| 一种新型C-V2X车联网终端初始安全配置方案 |
| |
| 引用本文: | 田野,粟栗. 一种新型C-V2X车联网终端初始安全配置方案[J]. 电信工程技术与标准化, 2020, 0(5): 59-64 |
| |
| 作者姓名: | 田野 粟栗 |
| |
| 作者单位: | 中国移动通信有限公司研究院,中国移动通信有限公司研究院 |
| |
| 摘 要: | 在终端上安全部署数字证书是基于PKI的C-V2X直连通信安全机制发挥作用的先决条件。针对传统离线灌装方法成本高的缺点,本文提出一种基于4G/5G网络GBA开放安全能力的新型C-V2X终端初始安全配置方案。利用USIM在用户标识、根密钥、GBA能力及硬件安全环境方面的固有优势,V2X终端能够在最初阶段通过4G/5G网络与CA中心实现双向身份认证并建立安全连接,随后在线申请数字证书,自主完成安全初始化。该方案可避免生产线安全环境的升级改造,极大地降低企业C-V2X技术引入成本,具有简单有效、安全可靠、兼容性好、成熟度高和扩展性强的特点。
|
| 关 键 词: | 物联网 车联网 安全 安全配置 |
| 收稿时间: | 2019-12-13 |
| 修稿时间: | 2020-02-13 |
A novel initial security configuration solution for C-V2X devices |
| |
| Tian Ye and Su Li. A novel initial security configuration solution for C-V2X devices[J]. Telecom Engineering Technics and Standardization, 2020, 0(5): 59-64 |
| |
| Authors: | Tian Ye and Su Li |
| |
| Affiliation: | China Mobile Research Institute,China Mobile Research Institute |
| |
| Abstract: | To overcome the shortcoming of high cost of traditional out-band injection method, a novel initial security configuration solution based on GBA security capability exposed by 4G/5G cellular network is proposed for C-V2X devices in this paper. By taking USIM"s inherent advantages in user identity, root key, GBA capability and hardware security environment, V2X devices at very beginning stage can mutually authenticate and establish secure connection with certificate authorization center through 4G/5G network, then apply for certificates online and implement security self-initialization. It helps to avoid security environment upgrade in production lines and reduce C-V2X technology introduction cost for enterprise greatly. Besides, it also has the characteristics of simple and effective, safe and reliable, good compatibility, high maturity and strong expansibility. |
| |
| Keywords: | internet of things C-V2X security security confi guration |
| 本文献已被 维普 等数据库收录! |
| 点击此处可从《电信工程技术与标准化》浏览原始摘要信息 |
|
点击此处可从《电信工程技术与标准化》下载免费的PDF全文 |
|
