Vehicle usage-based tolling privacy protection architecture
First Claim
1. A computer implemented method for determining road usage charges, the method comprising the computer implemented steps of:
- retrieving by a private computing platform, an original data file, wherein the private computing platform is located in a client-side on-board computing device, the client-side on-board computing device being partitioned into a trusted computing module, and the private computing platform, wherein the original data file comprises a global positioning system coordinate stream and a time information;
responsive to retrieving the original data file, forwarding by the private computing platform, the original data file to the trusted computing module;
responsive to receiving the original data file, determining a billing charge by applying by the trusted computing module at least one billing algorithm to the original data file;
responsive to determining the billing charge, creating a signed metric report by authenticating by the trusted computing module the billing charge;
forwarding the signed metric report by the trusted computing module to the private computing platform;
forwarding the signed metric report by the private computing platform to a billing authority; and
identifying a security breach within the trusted computing module, wherein the security breach comprises a compromise of the data files on the trusted computing module, a compromise of the algorithm on the trusted computing module, or a combination thereof, wherein identifying the security breach comprises the steps of;
receiving, by the private computing platform, a remote audit request from the billing authority, wherein the remote audit request includes a known data file having a known metric report result;
forwarding the remote audit request by the private computing platform to the trusted computing module;
responsive to receiving the remote audit request, creating a second metric report by applying by the trusted computing module the at least one billing algorithm to the remote audit request;
responsive to creating the second metric report, creating a second signed metric report by signing and hashing the billing charge by the trusted computing module using a private key of a public-private endorsement key pair;
forwarding the second signed metric report by the trusted computing module to the private computing platform; and
forwarding the second signed metric report by the private computing platform to the billing authority, wherein the billing authority compares the second signed metric report to the known metric report result to identify a discrepancy between the second signed metric report and the known metric report result.
1 Assignment
0 Petitions
Accused Products
Abstract
A client-side on-board computing device is partitioned into a trusted computing module, and a private computing platform. When a metric report is required, the private computing platform retrieves an original data file and transfers the original data file to the trusted computing module. The original data file includes a global positioning system coordinate stream and time information. Communication between the private computing platform and the trusted computing module is via an unencrypted serial link. The private computing platform applies at least one billing algorithm to the original data file to determine a billing charge. The private computer platform signs and hashes the billing charge using a private key of a public-private endorsement key pair to create a signed metric report. The private computer platform forwards the signed metric report to the trusted computing module via the unencrypted serial link. The trusted computing module then forwards the signed metric report by the trusted computing module to a billing authority.
9 Citations
21 Claims
-
1. A computer implemented method for determining road usage charges, the method comprising the computer implemented steps of:
-
retrieving by a private computing platform, an original data file, wherein the private computing platform is located in a client-side on-board computing device, the client-side on-board computing device being partitioned into a trusted computing module, and the private computing platform, wherein the original data file comprises a global positioning system coordinate stream and a time information; responsive to retrieving the original data file, forwarding by the private computing platform, the original data file to the trusted computing module; responsive to receiving the original data file, determining a billing charge by applying by the trusted computing module at least one billing algorithm to the original data file; responsive to determining the billing charge, creating a signed metric report by authenticating by the trusted computing module the billing charge; forwarding the signed metric report by the trusted computing module to the private computing platform; forwarding the signed metric report by the private computing platform to a billing authority; and identifying a security breach within the trusted computing module, wherein the security breach comprises a compromise of the data files on the trusted computing module, a compromise of the algorithm on the trusted computing module, or a combination thereof, wherein identifying the security breach comprises the steps of;
receiving, by the private computing platform, a remote audit request from the billing authority, wherein the remote audit request includes a known data file having a known metric report result;
forwarding the remote audit request by the private computing platform to the trusted computing module;
responsive to receiving the remote audit request, creating a second metric report by applying by the trusted computing module the at least one billing algorithm to the remote audit request;
responsive to creating the second metric report, creating a second signed metric report by signing and hashing the billing charge by the trusted computing module using a private key of a public-private endorsement key pair;
forwarding the second signed metric report by the trusted computing module to the private computing platform; and
forwarding the second signed metric report by the private computing platform to the billing authority, wherein the billing authority compares the second signed metric report to the known metric report result to identify a discrepancy between the second signed metric report and the known metric report result. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A data processing system comprising:
-
one or more processors; a memory storing computer executable instructions that when executed by the one or more processors cause the one or more processors to execute the steps of; retrieving by a private computing platform an original data file, wherein the private computing platform is located in a client-side on-board computing device, the client-side on-board computing device being partitioned into a trusted computing module, and the private computing platform, wherein the original data file comprises a global positioning system coordinate stream and a time information;
responsive to retrieving the original data file, forwarding by the private computing platform the original data file to the trusted computing module;
responsive to receiving the original data file, determining a billing charge by applying by the trusted computing module at least one billing algorithm to the original data file;
responsive to determining the billing charge, creating a signed metric report by authenticating by the trusted computing module the billing charge to create a signed metric report;
forwarding the signed metric report by the trusted computing module to the private computing platform;
forwarding the signed metric report by the private computing platform to a billing authority;
identifying a security breach within the trusted computing module, wherein the security breach comprises a compromise of the data files on the trusted computing module, a compromise of the algorithm on the trusted computing module, or a combination thereof, wherein identifying the security breach comprises computer executable instructions that when executed by the one or more processors causes the one or more processors to execute the steps of;
receiving, by the private computing platform, a remote audit request from the billing authority, wherein the remote audit request includes a known data file having a known metric report result;
forwarding the remote audit request by the private computing platform to the trusted computing module;
responsive to receiving the remote audit request, creating a second metric report by applying by the trusted computing module the at least one billing algorithm to the remote audit request;
responsive to creating the second metric report, creating a second signed metric report by signing and hashing the billing charge by the trusted computing module using a private key of a public-private endorsement key pair;
forwarding the second signed metric report by the trusted computing module to the private computing platform; and
forwarding the second signed metric report by the private computing platform to the billing authority, wherein the billing authority compares the second signed metric report to the known metric report result to identify a discrepancy between the second signed metric report and the known metric report result. - View Dependent Claims (10, 11, 12, 13, 14)
-
-
15. A non-transitory computer readable medium storing computer executable instructions that when executed by one or more processors causes the one or more processors to execute the steps of:
-
retrieving by a private computing platform an original data file, wherein the private computing platform is located in a client-side on-board computing device, the client-side on-board computing device being partitioned into a trusted computing module, and the private computing platform, wherein the original data file comprises a global positioning system coordinate stream and a time information; responsive to retrieving the original data file, forwarding by the private computing platform the original data file to the trusted computing module; responsive to receiving the original data file, determining a billing charge by applying by the trusted computing module at least one billing algorithm to the original data file; responsive to determining the billing charge, creating a signed metric report by authenticating by the trusted computing module the billing charge; forwarding the signed metric report by the trusted computing module to the private computing platform; and forwarding the signed metric report by the private computing platform to a billing authority; and identifying a security breach within the trusted computing module, wherein the security breach comprises a compromise of the data files on the trusted computing module, a compromise of the algorithm on the trusted computing module, or a combination thereof, wherein identifying the security breach comprises computer executable instructions that when executed by the one or more processors causes the one or more processors to execute the steps of;
receiving, by the private computing platform, a remote audit request from the billing authority, wherein the remote audit request includes a known data file having a known metric report result;
forwarding the remote audit request by the private computing platform to the trusted computing module;
responsive to receiving the remote audit request, creating a second metric report by applying by the trusted computing module the at least one billing algorithm to the remote audit request responsive to creating the second metric report, creating a second signed metric report by signing and for hashing the billing charge by the trusted computing module using a private key of a public-private endorsement key pair forwarding the second signed metric report by the trusted computing module to the private computing platform; and
forwarding the second signed metric report by the private computing platform to the billing authority, wherein the billing authority compares the second signed metric report to the known metric report result to identify a discrepancy between the second signed metric report and the known metric report result. - View Dependent Claims (16, 17, 18, 19, 20, 21)
-
Specification