System and method for wireless interface selection and for communication and access control of subsystems, devices, and data in a vehicular environment
First Claim
1. A method comprising:
- intercepting a message in an on-board unit (OBU) of a vehicular network environment between a source and a receiver in the vehicular network environment;
verifying the source is authorized to send the message;
verifying the message is not altered;
evaluating a set of source flow control policies associated with the source; and
blocking the message if at least one policy of the set of source flow control policies indicates the message is not permitted, wherein the message is not permitted if a level of access assigned to the source in the set of source flow control policies does not match a level of access tagged on the message.
0 Assignments
0 Petitions
Accused Products
Abstract
A method in one embodiment includes intercepting a message in an on-board unit (OBU) of a vehicular network environment between a source and a receiver in the vehicular network environment, verifying the message is sent from the source, verifying the message is not altered, evaluating a set of source flow control policies associated with the source, and blocking the message if the set of source flow control policies indicate the message is not permitted. In specific embodiments, the message is not permitted if a level of access assigned to the source in the set of source flow control policies does not match a level of access tagged on the message. In further embodiments, the method includes evaluating a set of receiver flow control policies associated with the receiver, and blocking the message if the set of receiver flow control policies indicates the message is not permitted.
-
Citations
20 Claims
-
1. A method comprising:
-
intercepting a message in an on-board unit (OBU) of a vehicular network environment between a source and a receiver in the vehicular network environment; verifying the source is authorized to send the message; verifying the message is not altered; evaluating a set of source flow control policies associated with the source; and blocking the message if at least one policy of the set of source flow control policies indicates the message is not permitted, wherein the message is not permitted if a level of access assigned to the source in the set of source flow control policies does not match a level of access tagged on the message. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. An on-board unit (OBU) of a vehicular network environment, the OBU comprising:
-
at least one processor; and an information flow control monitoring module adapted, when executed by the at least one processor, to; intercept a message in the OBU between a source and a receiver in the vehicular network environment; verify the source is authorized to send the message; verify the message is not altered; evaluate a plurality of flow control policies associated with the source and the receiver; and block the message if one or more of the plurality of flow control policies indicate the message is not permitted, wherein the message is not to be permitted if a level of access assigned to the source in the plurality of flow control policies does not match a level of access tagged on the message. - View Dependent Claims (11, 12, 13)
-
-
14. At least one non-transitory computer readable storage medium having instructions stored thereon that, when executed by at least one processor, cause the at least one processor to:
-
intercept a message in an on-board unit (OBU) of a vehicular network environment between a source and a receiver in the vehicular network environment; verify the source is authorized to send the message; verify the message is not altered; evaluate a set of source flow control policies associated with the source; and block the message if at least one policy of the set of source flow control policies indicates the message is not permitted, wherein the set of source flow control policies is to be applied to a group of applications on the OBU if each application in the group of applications is authorized for a same level of access to the receiver. - View Dependent Claims (15, 16)
-
-
17. A system, comprising an electronic device in a vehicular network environment of a vehicle, the electronic device including at least one processor for:
-
detecting a trigger on an electronic device in a vehicular network environment of a vehicle; identifying an interface usage policy for an agent and a corresponding application on the electronic device; selecting a first wireless interface of a plurality of wireless interfaces on the electronic device for a network session between an application process of the application and a remote node, wherein the first wireless interface is selected based, at least in part, on one or more criteria in the interface usage policy; associating the electronic device with a controller in a network environment; associating the first wireless interface of the electronic device with a first wireless infrastructure device in the network environment; providing Internet Protocol (IP) mapping information to the controller; establishing a network session between the electronic device and the remote node through the first wireless interface, wherein packets of the network session are routed through the controller; intercepting a first message in the electronic device being sent from a first source to a first receiver; evaluating one or more predefined policies to determine whether the first source is permitted to communicate with the first receiver; blocking the first message if the first source is not permitted to communicate with the first receiver, wherein a first subsystem of the vehicular network environment includes one of the first source and the first receiver; intercepting a second message in the electronic device being sent from a second source to a second receiver in the vehicular network environment; verifying the second source is authorized to send the second message; verifying the second message is not altered; evaluating a set of source flow control policies associated with the second source; and blocking the second message if the set of source flow control policies indicates the second message is not permitted.
-
-
18. At least one non-transitory computer readable storage medium having instructions stored thereon that, when executed by at least one processor, cause the at least one processor to:
-
intercept a message in an on-board unit (OBU) of a vehicular network environment between a source and a receiver in the vehicular network environment; verify the source is authorized to send the message; verify the message is not altered; evaluate a plurality of flow control policies associated with the source and the receiver; and block the message if one or more of the plurality of flow control policies indicate the message is not permitted, wherein the message is not to be permitted if a level of access assigned to the source in the plurality of flow control policies does not match a level of access tagged on the message. - View Dependent Claims (19)
-
-
20. At least one non-transitory computer readable storage medium having instructions stored thereon that, when executed by at least one processor, cause the at least one processor to:
-
intercept a message in an on-board unit (OBU) of a vehicular network environment between a source and a receiver in the vehicular network environment; verify the source is authorized to send the message; verify the message is not altered; evaluate a set of source flow control policies associated with the source; and block the message if at least one policy of the set of source flow control policies indicates the message is not permitted, wherein, when the message includes data tagged by an owner of the data other than the source, the message is not permitted if one or more tags of the data indicate the receiver does not have permission to read the data.
-
Specification