Linking web identity and access to devices
First Claim
1. A system for linking a web identity and a portable device to provide web access to a user from a vehicle, the system comprising:
- a memory resident on the portable device configured to hold a device identifier; and
an onboard computing device having a processor and associated onboard memory, the processor being configured to execute processor-executable instructions stored in the onboard memory comprising;
a presence agent configured to recognize and to validate the presence of the portable device within the vehicle by receiving the device identifier and comparing the device identifier to a known device value;
a security manager configured to receive the device identifier, and further configured to receive a user identifier, the security manager configured to verify if the user identifier corresponds with a known user value, upon receipt of the device identifier, and upon verifying the user identifier, the security manager configured to send a user identity secure proxy to a credential manager;
the credential manager configured to receive the user identity secure proxy from the security manager, to pass one or more credentials to a computing device onboard the vehicle, the one or more credentials indicating that the user is authorized to access a first group of a plurality of web services from the computing device onboard the vehicle, and to grant the user access to the first group of a plurality of web services from the onboard vehicle computing device;
a password input mechanism configured to pre-store authenticating credentials for the user, for accessing remote web services having a higher level of security than the first group of web services, in a credential store associated with the password input mechanism, the authenticating credentials for the higher level of security comprising one or more credentials in addition to the one or more credentials authorizing the user to access the first group of web services, for authorizing the user to access a higher level of service than the first group of web services; and
a communication agent configured to send a request to access a specified web service having the higher level of security than the first group of web services;
wherein the password input mechanism is configured to receive the request from the specified web service for the one or more of the authenticating credentials pre-stored at the password input mechanism in addition to the one or more credentials authorizing the user to access the first group of web services, via the communication agent, and based on the request, to pass a predetermined authenticating credential for the specified web service for processing by a web credential manager of the specified web service to enable the user to have access to the specified web service.
2 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods are provided for linking a web identity and a portable device to provide web access to a user from a vehicle. An example system includes a presence agent that may be configured to validate the presence of the portable device in the vehicle by recognizing a device identifier saved on the portable device. After the presence of the portable device is validated, a security manager may receive a user identifier, and verify if the user identifier corresponds with a known user value. Then, the security manager may send a user identity secure proxy to a credential manager. The credential manager may be configured to receive the user identity secure proxy, and in response, pass one or more credentials to a computing device onboard the vehicle. The credentials may indicate that the user is authorized to access one or more web services from the computing device.
25 Citations
17 Claims
-
1. A system for linking a web identity and a portable device to provide web access to a user from a vehicle, the system comprising:
-
a memory resident on the portable device configured to hold a device identifier; and an onboard computing device having a processor and associated onboard memory, the processor being configured to execute processor-executable instructions stored in the onboard memory comprising; a presence agent configured to recognize and to validate the presence of the portable device within the vehicle by receiving the device identifier and comparing the device identifier to a known device value; a security manager configured to receive the device identifier, and further configured to receive a user identifier, the security manager configured to verify if the user identifier corresponds with a known user value, upon receipt of the device identifier, and upon verifying the user identifier, the security manager configured to send a user identity secure proxy to a credential manager; the credential manager configured to receive the user identity secure proxy from the security manager, to pass one or more credentials to a computing device onboard the vehicle, the one or more credentials indicating that the user is authorized to access a first group of a plurality of web services from the computing device onboard the vehicle, and to grant the user access to the first group of a plurality of web services from the onboard vehicle computing device; a password input mechanism configured to pre-store authenticating credentials for the user, for accessing remote web services having a higher level of security than the first group of web services, in a credential store associated with the password input mechanism, the authenticating credentials for the higher level of security comprising one or more credentials in addition to the one or more credentials authorizing the user to access the first group of web services, for authorizing the user to access a higher level of service than the first group of web services; and a communication agent configured to send a request to access a specified web service having the higher level of security than the first group of web services; wherein the password input mechanism is configured to receive the request from the specified web service for the one or more of the authenticating credentials pre-stored at the password input mechanism in addition to the one or more credentials authorizing the user to access the first group of web services, via the communication agent, and based on the request, to pass a predetermined authenticating credential for the specified web service for processing by a web credential manager of the specified web service to enable the user to have access to the specified web service. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method for linking a web identity and web access to a remote vehicle fob, the remote vehicle fob associated with a vehicle, the method comprising, at an onboard vehicle computing device:
-
recognizing a presence of the vehicle fob when the vehicle fob is in the vehicle; retrieving a fob identifier from a memory on the vehicle fob; prompting a user, with a user interface, to provide a user identifier; receiving the user identifier from the user; passing a combination of the fob identifier and the user identifier to a local credential manager as a user identity secure proxy; and receiving one or more user credentials from the local credential manager which indicates to a security module that the user is authorized to access a first group of a plurality of web services from the onboard vehicle computing device in the vehicle; granting the user access to the first group of web services from the onboard vehicle computing device; pre-storing authenticating credentials for the user for accessing remote web services having a higher level of security than the first group of web services, in a credential store associated with a password input mechanism, the authenticating credentials for the higher level of security comprising one or more credentials in addition to the one or more credentials authorizing the user to access the first group of web services, for authorizing the user to access a higher level of service than the first group of web services; sending a request to access a specified web service having the higher level of security than the first group of web services; receiving the request from the specified web service for one or more of the authenticating credentials pre-stored at the password input mechanism, in addition to the one or more credentials authorizing the user to access the first group of web services, via a communication agent; and based on the request, passing a predetermined authenticating credential for the specified web service for processing by a web credential manager of the specified web service to enable the user to have access to the specified web service. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
-
Specification