Method and Apparatus for Remote Authentication

US 20130031604A1
Filed: 07/25/2011
Published: 01/31/2013
Est. Priority Date: 07/25/2011
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented authentication method comprising:

receiving a request to access one or more features of a vehicle computing system (VCS) from an application running on a wireless device in communication with the VCS;

preparing a secure access rights request to a remote server including one or more characteristics associated with the application;

sending the secure request from the VCS, through the wireless device to the remote server;

receiving a response to the request having been sent from the remote server through the wireless device;

verifying the authenticity of the received response;

updating a policy table including information from the received response, the information including at least an expiration trigger and access rights for the application; and

validating the application for use in conjunction with the VCS based at least on the information included in the updated policy table.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A computer-implemented authentication method includes receiving a request to access one or more features of a vehicle computing system (VCS) from an application running on a wireless device in communication with the VCS. The method further includes preparing a secure access rights request to a remote server including one or more characteristics associated with the application and sending the secure request from the VCS, through the wireless device to the remote server. The method additionally includes receiving a response to the request having been sent from the remote server through the wireless device. The method includes verifying the authenticity of the received response and updating a policy table including information from the received response, the information including at least an expiration trigger and access rights for the application. Also, the method includes validating the application for usage based at least on the information included in the updated policy table.

Citations

21 Claims

1. A computer-implemented authentication method comprising:
- receiving a request to access one or more features of a vehicle computing system (VCS) from an application running on a wireless device in communication with the VCS;
  
  preparing a secure access rights request to a remote server including one or more characteristics associated with the application;
  
  sending the secure request from the VCS, through the wireless device to the remote server;
  
  receiving a response to the request having been sent from the remote server through the wireless device;
  
  verifying the authenticity of the received response;
  
  updating a policy table including information from the received response, the information including at least an expiration trigger and access rights for the application; and
  
  validating the application for use in conjunction with the VCS based at least on the information included in the updated policy table.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein preparing a secure request includes encrypting the request.
  - 3. The method of claim 1, wherein preparing a secure request includes signing the request.
  - 4. The method of claim 1, wherein verifying the authenticity of the received response includes verifying a signature of the received response.
  - 5. The method of claim 1, wherein verifying the authenticity of the received response includes responding correctly to a challenge included in a received response.

6. A computer-implemented authentication method comprising:
- compiling a list of applications currently approved for use in conjunction with a vehicle computing system;
  
  transmitting the list to a remote server for processing;
  
  receiving a processed response to the transmission;
  
  determining one or more applications not authorized for use with the vehicle computing system based on the response; and
  
  disabling the one or more applications not authorized for use.
- View Dependent Claims (7, 8, 9, 10, 11)
- - 7. The method of claim 6, wherein the disabling includes removing an authentication for the application.
  - 8. The method of claim 6, wherein at least one of the applications not authorized for use is installed on the vehicle computing system and the disabling includes removing the application.
  - 9. The method of claim 6, wherein the response includes information relating to a new version of one or more applications, and wherein the method further includes updating applications having a new version related thereto.
  - 10. The method of claim 6, wherein the list of applications comprises applications currently installed on the vehicle computing system.
  - 11. The method of claim 6, further comprising notifying a user if an application is to be disabled.

12. An authentication system comprising:
- a vehicle computing system operable to provide access to components thereof to one or more applications running on a device wirelessly connected thereto;
  
  a remote authentication server in communication with the vehicle computing system through the device;
  
  wherein, upon receiving a request for system access or resource usage from an application, the vehicle computing system is operable to request authentication of the rights of the application from the remote server, the request including sending one or more application credentials to the remote server through the device on which the application is running,wherein, upon receiving the request from the vehicle computing system, the server is operable to determine access rights for the application and transmit a signed policy table in response to the request from the vehicle computing system, the policy table including access rights for the application and being transmitted through the device,wherein, upon receipt of the policy table, the vehicle computing system is operable to authenticate the application based on information contained in the policy table and to allow the application to access the system or resource requested by the application.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
- - 13. The system of claim 12, wherein, upon receiving the request from the application, the system is able to access a local policy table to determine if the application was previously authenticated.
  - 14. The system of claim 13, wherein the local policy table contains at least an access level relating to the application.
  - 15. The system of claim 14, wherein, if the application has not previously been assigned an access level, a default access level is assigned to the application for the purpose of transmitting the request for system access.
  - 16. The system of claim 13, wherein the local policy table contains at least an expiration trigger for an approval relating to the application.
  - 17. The system of claim 12, wherein the vehicle computing system is further operable to transmit a list of applications installed on the vehicle computing system, along with information relating to the applications to the remote server.
  - 18. The system of claim 17, wherein the remote server is operable, upon receiving the list of applications, to determine if one or more of the applications is not authorized for use in conjunction with the vehicle computing system and to transmit information relating to unauthorized applications back to the vehicle computing system.
  - 19. The system of claim 18, wherein the remote system, upon receiving information relating to unauthorized applications, is operable to disable one or more of the unauthorized applications.
  - 20. The system of claim 19, wherein the disabling further includes deleting the application.
  - 21. The system of claim 19, wherein the disabling further includes notifying a user that the application is to be disabled.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ford Global Technologies, LLC (Ford Motor Company)
Original Assignee
Ford Global Technologies, LLC (Ford Motor Company)
Inventors
Westra, Michael Raymond, Schunder, Mark, Esselink, Chad Evert, Mitchell, David Chase

Granted Patent

US 10,097,993 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/3
CPC Class Codes

G06F 21/6218   to a system of files or obj...

H04L 67/12   specially adapted for propr...

H04W 12/069   using certificates or pre-s...

Method and Apparatus for Remote Authentication

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Method and Apparatus for Remote Authentication

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links