摘要： V2X(Vehicle to Everything)业务安全的关键在于对消息的真实性校验和个人隐私的保护，在建立身份认证体系时要合理定义各个参与方的安全边界及责任，防止来自内部及外部的攻击。在借鉴国外SCMS、CCMS体系的基础上，基于LTE-V2X技术特点和道路交通管理体系，通过分析V2X证书管理体系的实际需要，针对证书管理的关键过程给出相应的安全策略建议，提出面向LTE-V2X的PKI架构参考建议，可实际应用于LTE-V2X业务部署及相关系统的开发设计。

中图分类号： TP309；U495
文献标识码： A
DOI： 10.19358/j.issn.2096-5133.2020.07.007
引用格式： 李峰，陈新. 基于LTE-V2X技术的PKI系统架构探讨[J].信息技术与网络安全，2020，39(7)：41-47.

PKI infrastructure architecture based on LTE-V2X

Abstract： A key factor to the success of V2X business lies in security: messages authentication and personal privacy protection. Therefore, it is mandatory to establish an identity authentication system based on the actual supervision system, and reasonably define the security boundaries and responsibilities of each participant. Based on existing V2X PKI systems: SCMS and CCMS, this paper analyzes the actual needs of the V2X certificate management system based on the LTE-V2X technical characteristics and domestic regulatory system, and gives corresponding solutions to several key processes of certificate management. And then it makes recommendations PKI infrastructure and security strategy for LTE-V2X business, puts forward specific security management solutions for domestic V2X business development in the future, which can actually be applied to the development and design of LTE-V2X service deployment and related systems.

Key words : LTE-V2X；enrollment certificate；DSRC；GDPR