CN112468995B - Searchable encryption privacy protection method and system based on Internet of vehicles - Google Patents

Searchable encryption privacy protection method and system based on Internet of vehicles Download PDF

Info

Publication number
CN112468995B
CN112468995B CN202011424426.1A CN202011424426A CN112468995B CN 112468995 B CN112468995 B CN 112468995B CN 202011424426 A CN202011424426 A CN 202011424426A CN 112468995 B CN112468995 B CN 112468995B
Authority
CN
China
Prior art keywords
user
data
server
information
vehicle
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011424426.1A
Other languages
Chinese (zh)
Other versions
CN112468995A (en
Inventor
程文志
欧嵬
刘志壮
万李
张文昭
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Dragon Totem Technology Hefei Co ltd
Hefei Wisdom Dragon Machinery Design Co ltd
Original Assignee
Hunan University of Science and Engineering
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hunan University of Science and Engineering filed Critical Hunan University of Science and Engineering
Priority to CN202011424426.1A priority Critical patent/CN112468995B/en
Publication of CN112468995A publication Critical patent/CN112468995A/en
Application granted granted Critical
Publication of CN112468995B publication Critical patent/CN112468995B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a searchable encryption privacy protection method and a searchable encryption privacy protection system based on the Internet of vehicles. Since the data in the internet of vehicles contains more private information of users, especially characteristic values of vehicles, and the information is directly transmitted in the network in a plaintext manner, the information is easily monitored or stolen. Meanwhile, when the server of the third party is in an unsafe state, the key stored in the server is also leaked, and finally, user information is leaked. Therefore, the invention provides a searchable encryption privacy protection solution based on a vehicle network, data between a server and vehicle networking equipment is encrypted and transmitted, the server stores encrypted data and cannot check data information, and the privacy safety of a user is guaranteed; when the user side acquires data, encrypted searching is adopted. In the whole process, the data are in an encrypted state, so that the system safety of the whole Internet of vehicles is realized.

Description

Searchable encryption privacy protection method and system based on Internet of vehicles
Technical Field
The invention relates to a searchable encryption privacy protection method and system based on the Internet of vehicles.
Background
With the rapid development of mobile communication technology, the demand of users for mobile applications increases, so that remote control devices are rapidly popularized, and particularly, the research on automatic driving technology is still popular in the field of car networking. Meanwhile, because the cloud computing and cloud storage technology is applied to the Internet of vehicles, the data of the user is basically stored in the cloud server, and the data of the user often has strong privacy due to the particularity of the Internet of vehicles, so that how to effectively protect the privacy data of the user becomes one of the key factors for solving the safety problem of the Internet of vehicles at present.
There are many ways to secure the private data of the user, and encryption technology is an effective measure to provide protection for the private data of the user. Meanwhile, as the data volume of the Internet of vehicles users is increased, the pressure of the cloud server on data processing is increased, the user searches legal and effective information in mass storage data and is an examination for the server, and how to effectively search encrypted data in the cloud server becomes an effective means for solving the safety problem of the Internet of vehicles data.
Aiming at the research of the encrypted data search technology, experts and scholars carry out a lot of research work and obtain a lot of research results. The searchable encryption provides a solution for searching encrypted data under a big data background, the storage problem of unreliable or unreliable server data and the problem of unsafe communication channel can be solved, the safety problem of user privacy data in the Internet of vehicles can be guaranteed, and expert consensus is obtained. Although the current searchable encryption technology can guarantee the security of user data in the car networking to a certain extent, the following problems still exist in the face of complex network and application environments, in particular how to protect the security of legal users in the car networking, how to protect keys and sensitive data of keyword search, and how to dynamically monitor the security of the car networking system. Therefore, there is a need for an efficient searchable encryption privacy protection scheme and system.
Disclosure of Invention
The invention provides a searchable encryption privacy protection method and system based on the Internet of vehicles, aiming at the problem that privacy data in the Internet of vehicles system cannot be effectively guaranteed. Meanwhile, in order to facilitate public information exchange, the server generates a corresponding RSA key pair according to the vehicle-mounted ID, end-to-end information interaction is facilitated, and privacy of a user is protected.
A searchable encryption privacy protection model based on the Internet of vehicles comprises the following steps.
Step 1: an encryption model based on the privacy data of the Internet of vehicles users is established, a user model verification mechanism is provided, and illegal users are prevented from using the system without verification.
If the user verification fails for multiple times, recording the access information of the user, and forbidding the user to continue accessing; if the user authentication is passed, the user is allowed access.
Step 2: and formulating a safety evaluation standard according to the current network or system state of the user.
Marking the safety level of the user as 1 to 10 points, and if the point is lower than 6 points, feeding an unsafe state back to the user; if the score is less than 3, the user is prompted to receive and send necessary basic data, the private data cannot be accessed, and the privacy safety of the user is guaranteed.
And step 3: in the key management of the Internet of vehicles, the vehicle-mounted equipment stores the PIN code and the private key of a user, and the chip is used for blocking storage, so that the key is prevented from being leaked from a hardware end, and the safety of the user is guaranteed.
For sensitive or private data in the Internet of vehicles, the vehicle-mounted equipment and the server can carry out safety check on the sensitive or private data, and the sensitive or private data are isolated and executed in a fixed area in the vehicle-mounted equipment, and are blocked by hardware, so that the risk of leakage is prevented.
And 4, step 4: and a searchable encryption strategy is adopted for the user data in the Internet of vehicles system, namely all data of the user are encrypted and transmitted by using the password stored in the hardware system and are stored in the server in a ciphertext mode, and the server does not store any key information.
The server adopts an encryption search strategy for the user data, namely all data participate in the search in an encryption state and are transmitted back to the user in a ciphertext state.
And 5: all information sent to the user equipment by the server is encrypted according to the RSA public key corresponding to the ID of the vehicle-mounted equipment and is pushed to the user equipment.
After receiving the data of the server, the vehicle-mounted equipment of the user decrypts the encrypted data by using the private key stored in the hardware equipment, so that the confidential transmission of the data is realized.
Step 6: the server adopts a safety monitoring mechanism, and when abnormal behaviors are detected, the server processes the corresponding abnormity.
When the server detects that the user guesses the attack by adopting the keywords, the server limits the behavior of the user and prevents the risk of unauthorized access.
Meanwhile, the abnormal behaviors of the user are early warned in time, and the private data of the Internet of vehicles is prevented from being revealed.
A searchable encryption privacy protection method based on the Internet of vehicles comprises the following processes:
and in the user verification stage, comparing the current information state according to the record of the user stored in the system, if the user behavior is in an abnormal state, reducing the current user safety score, and triggering a corresponding rule according to a safety evaluation standard.
And if the user behavior is normal and meets the safety evaluation standard, allowing the user to pass the relevant operation on the server.
The user safety evaluation standard in the internet of vehicles is 1-10 points, when the user starts the internet of vehicle-mounted equipment, the server can comprehensively measure the safety score according to the feedback information condition, and only when the score is more than 6 points, all data can be requested in the server.
When the score is larger than 8 minutes, the personal privacy information of the user can be modified.
When the user score is lower than 6 minutes, information is fed back to the user equipment to prompt risks, meanwhile, the operation of the user is limited, and only basic services are provided for the user.
When the user score is lower than 3 minutes, the user operation is further limited, an access prohibition strategy is adopted for sensitive data of the user, only public data is provided for the user, and user information leakage is prevented.
The key of the vehicle-mounted equipment is protected in an isolation mode, the key is stored in a fixed area of the vehicle-mounted equipment, only local access is allowed in a hardware blocking mode, and network access is forbidden.
When the encrypted data are transmitted to the vehicle-mounted equipment, the data can call the secret key in the fixed area to carry out decryption operation, then the decrypted data are transmitted to the equipment to be used, the whole process is 'black box' operation, and therefore the secret key protection function is achieved.
Aiming at the processing of the privacy encrypted data, the vehicle-mounted equipment can decrypt and identify the data according to the fixed coding file header of the data, and when the data is identified as the privacy data in the decryption process, the data is immediately transferred to an isolation region for operation, so that secondary protection is performed on the basis of a 'black box'.
The data request process in the Internet of vehicles is a server database search process, when the data in the Internet of vehicles is requested, the data is in an encrypted state, and the server does not store a secret key.
Therefore, conventional search cannot be used, and an encrypted search strategy must be adopted, namely, data is searched in a ciphertext mode, and corresponding search ciphertext information is acquired according to an agreed rule or constraint relation, so that the aim of user privacy data interaction is fulfilled.
The public information pushed in the server is also encrypted, the corresponding RSA public key is selected according to the ID of the user, the public information is encrypted and transmitted, and meanwhile, two encryption strategies are applied, so that encryption identification or encryption guess can be removed, and the aim of ciphertext confusion is achieved.
After the vehicle-mounted equipment receives the public information, the RSA private key stored in the fixed area is called to be decrypted according to the appointed file header or rule, and the data reading work is completed.
In the security monitoring of the server, the behavior of the user is analyzed, and the behavior of the user is restrained according to the scores in the security evaluation standard.
Processing abnormal data or abnormal operation in time; aiming at keyword guessing attack, as all information is in a ciphertext form, meaningless operation of a user is monitored in time, the authority of the user is adjusted, and user information is prevented from being leaked.
A searchable encryption privacy protection system based on the Internet of vehicles comprises the following main contents:
and the system initialization module initializes a secret key, a PIN code, a private key of RSA, public parameters of the server, an RSA public key of the server and the like in the fixed area of the vehicle-mounted equipment.
And the data encryption module is used for completing the encryption process of the data in the vehicle-mounted equipment, realizing local encryption by using 128 bits of the DES and uploading the data to the server side in a ciphertext mode.
Meanwhile, a fixed encryption file header is agreed with the server to distinguish different data types, and the file header is encrypted by adopting an RSA public key published by the server.
When the server pushes information to the vehicle-mounted equipment, the RSA public key corresponding to the vehicle-mounted equipment is acquired through the ID of the vehicle-mounted equipment to carry out public encryption and is sent to the specified vehicle-mounted equipment.
And the server decrypts the file header according to the RSA private key of the server side, determines the data type, stores the encrypted information into the designated server, and makes a correlation relationship, so that subsequent search is facilitated.
After the data of the server is received by the vehicle-mounted equipment, the file header is decrypted through the RSA secret key stored in the fixed area, and whether the data is the private data or not is determined.
If the data is common data, directly decrypting the data; if the private data is the private data, the security isolation area needs to be transferred for decryption protection.
The vehicle-mounted equipment sends a data request, the server side obtains a corresponding search encryption key ciphertext according to the data request of the user, relevant information corresponding to the user is found through ciphertext search and is returned to the vehicle-mounted equipment for processing, and meanwhile, the server side records the search condition of the user and prevents keyword attack.
And the server evaluates the safety index of the user according to the system condition of the user, and performs corresponding processing according to the corresponding safety level to prevent user information from being leaked.
The server side of the car networking safety monitoring module can monitor the request information of the user according to the user flow, prevent keyword attack, limit the access authority of the user according to the safety evaluation information, implement the behavior of the monitoring user and guarantee the safety of the car networking system.
The beneficial effects are as follows.
The invention provides a searchable encryption privacy protection method and system based on the Internet of vehicles. Since the data in the internet of vehicles contains more private information of users, especially characteristic values of vehicles, and the information is directly transmitted in the network in a plaintext manner, the information is easily monitored or stolen. Meanwhile, when information is transmitted in an encrypted form, it is secure in a communication channel, and when a server of a third party is in an unsecured state, a key stored in the server is also leaked, which eventually causes user information leakage. Therefore, the invention provides a searchable encryption privacy protection solution based on a vehicle network, data between a server and vehicle networking equipment is encrypted and transmitted, the server stores encrypted data and cannot check data information, and the privacy safety of a user is guaranteed; when the user side acquires data, encrypted searching is adopted. In the whole process, the data are in an encrypted state, so that the system safety of the whole Internet of vehicles is realized.
Drawings
FIG. 1 is a diagram of a model of the method and system of the present invention;
fig. 2 is a structural diagram of a user privacy data protection system according to the present invention.
Detailed Description
The invention is further explained below with reference to the drawings and the embodiments.
As shown in fig. 1, a searchable encryption privacy protection method and model based on internet of vehicles includes the following steps:
step 1: an encryption model based on the privacy data of the Internet of vehicles users is established, a user model verification mechanism is provided, and illegal users are prevented from using the system without verification.
If the user verification fails for multiple times, recording the access information of the user, and forbidding the user to continue accessing; if the user authentication is passed, the user is allowed access.
Step 2: and formulating a safety evaluation standard according to the current network or system state of the user. And evaluating according to the system security model and the level of line security, and feeding back information to the user in time when the system detects that the user is in an unsafe link state.
Meanwhile, the car networking system also analyzes and processes the unsafe factors, and the safety of the privacy data of the car networking users is guaranteed to the greatest extent.
Marking the safety level of the user as 1 to 10 points, and if the point is lower than 6 points, feeding an unsafe state back to the user; if the score is less than 3, the user is prompted to receive and send necessary basic data, the private data cannot be accessed, and the privacy safety of the user is guaranteed.
And step 3: in the key management of the Internet of vehicles, the vehicle-mounted equipment stores the PIN code and the private key of a user, and the chip is used for blocking storage, so that the key is prevented from being leaked from a hardware end, and the safety of the user is guaranteed.
For sensitive or private data in the Internet of vehicles, the vehicle-mounted equipment and the server can carry out safety check on the sensitive or private data, and the sensitive or private data are isolated and executed in a fixed area in the vehicle-mounted equipment, and are blocked by hardware, so that the risk of leakage is prevented.
The data of the user is encrypted, transmitted and stored, and useful information cannot be acquired even if the data of the user is illegally stolen. On the other hand, in order to prevent data theft of a legal user disguised by an attacker, a user verification mechanism is introduced into the model to verify the safety of the user, and only the user passing the verification can obtain accurate data search permission.
And 4, step 4: and a searchable encryption strategy is adopted for the user data in the Internet of vehicles system, namely all data of the user are encrypted and transmitted by using the password stored in the hardware system and are stored in the server in a ciphertext mode, and the server does not store any key information.
The server adopts an encryption search strategy for the user data, namely all data participate in the search in an encryption state and are transmitted back to the user in a ciphertext state.
And 5: all information sent to the user equipment by the server is encrypted according to the RSA public key corresponding to the ID of the vehicle-mounted equipment and is pushed to the user equipment.
After receiving the data of the server, the vehicle-mounted equipment of the user decrypts the encrypted data by using the private key stored in the hardware equipment, so that the confidential transmission of the data is realized.
Step 6: the server adopts a safety monitoring mechanism, and when abnormal behaviors are detected, the server processes the corresponding abnormality.
Meanwhile, user behavior data are compared, an abnormal search database is established, abnormal data characteristics are extracted, keyword attack or keyword guess attack is timely processed, and privacy safety of users is guaranteed. Meanwhile, the abnormal states of the server process and the system are monitored in real time, and abnormal behaviors are processed in time.
When the server detects that the user guesses the attack by adopting the keywords, the server limits the behavior of the user and prevents the risk of unauthorized access.
Meanwhile, the abnormal behaviors of the user are early warned in time, and the private data of the Internet of vehicles is prevented from being revealed.
Analysis of transmission line safety. Since the user data is transmitted in the public link in the internet, in order to prevent unnecessary data theft or tampering, security analysis can be performed on the routing node of the transmission line, and security classification processing can be performed on each routing forwarding link. In the data transmission process, the optimal safe route is selected within the range of reasonable bandwidth delay, and the safety of system data transmission is ensured.
As shown in fig. 2, a searchable encryption privacy protection model system based on the internet of vehicles is mainly described as follows.
The system initialization module is used for ensuring that a legal user can acquire or modify the information of the user and establishing a corresponding safety protection mechanism based on the safety requirements of the user in the Internet of vehicles and the data storage and processing of the user are performed in a cloud system.
And initializing a secret key, a PIN code, a private key of RSA, public parameters of a server, an RSA public key of the server and the like of the fixed area of the vehicle-mounted equipment.
And the data encryption module is used for completing the encryption process of the data in the vehicle-mounted equipment, realizing local encryption by using 128 bits of the DES and uploading the data to the server side in a ciphertext mode.
Meanwhile, a fixed encryption file header is agreed with the server to distinguish different data types, and the file header is encrypted by adopting an RSA public key published by the server.
When the server pushes information to the vehicle-mounted equipment, the RSA public key corresponding to the vehicle-mounted equipment is acquired through the ID of the vehicle-mounted equipment to carry out public encryption and is sent to the specified vehicle-mounted equipment.
And the server decrypts the file header according to the RSA private key of the server side, determines the data type, stores the encrypted information into the designated server, and makes a correlation relationship, so that subsequent search is facilitated.
After the data of the server is received by the vehicle-mounted equipment, the file header is decrypted through the RSA secret key stored in the fixed area, and whether the data is the private data or not is determined.
If the data is common data, directly decrypting the data; if the private data is the private data, the security isolation area needs to be transferred for decryption protection.
The vehicle-mounted equipment sends a data request, the server side obtains a corresponding search encryption key ciphertext according to the data request of the user, relevant information corresponding to the user is found through ciphertext search and is returned to the vehicle-mounted equipment for processing, and meanwhile, the server side records the search condition of the user and prevents keyword attack.
And the server evaluates the safety index of the user according to the system condition of the user, and performs corresponding processing according to the corresponding safety level to prevent user information from being leaked.
The server side of the car networking safety monitoring module can monitor the request information of the user according to the user flow, prevent keyword attack, limit the access authority of the user according to the safety evaluation information, implement the behavior of the monitoring user and guarantee the safety of the car networking system.
In summary, the invention provides a searchable encryption privacy protection method and system based on the internet of vehicles, and the method accurately searches information of a user in an encrypted state in a cloud server under the condition that user data is ensured to be encrypted, so that privacy safety of the user is protected. Since the data in the internet of vehicles contains more private information of users, especially characteristic values of vehicles, and the information is directly transmitted in the network in a plaintext manner, the information is easily monitored or stolen. Meanwhile, when information is transmitted in an encrypted form, it is secure in a communication channel, and when a server of a third party is in an unsecured state, a key stored in the server is also leaked, which eventually causes user information leakage.
Therefore, the invention provides a searchable encryption privacy protection solution based on a vehicle network, data between a server and vehicle networking equipment is encrypted and transmitted, the server stores encrypted data and cannot check data information, and the privacy safety of a user is guaranteed; when the user side acquires data, encrypted searching is adopted. In the whole process, the data are in an encrypted state, so that the system safety of the whole Internet of vehicles is realized.
The embodiments described herein are merely illustrative of the present invention, and those skilled in the art can make modifications, additions or substitutions to the embodiments according to the actual situation without departing from the spirit of the invention or exceeding the scope of the claims.

Claims (3)

1. A searchable encryption privacy protection method based on the Internet of vehicles is characterized by comprising the following steps:
step 1: an encryption model based on the private data of the Internet of vehicles user is established, a user model verification mechanism is provided, and illegal users are prevented from using the system without verification; if the user verification fails for multiple times, recording the access information of the user, and forbidding the user to continue accessing; if the user passes the verification, the user is allowed to access;
step 2: according to the current network or system state of the user, formulating a safety evaluation standard, and marking the safety level of the user as 1 to 10 points; if the score is lower than 6, an unsafe state is fed back to the user; if the score is lower than 3, the user is prompted to only receive and send necessary basic data, and private data cannot be accessed, so that the privacy safety of the user is guaranteed;
and step 3: in key management of the Internet of vehicles, the vehicle-mounted equipment stores a PIN (personal identification number) and a private key of a user, and blocks storage by using a chip, so that the key is prevented from being leaked from a hardware end, and the safety of the user is guaranteed; for sensitive or private data in the Internet of vehicles, the vehicle-mounted equipment and the server can carry out safety check on the sensitive or private data, and the sensitive or private data are isolated and executed in a fixed area in the vehicle-mounted equipment, and are blocked by hardware, so that the risk of leakage is prevented;
and 4, step 4: the method comprises the steps that a searchable encryption strategy is adopted for user data in the Internet of vehicles system, namely all data of a user are encrypted and transmitted by using passwords stored in a hardware system and are stored in a server in a ciphertext mode, and the server does not store any key information; the server adopts an encryption search strategy for the user data, namely all data participate in the search in an encryption state and are transmitted back to the user in a ciphertext state;
and 5: all information sent to the user equipment by the server is encrypted according to the RSA public key corresponding to the ID of the vehicle-mounted equipment and is pushed to the user equipment; after receiving the data of the server, the vehicle-mounted equipment of the user decrypts the encrypted data by using a private key stored in the hardware equipment to realize the confidential transmission of the data;
step 6: the server adopts a safety monitoring mechanism, and when abnormal behavior is detected, the server processes according to the corresponding abnormality; when the server detects that the user guesses the attack by adopting the keywords, the server limits the behavior of the user and prevents the risk of unauthorized access; meanwhile, the abnormal behaviors of the user are early warned in time, and the private data of the Internet of vehicles is prevented from being revealed.
2. The internet of vehicles-based searchable encryption privacy protection method according to claim 1, wherein:
(1) in the user verification stage, comparing the current information state according to the record of the user stored in the system, if the user behavior is an abnormal state, reducing the current user safety score, and triggering a corresponding rule according to a safety evaluation standard; if the user behavior is normal and meets the safety evaluation standard, allowing the user to process the data on the server through the user equipment;
(2) when a user starts the vehicle-mounted equipment networking, the server comprehensively measures the safety score according to the feedback information condition, and all data can be requested in the server only when the score is more than 6 minutes; when the score is larger than 8 minutes, the personal privacy information of the user can be modified; when the user score is lower than 6 minutes, information is fed back to the user equipment to prompt risks, meanwhile, the operation of the user is limited, and only basic service is provided for the user; when the user score is lower than 3 minutes, the user operation is further limited, an access prohibition strategy is adopted for sensitive data of the user, only public data is provided for the user, and user information leakage is prevented;
(3) the key of the vehicle-mounted equipment is isolated and protected, the key is stored in a fixed area of the vehicle-mounted equipment, and only local access is allowed and network access is forbidden by adopting a hardware blocking mode; when the encrypted data are transmitted to the vehicle-mounted equipment, the data can call a secret key in a fixed area to carry out decryption operation, then the decrypted data are transmitted to the equipment to be used, the whole process is 'black box' operation, and therefore the secret key protection function is achieved;
(4) aiming at the processing of the privacy encrypted data, the vehicle-mounted equipment can decrypt and identify the data according to the fixed coding file header of the data, immediately transfers the data to an isolation region for operation when the data is identified as the privacy data in the decryption process, and performs secondary protection on the basis of a 'black box';
(5) the data request process in the Internet of vehicles is a server database search process, when the data in the Internet of vehicles is requested, the data are all in an encrypted state, and the server does not store a secret key; therefore, conventional search cannot be used, and an encrypted search strategy is required to be adopted, namely, data is searched in a ciphertext mode, and corresponding search ciphertext information is obtained according to an agreed rule or constraint relation, so that the aim of user privacy data interaction is fulfilled;
(6) public information pushed in the server is also encrypted, a corresponding RSA public key is selected according to the ID of the user, the public information is encrypted and transmitted, and meanwhile, two encryption strategies are applied, so that encryption identification or encryption guessing can be removed, and the aim of ciphertext confusion is achieved; after receiving the public information, the vehicle-mounted equipment calls an RSA private key stored in a fixed area to decrypt according to an agreed file header or rule, and the data reading work is completed;
(7) in the security monitoring of the server, the behavior of the user is analyzed, and the behavior of the user is restrained according to the score in the security evaluation standard; processing abnormal data or abnormal operation in time; aiming at keyword guessing attack, as all information is in a ciphertext form, meaningless operation of a user is monitored in time, the authority of the user is adjusted, and user information is prevented from being leaked.
3. The searchable encryption privacy protection system based on the internet of vehicles according to the searchable encryption privacy protection method based on the internet of vehicles as claimed in claim 1 or 2, wherein:
the system initialization module initializes a secret key, a PIN code, a private key of RSA, public parameters of a server, an RSA public key of the server and the like in a fixed area of the vehicle-mounted equipment;
the data encryption module is used for completing the encryption process of data in the vehicle-mounted equipment, realizing local encryption by using 128 bits of DES and uploading the data to the server side in a ciphertext mode; meanwhile, a fixed encrypted file header is agreed with the server to distinguish different data types, and the file header is encrypted by adopting an RSA public key published by the server; when the server pushes information to the vehicle-mounted equipment, the RSA public key corresponding to the vehicle-mounted equipment is obtained through the ID of the vehicle-mounted equipment to carry out public encryption and is sent to the specified vehicle-mounted equipment;
the server decrypts the file header according to the RSA private key of the server end, determines the data type, then stores the encrypted information into a designated server, and makes a correlation relationship, so that subsequent searching is facilitated; after receiving the data of the server, the vehicle-mounted equipment decrypts the file header through the RSA secret key stored in the fixed area, and determines whether the data is private data; if the data is common data, directly decrypting the data; if the private data is the private data, the security isolation area needs to be transferred for decryption protection;
the searchable encryption module is used for sending a data request by the vehicle-mounted equipment, the server side acquires a corresponding search encryption key ciphertext according to the data request of the user, finds the associated information corresponding to the user through ciphertext search and returns the associated information to the vehicle-mounted equipment for processing; meanwhile, the server side can record the searching condition of the user and prevent keyword attack;
the server evaluates the safety index of the user according to the system condition of the user, and performs corresponding processing according to the corresponding safety level to prevent user information from being leaked;
the server side of the car networking safety monitoring module can monitor the request information of the user according to the user flow, prevent keyword attack, limit the access authority of the user according to the safety evaluation information, implement the behavior of the monitoring user and guarantee the safety of the car networking system.
CN202011424426.1A 2020-12-09 2020-12-09 Searchable encryption privacy protection method and system based on Internet of vehicles Active CN112468995B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011424426.1A CN112468995B (en) 2020-12-09 2020-12-09 Searchable encryption privacy protection method and system based on Internet of vehicles

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011424426.1A CN112468995B (en) 2020-12-09 2020-12-09 Searchable encryption privacy protection method and system based on Internet of vehicles

Publications (2)

Publication Number Publication Date
CN112468995A CN112468995A (en) 2021-03-09
CN112468995B true CN112468995B (en) 2022-05-27

Family

ID=74801011

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011424426.1A Active CN112468995B (en) 2020-12-09 2020-12-09 Searchable encryption privacy protection method and system based on Internet of vehicles

Country Status (1)

Country Link
CN (1) CN112468995B (en)

Families Citing this family (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112883407B (en) * 2021-04-04 2022-05-24 湖南科技学院 Privacy data full life cycle protection method and system based on Internet of vehicles
CN113472757B (en) * 2021-06-18 2022-06-24 上汽通用五菱汽车股份有限公司 Vehicle data processing method, processing platform and readable storage medium
CN113515812A (en) * 2021-07-09 2021-10-19 东软睿驰汽车技术(沈阳)有限公司 Automatic driving method, device, processing equipment and storage medium
CN115147956A (en) * 2022-06-29 2022-10-04 中国第一汽车股份有限公司 Data processing method and device, electronic equipment and storage medium
CN115065561B (en) * 2022-08-17 2022-11-18 深圳市乙辰科技股份有限公司 Information interaction method and system based on database data storage
CN116476757A (en) * 2023-03-23 2023-07-25 小米汽车科技有限公司 Equipment control method, device, vehicle and storage medium
CN116599774B (en) * 2023-07-17 2023-09-15 交通运输部公路科学研究所 Encryption chip for information security and data protection of Internet of vehicles

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009037468A (en) * 2007-08-02 2009-02-19 Hitachi Information & Communication Engineering Ltd Vehicle detection system and method
CN102882687A (en) * 2012-10-19 2013-01-16 杭州尚思科技有限公司 Intelligent household safe access method and system based on searchable cipher text
CN108345802A (en) * 2018-02-11 2018-07-31 西安电子科技大学 Join safe and efficient cipher text retrieval method, the onboard system of cloud system based on vehicle
CN110392038A (en) * 2019-06-03 2019-10-29 西安电子科技大学 The multi-key cipher that can verify that under a kind of multi-user scene can search for encryption method

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10602360B2 (en) * 2017-04-05 2020-03-24 International Business Machines Corporation Secure mobile device integration with vehicles
CN110996301B (en) * 2019-11-28 2022-12-16 江苏大学 Human-vehicle interaction system design and implementation method based on zero-knowledge identity authentication

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2009037468A (en) * 2007-08-02 2009-02-19 Hitachi Information & Communication Engineering Ltd Vehicle detection system and method
CN102882687A (en) * 2012-10-19 2013-01-16 杭州尚思科技有限公司 Intelligent household safe access method and system based on searchable cipher text
CN108345802A (en) * 2018-02-11 2018-07-31 西安电子科技大学 Join safe and efficient cipher text retrieval method, the onboard system of cloud system based on vehicle
CN110392038A (en) * 2019-06-03 2019-10-29 西安电子科技大学 The multi-key cipher that can verify that under a kind of multi-user scene can search for encryption method

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
Vehicular cloud network and information security mechanisms;Hsin-Te Wu et al.;《2016 International Conference on Advanced Materials for Science and Engineering (ICAMSE)》;20170206;全文 *
基于可搜索加密的区块链数据隐私保护机制;刘格昌等;《计算机应用》;20191230;全文 *
物联网环境下的访问控制技术探析;罗洪等;《西南民族大学学报(自然科学版)》;20161125(第06期);全文 *
车联网信息安全的威胁及防护策略;许彩霞;《信息通信》;20180715(第07期);全文 *

Also Published As

Publication number Publication date
CN112468995A (en) 2021-03-09

Similar Documents

Publication Publication Date Title
CN112468995B (en) Searchable encryption privacy protection method and system based on Internet of vehicles
EP2347365B1 (en) Method for securely communicating information about the location of a compromised computing device
KR101252707B1 (en) Method and apparatus for detecting unauthorized access to a computing device and securely communicating information about such unauthorized access
US5557765A (en) System and method for data recovery
CN106302328A (en) Sensitive user data processing system and method
CN105959648A (en) Encryption method and device, and video monitoring system
CN117113199A (en) File security management system and method based on artificial intelligence
CN108900595B (en) Method, device and equipment for accessing data of cloud storage server and computing medium
CN110378135A (en) Intimacy protection system and method based on big data analysis and trust computing
CN110912857B (en) Method and storage medium for sharing login between mobile applications
CN113949591B (en) Data encryption protection method and system based on block chain
US20010048747A1 (en) Method and device for implementing secured data transmission in a networked environment
CN113411397A (en) Data secure transmission method and system based on Internet of things
KR100243347B1 (en) Computer password protection method
CN114157535B (en) Double-responsibility chain micro-service gateway system and processing method thereof
Nurkifli et al. Computer and Information Sciences
CN117349881A (en) Privacy data protection method, device, equipment and readable storage medium
CN117479152A (en) Vehicle machine debugging method, server, vehicle machine equipment and computer readable storage medium
CN114218559A (en) Big data security protection method and system
CN118018334A (en) Internet trusted data communication method and system
CN116781354A (en) Data anti-searching method and device based on network storage unidirectional transmission isolation
JP4636584B2 (en) Information leakage prevention system
CN117951729A (en) Anti-leakage safety prevention and control system for data management
Caelli et al. Implementation of key escrow with key vectors to minimise potential misuse of key
Kasimov et al. Wireless networks and information security

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right

Effective date of registration: 20230731

Address after: 230000 floor 1, building 2, phase I, e-commerce Park, Jinggang Road, Shushan Economic Development Zone, Hefei City, Anhui Province

Patentee after: Dragon totem Technology (Hefei) Co.,Ltd.

Address before: 425199 130 Yang Zi Tang Road, Lingling District, Yongzhou, Hunan.

Patentee before: HUNAN University OF SCIENCE AND ENGINEERING

Effective date of registration: 20230731

Address after: 230000 b-1018, Woye Garden commercial office building, 81 Ganquan Road, Shushan District, Hefei City, Anhui Province

Patentee after: HEFEI WISDOM DRAGON MACHINERY DESIGN Co.,Ltd.

Address before: 230000 floor 1, building 2, phase I, e-commerce Park, Jinggang Road, Shushan Economic Development Zone, Hefei City, Anhui Province

Patentee before: Dragon totem Technology (Hefei) Co.,Ltd.

TR01 Transfer of patent right