CERTIFICATE ASSIGNMENT STRATEGIES FOR EFFICIENT OPERATION OF THE PKI-BASED SECURITY ARCHITECTURE IN A VEHICULAR NETWORK

US 20090235071A1
Filed: 03/13/2008
Published: 09/17/2009
Est. Priority Date: 03/13/2008
Status: Active Grant

First Claim

Patent Images

1. A method for assigning certificates in a public key based security architecture for a vehicle wireless communications network, said method comprising:

separating an area into a plurality of geographic regions;

assigning certificates to vehicles that are selected based on what region the vehicle is in, said certificates identifying a binding relationship between a vehicle and a public key;

providing a certified revocation list to the vehicles in each region where the vehicles in a particular region receive information pertaining to revoked certificates for the region that they are in; and

disregarding messages received by a vehicle in a specific region that include a certificate for another region.

View all claims

12 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for assigning certificates and reducing the size of the certificate revocation lists in a PKI based architecture for a vehicle wireless communications system that includes separating a country, or other area, into geographic regions and assigning region-specific certificates to the vehicles. Therefore, a vehicle need only process certificates and certificate revocation lists for the particular region that it is traveling in. Vehicles can be assigned multiple certificates corresponding to more than one region in the vehicles vicinity as advance preparation for possible travel or transmission into nearby regions. Further, the expiration time of certificates assigned to vehicles corresponding to a given geographic region can be tailored to be inversely proportional to the distance from a registered home region of the vehicle. A scalable design for a back-end certifying authority with region-based certificates can also be provided.

82 Citations

View as Search Results

20 Claims

1. A method for assigning certificates in a public key based security architecture for a vehicle wireless communications network, said method comprising:
- separating an area into a plurality of geographic regions;
  
  assigning certificates to vehicles that are selected based on what region the vehicle is in, said certificates identifying a binding relationship between a vehicle and a public key;
  
  providing a certified revocation list to the vehicles in each region where the vehicles in a particular region receive information pertaining to revoked certificates for the region that they are in; and
  
  disregarding messages received by a vehicle in a specific region that include a certificate for another region.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method according to claim 1 wherein messages transmitted by a vehicle include signature based on a private key and the vehicle'"'"'s certificate based on its public key.
  - 3. The method according to claim 1 wherein assigning certificates and providing a certified revocation list are performed by a certifying authority.
  - 4. The method according to claim 1 further comprising assigning multiple certificates to a vehicle for different regions if the vehicle is in one region and is in the vicinity of one or more other regions.
  - 5. The method according to claim 4 wherein messages sent by a vehicle using multiple certificates include the same public key and private key identifying the vehicle for all of the certificates.
  - 6. The method according to claim 4 wherein messages sent by a vehicle using multiple certificates include a different public key and private key for each certificate identifying a particular region.
  - 7. The method according to claim 1 further comprising assigning multiple certificates to a vehicle for different regions if the vehicle is transmitting messages into more than one region.
  - 8. The method according to claim 1 further comprising setting the expiration time of a certificate corresponding to a particular geographic region to be inversely proportional to the distance a vehicle to which the certificate is assigned is from its registered home geographic region.
  - 9. The method according to claim 1 further comprising providing a scalable design for a back-end certifying authority with region-based certificates.
  - 10. The method according to claim 9 wherein the back-end certifying authority employs a central verifying process.
  - 11. The method according to claim 1 wherein the area is a country.
  - 12. The method according to claim 1 wherein the plurality of geographic regions are about 100 square miles.

13. A method for controlling messages sent within a vehicle wireless communications system, said method comprising:
- identifying a certifying authority that assigns certificates to vehicles and generates certified revocation lists that identify certificates of users who have been revoked;
  
  separating an area into a plurality of geographic regions;
  
  assigning certificates to vehicles that are selected based on what region the vehicle is in, said certificates identifying a binding relationship between a vehicle and a public key, wherein assigning certificates includes assigning multiple certificates to a vehicle for different regions if the vehicle is in one region and is in the vicinity of one or more other regions;
  
  providing a certified revocation list to the vehicles in each region where the vehicles in a particular region receive information pertaining to revoked certificates for the region that they are in; and
  
  disregarding messages received by a vehicle in a specific region that include a certificate for another region, wherein messages transmitted by a vehicle include a signature based on a private key and the vehicle'"'"'s certificate.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The method according to claim 13 wherein messages sent by a vehicle using multiple certificates include the same public key and private key identifying the vehicle for all of the certificates.
  - 15. The method according to claim 13 wherein messages sent by a vehicle using multiple certificates include a different public key and private key for each certificate identifying a particular region.
  - 16. The method according to claim 13 further comprising setting the expiration time of a certificate corresponding to a particular geographic region to be inversely proportional to the distance a vehicle to which the certificate is assigned is from its registered home geographic region.
  - 17. The method according to claim 13 further comprising providing a scalable design for a back-end certifying authority with region-based certificates.
  - 18. The method according to claim 13 further comprising assigning multiple certificates to a vehicle for different regions if the vehicle is transmitting messages into more than one region.
  - 19. The method according to claim 13 wherein the area is a country.

20. A method for controlling messages sent within a vehicle wireless communications network, said method comprising:
- separating an area into a plurality of geographic regions; and
  
  assigning certificates to vehicles that are selected based on what region the vehicle is in, said certificates identifying a binding relationship between a vehicle and a public key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GM Global Technology Operations LLC (General Motors Company)
Original Assignee
GM Global Technology Operations Incorporated (Motors Liquidation Co. GUC Trust)
Inventors
Rajavelu, Srinivasan, Shorey, Rajeev, Karnik, Aditya R., Varghese, Anitha, Bellur, Bhargav Ramchandra

Granted Patent

US 8,090,949 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/158
CPC Class Codes

H04L 2209/80   Wireless network architectu...

H04L 2209/84   Vehicles

H04L 9/3268   using certificate validatio...

H04W 12/04   Key management, e.g. using ...

H04W 12/082   using revocation of authori...

CERTIFICATE ASSIGNMENT STRATEGIES FOR EFFICIENT OPERATION OF THE PKI-BASED SECURITY ARCHITECTURE IN A VEHICULAR NETWORK

First Claim

12 Assignments

0 Petitions

Accused Products

Abstract

82 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

CERTIFICATE ASSIGNMENT STRATEGIES FOR EFFICIENT OPERATION OF THE PKI-BASED SECURITY ARCHITECTURE IN A VEHICULAR NETWORK

First Claim

12 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

82 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links