laitimes

Gaohe suspected of sharing recorder information? How to ensure the security and privacy of the Internet of Vehicles?

On the evening of May 6, a domestic auto self-media person released a test video on the social platform, saying that the HiPhi X driving recorder function of the Gaohe car he drove could receive real-time picture information of the driving recorder of other Gaohe vehicles, and there was an information security risk.

In the video, after the operator enters the dashcam page, clicks on a function that is later learned to be called "car-car interconnection", and then a new list appears on the screen, showing the avatar, nickname, distance and other information of other car owners; not only that, after the user clicks on a user account, through the network signal transmission, you can see the current dashcam image of his vehicle.

After the incident was exposed, the network response was strong. Previously, there were suspected government departments that banned a foreign brand of electric vehicles from entering, and the existing Gaohe Automobile remotely monitored suspected information leakage, and the sensitive nerves of smart car users were constantly damaged.

However, soon, Gaohe Automobile issued a statement on the function of "vehicle-vehicle interconnection": the company attaches great importance to information and data security and user privacy protection, always strictly abides by the provisions of the state and local departments on information and data security, and the user data security meets the relevant laws and regulations of the national information security management.

The statement said that this function belongs to the fleet travel, vehicle road coordination system is part of the default when leaving the factory, the user needs to open the function options in the settings after the vehicle is powered on, and through the secondary confirmation of the privacy clause pop-up window can be opened. This function cannot be activated after the vehicle is powered down and cannot be turned on remotely. In addition, this feature is being updated according to the latest national legal requirements.

Although the statement proves the legitimacy of the relevant function from the current point of view, the concerns and doubts arising from it have not subsided. In today's industry where the concept of "Internet of Vehicles" is on fire, how should the information security and privacy protection of each user be guaranteed?

An indispensable part of the Internet of Vehicles is the collection of information on the connected car terminals. The collection of personal information in mainland China needs to follow the three principles of "informed consent", "minimum necessity" and "purpose limitation", and the security system of the Internet of Vehicles needs to meet the three aspects of confidentiality (non-authorized users cannot obtain valid information), authentication (the sender and receiver of information are legal subjects), and integrity (data cannot be tampered with) under the condition of ensuring the legalization of information collection.

In this way, from the perspective of automobile research and development, it is necessary for car companies to load a set of excellent password algorithms for vehicles to ensure that information is not illegally obtained, not tampered with, not counterfeited, and resist other attacks, etc.; but for the characteristics of vehicles that can drive at high speeds, it will also require that the algorithm running is efficient and lightweight, otherwise the vehicle is far away, the authentication algorithm has not been executed, and the system has not yet provided communication services, which requires the beginning of considering the scope of "driving safety".

The privacy protection of the Internet of Vehicles information is mainly concentrated in the privacy protection of the Internet of Vehicles path planning and the privacy protection in the release of the trajectory. Remote monitoring of the dashcam screen, as mentioned at the beginning, belongs to the category of trajectory release. Trajectory data is closely related to people's lives. A two-piece trajectory data only involves the privacy of travelers, and massive trajectory data involves national security. Some people may say: if all this data is sealed and not opened to the outside world, is there no risk of data leakage?

From the perspective of information value and data analysis development, such an idea is actually not valid. Because data is an important resource, only publishing and sharing can create greater value, provided that it is privately processed or desensitized.

At present, there are four more mature schemes for the protection of privacy information: k-anonymization scheme: generalization of the attributes that identify the user, so that the real trajectory cannot be distinguished from other trajectories; trajectory suppression scheme: do not send information that may expose the user's privacy, so as to achieve the purpose of protecting the user's real trajectory; differential privacy scheme: add noise disturbance sensitive data, while distorting some data, maintain its statistical nature False trajectory scheme: Generate several false trajectories for the real trajectory to reduce the chance of real trajectory exposure.

In the above four cases, the privacy is not leaked from the release stage, but the platform can grasp a large number of raw undressed data, and once these data centers have problems, they will cause countless unpredictable consequences. Therefore, it is feasible to privateize the data before uploading it to the platform, and then send it out, whether it is an intermediate node or the final data center, the original data cannot be obtained.

However, relying solely on the privacy algorithms of car companies is not completely safe and trustworthy, and it also requires unified management and trust evaluation of all systems used at the factory. Among the management and evaluation mechanisms that are widely used at present, the blockchain is mainly used as the basis for implementation.

In the blockchain, each intelligent networked car will initially become an undifferentiated node, after verification with neighboring nodes and model risk assessment, the system will generate a rating for each source vehicle, which vehicles can be identified as potential attackers with malicious behavior, and other vehicle information in the protected area block is not tracked and illegally obtained.

summary

In recent years, with the continuous development of intelligent networked vehicles, car companies have also developed many in-vehicle functions with high social attributes similar to fleet peers and car group groups.

But in addition to enjoying the novelty and convenience brought to us by these new features, users may want to know more: how much can the car company have to ensure that our information and privacy are not infringed; and whether the car company has the ulterior behavior of "repairing the boardwalk and crossing the Chen cang"?

The author of this article is Kick Car Gang Ning Island

Read on