Method and apparatus for using a secure credential infrastructure to access vehicle components
First Claim
Patent Images
1. A computer controlled method to personalize a vehicle, said vehicle including a plurality of computerized devices, at least one of said plurality of computerized devices being a prospective member device associated with said vehicle, the method comprising steps of:
- establishing a credential by;
exchanging key commitment information over a preferred channel between a credential issuing device and said prospective member device to pre-authenticate said prospective member device;
receiving a public key from said prospective member device;
verifying said public key with said key commitment information; and
automatically provisioning said prospective member device with said credential;
whereby said prospective member device becomes a member device associated with said vehicle; and
securely communicating personalization information to said vehicle through said member device using said credential.
1 Assignment
0 Petitions
Accused Products
Abstract
We present technology that allows layman computer users to simply create, provision, and maintain secured infrastructure—an instant PKI. This technology can be used in a wide variety of applications including enabling secure communications to components of a vehicle, and enabling secure communications between the vehicle and associated infrastructure.
-
Citations
27 Claims
-
1. A computer controlled method to personalize a vehicle, said vehicle including a plurality of computerized devices, at least one of said plurality of computerized devices being a prospective member device associated with said vehicle, the method comprising steps of:
-
establishing a credential by;
exchanging key commitment information over a preferred channel between a credential issuing device and said prospective member device to pre-authenticate said prospective member device;
receiving a public key from said prospective member device;
verifying said public key with said key commitment information; and
automatically provisioning said prospective member device with said credential;
whereby said prospective member device becomes a member device associated with said vehicle; and
securely communicating personalization information to said vehicle through said member device using said credential. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A prospective member device capable of personalizing a vehicle, said vehicle including a plurality of computerized devices, at least one of said plurality of computerized devices being the prospective member device, the prospective member device comprising:
-
a credential establishment mechanism comprising;
at least one port configured to establish a preferred channel;
a key commitment receiver mechanism configured to receive key commitment information through said at least one port;
a key receiver mechanism configured to receive a public key;
a pre-authentication mechanism configured to verify said public key with said key commitment information; and
a credential provisioning mechanism configured to receive a credential responsive to the pre-authentication mechanism whereby said prospective member device becomes a member device associated with said vehicle; and
a communication mechanism configured to securely receive personalization information for said vehicle through said member device using said credential. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A vehicle including a plurality of computerized devices, at least one of said plurality of computerized devices being a prospective member device comprising:
-
a credential establishment mechanism comprising;
at least one port configured to establish a preferred channel;
a key commitment receiver mechanism configured to receive key commitment information through said at least one port;
a key receiver mechanism configured to receive a public key;
a pre-authentication mechanism configured to verify said public key with said key commitment information; and
a credential provisioning mechanism configured to receive a credential responsive to the pre-authentication mechanism whereby said prospective member device becomes a member device associated with said vehicle; and
a communication mechanism configured to securely communicate personalization information for said vehicle through said member device using said credential.
-
Specification