Liu Yanbing

Bio: Liu Yanbing is an academic researcher. The author has contributed to research in topics: Encryption & Authentication. The author has an hindex of 4, co-authored 4 publications receiving 41 citations.

Strong privacy protection dual authentication method based on node identities and reputations in Internet of vehicles

Abstract: The invention discloses a strong privacy protection dual authentication method based on node identities and reputations in Internet of vehicles. A user registers with an authentication center to obtain unique secret information shared with the authentication center; the user stores vehicle node initialization parameter information into a TPM security storage area; when the user expects interaction between vehicle applications on vehicle nodes and a background application server, the user needs to input identity information and an authentication process of the vehicle nodes and a background is executed by TA; the authentication process is as follows: a temporary encryption key with the TA is established to carry out symmetrical encryption transmission on the information through a bilinear pairing principle, the TA carries out integrity and consistency detection on the received information, verifies legality of real and temporary identities of the vehicle nodes and calls an ES to compute the node reputation, if the identities of the vehicle nodes are legal finally and the reputations exceed a threshold, the authentication of communication between the vehicle nodes and the background is completed. According to the method, the authentication security is enhanced, the identity privacy and the trajectory privacy of the user are protected, the authentication efficiency is improved and the authentication time delay is reduced.

Internet of vehicles security authentication device and method

Abstract: The invention discloses an Internet of vehicles security authentication device and method. The method comprises the following steps of organically combining traditional cryptography authentication service with a trust evaluation mechanism, realizing the traditional cryptography authentication service and the trust evaluation mechanism according to an interface provided by an authentication performance device, mounting the traditional cryptography authentication service and the trust evaluation mechanism to the device, externally providing call service through a uniform interface of the device, and shielding realization details of various complex authentication algorithms; deploying a trusted embedded security module on a vehicle node in a sensing layer, thereby providing security capability, and modularizing an encryption algorithm of the sensing layer; establishing an authentication system integrated with a trusted terminal, a cryptography authentication method and the trust evaluation system; and matching and evaluating a high-security trusted evidence factor provided by a bottom sensing layer and providing authentication decision basis for an upper traffic information service platform.

System and method for controlling untrusted resource transmission in Internet of vehicles

Abstract: The invention requests to protect a system and method for controlling untrusted resource transmission in Internet of vehicles. The method comprises the following steps: designing an access control strategy and a node trust value calculation method for nodes of a resource output vehicle, limiting fixed attributes and dynamic attributes of the resource output vehicle, and dynamically generating a fine-grained access control strategy according to the traveling track of the vehicle to ensure that the access control strategy has better extensibility and flexibility. Thereby, the anonymous directional transmission of messages can be achieved, the waste of resources can be reduced, and the identity privacy of communication vehicles can be effectively protected; the calculation of node trust values can guarantee the trust degree of resource communicators and meet the security and privacy requirements of security related messages in Internet of vehicles; and malicious nodes can be effectively identified, and the injection of malicious resources and the transmission of untrusted resources can be prevented. The method disclosed by the invention can be widely applied to the related fields of mobile Internet, wireless sensor network and the like.

Privacy protection system and method for Internet of Vehicles

Abstract: The present invention provides a privacy protection system and method for the Internet of Vehicles. Implementation of the method requires the following modules: an encryption region discovery module, a renaming interval calculation module, and a pseudonym changing implementation module. The method comprises: firstly, defining user interest points on a road network, discovering a place where interest points are dense by performing clustering analysis on the interest points on the road network by means of a machine learning cluster according to a current road network condition in conjunction with data mining knowledge, and using the region as an encryption region of vehicle renaming; collecting and parameterizing location privacy protection needs of an owner of a vehicle and a driving destination of the vehicle, calculating a renaming interval that meets user needs by means of a statistical function, and using the interval as a criterion for determining whether to assign a pseudonym to the vehicle; and finally, assigning the pseudonym to the vehicle meeting the renaming criterion in the encryption region to achieve location privacy protection of the vehicle. The method of the present invention provides personalized privacy protection for vehicle owners, and reduces the probability of success of an attacker in stealing privacy of the vehicle owners.

a vehicle networking architecture based on block chain and a working method thereof

Abstract: The invention discloses a vehicle networking structure based on a block chain and a working method thereof. The vehicle networking structure comprises an interconnected vehicle entity, a vehicle-mounted unit OBU, a roadside unit RSU, a core network and a block chain network. It has the typical characteristics of decentralization, distribution, collective maintenance and incapability of tampering.It can effectively solve the problem of centralization of traditional vehicle networking architecture and mutual distrust between entities. At that same time, the invention provides an undirected graph generation method, an identity privacy protection method and a location privacy protection method when the beacon information is uploaded by a vehicle, thereby solving the problem of identity and location privacy disclosure of a vehicle networking architecture based on a block chain.

Internet of vehicles security authentication device and method

Abstract: The invention discloses an Internet of vehicles security authentication device and method. The method comprises the following steps of organically combining traditional cryptography authentication service with a trust evaluation mechanism, realizing the traditional cryptography authentication service and the trust evaluation mechanism according to an interface provided by an authentication performance device, mounting the traditional cryptography authentication service and the trust evaluation mechanism to the device, externally providing call service through a uniform interface of the device, and shielding realization details of various complex authentication algorithms; deploying a trusted embedded security module on a vehicle node in a sensing layer, thereby providing security capability, and modularizing an encryption algorithm of the sensing layer; establishing an authentication system integrated with a trusted terminal, a cryptography authentication method and the trust evaluation system; and matching and evaluating a high-security trusted evidence factor provided by a bottom sensing layer and providing authentication decision basis for an upper traffic information service platform.

Network connection automobile remote anonymous issuing and verifying communication system and method

Abstract: The invention relates to a network connection automobile remote anonymous issuing and verifying communication system, comprising a certifying party: for the automobile, comprising a Host part and a TPM (or TCM) chip part, a DAA certificate of the certifying party being used for realizing the anonymity of the automobile, so as to protect the identity and data privacy of the automobile driver in thecloud service; Issuer: an entity that signs a certifier's DAA when it requests a remote service and generates a certifier's DAA certificate; Verifier: used to provide remote service, whose certificate is real name certificate, and the certificate satisfies X.509 format. When providing service, the authenticity and platform integrity of anonymous automobile need to be verified first, and then encrypted by session key to transmit data to automobile to provide service. Compared with the prior art, the invention has the advantages of safety, rapidity, high communication efficiency and the like.

System and method for controlling untrusted resource transmission in Internet of vehicles

Abstract: The invention requests to protect a system and method for controlling untrusted resource transmission in Internet of vehicles. The method comprises the following steps: designing an access control strategy and a node trust value calculation method for nodes of a resource output vehicle, limiting fixed attributes and dynamic attributes of the resource output vehicle, and dynamically generating a fine-grained access control strategy according to the traveling track of the vehicle to ensure that the access control strategy has better extensibility and flexibility. Thereby, the anonymous directional transmission of messages can be achieved, the waste of resources can be reduced, and the identity privacy of communication vehicles can be effectively protected; the calculation of node trust values can guarantee the trust degree of resource communicators and meet the security and privacy requirements of security related messages in Internet of vehicles; and malicious nodes can be effectively identified, and the injection of malicious resources and the transmission of untrusted resources can be prevented. The method disclosed by the invention can be widely applied to the related fields of mobile Internet, wireless sensor network and the like.

Vehicle-inside one-time-one-password communication method based on ECU identity concealment

Abstract: The invention discloses a vehicle-inside one-time-one-password communication method based on ECU identity concealment. The method comprises the following steps: 1) creating a system model; 2) prior to the one-time-one-ciphering by ECU, registering information in the gateway database; 3) using the operation behaviors to the vehicle by the intelligent ECU as the media to generate a coupling effect between vehicle mounted power supply systems so that the vehicle mounted power supply voltage change possess the Markov characteristics and that a true random number is generated to serve as the session key; 4) updating in a fixed time the session key between the ECUs in need of communication so as to prevent replay attacks; and 5) according to the obtained session key, using the attributes of the ECU in the database, creating one-time-one-ciphering data communications based on the ECU ciphered text attributes to ensure the secure communications of ECU inside the vehicle. According to the invention, through the utilization of the stochastic behavior of the power supply voltage inside the vehicle to generate a session key, it is possible to effectively avoid the problem with the tampering and the forgery of information. Through the combination of the vehicle speed unit with the steering wheel, the 500ms cycle dynamic state generates the vehicle speed and serves as the session key for the ECU in order to prevent relay attacks.