车载自组网在改善交通管理和安全的同时，也将给人们带来极大的隐私威胁。然而，面向传统网络设计的隐私保护机制，无法应对如此规模庞大、开放共享、隐私信息丰富的场景。本项目将围绕车载自组网身份隐私、位置隐私保护瓶颈问题展开研究，系统分析了分布式别名认证性能和安全隐私隐患，设计授权与证书实体分离的分布式别名管理方案，仅赋予RSU颁发证书更新授权的能力，从机制上消除来自RSU的威胁隐患，优化证书更新开销。设计基于计算难题的别名证书协同验证方案，利用计算资源的有限性抑制DDoS攻击的强度，利用合法车辆之间的协同加快合法别名验证速度。同时，首次研究车载Internet接入中的位置隐私问题，构建位置隐私威胁模型，研究服务提供商获取车载接入用户位置隐私的方法及威胁度量指标，在基础上研究接入决策与性能收益和隐私威胁的量化关系，进而求解接入决策问题，指导车载用户在保持隐私的前提下，获取最大的应用收益。

Vehicular Ad Hoc Network (VANET) opens a new door to facilitating road safety, traffic management, and infotainment dissemination for drivers and passengers. However, as a double-edge sword, it also attracts tremendous privacy concern, such as identity disclosure and tracing. Due to open essence of vehicular applications, high privacy sensitivity of drivers and the huge scale of vehicle number, VANET can not adopt the existed privacy preservation method in the traditional network scenarios. .Based on the deep understanding of critical challenges and key technologies for privacy preservation in VANET, focusing on the protection of identity privacy and location privacy, we studied the following issues:.o To improve the performance and security requirements of vehicular applications, .we propose a distributed management for pseudonymous authentication that RSU can just generate an updating key for a vehicle instead of generating certificates directly, and then, the vehicle can update a set of pseudonymous certificates himself. In this way, the RSU service overhead is irrelated to the number of the updated certificates. At the same time, the potential privacy and security threat caused by RSUs can be eliminated..oWith an eye to vehicular internet accessing, we study the location privacy protection as the first work. We present a potential method which would be used by an service provider to infer an user's location privacy by mining correlation between the RSU locations and the accessing time intervals of the same user. Furthermore, we will study the RSU accessing decision problem to make user obtaining the maximal performance utility in the context of satisfying user privacy requirement.