SECURELY EXCHANGING VEHICULAR SENSOR INFORMATION

US 20170244565A1
Filed: 09/26/2014
Published: 08/24/2017
Est. Priority Date: 09/26/2014
Status: Active Grant

First Claim

Patent Images

1-25. -25. (canceled)

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Technologies for securely exchanging sensor information include an in-vehicle computing system of a vehicle to establish a trusted execution environment and a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server. A private key is bound to the trusted execution environment of the in-vehicle computing system. The in-vehicle computing system confirms the authenticity of the coordination server, receives sensor data generated by a sensor of the vehicle, and generates an attestation quote based on the trusted execution environment of the in-vehicle computing system. The in-vehicle computing system further transmits, to the coordination server over the secure communication channel, the sensor data, the attestation quote, and a cryptographically-signed communication signed with the private key.

Citations

50 Claims

1-25. -25. (canceled)

26. An in-vehicle computing system of a vehicle for securely exchanging sensor information, the in-vehicle computing system comprising:
- a sensor to generate sensor data;
  
  a trusted execution environment module to establish a trusted execution environment on the in-vehicle computing system, wherein a private key is bound to the trusted execution environment; and
  
  a communication module to establish a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server;
  
  wherein the trusted execution environment module is further to (i) confirm the authenticity of the coordination server, (ii) receive the sensor data from the sensor, (iii) generate an attestation quote based on the trusted execution environment of the in-vehicle computing system, and (iv) transmit, to the coordination server over the secure communication channel and by the communication module, the sensor data, the attestation quote, and a cryptographically-signed communication signed with the private key.
- View Dependent Claims (27, 28, 29, 30, 31, 32, 33, 34)
- - 27. The in-vehicle computing system of claim 26, wherein to establish the trusted execution environment comprises to allocate a contiguous region of linear address space of a memory of the in-vehicle computing system for execution of a plurality of instructions that is protected from memory accesses originating from outside the contiguous region.
  - 28. The in-vehicle computing system of claim 26, wherein to establish the secure communication channel comprises to establish a Secure Sockets Layer channel between the trusted execution environment of the in-vehicle computing system and the corresponding trusted execution environment of the coordination server.
  - 29. The in-vehicle computing system of claim 26, wherein to confirm the authenticity of the coordination server comprises to (i) receive an attestation quote from the coordination server based on the corresponding trusted execution environment of the coordination server and (ii) verify the attestation quote;
    - andwherein to verify the attestation quote comprises to (i) transmit the attestation quote to an attestation server and (ii) receive, from the attestation server in response to transmittal of the attestation quote, an attestation result indicating whether the trusted execution environment of the coordination server is secure.
  - 30. The in-vehicle computing system of claim 26, wherein to confirm the authenticity of the coordination server comprises to verify the integrity of code executing in the corresponding trusted execution environment of the coordination server.
  - 31. The in-vehicle computing system of claim 26, further comprising a main processor and a security co-processor different from the main processor,wherein to establish the trusted execution environment comprises to establish a trusted execution environment on the security co-processor of the in-vehicle computing system;
    - wherein to receive the sensor data comprises to receive, by the trusted execution environment of the in-vehicle computing system, the sensor data through a hardware-protected input-output path between the security co-processor and the sensor; and
      
      wherein the private key is bound to the security co-processor.
  - 32. The in-vehicle computing system of claim 26, wherein the communication module is further to receive, from the coordination server and over the secure communication channel, sensor data generated by a remote vehicle;
    - andwherein the trusted execution environment module is further to perform an action based on the sensor data generated by the sensor of the vehicle and the sensor data generated by the remote vehicle.
  - 33. The in-vehicle computing system of claim 26, wherein the private key is provisioned to the trusted execution environment.
  - 34. The in-vehicle computing system of claim 26, wherein the private key is a private Enhanced Privacy Identification key corresponding with a public Enhanced Privacy Identification key accessible to the coordination server.

35. One or more machine-readable storage media comprising a plurality of instructions stored thereon that, in response to execution by an in-vehicle computing system, cause the in-vehicle computing system to:
- establish a trusted execution environment on the in-vehicle computing system;
  
  establish a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server;
  
  confirm, by the trusted execution environment, the authenticity of the coordination server;
  
  receive, by the trusted execution environment, sensor data generated by a sensor of the vehicle;
  
  generate, by the trusted execution environment, an attestation quote based on the trusted execution environment of the in-vehicle computing system; and
  
  transmit, over the secure communication channel and in response to confirmation of the authenticity of the coordination server, (i) the sensor data, (ii) the attestation quote, and (iii) a cryptographically-signed communication signed with a private key bound to the trusted execution environment of the in-vehicle computing system to the coordination server.
- View Dependent Claims (36, 37, 38, 39, 40, 41)
- - 36. The one or more machine-readable storage media of claim 35, wherein to establish the trusted execution environment comprises to allocate a contiguous region of linear address space of a memory of the in-vehicle computing system for execution of a plurality of instructions that is protected from memory accesses originating from outside the contiguous region.
  - 37. The one or more machine-readable storage media of claim 35, wherein to confirm the authenticity of the coordination server comprises to (i) receive an attestation quote from the coordination server based on the corresponding trusted execution environment of the coordination server and (ii) verify the attestation quote;
    - andwherein to verify the attestation quote comprises to (i) transmit the attestation quote to an attestation server and (ii) receive, from the attestation server in response to transmitting the attestation quote, an attestation result indicating whether the trusted execution environment of the coordination server is secure.
  - 38. The one or more machine-readable storage media of claim 35, wherein to confirm the authenticity of the coordination server comprises to verify the integrity of code executing in the corresponding trusted execution environment of the coordination server.
  - 39. The one or more machine-readable storage media of claim 35, wherein to:
    - establish the trusted execution environment comprises to establish a trusted execution environment on a security co-processor of the in-vehicle computing system;
      
      receive the sensor data comprises to receive, by the trusted execution environment of the in-vehicle computing system, the sensor data through a hardware-protected input-output path between the security co-processor and the sensor; and
      
      the private key is bound to the security co-processor.
  - 40. The one or more machine-readable storage media of claim 35, wherein the plurality of instructions further cause the in-vehicle computing system to:
    - receive, over the secure communication channel, sensor data generated by a remote vehicle from the coordination server; and
      
      perform an action based on the sensor data generated by the sensor of the vehicle and the sensor data generated by the remote vehicle.
  - 41. The one or more machine-readable storage media of claim 35, wherein the plurality of instructions further cause the in-vehicle computing system 120 to provision the private key to the trusted execution environment.

43. A coordination server for coordinating the secure exchange of sensor information between vehicles, the coordination server comprising:
- a trusted execution environment module to (i) establish a trusted execution environment on the coordination server and (ii) generate a server attestation quote based on the trusted execution environment of the coordination server;
  
  a communication module to (i) establish a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of an in-vehicle computing system of a vehicle, (ii) transmit, over the secure communication channel, the server attestation quote to the in-vehicle computing system, and (iii) receive, from the in-vehicle computing system over the secure communication channel, sensor data generated by a sensor of the vehicle, a vehicle attestation quote based on the corresponding trusted execution environment of the in-vehicle computing system, and a cryptographically-signed communication signed with a private key bound to the trusted execution environment of the in-vehicle computing system;
  
  wherein the trusted execution environment module is further to verify (i) the vehicle attestation quote, (ii) the private key associated with the cryptographically-signed communication, and (iii) a revocation status of the private key; and
  
  a sensor data processing module to process the sensor data in response to verification of the vehicle attestation quote and the private key and a determination that the private key has not been revoked.
- View Dependent Claims (44, 45, 46, 47, 48)
- - 44. The coordination server of claim 43, wherein to process the sensor data comprises to transmit the sensor data to a second in-vehicle computing system of a remote vehicle.
  - 45. The coordination server of claim 43, wherein to verify the vehicle attestation quote comprises to:
    - transmit the vehicle attestation quote to an attestation server; and
      
      receive, from the attestation server in response to transmittal of the vehicle attestation quote, an attestation result indicating whether the trusted execution environment of the in-vehicle computing system is secure.
  - 46. The coordination server of claim 43, wherein the private key is a private Enhanced Privacy Identification key corresponding with a public Enhanced Privacy Identification key accessible to the coordination server;
    - andwherein to verify the private key comprises to apply the public Enhanced Privacy Identification key to the cryptographically-signed communication.
  - 47. The coordination server of claim 43, wherein to verify the revocation status of the private key comprises to compare the private key to a revocation list of a manufacturer server.
  - 48. The local computing device of claim 43, wherein to establish the trusted execution environment comprises to allocate a contiguous region of linear address space of a memory of the coordination server for execution of a plurality of instructions that is protected from memory accesses originating from outside the contiguous region.

49. A local computing device for securely exchanging sensor information, the local computing device comprising:
- a sensor to generate sensor data;
  
  a trusted execution environment module to establish a trusted execution environment on local computing device, wherein a private key is bound to the trusted execution environment; and
  
  a communication module to establish a secure communication channel between the trusted execution environment and a corresponding trusted execution environment of a coordination server;
  
  wherein the trusted execution environment module is further to (i) confirm the authenticity of the coordination server, (ii) receive the sensor data from the sensor, (iii) generate an attestation quote based on the trusted execution environment of the local computing device, and (iv) transmit, to the coordination server over the secure communication channel and by the communication module, the sensor data, the attestation quote, and cryptographically signed communication signed with the private key.
- View Dependent Claims (50)
- - 50. The local computing device of claim 49, wherein to establish the trusted execution environment comprises to allocate a contiguous region of linear address space of a memory of the local computing device for execution of a plurality of instructions that is protected from memory accesses originating from outside the contiguous region.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
BRONK, Mateusz

Granted Patent

US 10,103,889 B2
Time in Patent Office

Days
Field of Search
US Class Current
CPC Class Codes

B60R 16/023   for transmission of signals...

G06F 21/57   Certifying or maintaining t...

H04L 2209/127   Trusted platform modules [TPM]

H04L 2209/80   Wireless

H04L 2209/84   Vehicles

H04L 63/0428   wherein the data content is...

H04L 63/126   the source of the received ...

H04L 67/12   specially adapted for propr...

H04L 67/141   Setup of application sessio...

H04L 9/14   using a plurality of keys o...

H04L 9/30   Public key, i.e. encryption...

H04L 9/3247   involving digital signatures

H04W 12/06   Authentication

H04W 12/106   Packet or message integrity

H04W 4/60   Subscription-based services...

H04W 4/70   Services for machine-to-mac...

H04W 84/18   Self-organising networks, e...

SECURELY EXCHANGING VEHICULAR SENSOR INFORMATION

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

50 Claims

Specification

Solutions

Use Cases

Quick Links

SECURELY EXCHANGING VEHICULAR SENSOR INFORMATION

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

50 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links