormality of the abnormal certificate based on the certificate parsing information comprises:
if the comparison result is that the comparison is inconsistent and the abnormal detection frequency of the equipment corresponding to the certificate to be verified is lower than the preset frequency, determining that the abnormal degree grade of the abnormal certificate is a first-grade abnormal grade;
if the comparison result is that the comparison is inconsistent and the abnormal detection frequency of the equipment corresponding to the certificate to be verified is not lower than the preset frequency, determining that the abnormal degree grade of the abnormal certificate is a secondary abnormality;
if the verification result is verification failure or the verification result is verification failure, determining that the degree of abnormality of the abnormal certificate is three-level abnormality;
and generating exception reporting information by the second-level exception and the third-level exception.
4. The method of claim 1, further comprising:
determining abnormal equipment corresponding to the abnormal reporting information, and acquiring historical abnormal data, which is sent by each V2X device in a set time period and aims at the abnormal equipment;
determining the abnormal occurrence frequency and the abnormal reporting rate of an abnormal certificate corresponding to the abnormal reporting information based on the historical abnormal data;
and taking the abnormal occurrence frequency, the abnormal reporting rate and the abnormal degree grade as abnormal reference information of the abnormal certificate in a set time period.
5. The method according to any one of claims 1 to 4, wherein the obtaining certificate resolution information of the certificate to be verified comprises:
when detecting that a message sent to other V2X equipment is generated, determining a certificate used by the V2X equipment as a certificate to be verified, and acquiring certificate analysis information of the certificate to be verified; and/or the presence of a gas in the atmosphere,
when receiving messages sent by other V2X equipment, determining the certificate used by the other V2X equipment as a certificate to be verified, and acquiring certificate analysis information of the certificate to be verified.
6. An electronic device, characterized in that the electronic device comprises:
a processor and a memory;
the processor is adapted to perform the steps of the V2X device certificate exception handling method of any of claims 1 to 5 by calling a program or instructions stored in the memory.
7. A computer-readable storage medium characterized in that it stores a program or instructions for causing a computer to execute the steps of the method of exception handling of a certificate of a V2X device according to any of claims 1 to 5.
CN202211552618.XA 2022-12-06 2022-12-06 Exception handling method, device and storage medium for certificate of V2X device Active CN115550880B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211552618.XA CN115550880B (en) 2022-12-06 2022-12-06 Exception handling method, device and storage medium for certificate of V2X device

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211552618.XA CN115550880B (en) 2022-12-06 2022-12-06 Exception handling method, device and storage medium for certificate of V2X device

Publications (2)

Publication Number Publication Date
CN115550880A CN115550880A (en) 2022-12-30
CN115550880B true CN115550880B (en) 2023-03-10

Family

ID=84722337

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211552618.XA Active CN115550880B (en) 2022-12-06 2022-12-06 Exception handling method, device and storage medium for certificate of V2X device

Country Status (1)

Country Link
CN (1) CN115550880B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115802350B (en) * 2023-02-07 2023-05-05 中汽智联技术有限公司 Certificate revocation status verification system, method and storage medium
CN116896761B (en) * 2023-09-11 2023-11-28 中汽智联技术有限公司 V2X communication exception handling method, device, equipment and medium

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114040406A (en) * 2021-10-27 2022-02-11 海信集团控股股份有限公司 Abnormal information detection method and device for vehicle-mounted equipment
CN115037465A (en) * 2022-06-14 2022-09-09 武汉理工大学 Intelligent ship identity verification and false identity early warning system based on ship digital certificate
CN115378737A (en) * 2022-10-24 2022-11-22 中汽数据(天津)有限公司 Cross-domain device communication trust method, device, equipment and medium

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101584001B1 (en) * 2014-10-22 2016-01-08 현대자동차주식회사 Method and System for Detecting Misbehavior for Vehicle-to-Anything Communication
US10595175B2 (en) * 2017-06-23 2020-03-17 Veniam, Inc. Methods and systems for detecting anomalies and forecasting optimizations to improve smart city or region infrastructure management using networks of autonomous vehicles
CN111200799B (en) * 2018-11-20 2021-06-15 华为技术有限公司 Abnormal behavior detection method, device and system for Internet of vehicles
US11445362B2 (en) * 2019-03-01 2022-09-13 Intel Corporation Security certificate management and misbehavior vehicle reporting in vehicle-to-everything (V2X) communication
US11424941B2 (en) * 2020-04-29 2022-08-23 Blackberry Limited Method and system for handling dynamic cybersecurity posture of a V2X entity
US11695574B2 (en) * 2020-04-29 2023-07-04 Blackberry Limited Method and system for establishing trust for a cybersecurity posture of a V2X entity
CN112491859B (en) * 2020-11-20 2023-06-20 上海连尚网络科技有限公司 Domain name certificate detection method, device, electronic equipment and computer readable medium

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114040406A (en) * 2021-10-27 2022-02-11 海信集团控股股份有限公司 Abnormal information detection method and device for vehicle-mounted equipment
CN115037465A (en) * 2022-06-14 2022-09-09 武汉理工大学 Intelligent ship identity verification and false identity early warning system based on ship digital certificate
CN115378737A (en) * 2022-10-24 2022-11-22 中汽数据(天津)有限公司 Cross-domain device communication trust method, device, equipment and medium

Also Published As

Publication number Publication date
CN115550880A (en) 2022-12-30

Similar Documents

Publication Publication Date Title
JP7045288B2 (en) Data analysis device, data analysis method and program
CN115550880B (en) Exception handling method, device and storage medium for certificate of V2X device
US20220084328A1 (en) Vehicle monitoring apparatus, fraud detection server, and control methods
JP7045286B2 (en) Data analysis device, data analysis method and program
US8621591B2 (en) Software signing certificate reputation model
US11695574B2 (en) Method and system for establishing trust for a cybersecurity posture of a V2X entity
US20130067220A1 (en) Communication system, vehicle-mounted terminal, roadside device
KR20190102873A (en) System and method for security inspection of electronic equipment
CN111698255A (en) Service data transmission method, device and system
US11979509B2 (en) Method and system for handling dynamic cybersecurity posture of a V2X entity
Mahmood et al. Systematic threat assessment and security testing of automotive over-the-air (OTA) updates
CN115147956B (en) Data processing method, device, electronic equipment and storage medium
CN112883382A (en) Vehicle flashing method, vehicle networking box, vehicle and storage medium
CN114257388B (en) Information safety protection method and device of Internet of vehicles system and electric automobile
WO2019142475A1 (en) Data analysis device and program
CN115802350B (en) Certificate revocation status verification system, method and storage medium
CN115378737A (en) Cross-domain device communication trust method, device, equipment and medium
CN113836564A (en) Block chain-based networked automobile information safety system
WO2019142476A1 (en) Data analysis device and program
JP2019129528A (en) Data analysis device and program
CN113992437B (en) Access control management method, device and system for Modbus equipment
CN111522717B (en) Resource inspection method, system and computer readable storage medium
GB2619325A (en) Perception service test mode in intelligent transport systems
CN118250057A (en) Certificate generation method, system, equipment and medium
CN116760575A (en) Detection method and device of abnormal control instruction, electronic equipment and storage medium

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant