CN110868406A - Security upgrading system of terminal system based on upgrading state permission - Google Patents

Security upgrading system of terminal system based on upgrading state permission Download PDF

Info

Publication number
CN110868406A
CN110868406A CN201911073978.XA CN201911073978A CN110868406A CN 110868406 A CN110868406 A CN 110868406A CN 201911073978 A CN201911073978 A CN 201911073978A CN 110868406 A CN110868406 A CN 110868406A
Authority
CN
China
Prior art keywords
upgrade
upgrading
state
subsystem
permission
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201911073978.XA
Other languages
Chinese (zh)
Inventor
刘乾
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Nanjing Kuwozhixing Technology Co Ltd
Original Assignee
Nanjing Kuwozhixing Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Nanjing Kuwozhixing Technology Co Ltd filed Critical Nanjing Kuwozhixing Technology Co Ltd
Priority to CN201911073978.XA priority Critical patent/CN110868406A/en
Publication of CN110868406A publication Critical patent/CN110868406A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Computing Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Stored Programmes (AREA)

Abstract

The invention relates to the field of intelligent terminals, and discloses a security upgrading system of a terminal system based on upgrading state permission, which has the technical scheme that a cloud subsystem, a management subsystem, a state confirmation subsystem and an upgrading subsystem are carried on a terminal operating system; the cloud subsystem is used for creating and issuing an upgrade package; the management subsystem downloads the upgrade package from the cloud subsystem and verifies the safety of the upgrade package data; the state confirmation subsystem extracts the upgrade state permission conditions contained in the upgrade package and verifies the upgrade permission state according to the upgrade state permission conditions; the upgrading subsystem is used for installing an upgrading package on the terminal after the upgrading permission state is verified successfully; the invention provides a concept of upgrading state permission conditions, and a mode of adding a state confirmation subsystem to verify the upgrading state permission conditions before the upgrading is installed is adopted, so that the safety of the terminal equipment system during upgrading is ensured.

Description

Security upgrading system of terminal system based on upgrading state permission
Technical Field
The invention relates to the field of intelligent terminals, in particular to a security upgrading system of a terminal system based on upgrading state permission.
Background
With the development of the intelligent terminal device technology, more and more terminal devices begin to use an operating system with an OTA (over the air technology) function, the operating system of the intelligent terminal has the characteristics of AI intelligence, visualized content and online upgrading, and the online upgrading function has the capability of repairing problems and releasing new functions under the condition of not recalling the terminal device. Therefore, the intelligent system is more and more emphasized by the relevant companies of the intelligent terminal device, more and more terminal devices start to carry intelligent operating systems, and the OTA capability is used for upgrading the intelligent system and the control systems such as the whole terminal device.
Taking automobile equipment as an example, the existing OTA upgrading scheme for a vehicle-mounted system is derived from upgrading technologies accumulated in consumer electronics products, and comprises upgrading package encryption, upgrading package safety verification, backup operating system isolation and other modes, which are all focused on data safety in the upgrading process, so that the upgrading package is ensured not to be modified and damaged, the safety in the upgrading package transmission process is ensured, and the safety problem of the vehicle state which needs to be considered is usually ignored as a special scene. In more cases, the upgrading system teaches the safety problem of the vehicle state to the user for autonomous determination, and in this case, especially in the case that the user does not have too much safety awareness, the upgrading safety or upgrading problem caused by the inappropriate vehicle state is easily caused, for example, the user downloads an upgrading package during driving, and manually or automatically selects upgrading the system during driving on a highway, or in some areas or vehicle states which should not be upgraded, so that the vehicle is in an unavailable or function-limited state within tens of minutes to several hours of upgrading, and the potential safety hazard of the vehicle and the owner during upgrading is further increased. Similar events occur too much, for example, the vehicle cannot be used for a long time due to the upgrade of the vehicle-mounted system at the intersection, so that traffic congestion is caused.
Therefore, if the use state of the terminal equipment is ignored in the OTA upgrading process, negative effects, potential safety hazards and the like are likely to be caused to the user and the terminal equipment.
Disclosure of Invention
The invention aims to provide a safe upgrading system of a terminal system based on upgrading state permission, which proposes the concept of upgrading state permission conditions, adds a state confirmation subsystem before the installation of upgrading to verify the mode of upgrading state permission conditions, and ensures that the terminal system is not only safe in data, but also safe in the state and the upgrading time of the terminal device.
The technical purpose of the invention is realized by the following technical scheme: a secure upgrade system for a terminal system based on upgrade status licensing, comprising, hosted on a terminal operating system:
the cloud subsystem is used for creating and issuing an upgrade package;
the management subsystem downloads the upgrade package from the cloud subsystem and verifies the safety of the upgrade package data;
the state confirmation subsystem extracts the upgrade state permission conditions contained in the upgrade package and verifies the upgrade permission state according to the upgrade state permission conditions;
and the upgrading subsystem is used for installing an upgrading package on the terminal after the upgrading permission state is verified successfully.
Preferably, the cloud subsystem issues an upgrade notification to the target terminal when issuing the upgrade package.
Preferably, the upgrade package is encrypted at the time of distribution.
Preferably, the management mode of the management subsystem includes receiving information from the cloud subsystem, establishing a communication channel with the cloud subsystem, downloading the upgrade package through the communication channel, verifying the security of the upgrade package, and verifying the integrity of the upgrade package data.
Preferably, the method for verifying the security of the upgrade package includes public-private key verification.
Preferably, the method for verifying the integrity of the upgrade package data comprises MD5 verification.
Preferably, the upgrade permission status includes a terminal body permission status, a terminal scenario permission status, and a user permission status.
Preferably, in the process of verifying the upgrade permission status by the status confirmation subsystem, the terminal body permission status verification and the terminal scene permission status verification are first verification, the user permission status is second verification, and the verification is started after the first verification is successful.
In conclusion, the invention has the following beneficial effects: before the upgrade package is installed and upgraded, the detection and verification of state safety are added, the concept of upgrade state permission conditions is provided, the upgrade state permission conditions and the upgrade package are bound in a one-to-one mode, operation management can be carried out on an upgrade management background by an operator according to requirements, the upgrade conditions can be flexibly set according to the content of a specific upgrade package, therefore, different upgrade corresponding to different state permission conditions is achieved, and the upgrade flexibility is increased; in the verification of the upgrading permission state, the permission state of the terminal body and the permission state of the terminal scene are verified firstly, so that the confirmation is carried out by the user under the condition of ensuring the safety of the terminal, the problem of potential safety hazard caused by direct subjective confirmation of the user is avoided, and the safety of the upgrading process of the terminal system can be ensured.
Drawings
FIG. 1 is a flow chart of the operation of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings.
The invention can be applied to the field of intelligent terminals, provides a safety upgrading system of a terminal system based on upgrading state permission, and can be applied to the upgrading process of real-time operating systems such as intelligent vehicle-mounted terminal systems, service robot systems, industrial control systems and the like with requirements on safety and working states.
As shown in fig. 1, the present invention includes a cloud subsystem, a management subsystem, a status confirmation subsystem, and an upgrade subsystem, which are carried on a terminal operating system.
The cloud subsystem is a cloud part of the whole scheme of the invention, and is used for providing the establishment and the issuing of an upgrade package of the terminal system by an upgrade operator, establishing an upgrade state permission condition in the upgrade package, issuing an upgrade notification to a target terminal, encrypting the upgrade notification and the upgrade package and improving the safety of a data transmission process;
specifically, the upgrade status license condition is created according to the number, contents, and characteristics of all subsystems of the terminal device and its system itself.
The management subsystem is responsible for receiving information from the cloud subsystem, a communication channel is established between the management subsystem and the cloud subsystem, an upgrade package issued by the cloud subsystem is downloaded through the communication channel, the security of the upgrade package and the integrity of the upgrade package data are verified, specifically, the security of the upgrade package can be verified in a public and private key verification mode, namely, the upgrade package is decrypted, and the integrity of the upgrade package data can be verified in an MD5 verification mode.
The state confirmation subsystem extracts the upgrade state permission conditions contained in the upgrade package and verifies the upgrade permission state according to the upgrade state permission conditions; the upgrade permission state includes a terminal body permission state, a terminal scenario permission state, and a user permission state.
Specifically, in the process of verifying the upgrade permission status by the status confirmation subsystem, the terminal body permission status verification and the terminal scene permission status verification are first verification, the user permission status is second verification, and the verification is started after the first verification is successful, but due to different application occasions, the sequence of the front verification and the rear verification can be properly adjusted, for example, the user permission status is first verification, the terminal body permission status verification and the terminal scene permission status verification are second verification, and the upgrade security requirement of the actual terminal device is specifically used as the standard;
taking vehicle-mounted system upgrade as an example: after the state confirmation subsystem extracts the upgrade state permission condition, the terminal body permission state and the terminal scene permission state are detected according to the upgrade state permission condition, wherein the content of the terminal body permission state comprises the vehicle speed, the vehicle gear position, the available electric quantity of a vehicle-mounted system, the lock state of a vehicle door and a vehicle window, the working state of each subsystem of the vehicle and the like; the terminal scene permission state comprises a geo-fence position corresponding to a vehicle GPS and the like; the state confirmation subsystem can automatically verify all the terminal body permission states and terminal scene permission states in the upgrade state permission conditions corresponding to the upgrade package one by one;
under the condition that the terminal body permission state and the terminal scene permission state are verified successfully, the state confirmation submodule can perform secondary confirmation on the vehicle owner, informs about the upgrading content, the upgrading time and some use state limits of the vehicle during upgrading, applies for obtaining confirmation of the vehicle owner, and the vehicle owner can confirm the upgrading process through voice instructions or click operation and the like, so that all upgrading permission states are verified.
And the upgrading subsystem is used for installing an upgrading package on the terminal to complete upgrading after the upgrading permission state is verified successfully.
For a better understanding, still taking the vehicle-mounted system as an example, the working method is as follows:
an upgrade operator uploads a latest vehicle-mounted system upgrade package on a cloud subsystem according to the requirement of upgrade management, and sets upgrade state permission conditions corresponding to upgrade according to the quantity, content and characteristics of all subsystems upgraded by the upgrade package; if only after a new energy automobile is inserted into a charging wire, the gear is in a P gear, the automobile is parked in a parking lot and the like, specific conditions are selected according to the content and the characteristics of the subsystem needing to be upgraded, the subsystem needing to be upgraded cannot work mainly according to the condition that the automobile is safe in what state;
after the upgrade operator issues the upgrade package and the upgrade notification, the management subsystem receives the notification and downloads the corresponding upgrade package;
after the management subsystem finishes downloading the upgrade package, verifying the safety and integrity of the upgrade package, and obtaining the finally decrypted upgrade package and the upgrade state permission conditions in the upgrade package;
after the state confirmation subsystem extracts the upgrade state permission conditions of the upgrade package, vehicle body permission state and vehicle scene permission state detection is carried out, and detection contents include but are not limited to working states of all subsystem modules of a vehicle, whole vehicle network data information, vehicle position states, vehicle door double-lock and running states;
after the state confirmation subsystem verifies the upgrade state permission conditions corresponding to the upgrade package one by one, if the upgrade state permission conditions are not met, the upgrade operation is returned, the upgrade state permission conditions are continuously monitored, and the upgrade is triggered when the upgrade state permission conditions are met; if the upgrade state permission condition is met after the detection, informing the vehicle owner that the state confirmation subsystem confirms the vehicle owner;
the state confirmation subsystem detects the state of the vehicle owner, reminds the vehicle owner that the upgrade state permission condition is met currently to upgrade the vehicle system, and informs the vehicle owner of the information of the upgrade duration, the affected functions and the like to be finally confirmed by the vehicle owner;
if the final confirmation of the owner is obtained, the upgrading subsystem can complete the final upgrading operation, the vehicle-mounted system enters an upgrading state, and all subsystems with upgrading requirements can be upgraded at the same time.
The invention has the advantages that: before the upgrade package is installed and upgraded, the detection and verification of state safety are added, the concept of upgrade state permission conditions is provided, the upgrade state permission conditions and the upgrade package are bound in a one-to-one mode, operation management can be carried out on an upgrade management background by an operator according to requirements, the upgrade conditions can be flexibly set according to the content of a specific upgrade package, therefore, different upgrade corresponding to different state permission conditions is achieved, and the upgrade flexibility is increased; in the verification of the upgrading permission state, the permission state of the terminal body and the permission state of the terminal scene are verified firstly, so that the confirmation is carried out by the user under the condition of ensuring the safety of the terminal, the problem of potential safety hazard caused by direct subjective confirmation of the user is avoided, and the safety of the upgrading process of the terminal system can be ensured.
The above description is only a preferred embodiment of the present invention, and the protection scope of the present invention is not limited to the above embodiments, and all technical solutions belonging to the idea of the present invention belong to the protection scope of the present invention. It should be noted that modifications and embellishments within the scope of the invention may occur to those skilled in the art without departing from the principle of the invention, and are considered to be within the scope of the invention.

Claims (8)

1. A security upgrading system of a terminal system based on upgrading state permission is characterized in that: including being carried on the terminal operating system:
the cloud subsystem is used for creating and issuing an upgrade package;
the management subsystem downloads the upgrade package from the cloud subsystem and verifies the safety of the upgrade package data;
the state confirmation subsystem extracts the upgrade state permission conditions contained in the upgrade package and verifies the upgrade permission state according to the upgrade state permission conditions;
and the upgrading subsystem is used for installing an upgrading package on the terminal after the upgrading permission state is verified successfully.
2. The system of claim 1, wherein the upgrade status license based security upgrade system comprises: and the cloud subsystem issues an upgrade notification to the target terminal when issuing the upgrade package.
3. The system of claim 1, wherein the upgrade status license based security upgrade system comprises: the upgrade package is encrypted when released.
4. The system of claim 1, wherein the upgrade status license based security upgrade system comprises: the management mode of the management subsystem comprises the steps of receiving information from the cloud subsystem, establishing a communication channel with the cloud subsystem, downloading the upgrade package through the communication channel, verifying the security of the upgrade package and verifying the integrity of the upgrade package data.
5. The system of claim 4, wherein the upgrade status license based security upgrade system comprises: the mode for verifying the security of the upgrade package comprises public and private key verification.
6. The system of claim 4, wherein the upgrade status license based security upgrade system comprises: the way to verify the integrity of the upgrade package data includes MD5 verification.
7. The system of claim 1, wherein the upgrade status license based security upgrade system comprises: the upgrade permission state includes a terminal body permission state, a terminal scenario permission state, and a user permission state.
8. The system of claim 7, wherein the upgrade status license based security upgrade system comprises: in the process that the state confirmation subsystem verifies the upgrade permission state, the terminal body permission state verification and the terminal scene permission state verification are first verification, the user permission state is second verification, and the verification is started after the first verification is successful.
CN201911073978.XA 2019-11-06 2019-11-06 Security upgrading system of terminal system based on upgrading state permission Pending CN110868406A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911073978.XA CN110868406A (en) 2019-11-06 2019-11-06 Security upgrading system of terminal system based on upgrading state permission

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911073978.XA CN110868406A (en) 2019-11-06 2019-11-06 Security upgrading system of terminal system based on upgrading state permission

Publications (1)

Publication Number Publication Date
CN110868406A true CN110868406A (en) 2020-03-06

Family

ID=69653289

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911073978.XA Pending CN110868406A (en) 2019-11-06 2019-11-06 Security upgrading system of terminal system based on upgrading state permission

Country Status (1)

Country Link
CN (1) CN110868406A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022188043A1 (en) * 2021-03-09 2022-09-15 华为技术有限公司 Method for obtaining file by means of over the air (ota) technology and related device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103312786A (en) * 2013-05-17 2013-09-18 广州市雄兵汽车电器有限公司 Vehicle-mounted terminal remote upgrading method and car networking system
CN105259803A (en) * 2015-10-15 2016-01-20 湖南南车时代电动汽车股份有限公司 Remote upgrading method for electric vehicle
CN109375936A (en) * 2018-10-23 2019-02-22 奇瑞新能源汽车技术有限公司 A kind of system and method for realizing New-energy electric vehicle ECU software OTA function
CN110351314A (en) * 2018-04-03 2019-10-18 厦门雅迅网络股份有限公司 The remote upgrade method and computer readable storage medium of automobile controller

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103312786A (en) * 2013-05-17 2013-09-18 广州市雄兵汽车电器有限公司 Vehicle-mounted terminal remote upgrading method and car networking system
CN105259803A (en) * 2015-10-15 2016-01-20 湖南南车时代电动汽车股份有限公司 Remote upgrading method for electric vehicle
CN110351314A (en) * 2018-04-03 2019-10-18 厦门雅迅网络股份有限公司 The remote upgrade method and computer readable storage medium of automobile controller
CN109375936A (en) * 2018-10-23 2019-02-22 奇瑞新能源汽车技术有限公司 A kind of system and method for realizing New-energy electric vehicle ECU software OTA function

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2022188043A1 (en) * 2021-03-09 2022-09-15 华为技术有限公司 Method for obtaining file by means of over the air (ota) technology and related device

Similar Documents

Publication Publication Date Title
US20220080923A1 (en) Method and a system for controlling and monitoring operation of a device
CN113176902B (en) OTA upgrading method of vehicle ECU, electronic equipment, vehicle and readable storage medium
CN108011912B (en) Vehicle control method, server, driving computer equipment, terminal equipment and system
CN112669491B (en) Vehicle digital key distribution management method and device
CN105966352A (en) Method and device for remote control
CN105187438A (en) Equipment authorization method, device and system
CN112328271B (en) Vehicle-mounted equipment software upgrading method and system
CN113923622A (en) Method for upgrading vehicle-mounted controller based on mobile phone Bluetooth key
CN103921760A (en) Method and system for preventing vehicle-mounted positioning terminal from being detached
CN114553933B (en) Control authority taking over method, device and system for unmanned vehicle
CN110868406A (en) Security upgrading system of terminal system based on upgrading state permission
US20220179636A1 (en) Vehicle controller
CN115242634A (en) Software upgrading method, device and storage medium
CN106897627B (en) Method for ensuring automobile ECU to be free from attack and automatically updated
CN111935258A (en) Method and system for performing parameter operation on electric vehicle-mounted terminal
CN113472833A (en) Parking control method and system and cloud service platform
CN109671219A (en) One kind is returned the car authenticating device, method and cloud server
CN112511983A (en) Privacy protection system and protection method based on position of Internet of vehicles
CN110728797B (en) Returning method and system for electric vehicle
KR102485156B1 (en) Method for secure communication in electric vehicle charger system
CN115442411A (en) Vehicle end management method and vehicle end management system based on terminal internet
WO2011088005A1 (en) An anti-theft system and method for a machine having a communication device and work implement
CN113296811A (en) Vehicle body OTA remote upgrading system and method based on networking vehicle-mounted terminal
CN109969031A (en) A kind of method and apparatus of stolen vehicle safeguard protection
CN107435300A (en) A kind of illegal motor vehicle in public security road junction intercepts control method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20200306