Systems and methods for a secure subscription based vehicle data service
First Claim
Patent Images
1. A vehicle communication manager device located onboard a vehicle, the device comprising:
- a memory comprising a non-volatile memory device storing a fixed embedded public key, wherein the embedded public key is a public key of a public-private key pair associated with a data service system not onboard the vehicle;
a processor in communication with a wireless datalink transceiver;
a vehicle data service protocol executed by the processor, wherein the vehicle data service protocol initiates a communication session for data service exchanges with the data service system via the wireless datalink transceiver;
wherein the vehicle data service protocol includes a session validation sequence that causes the processor to;
transmit a session request message to the data service system; and
validate an authenticity of a session reply request message received from the data service system using the embedded public key, wherein the session reply message includes a public operational authentication key, a public operational encryption key, and is signed with a subscriber validation private key associated with the embedded public key;
wherein the vehicle data service protocol includes a session initiation sequence that causes the processor to;
transmit an initiation request message to the data service system, the session request message including a key derivation key generated onboard the vehicle, wherein the key derivation key in the initiation request message is encrypted using the public operational encryption key;
validate an authenticity of an initiation response message received from the data service system using the public operational authentication key; and
in response to affirmatively validating the initiation response message, apply the key derivation key to a key derivation function to generate a message authentication key;
wherein the processor authenticates data service uplink messages received from received from the host data service during the communication session using the message authentication key.
1 Assignment
0 Petitions
Accused Products
Abstract
Secure subscription based vehicle data services are provided. In one embodiment, a device comprises: a non-volatile memory comprising an embedded public key (EPK) that comprises a public key of a public-private key pair associated with a data service system not onboard the vehicle; a protocol that initiates a communication session that includes a session validation sequence that causes a processor to transmit a session request message and validate an authenticity of a session reply request using the EPK; the protocol includes a session initiation sequence that causes the processor to: transmit an initiation request message to the data service system that includes a key derivation key, and apply the key derivation key to a key derivation function to generate a message authentication key. The processor authenticates uplink messages exchanged with a host data service using the message authentication key.
-
Citations
9 Claims
-
1. A vehicle communication manager device located onboard a vehicle, the device comprising:
-
a memory comprising a non-volatile memory device storing a fixed embedded public key, wherein the embedded public key is a public key of a public-private key pair associated with a data service system not onboard the vehicle; a processor in communication with a wireless datalink transceiver; a vehicle data service protocol executed by the processor, wherein the vehicle data service protocol initiates a communication session for data service exchanges with the data service system via the wireless datalink transceiver; wherein the vehicle data service protocol includes a session validation sequence that causes the processor to; transmit a session request message to the data service system; and validate an authenticity of a session reply request message received from the data service system using the embedded public key, wherein the session reply message includes a public operational authentication key, a public operational encryption key, and is signed with a subscriber validation private key associated with the embedded public key; wherein the vehicle data service protocol includes a session initiation sequence that causes the processor to; transmit an initiation request message to the data service system, the session request message including a key derivation key generated onboard the vehicle, wherein the key derivation key in the initiation request message is encrypted using the public operational encryption key; validate an authenticity of an initiation response message received from the data service system using the public operational authentication key; and in response to affirmatively validating the initiation response message, apply the key derivation key to a key derivation function to generate a message authentication key; wherein the processor authenticates data service uplink messages received from received from the host data service during the communication session using the message authentication key. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeHoneywell International Inc.
-
Original AssigneeHoneywell International Inc.
-
InventorsOlive, Michael L., He, Xiaozhong, Pothula, Phani Ammi Raju
-
Primary Examiner(s)Patel, Haresh N
-
Application NumberUS15/970,521Publication NumberTime in Patent Office803 DaysField of Search713150US Class CurrentCPC Class CodesG07C 5/008 communicating information t...H04L 2209/80 WirelessH04L 2209/84 VehiclesH04L 2463/061 applying further key deriva...H04L 63/0435 wherein the sending and rec...H04L 63/062 for key distribution, e.g. ...H04L 63/0853 using an additional device,...H04L 63/12 Applying verification of th...H04L 67/12 specially adapted for propr...H04L 9/0825 using asymmetric-key encryp...H04L 9/0866 involving user or device id...H04L 9/0872 using geo-location informat...H04L 9/0897 involving additional device...H04L 9/3242 involving keyed hash functi...H04L 9/3247 involving digital signaturesH04W 12/00 Security arrangements; Auth...H04W 12/04 Key management, e.g. using ...H04W 4/40 for vehicles, e.g. vehicle-...
