Vehicle usage-based tolling privacy protection architecture

US 8,374,911 B2
Filed: 10/01/2009
Issued: 02/12/2013
Est. Priority Date: 10/01/2009
Status: Expired due to Fees

First Claim

Patent Images

1. A computer implemented method for determining road usage charges, the method comprising the computer implemented steps of:

retrieving by a private computing platform, an original data file, wherein the private computing platform is located in a client-side on-board computing device, the client-side on-board computing device being partitioned into a trusted computing module, and the private computing platform, wherein the original data file comprises a global positioning system coordinate stream and a time information;

responsive to retrieving the original data file, forwarding by the private computing platform, the original data file to the trusted computing module;

responsive to receiving the original data file, determining a billing charge by applying by the trusted computing module at least one billing algorithm to the original data file;

responsive to determining the billing charge, creating a signed metric report by authenticating by the trusted computing module the billing charge;

forwarding the signed metric report by the trusted computing module to the private computing platform;

forwarding the signed metric report by the private computing platform to a billing authority; and

identifying a security breach within the trusted computing module, wherein the security breach comprises a compromise of the data files on the trusted computing module, a compromise of the algorithm on the trusted computing module, or a combination thereof, wherein identifying the security breach comprises the steps of;

receiving, by the private computing platform, a remote audit request from the billing authority, wherein the remote audit request includes a known data file having a known metric report result;

forwarding the remote audit request by the private computing platform to the trusted computing module;

responsive to receiving the remote audit request, creating a second metric report by applying by the trusted computing module the at least one billing algorithm to the remote audit request;

responsive to creating the second metric report, creating a second signed metric report by signing and hashing the billing charge by the trusted computing module using a private key of a public-private endorsement key pair;

forwarding the second signed metric report by the trusted computing module to the private computing platform; and

forwarding the second signed metric report by the private computing platform to the billing authority, wherein the billing authority compares the second signed metric report to the known metric report result to identify a discrepancy between the second signed metric report and the known metric report result.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A client-side on-board computing device is partitioned into a trusted computing module, and a private computing platform. When a metric report is required, the private computing platform retrieves an original data file and transfers the original data file to the trusted computing module. The original data file includes a global positioning system coordinate stream and time information. Communication between the private computing platform and the trusted computing module is via an unencrypted serial link. The private computing platform applies at least one billing algorithm to the original data file to determine a billing charge. The private computer platform signs and hashes the billing charge using a private key of a public-private endorsement key pair to create a signed metric report. The private computer platform forwards the signed metric report to the trusted computing module via the unencrypted serial link. The trusted computing module then forwards the signed metric report by the trusted computing module to a billing authority.

9 Citations

View as Search Results

21 Claims

1. A computer implemented method for determining road usage charges, the method comprising the computer implemented steps of:
- retrieving by a private computing platform, an original data file, wherein the private computing platform is located in a client-side on-board computing device, the client-side on-board computing device being partitioned into a trusted computing module, and the private computing platform, wherein the original data file comprises a global positioning system coordinate stream and a time information;
  
  responsive to retrieving the original data file, forwarding by the private computing platform, the original data file to the trusted computing module;
  
  responsive to receiving the original data file, determining a billing charge by applying by the trusted computing module at least one billing algorithm to the original data file;
  
  responsive to determining the billing charge, creating a signed metric report by authenticating by the trusted computing module the billing charge;
  
  forwarding the signed metric report by the trusted computing module to the private computing platform;
  
  forwarding the signed metric report by the private computing platform to a billing authority; and
  
  identifying a security breach within the trusted computing module, wherein the security breach comprises a compromise of the data files on the trusted computing module, a compromise of the algorithm on the trusted computing module, or a combination thereof, wherein identifying the security breach comprises the steps of;
  
  receiving, by the private computing platform, a remote audit request from the billing authority, wherein the remote audit request includes a known data file having a known metric report result;
  
  forwarding the remote audit request by the private computing platform to the trusted computing module;
  
  responsive to receiving the remote audit request, creating a second metric report by applying by the trusted computing module the at least one billing algorithm to the remote audit request;
  
  responsive to creating the second metric report, creating a second signed metric report by signing and hashing the billing charge by the trusted computing module using a private key of a public-private endorsement key pair;
  
  forwarding the second signed metric report by the trusted computing module to the private computing platform; and
  
  forwarding the second signed metric report by the private computing platform to the billing authority, wherein the billing authority compares the second signed metric report to the known metric report result to identify a discrepancy between the second signed metric report and the known metric report result.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The computer implemented method of claim 1 further comprising:
    - responsive to receiving the signed metric report by the billing authority, verifying by the billing authority, integrity of the signed metric report received from the private computing platform; and
      
      generating a road usage bill by the billing authority based on the signed metric report.
  - 3. The computer implemented method of claim 2, further comprising:
    - creating the signed metric report by authenticating the signed metric report by signing and hashing the billing charge by the private computing platform using a private key of a public-private endorsement key pair; and
      
      verifying by the billing authority, the integrity of the signed data file received from the private computing platform using a public key of the public-private endorsement key pair.
  - 4. The computer implemented method of claim 1, further comprising:
    - receiving the global positioning system coordinate stream and the time information by the private computing platform from a global positioning system;
      
      formatting the global positioning system coordinate stream and the time information by the private computing platform into an original data file; and
      
      storing the original data file.
  - 5. The computer implemented method of claim 4, further comprising:
    - encrypting the original data file by the private computing platform using a user key, wherein the user key is a public-private key pair;
      
      forwarding the original data file to a third-party storage facility; and
      
      storing the original data file at the third-party storage facility.
  - 6. The computer implemented method of claim 1, wherein communications between the private computing platform and the trusted computing module are via an unencrypted serial link.
  - 7. The computer implemented method of claim 1, further comprising performing a spot check verification of original data provided to the billing authority, wherein the spot check verification identifies a compromise of data within the original data file, wherein the spot check verification comprises the steps of:
    - receiving, by the private computing platform, a spot check request from the billing authority, wherein the spot check request includes a data file requesting verification of location information or metric information previously received by the trusted computing module or from an independent source;
      
      forwarding the spot check request by the private computing platform to the trusted computing module;
      
      responsive to receiving the spot check request, verifying by the trusted computing module an authenticity of the spot check request;
      
      responsive to verifying by the trusted computing module the authenticity of the request, retrieving by the private computing platform and original data file;
      
      responsive to retrieving the original data file, creating by the trusted computing module the spot check report file, wherein the spot check report file is created by verifying the location information or the metric information by comparing the spot check request with the original data file;
      
      responsive to creating the spot check report file, creating a signed spot check report filed by signing and hashing the spot check report file the by the trusted computing module using a private key of a public-private endorsement key pair;
      
      forwarding the signed spot check report file by the trusted computing module to the private computing platform; and
      
      forwarding the signed spot check report file by the private computing platform to the billing authority.
  - 8. The computer implemented method of claim 1, further comprising:
    - receiving, by the a trusted computing module, a request or a data point from the private computing platform via an unencrypted serial link;
      
      identifying, by the trusted computing module, a received timestamp in the request or the data point;
      
      comparing, by the a trusted computing module, to a most recent timestamp of a most recent previous request or data point;
      
      responsive to identifying the received timestamp as not subsequent to the most recent timestamp, indicating the most recent timestamp as a non-sequential timestamp; and
      
      updating the most recent timestamp to be the received timestamp.

9. A data processing system comprising:
- one or more processors;
  
  a memory storing computer executable instructions that when executed by the one or more processors cause the one or more processors to execute the steps of;
  
  retrieving by a private computing platform an original data file, wherein the private computing platform is located in a client-side on-board computing device, the client-side on-board computing device being partitioned into a trusted computing module, and the private computing platform, wherein the original data file comprises a global positioning system coordinate stream and a time information;
  
  responsive to retrieving the original data file, forwarding by the private computing platform the original data file to the trusted computing module;
  
  responsive to receiving the original data file, determining a billing charge by applying by the trusted computing module at least one billing algorithm to the original data file;
  
  responsive to determining the billing charge, creating a signed metric report by authenticating by the trusted computing module the billing charge to create a signed metric report;
  
  forwarding the signed metric report by the trusted computing module to the private computing platform;
  
  forwarding the signed metric report by the private computing platform to a billing authority;
  
  identifying a security breach within the trusted computing module, wherein the security breach comprises a compromise of the data files on the trusted computing module, a compromise of the algorithm on the trusted computing module, or a combination thereof, wherein identifying the security breach comprises computer executable instructions that when executed by the one or more processors causes the one or more processors to execute the steps of;
  
  receiving, by the private computing platform, a remote audit request from the billing authority, wherein the remote audit request includes a known data file having a known metric report result;
  
  forwarding the remote audit request by the private computing platform to the trusted computing module;
  
  responsive to receiving the remote audit request, creating a second metric report by applying by the trusted computing module the at least one billing algorithm to the remote audit request;
  
  responsive to creating the second metric report, creating a second signed metric report by signing and hashing the billing charge by the trusted computing module using a private key of a public-private endorsement key pair;
  
  forwarding the second signed metric report by the trusted computing module to the private computing platform; and
  
  forwarding the second signed metric report by the private computing platform to the billing authority, wherein the billing authority compares the second signed metric report to the known metric report result to identify a discrepancy between the second signed metric report and the known metric report result.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The data processing system of claim 9 wherein the memory storing the computer executable instructions that when executed by the one or more processors causes the one or more processors to further execute the steps of:
    - creating the signed metric report by authenticating the signed metric report by signing and hashing the billing charge by the private computing platform using a private key of a public-private endorsement key pair.
  - 11. The data processing system of claim 9 wherein the memory storing the computer executable instructions that when executed by the one or more processors causes the one or more processors to further execute the steps of:
    - receiving the global positioning system coordinate stream and the time information by the private computing platform from a global positioning system;
      
      formatting the global positioning system coordinate stream and time information by the private computing platform into the original data file; and
      
      storing the original data file.
  - 12. The data processing system of claim 9 wherein the memory storing the computer executable instructions that when executed by the one or more processors causes the one or more processors to further execute the steps of:
    - encrypting the original data file by the private computing platform using a user key, wherein the user key is a public-private key pair;
      
      to forward the original data file to a third party storage facility; and
      
      to store the original data file at the third party storage facility.
  - 13. The data processing system of claim 9 wherein the memory storing the computer executable instructions that when executed by the one or more processors causes the one or more processors to further execute the steps of performing a spot check verification of original data provided to the billing authority, wherein the spot check verification identifies a compromise of data within the original data file, wherein the spot check verification comprises computer executable instructions that when executed by the one or more processors causes the one or more processors to further execute the steps of:
    - receiving, by the a trusted computing module, a spot check request from the billing authority, wherein the spot check request includes a data file requesting verification of location information or metric information previously received by the trusted computing module, or from an independent source;
      
      forwarding the spot check request by the trusted computing module to the private computing platform via the unencrypted serial link;
      
      responsive to receiving the spot check request, verifying by the private computing platform the authenticity of the request;
      
      responsive to verifying by the private computing platform the authenticity of the request, retrieving by the private computing platform the original data file;
      
      responsive to retrieving the original data file, creating a spot check report file, wherein the spot check report file is created by comparing the spot check request with the original data file to verify the location information or the metric information;
      
      responsive to creating the spot check report file, creating a signed spot check report file by signing and hashing the spot check report file by the private computing platform using a private key of a public-private endorsement key pair;
      
      forwarding the signed spot check report file by the private computing platform to the trusted computing module via the unencrypted serial link; and
      
      forwarding the signed spot check report file by the trusted computing module to the billing authority.
  - 14. The data processing system of claim 9 wherein the memory storing the computer executable instructions that when executed by the one or more processors causes the one or more processors to further execute the steps of:
    - receiving, by the a trusted computing module, a request or a data point from the private computing platform via the unencrypted serial link;
      
      identifying, by the a trusted computing module, a received timestamp in the request or data point;
      
      comparing, by the a trusted computing module, to a most recent timestamp of a most recent previous request or data point;
      
      responsive to identifying the received timestamp as not subsequent to the most recent timestamp, indicating the most recent timestamp as a non-sequential time stamp; and
      
      updating the most recent timestamp to be the received timestamp.

15. A non-transitory computer readable medium storing computer executable instructions that when executed by one or more processors causes the one or more processors to execute the steps of:
- retrieving by a private computing platform an original data file, wherein the private computing platform is located in a client-side on-board computing device, the client-side on-board computing device being partitioned into a trusted computing module, and the private computing platform, wherein the original data file comprises a global positioning system coordinate stream and a time information;
  
  responsive to retrieving the original data file, forwarding by the private computing platform the original data file to the trusted computing module;
  
  responsive to receiving the original data file, determining a billing charge by applying by the trusted computing module at least one billing algorithm to the original data file;
  
  responsive to determining the billing charge, creating a signed metric report by authenticating by the trusted computing module the billing charge;
  
  forwarding the signed metric report by the trusted computing module to the private computing platform; and
  
  forwarding the signed metric report by the private computing platform to a billing authority; and
  
  identifying a security breach within the trusted computing module, wherein the security breach comprises a compromise of the data files on the trusted computing module, a compromise of the algorithm on the trusted computing module, or a combination thereof, wherein identifying the security breach comprises computer executable instructions that when executed by the one or more processors causes the one or more processors to execute the steps of;
  
  receiving, by the private computing platform, a remote audit request from the billing authority, wherein the remote audit request includes a known data file having a known metric report result;
  
  forwarding the remote audit request by the private computing platform to the trusted computing module;
  
  responsive to receiving the remote audit request, creating a second metric report by applying by the trusted computing module the at least one billing algorithm to the remote audit request responsive to creating the second metric report, creating a second signed metric report by signing and for hashing the billing charge by the trusted computing module using a private key of a public-private endorsement key pair forwarding the second signed metric report by the trusted computing module to the private computing platform; and
  
  forwarding the second signed metric report by the private computing platform to the billing authority, wherein the billing authority compares the second signed metric report to the known metric report result to identify a discrepancy between the second signed metric report and the known metric report result.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The non-transitory computer readable medium of claim 15, the computer executable instructions that when executed by the one or more processors causes the one or more processors to execute further the steps of:
    - responsive to receiving the signed metric report by the billing authority, verifying by the billing authority, the integrity of the signed data file received from the private computing platform; and
      
      generating a road usage bill by the billing authority based on the signed metric report.
  - 17. The non-transitory computer readable of claim 16, the computer executable instructions that when executed by the one or more processors causes the one or more processors to execute further the steps of:
    - creating the signed metric report by authenticating the signed metric report by signing and hashing the billing charge by the private computing platform using a private key of a public-private endorsement key pair to create the signed metric report; and
      
      verifying by the billing authority, the integrity of the signed data file received from the private computing platform using a public key of the public-private endorsement key pair.
  - 18. The non-transitory computer readable medium of claim 15, the computer executable instructions that when executed by the one or more processors causes the one or more processors to execute further the steps of:
    - receiving the global positioning system coordinate stream and the time information by the private computing platform from a global positioning system;
      
      formatting the global positioning system coordinate stream and time information by the private computing platform into the original data file; and
      
      storing the original data file.
  - 19. The non-transitory computer readable medium of claim 18, the computer executable instructions that when executed by the one or more processors causes the one or more processors to execute further the steps of:
    - encrypting the original data file by the private computing platform using a user key, wherein the user key is a public-private key pair;
      
      forwarding the original data file to a third party storage facility; and
      
      storing the original data file at the third party storage facility.
  - 20. The non-transitory computer readable medium of claim 15, the computer executable instructions that when executed by the one or more processors causes the one or more processors to execute further the steps of performing a spot check verification of original data provided to the billing authority, wherein the spot check verification identifies a compromise of data within the original data file, wherein the spot check verification comprises computer executable instructions that when executed by the one or more processors causes the one or more processors to execute further the steps of:
    - receiving, by the a trusted computing module, a spot check request from the billing authority, wherein the spot check request includes a data file requesting verification of location information or metric information previously received by the trusted computing module, or from an independent source;
      
      forwarding the spot check request by the trusted computing module to the private computing platform via the unencrypted serial link;
      
      responsive to receiving the spot check request, verifying by the private computing platform the authenticity of the request;
      
      responsive to verifying by the private computing platform the authenticity of the request, retrieving by the private computing platform the original data file;
      
      responsive to retrieving the original data file, creating a spot check report file, wherein the spot check report file is created by comparing the spot check request with the original data file to verify the location information or the metric information;
      
      responsive to creating the spot check report file, creating a signed spot check report file by signing and hashing the spot check report file by the private computing platform using a private key of a public-private endorsement key pair;
      
      forwarding the signed spot check report file by the private computing platform to the trusted computing module via the unencrypted serial link;
      
      forwarding the signed spot check report file by the trusted computing module to the billing authority.
  - 21. The non-transitory computer readable medium of claim 15, the computer executable instructions that when executed by the one or more processors causes the one or more processors to execute further the steps of:
    - receiving, by the trusted computing module, a request or a data point from the private computing platform via the unencrypted serial link;
      
      identifying, by the a trusted computing module, a received timestamp in the request or data point;
      
      comparing, by the a trusted computing module, to a most recent timestamp of a most recent previous request or data pointresponsive to identifying the received timestamp as not subsequent to the most recent timestamp, indicating the most recent timestamp as a non-sequential timestamp; and
      
      updating the most recent timestamp to be the received timestamp.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Glachant, Mathieu Joseph Robert, Hamilton, Rick Allen II, Lamba, Naveen, Noble, Gary Paul, O'Connell, Brian Marshall, Seaman, James Wesley
Primary Examiner(s)
Agwumezie, Charles C

Application Number

US12/572,001
Publication Number

US 20110082797A1
Time in Patent Office

1,230 Days
Field of Search

705/13, 705/64, 340/928, 701/33
US Class Current

705/13
CPC Class Codes

G06Q 20/3674   involving authentication

G06Q 30/0284   Time or distance, e.g. usag...

G06Q 30/04   Billing or invoicing

G06Q 30/06   Buying, selling or leasing ...

G06Q 40/12   Accounting

H04L 2209/56   Financial cryptography, e.g...

H04L 2209/76   Proxy, i.e. using intermedi...

H04L 2209/84   Vehicles

H04L 9/321   involving a third party or ...

H04L 9/3297   involving time stamps, e.g....

Vehicle usage-based tolling privacy protection architecture

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

9 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Vehicle usage-based tolling privacy protection architecture

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

9 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links