Security for network-connected vehicles and other network-connected processing environments
First Claim
1. A data processing apparatus for a vehicle, including:
- a first data processing unit (A) connected to device control units of the vehicle;
a second data processing unit (B) connected to a communications apparatus providing a wireless connection to an external network, such that operation requests can be received at the second data processing unit (B) from the external network;
a data communications link between the first and second data processing units; and
a gateway component for controlling communications across the data communications link, the gateway component limiting passing of the operation requests from the second data processing unit to the vehicle'"'"'s device control units to only a predefined set of permitted operations.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and apparatus provide security for a network-connected vehicle (or other networked environment) in which a predefined set of permitted operations relating to protected resources can be initiated remotely from elsewhere in the network, while security is maintained for the protected resources (for example, an engine performance optimisation control unit or air conditioning control unit within a vehicle) by preventing remote initiation of any other operations on a data processing unit which is connected to the protected resources. One of a pair of gateway components runs on each of two data processing units within the vehicle (or other environment), the first processing unit being connected to the vehicle'"'"'s device control units and the second processing unit being connected to the external network. The gateway components control the types of communications which can be passed from the network-connected side to the first processing unit such that only permitted operations can be requested and no unauthorised operations can be initiated remotely.
61 Citations
5 Claims
-
1. A data processing apparatus for a vehicle, including:
-
a first data processing unit (A) connected to device control units of the vehicle; a second data processing unit (B) connected to a communications apparatus providing a wireless connection to an external network, such that operation requests can be received at the second data processing unit (B) from the external network; a data communications link between the first and second data processing units; and a gateway component for controlling communications across the data communications link, the gateway component limiting passing of the operation requests from the second data processing unit to the vehicle'"'"'s device control units to only a predefined set of permitted operations. - View Dependent Claims (2, 3, 4, 5)
-
Specification
-
- Resources
-
Current AssigneeInternational Business Machines Corporation
-
Original AssigneeInternational Business Machines Corporation
-
InventorsEibach, Wolfgang G, Nuttall, Mark P, Gruetzner, Matthias
-
Primary Examiner(s)Zand, Kambiz
-
Assistant Examiner(s)POLTORAK, PIOTR
-
Application NumberUS09/501,756Time in Patent Office2,980 DaysField of Search717168-178, 701 29- 49, 340/500, 340/514, 726 11- 15, 726/2, 726/4, 705/16US Class Current726/2CPC Class CodesB60R 25/00 Fittings or systems for pre...F04C 2270/90 Remote control, e.g. wirele...G06F 21/00 Security arrangements for p...H04L 63/02 for separating internal fro...H04L 63/08 for authentication of entit...
