| The traditional static communication method in the car is difficult to solve the bandwidth and speed requirements of emerging technologies such as Advanced Driving Assistance System(ADAS),Over-The-Air Technology(OTA),and smart cockpit.Automotive electronics are changing from distributed communication to centralized,and business needs to be completed with centralized local functions.As a result,the design concept of Service-Oriented Architecture(SOA)and automotive Ethernet have been introduced into smart cars to provide more flexible and convenient communication and service methods for the Internet of Vehicles.Different from traditional electronics,SOA provides a loosely coupled and easily extensible service mechanism through standardized service interfaces,and provides more user-friendly functions and services for automotive software.In-vehicle Ethernet provides a platform for high-speed data transmission for SOA,making it possible to make in-vehicle software SOA possible.However,in the early stage of the design of automotive SOA,many security issues need to be considered,such as information encryption and integrity protection,identity authentication,access control and so on.Aiming at the security risks of unauthorized access in automotive SOA,a flexible distributed access control architecture based on the distributed access control standard ISO/IEC 10181-3 is designed to provide security protection for in-vehicle application services.The main contributions include: 1.Analyzed the security flaws in SOME/IP(SOA message middleware),such as the two parties in communication are not authenticated,the message is not encrypted,and there is no integrity protection.On the basis of SOME/IP protocol,a message middleware "SE-SOME/IP(Security Expended SOME/IP,SE-SOME/IP)with more perfect security is designed by using attribute-based access control(ABAC)model.".SE-SOME/IP is designed from the key negotiation,identity authentication,and signature verification of the handshake process between the two parties,and has made necessary preparations for the secure transmission of messages.In the process of message transmission,SE-SOME/IP can transmit encrypted messages,thereby avoiding message leakage,and providing message integrity check and replay attack protection.In addition,SE-SOME/IP can transmit access control packets,and the system can perform authorization calculation according to the access policy of the requested service.2.The system uses a hierarchical service management method to facilitate service management and update.A two-level access control hierarchy is adopted,and the first-level access control is in the service release stage to control the scope of service discovery and reduce the amount of unnecessary requests.Secondary access control uses ABAC’s access policy for more fine-grained access control.3.The designed system satisfies the distributed access control standard,and can generate a policy language suitable for on-board equipment for the system to do authorization calculation.In order to speed up the calculation results,the Access Vector Cache(AVC)is introduced.AVC can record the results of access requests and speed up access control calculations.Experiments have also confirmed the effect of this mechanism. |
PDF Full Text Request