汽车工程 ›› 2023, Vol. 45 ›› Issue (9): 1626-1636.doi: 10.19562/j.chinasae.qcgc.2023.09.011

所属专题: 智能网联汽车技术专题-控制2023年

• • 上一篇    下一篇

基于服务的多域电子电气架构安全访问控制

杨震宇1,罗峰1(),王子通1,任毅1,张晓先2   

  1. 1.同济大学汽车学院,上海 201804
    2.普华基础软件股份有限公司,上海 200125
  • 收稿日期:2023-05-06 出版日期:2023-09-25 发布日期:2023-09-23
  • 通讯作者: 罗峰 E-mail:luo_feng@tongji.edu.cn
  • 基金资助:
    上海市浦东新区科技发展基金产学研专项(未来车)(PKX2022-W01);国家大学生创新创业训练计划项目(H1005CN22232184)

Security Access Control for Service-Oriented Multi-domain Electrical and Electronic Architecture

Zhenyu Yang1,Feng Luo1(),Zitong Wang1,Yi Ren1,Xiaoxian Zhang2   

  1. 1.School of Automotive Studies,Tongji University,Shanghai 201804
    2.ISOFT Infrastructure Software Co. ,Ltd. ,Shanghai 200125
  • Received:2023-05-06 Online:2023-09-25 Published:2023-09-23
  • Contact: Feng Luo E-mail:luo_feng@tongji.edu.cn

摘要:

在面向服务的多域电子电气架构下,大量的异构服务被部署在车内,用于自主驾驶、安全、舒适和远程诊断等目的。随着与外界交互的增多,车载网络存在递增的安全风险。本文提出了一种安全访问控制机制,以防止车内域控制器受到未经认证和授权的访问请求。首先,文中基于智能网联汽车的安全需求分析,提出了一个基于属性的访问控制的访问控制架构,该架构不仅支持细粒度和灵活的授权还支持基于逐流过滤与监测的在线权限检测。其次,用一个五元组给出形式化的访问控制模型,该模型用数学方法描述了主体、客体、策略和请求,并提出了一个基于哈希的策略评估引擎。最后,安全访问序列通过会话建立和安全通信保证了访问控制过程中的机密性、完整性和可用性。

关键词: 访问控制, SOME/IP, 多域电子电气架构, 安全协议

Abstract:

Under the service-oriented multi-domain electrical and electronic architecture, a large number of heterogeneous services are deployed in the vehicle for purposes such as autonomous driving, safety, comfort, and remote diagnosis. With the increasing interaction with the outside world, there are incremental security risks in the in-vehicle network. In this paper, a secure access control mechanism is proposed to prevent unauthenticated and unauthorized access requests to the in-vehicle domain controllers. Firstly, an access control architecture for attribute-based access control is proposed based on the analysis of security requirements of intelligent connected vehicle, which supports not only fine-grained and flexible authorization but also online permission detection based on per-stream filtering and policing. Secondly, a formal access control model is given in terms of a five-tuple, which mathematically describes the subject, object, policy and request, and proposes a hash-based policy evaluation engine. Finally, the secure access sequence guarantees confidentiality, integrity and availability of the access control process through session establishment and secure communication.

Key words: access control, SOME/IP, multi-domain EEA, security protocol