Vehicle control method and device based on shared vehicle key, equipment and medium

By working in conjunction with the vehicle owner's device, SBFD Server, and DK Server, temporary shared keys are generated and managed, solving the problem that vehicle owners cannot safely and conveniently move their vehicles temporarily. This enables safe and controllable temporary operation of vehicles, improving the flexibility and convenience of vehicle use.

CN122067337BActive Publication Date: 2026-07-14SHANGHAI INGEEK CYBER SECURITY CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
SHANGHAI INGEEK CYBER SECURITY CO LTD
Filing Date
2026-04-21
Publication Date
2026-07-14

AI Technical Summary

Technical Problem

In the existing technology, car owners cannot safely and conveniently move their vehicles temporarily, causing inconvenience.

Method used

By working in conjunction with the vehicle owner's device, SBFD Server, and DK Server, temporary shared keys are generated and managed to enable secure and controllable temporary operations on the vehicle.

Benefits of technology

It enables safe and controllable temporary operation of vehicles, meets diverse needs such as temporary vehicle relocation, and improves the flexibility and convenience of vehicle use.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122067337B_ABST
    Figure CN122067337B_ABST
Patent Text Reader

Abstract

Embodiments of the present application disclose a vehicle control method and device based on sharing of a vehicle key, an equipment and a medium. The method comprises: a vehicle owner equipment requesting an SBFD to pull up a DK Server for vehicle binding authorization, so that the SBFD hosts key sharing authority, the authority is realized based on a hosting credential of the DK Server, the hosting credential is obtained by the vehicle owner equipment based on a vehicle owner private key, signing a hosting public key generated by the DK Server, the vehicle owner equipment initiates a key pre-authorization request to the SBFD through a business cloud, the SBFD initiates a key sharing request to generate a temporary sharing key; a temporary key credential is generated by the DK Server based on a hosting private key, signing a temporary public key generated by a temporary vehicle control terminal; and the vehicle authenticates the temporary vehicle control terminal based on the hosting credential and the temporary key credential, so that the vehicle key sharing based on business requirements can be flexibly realized, and a safe and flexible vehicle control experience is realized.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] The embodiments of the present invention relate to the field of vehicle safety control technology, and in particular to a vehicle control method, device, equipment and medium based on shared car keys. Background Technology

[0002] In daily life, we often encounter situations where car owners need to move their vehicles. For example, when a car owner temporarily parks their vehicle, it may block surrounding vehicles or occupy someone else's private space. The person whose vehicle is blocked or the owner of the space usually needs to contact the car owner to move the car. However, it is common for the car owner to be unable to move the vehicle immediately. In such cases, the inability to move the vehicle safely and conveniently causes great inconvenience. Summary of the Invention

[0003] This invention provides a vehicle control method, device, equipment, and medium based on shared car keys, which generates temporary vehicle operation needs through owner authorization, enabling users to use the vehicle safely and controllably.

[0004] In a first aspect, embodiments of the present invention provide a vehicle control method based on a shared car key, applied to a vehicle service business system. The system includes: a temporary vehicle control terminal, a vehicle owner device, a vehicle, a business cloud, an SBFD Server, and a DKServer. The method includes:

[0005] The vehicle owner device requests the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can manage key sharing permissions; wherein, the managed key sharing permissions are implemented based on the managed credentials of the DK Server, and the managed credentials are obtained by the vehicle owner device signing the managed public key of the managed key generated by the DK Server based on the owner's private key of the vehicle's owner key;

[0006] The vehicle owner device initiates a key pre-authorization request to the SBFD Server through a first communication link; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server, and the DK Server;

[0007] After the pre-authorization authentication is passed, the SBFD Server initiates a key sharing request through the second communication link to generate a temporary sharing key. The temporary sharing key includes a temporary key credential, which is generated by the DK Server signing the temporary public key of the temporary key generated by the temporary vehicle control terminal based on the managed private key of the managed key. The second communication link is the communication link between the temporary vehicle control terminal, the business cloud, the SBFD Server, and the DK Server.

[0008] The vehicle authenticates the temporary vehicle control terminal based on the escrow certificate and the temporary key certificate.

[0009] As one embodiment, the vehicle owner device initiates a key pre-authorization request to the SBFD Server via a first communication link, including:

[0010] The vehicle owner device obtains the vehicle control service information of the temporary vehicle control terminal based on the service cloud, and initiates the key pre-authorization request based on the vehicle control service information.

[0011] As one embodiment, the step of initiating a key sharing request via the second communication link includes:

[0012] In response to the DK Server's approval of the key pre-authorization request, the SBFD Server pushes a temporary key sharing link to the temporary vehicle control terminal.

[0013] As one embodiment, the method further includes: the vehicle owner device requesting the cancellation of the temporary shared key through the first communication link.

[0014] The vehicle owner device requests the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can manage key sharing permissions; wherein, the managed key sharing permissions are implemented based on the managed credentials of the DK Server, and the managed credentials are obtained by the vehicle owner device signing the managed public key of the managed key generated by the DK Server based on the owner's private key of the vehicle's owner key;

[0015] The vehicle owner device initiates a key pre-authorization request to the SBFD Server through a first communication link; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server, and the DK Server;

[0016] After the pre-authorization authentication is passed, the SBFD Server initiates a key sharing request through the second communication link to generate a temporary sharing key. The temporary sharing key includes a temporary key credential, which is generated by the DK Server signing the temporary public key of the temporary key generated by the temporary vehicle control terminal based on the managed private key of the managed key. The second communication link is the communication link between the temporary vehicle control terminal, the business cloud, the SBFD Server, and the DK Server.

[0017] The vehicle authenticates the temporary vehicle control terminal based on the escrow certificate and the temporary key certificate.

[0018] Secondly, embodiments of the present invention provide a vehicle control method based on a shared car key, applied to the owner's device of a vehicle service business system. The system further includes: a temporary vehicle control terminal, a vehicle, a business cloud, an SBFD Server, and a DK Server; the method includes:

[0019] The system requests the SBFD Server to initiate the DK Server to authorize vehicle binding, thereby enabling the SBFD Server to manage key sharing permissions. The managed key sharing permissions are implemented based on the managed credentials of the DK Server, which are obtained by the vehicle owner device signing the managed public key of the managed key generated by the DK Server based on the vehicle owner's private key of the vehicle's owner key.

[0020] A key pre-authorization request is initiated to the SBFD Server via a first communication link; after the SBFD Server passes the pre-authorization authentication, it initiates a key sharing request via a second communication link to generate a temporary shared key; wherein, the temporary shared key includes a temporary key credential, which is generated by the DK Server signing the temporary public key of the temporary key generated by the temporary vehicle control terminal based on the managed private key of the managed key; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server, and the DK Server; the second communication link is a communication link between the temporary vehicle control terminal, the business cloud, the SBFD Server, and the DK Server; the vehicle authenticates the temporary vehicle control terminal based on the managed credential and the temporary key credential.

[0021] Thirdly, embodiments of the present invention provide a vehicle control method based on a shared car key, applied to a temporary vehicle control terminal of a vehicle service business system. The system further includes: a vehicle owner device, a vehicle, a business cloud, an SBFD Server, and a DK Server. The method includes:

[0022] In response to a key sharing request initiated by the SBFD Server, a temporary sharing key is generated; the temporary sharing key includes a temporary private key and a temporary public key;

[0023] The temporary public key is sent to the DK Server, so that the DK Server can obtain a temporary key credential by signing it according to the escrow key of the pre-generated escrow key. The SBFD Server is pre-authorized by the vehicle owner device to escrow the temporary shared key of the temporary vehicle control terminal. The authorization of the vehicle owner device to the SBFD Server includes: the vehicle owner device requests the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can escrow the key sharing permission; wherein, the escrow key sharing permission is implemented based on the escrow credential of the DK Server, and the escrow credential is obtained by the vehicle owner device signing the escrow public key of the escrow key generated by the DK Server based on the owner's private key of the vehicle's owner key; the vehicle owner device initiates a key pre-authorization request to the SBFD Server through a first communication link; so that after the SBFD Server passes the pre-authorization authentication, it initiates a key sharing request through a second communication link to generate a temporary shared key; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server and the DK Server; the second communication link is between the temporary vehicle control terminal, the business cloud, the SBFD Server and the DK Server. The communication link between servers; the vehicle authenticates the temporary vehicle control terminal based on the hosting certificate and the temporary key certificate.

[0024] Fourthly, embodiments of the present invention provide a vehicle control device based on a shared car key, configured in a vehicle owner's device within a vehicle service business system. The system further includes: a temporary vehicle control terminal, a vehicle, a business cloud, an SBFD Server, and a DK Server; the device includes:

[0025] The managed module is used to request the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can manage key sharing permissions; wherein, the managed key sharing permissions are implemented based on the managed credentials of the DK Server, and the managed credentials are obtained by the vehicle owner device signing the managed public key of the managed key generated by the DK Server based on the owner's private key of the vehicle's owner key;

[0026] The key authorization module is used to initiate a key pre-authorization request to the SBFD Server via a first communication link; so that after the SBFD Server passes the pre-authorization authentication, it initiates a key sharing request via a second communication link to generate a temporary shared key; wherein, the temporary shared key includes a temporary key credential, which is generated by the DK Server signing the temporary public key of the temporary key generated by the temporary vehicle control terminal based on the managed private key of the managed key; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server, and the DK Server; the second communication link is a communication link between the temporary vehicle control terminal, the business cloud, the SBFD Server, and the DK Server; the vehicle authenticates the temporary vehicle control terminal based on the managed credential and the temporary key credential.

[0027] Fifthly, embodiments of the present invention provide a vehicle control device based on a shared car key, applied to a temporary vehicle control terminal of a vehicle service business system. The system further includes: a vehicle owner device, a vehicle, a business cloud, an SBFD Server, and a DK Server. The device includes:

[0028] The shared key generation module is used to generate a temporary shared key in response to a key sharing request initiated by the SBFD Server; the temporary shared key includes a temporary private key and a temporary public key;

[0029] A shared key signing module is used to send the temporary public key to the DK Server, so that the DK Server can sign it according to the pre-generated escrow key's escrow key to obtain a temporary key credential. The SBFD Server is pre-authorized by the vehicle owner device to escrow the temporary shared key of the temporary vehicle control terminal. The authorization from the vehicle owner device to the SBFD Server includes: the vehicle owner device requesting the SBFD Server to launch the DK Server for vehicle binding authorization, so that the SBFD Server can escrow key sharing permissions; wherein, the escrow key sharing permissions are implemented based on the escrow credentials of the DK Server, which are obtained by the vehicle owner device signing the escrow public key of the escrow key generated by the DK Server based on the vehicle owner's private key of the vehicle's owner key; the vehicle owner device initiates a key pre-authorization request to the SBFD Server through a first communication link; so that after the SBFD Server passes the pre-authorization authentication, it initiates a key sharing request through a second communication link to generate a temporary shared key; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server, and the DK Server; the second communication link is between the temporary vehicle control terminal, the business cloud, and the SBFD Server. The communication link between the Server and the DK Server; the vehicle authenticates the temporary vehicle control terminal based on the hosting certificate and the temporary key certificate.

[0030] In a sixth aspect, embodiments of the present invention provide an intelligent device, including a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor executes the program to implement the managed vehicle control method based on shared car keys as described in the second or third embodiment.

[0031] In a seventh aspect, embodiments of the present invention provide a computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, implements the previously described managed vehicle control method based on a shared car key.

[0032] Compared with the prior art, the technical solution provided by the embodiments of the present invention has at least the following positive effects:

[0033] In this embodiment of the invention, the vehicle owner device requests the SBFD Server to initiate the DK Server for vehicle binding authorization, so that the SBFD Server can manage key sharing permissions. The managed key sharing permissions are implemented based on the managed credentials of the DK Server. The managed credentials are obtained by the vehicle owner device signing the managed public key of the managed key generated by the DK Server based on the vehicle owner's private key of the vehicle owner's key. This enables the DK Server to generate managed keys for each vehicle of each vehicle owner user, and enables the SBFD Server to manage key sharing permissions. When a vehicle owner needs to authorize a temporary vehicle control terminal for temporary vehicle use, such as when moving the vehicle, the owner's device initiates a key pre-authorization request to the SBFD Server through a first communication link. The first communication link is a secure communication link between the owner's device, the business cloud, the SBFD Server, and the DK Server. After the pre-authorization authentication is successful, the SBFD Server initiates a key sharing request through a second communication link to generate a temporary shared key. The temporary shared key includes a temporary key credential, which is generated by the DK Server by signing the temporary public key of the temporary key generated by the temporary vehicle control terminal based on the escrow private key of the escrow key. The second communication link is a communication link between the temporary vehicle control terminal, the business cloud, the SBFD Server, and the DK Server. The vehicle authenticates the temporary vehicle control terminal based on the escrow credential and the temporary key credential, enabling the temporary vehicle control terminal to temporarily obtain authorization from the vehicle owner and solve the problem of temporary vehicle use. Attached Figure Description

[0034] To more clearly illustrate the technical solutions in the embodiments of the present invention, the accompanying drawings used in the description of the embodiments will be briefly introduced below. Obviously, the accompanying drawings described below are some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0035] Figure 1 A flowchart of a vehicle control method based on a shared car key provided in Embodiment 1 of the present invention;

[0036] Figure 2 for Figure 1 The flowchart shown is a managed process for a vehicle control method based on shared car keys;

[0037] Figure 3 for Figure 1 The flowchart shown is a process for authorizing the shared digital key in a vehicle control method based on a shared car key.

[0038] Figure 4 for Figure 1The flowchart shown is for the revocation of a shared digital key in a vehicle control method based on a shared car key.

[0039] Figure 5 This is a schematic diagram of the structure of a digital key sharing device provided in Embodiment 2 of the present invention;

[0040] Figure 6 This is a schematic diagram of the structure of another digital key sharing device provided in Embodiment 3 of the present invention;

[0041] Figure 7 This is a schematic diagram of the structure of the smart device provided in Embodiment 4 of the present invention. Detailed Implementation

[0042] The present invention will now be described in further detail with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and not intended to limit it. Furthermore, it should be noted that, for ease of description, the accompanying drawings show only the parts relevant to the present invention, and not all of the structures.

[0043] Example 1

[0044] Figure 1 This is a flowchart illustrating a vehicle control method based on shared car keys provided in an embodiment of the present invention. This method is applied to a vehicle service business system, which includes: a temporary vehicle control terminal, a vehicle owner's device, a vehicle, a business cloud, an SBFD Server, and a DK Server. SBFD stands for Server Based Friend Device, a definition originating from the CCC (Car Connectivity Consortium) specification, used to support service vehicle usage scenarios. The DK Server is the vehicle manufacturer's digital key server. The vehicle service business system can be used for vehicle service businesses such as car washing, maintenance, chauffeur services, and vehicle relocation. Through the vehicle service business system, the vehicle owner's device can entrust key sharing permissions to the FBSD Server, allocating temporary keys to the temporary vehicle control terminal (such as a vehicle relocation device) according to its vehicle control needs, meeting its flexible vehicle usage requirements. The vehicle control method based on shared car keys in this embodiment of the present invention includes the following steps:

[0045] Step 101: The vehicle owner's device requests the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can manage key sharing permissions.

[0046] The escrow key sharing permission is implemented based on the escrow credentials of the DK Server. The escrow credentials are obtained by the vehicle owner's device signing the escrow key generated by the DK Server with the vehicle owner's private key based on the vehicle owner's key. Through vehicle binding authorization, one escrow key can be generated for each vehicle of each vehicle owner user.

[0047] The specific process for generating a managed key is as follows: The vehicle owner's device sends a managed request to the DK Server through the SBFD Server. The DK Server generates a managed signature request, which requests the vehicle owner's device to sign the managed public key of the managed key generated by the DK Server. The managed key can be generated using national cryptographic algorithms, which will not be elaborated here. The vehicle owner's device obtains the managed signature request and signs the managed public key based on the owner's private key of the vehicle's owner key to generate a managed credential. The vehicle owner's device has a pre-installed owner key; the owner key's private key is stored in the vehicle owner's device's security chip, and the owner key's public key certificate is stored in the vehicle. It is understood that the managed credential, in addition to the managed public key, can also contain other information, such as the vehicle owner's identity information. After obtaining the managed credential, the vehicle authenticates it based on the owner's public key of the owner key. After successful authentication, the managed credential is registered. At this point, the vehicle owner's device entrusts the key sharing permission to the SBFD Server, which then shares the key with the temporary vehicle control terminal (i.e., a third party).

[0048] Step 102: The vehicle owner's device initiates a key pre-authorization request to the SBFD Server through the first communication link.

[0049] The first communication link is a secure communication link between the vehicle owner's device, the business cloud, the SBFD Server, and the DK Server.

[0050] The vehicle owner's device can obtain vehicle control service information from the temporary vehicle control terminal based on the business cloud, and initiate a key pre-authorization request based on this information. For example, in a vehicle relocation service, the vehicle owner can affix a relocation code to the vehicle. When a relocation is needed, the person relocating the vehicle can scan the code using the temporary vehicle control terminal. Through communication between the business cloud and the vehicle owner's device, the person relocating the vehicle can communicate their relocation request anonymously with the vehicle owner, allowing the owner to authorize the relocation. It is understood that the business cloud can obtain relevant information from both the vehicle owner's device and the temporary vehicle control terminal, enabling key sharing between the two. This application does not impose specific restrictions on the information acquisition method. The vehicle owner's device initiates a key pre-authorization request to the SBFD Server, allowing the DK Server to authorize key sharing with the temporary vehicle control terminal based on the managed key.

[0051] Step 103: After the pre-authorization authentication is successful, the SBFD Server initiates a key sharing request through the second communication link to generate a temporary sharing key.

[0052] The temporary shared key includes a temporary key credential, which is generated by the DK Server signing the temporary public key of the temporary key generated on the temporary vehicle control terminal based on the managed private key of the managed key. The second communication link is the communication link between the temporary vehicle control terminal, the business cloud, the SBFD Server, and the DK Server. The temporary shared key includes: a temporary private key stored locally on the temporary vehicle control terminal and a temporary key credential signed by the DK Server with the temporary public key.

[0053] In response to the DK Server's approval of the key pre-authorization request, the SBFD Server can push a temporary key sharing link to the temporary vehicle control terminal. The person moving the vehicle can then interact with the DK Server by clicking the temporary key sharing link on the temporary vehicle control terminal to generate a temporary shared key.

[0054] Step 104: The vehicle authenticates the temporary vehicle control terminal based on the custody certificate and temporary key certificate.

[0055] After the vehicle verifies the escrow certificate using the owner's public key, the escrow certificate is stored. Once the vehicle obtains the temporary key certificate, it verifies the temporary key certificate using the escrow public key in the escrow certificate. If the verification is successful, the temporary key certificate is added to the whitelist, and the temporary vehicle control terminal is authenticated based on the temporary key certificate. After successful authentication, the temporary vehicle control terminal can obtain the temporary vehicle control permissions authorized by the owner, such as the vehicle control permissions required for moving the vehicle.

[0056] Figures 2-4 These are schematic diagrams illustrating the hosting, key authorization, and key revocation processes of the multi-sided interactive vehicle control method according to embodiments of the present invention. The following will further elaborate on these processes. Figure 2 and Figure 4 The vehicle control method based on shared car keys according to embodiments of the present invention will be described in detail below. Please refer to... Figure 2 As shown, the managed process for vehicle control based on shared car keys includes the following steps:

[0057] S201: The vehicle owner's device requests vehicle binding authorization.

[0058] The vehicle owner's device has the vehicle's OEM app installed. After logging into the owner's account, the vehicle binding authorization is triggered.

[0059] S202: The vehicle owner's device requests vehicle binding authorization from the SBFD Server.

[0060] S203: SBFD Server requests vehicle binding authorization from DK Server.

[0061] S204: The vehicle owner's device locally launches the APP to authorize vehicle binding.

[0062] The OEM's app integrates the DK SDK, which enables the car owner's app to bind and authorize the vehicle.

[0063] S205: The vehicle owner's device authorizes the DK Server to bind the vehicle.

[0064] The car owner's app requests authorization from the DK Server to bind the vehicle.

[0065] The DK Server generates a corresponding managed key based on the vehicle owner's device and vehicle information, and sends the managed public key of the managed key to the vehicle owner's device for signing, thus obtaining the managed public key. The managed public key can then be sent to the vehicle via the DK Server.

[0066] S206: The DK Server notifies the SBFD Server of vehicle binding authorization.

[0067] The SBFD Server manages the sharing of vehicle keys for the owner's device based on the vehicle binding authorization status.

[0068] S207: The SBFD Server notifies the vehicle owner's device of vehicle binding authorization.

[0069] Through steps S201 to S207, each car owner can bind authorization to each of their vehicles.

[0070] Please see Figure 3 As shown, the key authorization process for the vehicle control method based on shared car keys includes the following steps:

[0071] S301: The vehicle owner's device requests key authorization from the vehicle relocation service cloud.

[0072] S302: The vehicle relocation service cloud requests key authorization from the SBFD Server.

[0073] S303: SBFD Server requests key authorization from DK Server.

[0074] S304: The DK Server notifies the SBFD Server of the key authorization status.

[0075] S305: SBFD Server notifies the car relocation service cloud of the key authorization status.

[0076] S306: The car relocation service cloud notifies the car relocation user's mini-program of the key authorization status.

[0077] For temporary vehicle control terminals, such as those used for moving cars, a "Car Moving Assistant" mini-program can be installed.

[0078] S307: The "Move Car" mini-program requests the SBFD Server to download the digital key.

[0079] S308: The "Move Car" mini-program controls the vehicle based on a digital key.

[0080] Please see Figure 4 As shown, the key cancellation process for the vehicle control method based on shared car keys includes the following steps:

[0081] S401: The vehicle owner's device requests the vehicle relocation service cloud to unbind the vehicle.

[0082] S402: The vehicle relocation service cloud requests the SBFD Server to unbind the vehicle.

[0083] S403: SBFD Server requests DK Server to unbind the vehicle.

[0084] DK Server notified the vehicle that its managed certificate had expired, causing the vehicle relocation app to lose control over the vehicle's relocation.

[0085] S404: The DK Server notifies the SBFD Server of the revocation status.

[0086] S405: SBFD Server notifies the vehicle relocation service cloud of the revocation status.

[0087] Compared with existing technologies, this invention, through vehicle authorization activation of the SBFD service, enables the SBFD service to manage the vehicle owner's shared key permissions based on managed credentials. The vehicle owner's device can request the DKServer to share keys with the temporary vehicle control terminal via the business cloud and SBFD service, thereby meeting flexible and diverse temporary vehicle control needs such as car washing, maintenance, and relocation.

[0088] Example 2

[0089] This invention provides a vehicle control device based on a shared car key, configured in a vehicle owner's device within a vehicle service business system. The system also includes: a temporary vehicle control terminal, a vehicle, a business cloud, an SBFD Server, and a DK Server. Figure 5 As shown, the device includes:

[0090] The managed module 502 is used to request the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can manage key sharing permissions; wherein, the managed key sharing permissions are implemented based on the managed credentials of the DK Server, and the managed credentials are obtained by the vehicle owner device signing the managed public key of the managed key generated by the DK Server based on the vehicle owner's private key of the vehicle owner's key;

[0091] The key authorization module 504 is used to initiate a key pre-authorization request to the SBFD Server through a first communication link; so that after the SBFD Server passes the pre-authorization authentication, it initiates a key sharing request through a second communication link to generate a temporary shared key; wherein, the temporary shared key includes a temporary key credential, which is generated by the DK Server signing the temporary public key of the temporary key generated by the temporary vehicle control terminal based on the managed private key of the managed key; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server, and the DK Server; the second communication link is a communication link between the temporary vehicle control terminal, the business cloud, the SBFD Server, and the DK Server; the vehicle authenticates the temporary vehicle control terminal based on the managed credential and the temporary key credential.

[0092] Compared with existing technologies, this invention, through vehicle authorization activation of the SBFD service, enables the SBFD service to manage the vehicle owner's shared key permissions based on managed credentials. The vehicle owner's device can request the DKServer to share keys with the temporary vehicle control terminal via the business cloud and SBFD service, thereby meeting flexible and diverse temporary vehicle control needs such as car washing, maintenance, and relocation.

[0093] Example 3

[0094] This invention provides a managed digital key sharing device 600, a vehicle control device based on shared car keys, applied to the temporary vehicle control terminal of a vehicle service business system. The system further includes: owner equipment, vehicle, business cloud, SBFD Server, and DK Server. Figure 6 As shown, the device includes:

[0095] The key sharing generation module 602 is used to generate a temporary key in response to a key sharing request initiated by the SBFD Server; the temporary key includes a temporary private key and a temporary public key.

[0096] The sending module 604 is used to send the temporary public key to the DK Server, so that the DK Server can obtain a temporary key credential by signing it according to the escrow key of the pre-generated escrow key; the SBFD Server is pre-authorized by the vehicle owner device to escrow the temporary shared key of the temporary vehicle control terminal, wherein the authorization of the vehicle owner device to the SBFD Server includes: the vehicle owner device requests the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can escrow key sharing permission; wherein, the escrow key sharing permission is implemented based on the escrow credential of the DK Server, and the escrow credential is obtained by the vehicle owner device signing the escrow public key of the escrow key generated by the DK Server based on the owner's private key of the vehicle's owner key; the vehicle owner device initiates a key pre-authorization request to the SBFD Server through a first communication link; so that after the SBFD Server passes the pre-authorization authentication, it initiates a key sharing request through a second communication link to generate a temporary shared key; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server and the DK Server; the second communication link is between the temporary vehicle control terminal, the business cloud, and the SBFD. The communication link between the Server and the DK Server; the vehicle authenticates the temporary vehicle control terminal based on the hosting certificate and the temporary key certificate.

[0097] Example 4

[0098] Figure 7 This is a schematic diagram of the structure of an intelligent device provided in Embodiment 4 of the present invention. The intelligent device 70 includes a memory 71, a processor 72, and a computer program stored in the memory 71 and executable on the processor 72. When the processor 72 executes the program, it implements the technical solutions of each part of the vehicle service business system described in Embodiment 1 above.

[0099] Example 5

[0100] Embodiment 5 of the present invention provides a computer-readable storage medium having a computer program stored thereon, wherein the computer program, when executed by a computer processor, is used to perform the technical solution of any method embodiment.

[0101] Based on the above description of the implementation methods, those skilled in the art can clearly understand that the present invention can be implemented using software and necessary general-purpose hardware, and of course, it can also be implemented using hardware, but in many cases the former is a better implementation method. Based on this understanding, the technical solution of the present invention, or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product can be stored in a computer-readable storage medium, such as a computer floppy disk, read-only memory (ROM), random access memory (RAM), flash memory, hard disk, or optical disk, etc., including several instructions to cause a computer device (which may be a personal computer, server, or grid device, etc.) to execute the methods described in the various embodiments of the present invention.

[0102] It is worth noting that in the above-described embodiments of the sharing device, the various units and modules included are only divided according to functional logic, but are not limited to the above division, as long as the corresponding functions can be achieved; in addition, the specific names of each functional unit are only for easy differentiation and are not used to limit the scope of protection of the present invention.

[0103] Note that the above description is merely a preferred embodiment of the present invention and the technical principles employed. Those skilled in the art will understand that the present invention is not limited to the specific embodiments described herein, and various obvious changes, readjustments, and substitutions can be made without departing from the scope of protection of the present invention. Therefore, although the present invention has been described in detail through the above embodiments, the present invention is not limited to the above embodiments, and may include many other equivalent embodiments without departing from the concept of the present invention, the scope of which is determined by the scope of the appended claims.

Claims

1. A vehicle control method based on shared car keys, characterized in that, This method is applied to a vehicle service business system, which includes: a temporary vehicle control terminal, vehicle owner equipment, vehicles, a business cloud, an SBFD Server, and a DK Server. The vehicle owner device requests the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can manage key sharing permissions; wherein, the managed key sharing permissions are implemented based on the managed credentials of the DK Server, and the managed credentials are obtained by the vehicle owner device signing the managed public key of the managed key generated by the DK Server based on the owner's private key of the vehicle's owner key; The vehicle owner device initiates a key pre-authorization request to the SBFD Server through a first communication link; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server, and the DK Server; After the pre-authorization authentication is passed, the SBFD Server initiates a key sharing request through the second communication link to generate a temporary sharing key. The temporary sharing key includes a temporary key credential, which is generated by the DKServer signing the temporary public key of the temporary key generated by the temporary vehicle control terminal based on the managed private key of the managed key. The second communication link is the communication link between the temporary vehicle control terminal, the business cloud, the SBFD Server, and the DK Server. The vehicle authenticates the temporary vehicle control terminal based on the escrow certificate and the temporary key certificate.

2. The method according to claim 1, characterized in that, The vehicle owner's device initiates a key pre-authorization request to the SBFD Server via the first communication link, including: The vehicle owner device obtains the vehicle control service information of the temporary vehicle control terminal based on the service cloud, and initiates the key pre-authorization request based on the vehicle control service information.

3. The method according to claim 1, characterized in that, The process of initiating a key sharing request via the second communication link includes: In response to the DK Server's approval of the key pre-authorization request, the SBFD Server pushes a temporary key sharing link to the temporary vehicle control terminal.

4. The method according to claim 1, characterized in that, The method further includes: the vehicle owner device requesting the cancellation of the temporary shared key through the first communication link.

5. A vehicle control method based on shared car keys, characterized in that, The system includes owner equipment applied to a vehicle service business system, comprising: a temporary vehicle control terminal, a vehicle, a business cloud, an SBFD Server, and a DK Server; the method includes: The system requests the SBFD Server to initiate the DK Server to authorize vehicle binding, thereby enabling the SBFD Server to manage key sharing permissions. These permissions are based on the DK Server's managed credentials, which are obtained by the vehicle owner's device signing the managed public key of the managed key generated by the DK Server using the vehicle owner's private key of the vehicle's owner key. A key pre-authorization request is initiated to the SBFD Server via a first communication link; after the SBFD Server passes the pre-authorization authentication, it initiates a key sharing request via a second communication link to generate a temporary shared key; wherein, the temporary shared key includes a temporary key credential, which is generated by the DK Server signing the temporary public key of the temporary key generated by the temporary vehicle control terminal based on the escrow private key of the escrow key; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server, and the DK Server; the second communication link is a communication link between the temporary vehicle control terminal, the business cloud, the SBFD Server, and the DK Server; the vehicle authenticates the temporary vehicle control terminal based on the escrow credential and the temporary key credential.

6. A vehicle control method based on shared car keys, characterized in that, A temporary vehicle control terminal applied to a vehicle service business system, the system further including: vehicle owner equipment, vehicle, business cloud, SBFD Server, and DK Server, the method including: In response to a key sharing request initiated by the SBFD Server, a temporary sharing key is generated; the temporary sharing key includes a temporary private key and a temporary public key; The temporary public key is sent to the DK Server, so that the DK Server can obtain a temporary key credential by signing it according to the escrow key of the pre-generated escrow key. The SBFD Server is pre-authorized by the vehicle owner device to escrow the temporary shared key of the temporary vehicle control terminal. The authorization of the vehicle owner device to the SBFD Server includes: the vehicle owner device requests the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can escrow the key sharing permission; wherein, the escrow key sharing permission is implemented based on the escrow credential of the DK Server, and the escrow credential is obtained by the vehicle owner device signing the escrow public key of the escrow key generated by the DK Server based on the owner's private key of the vehicle's owner key; the vehicle owner device initiates a key pre-authorization request to the SBFD Server through a first communication link; so that after the SBFD Server passes the pre-authorization authentication, it initiates a key sharing request through a second communication link to generate a temporary shared key; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server and the DK Server; the second communication link is between the temporary vehicle control terminal, the business cloud, the SBFD Server and the DK Server. The communication link between servers; the vehicle authenticates the temporary vehicle control terminal based on the hosting certificate and the temporary key certificate.

7. A vehicle control device based on a shared car key, characterized in that, The vehicle owner device is configured in the vehicle service business system, which also includes: a temporary vehicle control terminal, a vehicle, a business cloud, an SBFD Server, and a DK Server; the device includes: The managed module is used to request the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can manage key sharing permissions; wherein, the managed key sharing permissions are implemented based on the managed credentials of the DK Server, and the managed credentials are obtained by the vehicle owner device signing the managed public key of the managed key generated by the DK Server based on the vehicle owner's private key of the vehicle owner's key; The key authorization module is used to initiate a key pre-authorization request to the SBFD Server via a first communication link; so that after the SBFD Server passes the pre-authorization authentication, it initiates a key sharing request via a second communication link to generate a temporary shared key; wherein, the temporary shared key includes a temporary key credential, which is generated by the DK Server signing the temporary public key of the temporary key generated by the temporary vehicle control terminal based on the managed private key of the managed key; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server, and the DK Server; the second communication link is a communication link between the temporary vehicle control terminal, the business cloud, the SBFD Server, and the DK Server; the vehicle authenticates the temporary vehicle control terminal based on the managed credential and the temporary key credential.

8. A vehicle control device based on a shared car key, characterized in that, A temporary vehicle control terminal for use in a vehicle service business system, the system further includes: vehicle owner equipment, vehicle, business cloud, SBFD Server, and DK Server, the device including: The shared key generation module is used to generate a temporary shared key in response to a key sharing request initiated by the SBFD Server; the temporary shared key includes a temporary private key and a temporary public key; A sending module is used to send the temporary public key to the DK Server, so that the DK Server can obtain a temporary key credential by signing it according to the escrow key of the pre-generated escrow key. The SBFD Server is pre-authorized by the vehicle owner device to escrow the temporary shared key of the temporary vehicle control terminal. The authorization of the vehicle owner device to the SBFD Server includes: the vehicle owner device requests the SBFD Server to launch the DK Server to authorize vehicle binding, so that the SBFD Server can escrow key sharing permission; wherein, the escrow key sharing permission is implemented based on the escrow credential of the DK Server, and the escrow credential is obtained by the vehicle owner device signing the escrow public key of the escrow key generated by the DK Server based on the owner's private key of the vehicle's owner key; the vehicle owner device initiates a key pre-authorization request to the SBFD Server through a first communication link; so that after the SBFD Server passes the pre-authorization authentication, it initiates a key sharing request through a second communication link to generate a temporary shared key; the first communication link is a secure communication link between the vehicle owner device, the business cloud, the SBFD Server and the DK Server; the second communication link is between the temporary vehicle control terminal, the business cloud and the SBFD server. The communication link between the Server and the DK Server; the vehicle authenticates the temporary vehicle control terminal based on the hosting certificate and the temporary key certificate.

9. A smart device, characterized in that, It includes a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein the processor, when executing the program, implements the vehicle control method based on a shared car key as described in claim 5 or 6.

10. A computer-readable storage medium having a computer program stored thereon, characterized in that, When the program is executed by the processor, it implements the vehicle control method based on shared car keys as described in any one of claims 1 to 6.