CN-122001624-A - Data hierarchical sharing interface device and method in three-level cloud architecture of vehicle-road cloud

Abstract

The invention provides a data hierarchical sharing interface device and a method in a three-level cloud architecture of a vehicle-road cloud, belonging to the technical field of data security, wherein the device comprises an authority control module, a data access module and a data processing module, wherein the authority control module is used for receiving a data access request and authenticating the request based on a preset three-level authority matrix, and the three-level authority matrix is used for defining the data access ranges of an edge cloud, an area cloud and a center cloud; the system comprises a format conversion module for carrying out format conversion on the authenticated data and dynamically adjusting the data compression ratio based on the real-time network bandwidth, and a protocol interaction module for transmitting the data subjected to format conversion and compression through a request-response-acknowledgement mechanism based on the MQTT-SN protocol. The invention improves the safety and reliability of data access, optimizes the data transmission efficiency, and meets the high requirements of application scenes such as vehicle-road coordination, intelligent traffic and the like on the safety, instantaneity and reliability of the data.

Inventors

• XIA YUN

Assignees

• 东风汽车集团股份有限公司

Dates

Publication Date

20260508

Application Date

20260107

Claims (10)

1. 1. The data grading sharing interface device in the three-level cloud architecture of the vehicle-road cloud is characterized by comprising a right control module, a format conversion module and a protocol interaction module which are connected in sequence; The right control module is used for receiving a data access request and authenticating the request based on a preset three-level right matrix, wherein the three-level right matrix is used for defining the data access ranges of an edge cloud, an area cloud and a center cloud; The format conversion module is used for carrying out format conversion on the authenticated data and dynamically adjusting the data compression ratio based on the real-time network bandwidth; the protocol interaction module is used for transmitting the data subjected to format conversion and compression through a request-response-acknowledgement mechanism based on the MQTT-SN protocol.
2. 2. The apparatus of claim 1, wherein the entitlement control module comprises: The right storage unit is used for storing the three-level right matrix, wherein the edge cloud right is identified as L1 and only allows access to basic road condition data, the regional cloud right is identified as L2 and allows access to regional level statistical data, and the center cloud right is identified as L3 and allows access to full data; the request processing unit is used for receiving the data access request and authenticating the data access request based on the three-level authority matrix stored in the authority storage unit; And the blockchain storage unit is used for carrying out consensus verification on the authority change request when receiving the authority change request, and writing a verification passing change result into the blockchain so as to update the three-level authority matrix stored in the authority storage unit.
3. 3. The apparatus of claim 2, wherein the request processing unit is further configured to: monitoring the frequency of the data access requests; and when the frequency of the data access request is detected to exceed a preset threshold, automatically generating an authority change request and sending the authority change request to the blockchain certification unit.
4. 4. The apparatus of claim 2, wherein the blockchain certification unit writes a blockchain rights change record including a requestor identification, a pre-change rights identification, a post-change rights identification, a timestamp, and a consensus node digital signature.
5. 5. The apparatus of claim 1, wherein the format conversion module comprises: a format conversion unit for converting the authenticated data between JSON, protobuf and XML format; the compression adjusting unit is used for dynamically adjusting the data compression ratio based on the real-time network bandwidth; wherein the compression adjustment unit includes: a bandwidth prediction subunit, configured to predict a future network bandwidth based on the neural network; the compression ratio control subunit is used for dynamically adjusting the compression ratio according to the predicted bandwidth, adjusting the data compression ratio to a first target value when the predicted bandwidth is lower than a first preset threshold value, and adjusting the data compression ratio to a second target value when the predicted bandwidth is higher than a second preset threshold value, wherein the first target value is larger than the second target value.
6. 6. The apparatus of claim 5, wherein the compression ratio control subunit is configured to: compressing the structured data by adopting an LZ77 algorithm; unstructured data is compressed using WebP codes.
7. 7. The apparatus of claim 1, wherein the protocol interaction module comprises: the system comprises a receiving end, a handshake control unit, a receiving end, a handshake control unit and a handshake control unit, wherein the receiving end is used for receiving and verifying a response frame which is returned by the receiving end and contains the same frame identifier; the heartbeat regulating unit is used for monitoring network quality parameters and dynamically regulating the sending interval of the heartbeat packet based on the network quality parameters, wherein the sending interval is shortened when the network packet loss rate is higher than a first preset threshold value, and the sending interval is prolonged when the network packet loss rate is lower than a second preset threshold value; and the retransmission control unit is used for controlling the handshake control unit to retransmit the data frame if the response frame is not received within the preset time, and the retransmission time interval is increased along with the retransmission times.
8. 8. The apparatus of claim 7, wherein the data frame sent by the handshake control unit further comprises an emergency identification bit, the handshake control unit being configured to prioritize processing of the data frame when the emergency identification bit is a preset value.
9. 9. The apparatus of claim 1, wherein the apparatus employs a distributed deployment architecture, comprising: An edge side deployment unit for deployment in an edge cloud, comprising a high performance embedded processor and a wireless communication module; An area side deployment unit for deployment in an area cloud comprising a server-level processor cluster and a high-speed network interface; The central side deployment unit is used for being deployed in a central cloud and comprises blockchain nodes and a distributed storage system.
10. 10. A data hierarchical sharing method based on a three-level cloud architecture of a vehicle road cloud, which is applied to the data hierarchical sharing interface device according to any one of claims 1 to 9, and comprises the following steps: receiving a data access request through an authority control module, and authenticating the request based on a preset three-level authority matrix, wherein the three-level authority matrix is used for defining the data access ranges of an edge cloud, an area cloud and a center cloud; the format conversion module is used for carrying out format conversion on the authenticated data and dynamically adjusting the data compression ratio based on the real-time network bandwidth; And transmitting the data subjected to format conversion and compression by adopting a request-response-acknowledgement mechanism based on the MQTT-SN protocol through a protocol interaction module.

Description

Data hierarchical sharing interface device and method in three-level cloud architecture of vehicle-road cloud Technical Field The invention relates to the technical field of data security, in particular to a data hierarchical sharing interface device and method in a vehicle-road cloud three-level cloud architecture. Background With the development of technologies such as vehicle-road coordination and intelligent transportation, data interaction among vehicles, road side equipment and cloud systems is increasingly frequent. The data comprise vehicle sensor data, traffic state data, control instructions and the like, and have the characteristics of high real-time requirements, large data volume, high safety requirements and the like. The traditional access control method has the problems of complex authority management, unreliable data transmission, insufficient security and the like, and in the aspect of data transmission, although a plurality of protocols and format conversion technologies are adopted, the self-adaptive adjustment capability for a network environment is lacking, so that the transmission efficiency is low when the network condition is poor. Furthermore, the secure transmission of data and rights management in the co-located scenario of the vehicle Lu Yun lacks an efficient solution. Disclosure of Invention In view of the technical defects and technical drawbacks existing in the prior art, the embodiment of the invention provides a data hierarchical sharing interface device and a method in a vehicle road cloud three-level cloud architecture, which overcome or at least partially solve the problems, and the specific scheme is as follows; As a first aspect of the present invention, a data hierarchical sharing interface device in a three-level cloud architecture of a vehicle-road cloud is provided, including a permission control module, a format conversion module and a protocol interaction module, which are sequentially connected; The right control module is used for receiving a data access request and authenticating the request based on a preset three-level right matrix, wherein the three-level right matrix is used for defining the data access ranges of an edge cloud, an area cloud and a center cloud; The format conversion module is used for carrying out format conversion on the authenticated data and dynamically adjusting the data compression ratio based on the real-time network bandwidth; the protocol interaction module is used for transmitting the data subjected to format conversion and compression through a request-response-acknowledgement mechanism based on the MQTT-SN protocol. In some embodiments, the rights control module includes: The right storage unit is used for storing the three-level right matrix, wherein the edge cloud right is identified as L1 and only allows access to basic road condition data, the regional cloud right is identified as L2 and allows access to regional level statistical data, and the center cloud right is identified as L3 and allows access to full data; the request processing unit is used for receiving the data access request and authenticating the data access request based on the three-level authority matrix stored in the authority storage unit; And the blockchain storage unit is used for carrying out consensus verification on the authority change request when receiving the authority change request, and writing a verification passing change result into the blockchain so as to update the three-level authority matrix stored in the authority storage unit. In some embodiments, the request processing unit is further configured to: monitoring the frequency of the data access requests; and when the frequency of the data access request is detected to exceed a preset threshold, automatically generating an authority change request and sending the authority change request to the blockchain certification unit. In some embodiments, the blockchain certification unit writes a blockchain rights change record including a requestor identification, a pre-change rights identification, a post-change rights identification, a timestamp, and a consensus node digital signature. In some embodiments, the format conversion module comprises: a format conversion unit for converting the authenticated data between JSON, protobuf and XML format; the compression adjusting unit is used for dynamically adjusting the data compression ratio based on the real-time network bandwidth; wherein the compression adjustment unit includes: a bandwidth prediction subunit, configured to predict a future network bandwidth based on the neural network; the compression ratio control subunit is used for dynamically adjusting the compression ratio according to the predicted bandwidth, adjusting the data compression ratio to a first target value when the predicted bandwidth is lower than a first preset threshold value, and adjusting the data compression ratio to a second target value when the predicted bandwidth is h