SECURELY EXCHANGING VEHICULAR SENSOR INFORMATION
1 Assignment
0 Petitions
Accused Products
Abstract
Technologies for securely exchanging sensor information include an in-vehicle computing system of a vehicle to establish a trusted execution environment and a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server. A private key is bound to the trusted execution environment of the in-vehicle computing system. The in-vehicle computing system confirms the authenticity of the coordination server, receives sensor data generated by a sensor of the vehicle, and generates an attestation quote based on the trusted execution environment of the in-vehicle computing system. The in-vehicle computing system further transmits, to the coordination server over the secure communication channel, the sensor data, the attestation quote, and a cryptographically-signed communication signed with the private key.
-
Citations
50 Claims
-
1-25. -25. (canceled)
-
26. An in-vehicle computing system of a vehicle for securely exchanging sensor information, the in-vehicle computing system comprising:
-
a sensor to generate sensor data; a trusted execution environment module to establish a trusted execution environment on the in-vehicle computing system, wherein a private key is bound to the trusted execution environment; and a communication module to establish a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server; wherein the trusted execution environment module is further to (i) confirm the authenticity of the coordination server, (ii) receive the sensor data from the sensor, (iii) generate an attestation quote based on the trusted execution environment of the in-vehicle computing system, and (iv) transmit, to the coordination server over the secure communication channel and by the communication module, the sensor data, the attestation quote, and a cryptographically-signed communication signed with the private key. - View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34)
-
-
35. One or more machine-readable storage media comprising a plurality of instructions stored thereon that, in response to execution by an in-vehicle computing system, cause the in-vehicle computing system to:
-
establish a trusted execution environment on the in-vehicle computing system; establish a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server; confirm, by the trusted execution environment, the authenticity of the coordination server; receive, by the trusted execution environment, sensor data generated by a sensor of the vehicle; generate, by the trusted execution environment, an attestation quote based on the trusted execution environment of the in-vehicle computing system; and transmit, over the secure communication channel and in response to confirmation of the authenticity of the coordination server, (i) the sensor data, (ii) the attestation quote, and (iii) a cryptographically-signed communication signed with a private key bound to the trusted execution environment of the in-vehicle computing system to the coordination server. - View Dependent Claims (36, 37, 38, 39, 40, 41)
-
-
43. A coordination server for coordinating the secure exchange of sensor information between vehicles, the coordination server comprising:
-
a trusted execution environment module to (i) establish a trusted execution environment on the coordination server and (ii) generate a server attestation quote based on the trusted execution environment of the coordination server; a communication module to (i) establish a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of an in-vehicle computing system of a vehicle, (ii) transmit, over the secure communication channel, the server attestation quote to the in-vehicle computing system, and (iii) receive, from the in-vehicle computing system over the secure communication channel, sensor data generated by a sensor of the vehicle, a vehicle attestation quote based on the corresponding trusted execution environment of the in-vehicle computing system, and a cryptographically-signed communication signed with a private key bound to the trusted execution environment of the in-vehicle computing system; wherein the trusted execution environment module is further to verify (i) the vehicle attestation quote, (ii) the private key associated with the cryptographically-signed communication, and (iii) a revocation status of the private key; and a sensor data processing module to process the sensor data in response to verification of the vehicle attestation quote and the private key and a determination that the private key has not been revoked. - View Dependent Claims (44, 45, 46, 47, 48)
-
-
49. A local computing device for securely exchanging sensor information, the local computing device comprising:
-
a sensor to generate sensor data; a trusted execution environment module to establish a trusted execution environment on local computing device, wherein a private key is bound to the trusted execution environment; and a communication module to establish a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server; wherein the trusted execution environment module is further to (i) confirm the authenticity of the coordination server, (ii) receive the sensor data from the sensor, (iii) generate an attestation quote based on the trusted execution environment of the local computing device, and (iv) transmit, to the coordination server over the secure communication channel and by the communication module, the sensor data, the attestation quote, and cryptographically signed communication signed with the private key. - View Dependent Claims (50)
-
Specification