| 摘要: |
| 随着汽车智能化、网联化程度的不断加深,车辆、用户及第三方机构之间的数据共享日益成为刚需,由车辆、用户、路边单元等通信实体之间构建的网络车联网应运而生,而车联网的高移动性和网络拓扑多变性使其更容易遭受攻击,进而导致严重的车联网用户隐私泄露问题。如何平衡数据共享和隐私保护之间的关系成为车联网产业发展所面临的一个关键挑战。近年来,学术界针对车联网隐私保护问题进行了深入的研究,并提出了一系列解决方案,然而,目前缺少对这些方案从隐私属性方面进行分析。为此,本文首先从车联网的系统架构、通信场景及标准进行阐述。然后对车联网隐私保护的需求、攻击模型及隐私度量方法进行分析与总结。在此基础上从车联网身份隐私、匿名认证位置隐私和车联网位置服务隐私三个方面出发,介绍了匿名认证、假名变更、同态加密、不经意传输等技术对保护车联网用户隐私起到的重要作用,并讨论了方案的基本原理及代表性实现方法,将方案的隐私性从不可链接性、假名性、匿名性、不可检测性、不可观察性几个方面进行了分析与总结。最后探讨了车联网隐私保护技术当前面临的挑战及进一步研究方向,并提出了去中心化的车辆身份隐私技术以保护车辆身份隐私、自适应假名变更技术以支持匿名认证、满足个性化隐私需求的位置服务隐私保护技术,以期望进一步推动车联网隐私保护技术研究的发展与应用。 |
| 关键词: 隐私保护 车联网 匿名认证 假名变更 位置服务 |
| DOI:10.19363/J.cnki.cn10-1380/tn.2024.03.01 |
| Received:May 10, 2022Revised:August 28, 2022 |
| 基金项目:本课题得到了国家重点研发计划(No.2018YFE0126000)、国家自然科学基金(No.61972050)资助。 |
|
| Research on Privacy Protection Technology of IoV |
| LI Ruiqin,HU Xiaoya,ZHANG Juyuan,WANG Licheng |
| Department of Information Security Center, State Key Laboratory of Networking and Switching Technology, Beijing University of Posts and Telecommunications, Beijing 100876, China |
| Abstract: |
| With the deepening of vehicle intelligence and network connectivity, data sharing among vehicles, users, and third-party organizations have become an urgent need, and the Internet of Vehicles built by vehicles, users, roadside units, and other communication entities has emerged, while the high mobility and network topology variability of the Internet of Vehicles makes it more vulnerable to attacks, which leads to serious privacy leakage problems of the Internet of Vehicles users. How to balance the relationship between data sharing and privacy protection has become a key challenge for the development of the Internet of Vehicles industry. In recent years, academics have conducted in-depth research on the privacy protection of the Internet of Vehicles and proposed a series of solutions. However, there is a lack of analysis of these schemes in terms of privacy properties. For this reason, this paper first describes the system architecture, communication scenarios, and standards of the Internet of Vehicles. Then the requirements, attack models, and privacy metrics of the Internet of Vehicles privacy protection are analyzed and summarized. And on this basis, from three aspects of the Internet of Vehicles identity privacy, anonymous authentication location privacy and Internet of Vehicles location service privacy, we introduce the important role played by anonymous authentication, pseudonym change, homomorphic encryption, inadvertent transmission, and other techniques to protect the privacy of the Internet of Vehicles users. The basic principles and representative implementation methods of the scheme are also discussed, and the privacy of the scheme is analyzed and summarized in terms of unlinkability, pseudonymity, anonymity, undetectability, and unobservability. Finally, the current challenges and further research directions of the Internet of Vehicles privacy protection technology are discussed, and decentralized vehicle identity privacy technology to protect vehicle identity privacy, adaptive pseudonym change technology to support anonymous authentication, and location service privacy protection technology to meet personalized privacy needs are proposed in the hope of further promoting the development and application of Internet of Vehicles privacy protection technology research. |
| Key words: privacy protection internet of vehicles anonymous authentication pseudonym change LBS |
