Secure mobile device integration with vehicles
First Claim
Patent Images
1. A computerized method comprising, on a mobile computing device:
- when the mobile computing device does not have Internet connectivity;
processing a vehicle integration request made by at least one of (i) the mobile computing device and (ii) a transportation vehicle;
computing a risk assessment value that quantifies a security risk to the transportation vehicle as a result of connecting the mobile computing device to the transportation vehicle, wherein the computing is based on a scanning of at least one of a hardware and a software of the mobile computing device, wherein the scanning comprises determining whether;
(a) the mobile computing device is infected with a computer virus for hijacking the transportation vehicle,(b) the mobile computing device is not equipped with a hacking prevention hardware, or(c) the mobile computing device contains a software bridge between multiple networks;
transmitting the risk assessment value to a vehicle computer integrated in the transportation vehicle;
completing a digital data connection with the vehicle computer when the risk assessment value complies with a vehicle access security policy of the vehicle computer;
receiving permission from the vehicle computer to access the vehicle, wherein;
(i) a level of the permitted access is based on the risk assessment value and on the vehicle access security policy, and (ii) the permitted access is limited to no more than the following, for as long as the mobile computing device does not have Internet connectivity;
read data from the vehicle computer, and control an audio system of the vehicle;
when the mobile computing device has Internet connectivity;
updating the risk assessment value;
transmitting a digital authentication certificate request from the mobile device to a certificate authority over the Internet, receiving a digital authentication certificate from the certificate authority over the Internet, and transmitting the digital authentication certificate to the vehicle computer; and
increasing the level of the permitted access to include at least one of;
access to a start/stop switch of the vehicle, access to an acceleration control of the vehicle, access to door latches of the vehicle, access to door locks of the vehicle, access to steering control of the vehicle, and access to an autonomous driving control of the vehicle.
1 Assignment
0 Petitions
Accused Products
Abstract
A computerized method comprising, on a mobile computing device, processing a vehicle integration request made by one or more of (i) the mobile computing device and (ii) a transportation vehicle. The mobile computing device computes a risk assessment value that quantifies a security risk to the transportation vehicle as a result of connecting the mobile computing device to the transportation vehicle, where the computing is based on one or more of a hardware and a software of the mobile computing device. The mobile computing device transmits the risk assessment value to a vehicle computer integrated in the transportation vehicle. The mobile computing device completes a digital data connection with the vehicle computer when the risk assessment value complies with a vehicle access security policy of the vehicle computer.
14 Citations
6 Claims
-
1. A computerized method comprising, on a mobile computing device:
-
when the mobile computing device does not have Internet connectivity; processing a vehicle integration request made by at least one of (i) the mobile computing device and (ii) a transportation vehicle; computing a risk assessment value that quantifies a security risk to the transportation vehicle as a result of connecting the mobile computing device to the transportation vehicle, wherein the computing is based on a scanning of at least one of a hardware and a software of the mobile computing device, wherein the scanning comprises determining whether; (a) the mobile computing device is infected with a computer virus for hijacking the transportation vehicle, (b) the mobile computing device is not equipped with a hacking prevention hardware, or (c) the mobile computing device contains a software bridge between multiple networks; transmitting the risk assessment value to a vehicle computer integrated in the transportation vehicle; completing a digital data connection with the vehicle computer when the risk assessment value complies with a vehicle access security policy of the vehicle computer; receiving permission from the vehicle computer to access the vehicle, wherein;
(i) a level of the permitted access is based on the risk assessment value and on the vehicle access security policy, and (ii) the permitted access is limited to no more than the following, for as long as the mobile computing device does not have Internet connectivity;
read data from the vehicle computer, and control an audio system of the vehicle;when the mobile computing device has Internet connectivity; updating the risk assessment value; transmitting a digital authentication certificate request from the mobile device to a certificate authority over the Internet, receiving a digital authentication certificate from the certificate authority over the Internet, and transmitting the digital authentication certificate to the vehicle computer; and increasing the level of the permitted access to include at least one of;
access to a start/stop switch of the vehicle, access to an acceleration control of the vehicle, access to door latches of the vehicle, access to door locks of the vehicle, access to steering control of the vehicle, and access to an autonomous driving control of the vehicle. - View Dependent Claims (2)
-
-
3. A mobile computing device, comprising:
-
at least one hardware processor; and a non-transitory computer readable storage medium, having encoded thereon processor instruction configured to; when the mobile computing device does not have Internet connectivity; process a vehicle integration request made by at least one of (i) the mobile computing device and (ii) a transportation vehicle; compute a risk assessment value that quantifies a security risk to the transportation vehicle as a result of connecting the mobile computing device to the transportation vehicle, wherein the computing is based on a scanning of at least one of a hardware and a software of the mobile computing device, wherein the scanning comprises determining whether; (a) the mobile computing device is infected with a computer virus for hijacking the transportation vehicle, (b) the mobile computing device is not equipped with a hacking prevention hardware, or (c) the mobile computing device contains a software bridge between multiple networks; transmit the risk assessment value to a vehicle computer integrated in the transportation vehicle; complete a digital data connection with the vehicle computer when the risk assessment value complies with a vehicle access security policy of the vehicle computer; receive permission from the vehicle computer to access the vehicle, wherein;
(i) a level of the permitted access is based on the risk assessment value and on the vehicle access security policy, and (ii) the permitted access is limited to no more than the following, for as long as the mobile computing device does not have Internet connectivity;
read data from the vehicle computer, and control an audio system of the vehicle;when the mobile computing device has Internet connectivity; update the risk assessment value; transmit a digital authentication certificate request from the mobile device to a certificate authority over the Internet, receive a digital authentication certificate from the certificate authority over the Internet, and transmit the digital authentication certificate to the vehicle computer; and increase the level of the permitted access to include at least one of;
access to a start/stop switch of the vehicle, access to an acceleration control of the vehicle, access to door latches of the vehicle, access to door locks of the vehicle, access to steering control of the vehicle, and access to an autonomous driving control of the vehicle. - View Dependent Claims (4)
-
-
5. A transportation vehicle computer comprising:
-
at least one hardware processor; and a non-transitory computer-readable storage medium having program code embodied therewith, the program code executable by the at least one hardware processor to; when the mobile computing device does not have Internet connectivity; process a vehicle integration request made by at least one of (i) a mobile computing device and (ii) the transportation vehicle computer; receive a risk assessment value from the mobile computing device, wherein the risk assessment value is computed by the mobile computing device based on a scanning of at least one of a hardware and a software of the mobile computing device, wherein the scanning comprises determining whether; (a) the mobile computing device is infected with a computer virus for hijacking the transportation vehicle, (b) the mobile computing device is not equipped with a hacking prevention hardware, or (c) the mobile computing device contains a software bridge between multiple networks; select one of a plurality of access levels according to the risk assessment value, wherein the plurality of access levels stratify security risks of a vehicle access according to a vehicle access security policy, and wherein the vehicle access is at least one of;
(a) a mobile device access to at least one vehicle computer control, and (b) a user access to at least one physical control;complete a digital data connection with the transportation vehicle computer when the risk assessment value complies with a vehicle access security policy of the vehicle; receive permission from the vehicle computer to access the vehicle, wherein;
(i) a level of the permitted access is based on the risk assessment value and on the vehicle access security policy, and (ii) the permitted access is limited to no more than the following, for as long as the mobile computing device does not have Internet connectivity;
read data from the vehicle computer, and control an audio system of the vehicle;when the mobile computing device has Internet connectivity; update the risk assessment value; transmit a digital authentication certificate request from the mobile device to a certificate authority over the Internet, receive a digital authentication certificate from the certificate authority over the Internet, and transmit the digital authentication certificate to the vehicle computer; and increase the level of the permitted access to include at least one of;
access to a start/stop switch of the vehicle, access to an acceleration control of the vehicle, access to door latches of the vehicle, access to door locks of the vehicle, access to steering control of the vehicle, and access to an autonomous driving control of the vehicle. - View Dependent Claims (6)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsAllouche, Yair, Margalit, Oded
-
Primary Examiner(s)Tolentino, Roderick
-
Assistant Examiner(s)Long, Edward X
-
Application NumberUS15/479,282Publication NumberTime in Patent Office1,084 DaysField of SearchNoneUS Class CurrentCPC Class CodesG06F 21/577 Assessing vulnerabilities a...G06F 21/62 Protecting access to data v...H04L 2209/80 Wireless network architectu...H04L 2209/84 VehiclesH04L 63/0823 using certificates cryptogr...H04L 63/105 Multiple levels of securityH04L 9/3268 using certificate validatio...H04W 12/08 Access securityH04W 12/67 Risk-dependent, e.g. select...H04W 12/71 Hardware identityH04W 12/72 Subscriber identityH04W 4/40 for vehicles, e.g. vehicle-...
