The intelligent transportation system (ITS) employs advanced technologies such as electronic, communication, computer, control and sensing technologies on various types of transportation systems (particularly, the land transport). Through real-time data transfer, the intelligent transportation system can improve the safety, efficiency, service, monitoring and management of transportation, and resolve traffic problems such as congestion and delay. The intelligent transportation system can achieve maximum effectiveness when the transportation resources are limited.
In the intelligent transportation system, a vehicle is equipped with an on-board unit (OBU). If the vehicle is equipped with a wireless communication device, the on-board unit and the wireless communication device can either be integrated as one device or separated as two independent devices. Regardless of the on-board unit and the wireless communication device being integrated or separated, the on-board unit transmits and receives a message via the wireless communication device. When the vehicle moves on the road, the vehicle can exchange or transmit the message to an adjacent vehicle and/or an adjacent road-side unit (RSU) through the on-board unit and the wireless communication device. The public-key infrastructure (PKI) can be used so that the message received by the on-board unit and the road-side unit are correct.
In the PKI architecture, a certificate authority (CA) generates multiple public-private key pairs. The certificate authority, using its own private key, generates a corresponding signature for each public key. The certificate can include the signature and the certificate relevant information (such as the expiry date of the certificate). For privacy protection, the certificate authority generates one or more certificates dedicated to an on-board unit, and there is no relevance between the certificates dedicated to the same on-board unit. The generated certificate(s) dedicated to the same on-board unit does not contain any authentic ID which may be used for identifying/linking the OBU.
Before a certificate expires, if the scope of use of the certificate changes or the relevance between the certificate and the certificate authority (CA) changes, or the certificate or the private key in the certificate is compromised, then the certificate authority must revoke the certificate before the expiry date matures, and inform system user of a certificate revocation list (CRL).
Therefore, it has become a prominent task to provide a method for managing a security certificate of a vehicle network node and the vehicle network node using the same to effective manage security certificate of the vehicle network node.