SYSTEM AND METHOD FOR WIRELESS INTERFACE SELECTION AND FOR COMMUNICATION AND ACCESS CONTROL OF SUBSYSTEMS, DEVICES, AND DATA IN A VEHICULAR ENVIRONMENT

US 20150029987A1
Filed: 09/12/2014
Published: 01/29/2015
Est. Priority Date: 01/14/2011
Status: Active Grant

First Claim

Patent Images

1-73. -73. (canceled)

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method in one embodiment includes intercepting a message in an on-board unit (OBU) of a vehicular network environment between a source and a receiver in the vehicular network environment, verifying the message is sent from the source, verifying the message is not altered, evaluating a set of source flow control policies associated with the source, and blocking the message if the set of source flow control policies indicate the message is not permitted. In specific embodiments, the message is not permitted if a level of access assigned to the source in the set of source flow control policies does not match a level of access tagged on the message. In further embodiments, the method includes evaluating a set of receiver flow control policies associated with the receiver, and blocking the message if the set of receiver flow control policies indicates the message is not permitted.

63 Citations

View as Search Results

93 Claims

1-73. -73. (canceled)

74. A method comprising:
- intercepting a message in an on-board unit (OBU) of a vehicular network environment between a source and a receiver in the vehicular network environment;
  
  verifying the message is sent from the source;
  
  verifying the message is not altered;
  
  evaluating a set of source flow control policies associated with the source; and
  
  blocking the message if the set of source flow control policies indicate the message is not permitted.
- View Dependent Claims (75, 76, 77, 78, 79, 80, 81, 82, 83)
- - 75. The method of claim 74, wherein the message is not permitted if a level of access assigned to the source in the set of source flow control policies does not match a level of access tagged on the message.
  - 76. The method of claim 74, further comprising:
    - evaluating a set of receiver flow control policies associated with the receiver; and
      
      blocking the message if the set of receiver flow control policies indicates the message is not permitted.
  - 77. The method of claim 76, further comprising:
    - identifying a type of access required by the message, wherein the message is not permitted if a level of access tagged on the message is not allowed by the set of receiver flow control policies for the type of access required by the message.
  - 78. The method of claim 74, wherein, when the message includes data tagged by an owner of the data other than the source, the message is not permitted if one or more tags of the data indicate the receiver does not have permission to read the data.
  - 79. The method of claim 74, wherein if the message is not blocked the receiver sends data to the source in response to the message, wherein the data is tagged with at least a portion of a set of receiver flow control policies associated with the receiver.
  - 80. The method of claim 74, wherein the source is an application process of a third party application installed on the OBU.
  - 81. The method of claim 80, wherein the receiver is one of a machine device of one of a plurality of subsystems of the vehicle, a network interface of the OBU, or a second application process of a second application installed on the OBU.
  - 82. The method of claim 80, further comprising:
    - downloading the third party application to the OBU;
      
      establishing a network connection to a datacenter associated with an authorized entity;
      
      authenticating the OBU to the datacenter; and
      
      downloading from the datacenter the set of source flow control policies for the third party application if the third party application is registered with the authorized entity.
  - 83. The method of claim 74, wherein the set of source flow control policies is applied to a group of applications on the OBU, each application in the group of applications authorized for a same level of access to the receiver.

84. An on-board unit (OBU) of a vehicular network environment, the OBU comprising:
- at least one processor; and
  
  an information flow control monitoring module adapted, when executed by the at least one processor, to;
  
  intercept a message in the OBU between a source and a receiver in the vehicular network environment;
  
  verify the message is sent from the source;
  
  verify the message is not altered;
  
  evaluate a plurality of flow control policies associated with the source and the receiver; and
  
  block the message if one or more of the plurality of flow control policies indicate the message is not permitted.
- View Dependent Claims (85, 86, 87, 88)
- - 85. The OBU of claim 84, wherein the message is not to be permitted if a level of access assigned to the source in the plurality of flow control policies does not match a level of access tagged on the message.
  - 86. The OBU of claim 84, wherein the evaluation of the plurality of flow control policies is to include:
    - identifying a type of access requested by the message;
      
      identifying a level of access tagged on the message; and
      
      determining whether the type of access requested by the message is permitted based on the level of access tagged on the message.
  - 87. The OBU of claim 84, wherein the evaluation of the plurality of flow control policies is to include a determination of whether the message is permitted to access data from the receiver, wherein the determination is based on a secrecy tag of the data and a level of access tagged on the message.
  - 88. The OBU of claim 84, wherein the message is verified as being sent from the source based on an ownership tag associated with the message, and wherein the message is verified as not being altered based on an integrity tag associated with the message.

89. At least one non-transitory computer readable storage medium having instructions stored thereon that, when executed by at least one processor, cause the at least one processor to:
- intercept a message in an on-board unit (OBU) of a vehicular network environment between a source and a receiver in the vehicular network environment;
  
  verify the message is sent from the source;
  
  verify the message is not altered;
  
  evaluate a set of source flow control policies associated with the source; and
  
  block the message if the set of source flow control policies indicate the message is not permitted.
- View Dependent Claims (90, 91, 92)
- - 90. The at least one non-transitory computer readable medium of claim 89, wherein the evaluation of the set of source flow control policies is to include a determination of whether the message is permitted to access data from the receiver, wherein the determination is based on a secrecy tag of the data and a level of access tagged on the message.
  - 91. The at least one non-transitory computer readable medium of claim 89, wherein the set of source flow control policies is to be applied to a group of applications on the OBU if each application in the group of applications is authorized for a same level of access to the receiver.
  - 92. The at least one non-transitory computer readable medium of claim 89, wherein the source is an application process of a third party application installed on the OBU.

93. A system, comprising an electronic device in a vehicular network environment of a vehicle, the electronic device including at least one processor for:
- detecting a trigger on an electronic device in a vehicular network environment of a vehicle;
  
  identifying an interface usage policy for an agent and a corresponding application on the electronic device;
  
  selecting a first wireless interface of a plurality of wireless interfaces on the electronic device for a network session between an application process of the application and a remote node, wherein the first wireless interface is selected based, at least in part, on one or more criteria in the interface usage policy;
  
  associating the electronic device with a controller in a network environment;
  
  associating the first wireless interface of the electronic device with a first wireless infrastructure device in the network environment;
  
  providing Internet Protocol (IP) mapping information to the controller;
  
  establishing a network session between the electronic device and the remote node through the first wireless interface, wherein packets of the network session are routed through the controller;
  
  intercepting a first message in the electronic device being sent from a first source to a first receiver;
  
  evaluating one or more predefined policies to determine whether the first source is permitted to communicate with the first receiver;
  
  blocking the first message if the first source is not permitted to communicate with the first receiver, wherein a first subsystem of the vehicular network environment includes one of the first source and the first receiver;
  
  intercepting a second message in the electronic device being sent from a second source to a second receiver in the vehicular network environment;
  
  verifying the second message is sent from the second source;
  
  verifying the second message is not altered;
  
  evaluating a set of source flow control policies associated with the second source; and
  
  blocking the second message if the set of source flow control policies indicates the second message is not permitted.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Original Assignee
Cisco Technology, Inc. (Cisco Systems, Inc.)
Inventors
Addepalli, Sateesh K., Dai, Lillian Lei, Bonomi, Flavio, Zhu, Xiaoqing, Maino, Fabio R., Monclus, Pere, Pan, Rong, Natarajan, Preethi, Ermagan, Vina, Loukissas, Alexander

Granted Patent

US 10,117,066 B2
Time in Patent Office

Days
Field of Search
US Class Current

370/329
CPC Class Codes

B60R 16/023   for transmission of signals...

B60W 50/10   Interpretation of driver re...

G06F 21/45   Structures or tools for the...

G06F 3/017   Gesture based interaction, ...

G06F 3/167   Audio in a user interface, ...

G06F 9/542   Event management; Broadcast...

H04L 1/008   where the control data rela...

H04L 43/0811   by checking connectivity

H04L 43/0858   One way delays

H04L 43/0876   Network utilisation, e.g. v...

H04L 45/12   Shortest path evaluation

H04L 51/02   using automatic reactions o...

H04L 61/2592   using tunnelling or encapsu...

H04L 63/0227   Filtering policies mail mes...

H04L 67/12   specially adapted for propr...

H04L 67/60   Scheduling or organising th...

H04L 69/18   Multiprotocol handlers, e.g...

H04Q 9/00   Arrangements in telecontrol...

H04W 12/03   Protecting confidentiality,...

H04W 28/0215   based on user or device pro...

H04W 28/06 : Optimizing the usage of the...

H04W 36/0009 : for a plurality of users or...

H04W 36/08 : Reselecting an access point

H04W 4/00 : Services specially adapted ...

H04W 4/10 : Push-to-Talk [PTT] or Push-...

H04W 4/40 : for vehicles, e.g. vehicle-...

H04W 40/02 : Communication route or path...

H04W 40/20 : based on geographic positio...

H04W 48/02 : Access restriction performe...

H04W 48/06 : based on traffic conditions

H04W 48/16 : Discovering, processing acc...

H04W 48/18 : Selecting a network or a co...

H04W 52/0206 : in access points, e.g. base...

H04W 52/0219 : where the power saving mana...

H04W 52/0264 : by selectively disabling so...

H04W 52/12 : Outer and inner loops

H04W 52/143 : Downlink power control

H04W 52/225 : Calculation of statistics, ...

H04W 52/241 : taking into account channel...

H04W 52/346 : distributing total power am...

H04W 72/20 : Control channels or signall...

H04W 72/23 : in the downlink direction o...

H04W 72/53 : based on regulatory allocat...

H04W 76/45 : for Push-to-Talk [PTT] or P...

H04W 8/06 : Registration at serving net...

H04W 8/08 : Mobility data transfer

H04W 8/26 : Network addressing or numbe...

H04W 80/02 : Data link layer protocols

H04W 84/005 : Moving wireless networks

H04W 84/12 : WLAN [Wireless Local Area N...

H04W 92/18 : between terminal devices

Y02A 30/60 : Planning or developing urba...

Y02D 30/70 : in wireless communication n...

View All

SYSTEM AND METHOD FOR WIRELESS INTERFACE SELECTION AND FOR COMMUNICATION AND ACCESS CONTROL OF SUBSYSTEMS, DEVICES, AND DATA IN A VEHICULAR ENVIRONMENT

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

63 Citations

93 Claims

Specification

Use Cases

Quick Links

Others

SYSTEM AND METHOD FOR WIRELESS INTERFACE SELECTION AND FOR COMMUNICATION AND ACCESS CONTROL OF SUBSYSTEMS, DEVICES, AND DATA IN A VEHICULAR ENVIRONMENT

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

63 Citations

93 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others