Secure vehicular data management with enhanced privacy

US 9,953,467 B2
Filed: 12/19/2013
Issued: 04/24/2018
Est. Priority Date: 12/19/2013
Status: Active Grant

First Claim

Patent Images

1. A device, comprising:

communication circuitry to communicate with at least a vehicular control architecture for controlling operation of a vehicle in which the device is situated; and

a trusted execution environment including a privacy enforcement circuitry to;

receive operational data from the vehicular control architecture via the communication circuitry;

generate filtered data by filtering the operational data based on privacy settings;

cause the filtered data to be transmitted by the communication circuitry;

wherein the vehicular control architecture comprises a plurality of controllers for controlling different areas of vehicular operation and wherein at least one controller in the plurality of controllers is to control a user interface in the vehicle for allowing the privacy settings to be configured; and

wherein the privacy enforcement circuitry is further to replace the data identifying the at least one vehicle operator with coded identification data or to alter the data identifying the at least one vehicle operator to render the at least one vehicle operator anonymous based on the privacy settings.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure is directed to secure vehicular data management with enhanced privacy. A vehicle may comprise at least a vehicular control architecture (VCA) for controlling operation of the vehicle and a device. The VCA may record operational data identifying at least one vehicle operator and vehicular operational data recorded during operation of the vehicle by the at least one vehicle operator. The device may include at least a communication module and a trusted execution environment (TEE) including a privacy enforcement module (PEM). The PEM may receive the operational data from the VCA via the communication module, may generate filtered data by filtering the operational data based on privacy settings and may cause the filtered data to be transmitted via the communication module. The filtered data may be transmitted to at least one data consumer. The privacy settings may be configured in the PEM by the at least one operator.

14 Citations

View as Search Results

18 Claims

1. A device, comprising:
- communication circuitry to communicate with at least a vehicular control architecture for controlling operation of a vehicle in which the device is situated; and
  
  a trusted execution environment including a privacy enforcement circuitry to;
  
  receive operational data from the vehicular control architecture via the communication circuitry;
  
  generate filtered data by filtering the operational data based on privacy settings;
  
  cause the filtered data to be transmitted by the communication circuitry;
  
  wherein the vehicular control architecture comprises a plurality of controllers for controlling different areas of vehicular operation and wherein at least one controller in the plurality of controllers is to control a user interface in the vehicle for allowing the privacy settings to be configured; and
  
  wherein the privacy enforcement circuitry is further to replace the data identifying the at least one vehicle operator with coded identification data or to alter the data identifying the at least one vehicle operator to render the at least one vehicle operator anonymous based on the privacy settings.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The device of claim 1, wherein the communication circuitry is further to communicate with at least one data consumer.
  - 3. The device of claim 2, wherein the privacy enforcement circuitry is further to receive a request for the filtered data from the at least one data consumer via the communication circuitry.
  - 4. The device of claim 1, wherein the trusted execution environment is a secure workspace in which only known-good programs execute, the privacy enforcement circuitry being a known-good program executed in the secure workspace.
  - 5. The device of claim 1, wherein the privacy enforcement circuitry is further to remove at least a portion of the operational data from the filtered data based on the privacy settings.
  - 6. The device of claim 1, wherein the operational data comprises data identifying at least one vehicle operator and vehicular operational data recorded during operation of the vehicle by the at least one vehicle operator.

7. A method, comprising:
- receiving operational data in a device from a vehicular control architecture for controlling a vehicle in which the device is situated;
  
  generating filtered data by filtering the operational data based on privacy settings, the filtered data being generated by privacy enforcement circuitry included in a trusted execution environment in the device;
  
  causing the filtered data to be transmitted;
  
  wherein the operational data comprises data identifying at least one vehicle operator and vehicular operational data recorded during operation of the vehicle by the at least one vehicle operator; and
  
  wherein generating filtered data comprises replacing the data identifying the at least one vehicle operator with coded identification data or altering the data identifying the at least one vehicle operator to render the at least one vehicle operator anonymous based on the privacy settings.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The method of claim 7, wherein causing the filtered data to be transmitted comprises causing the filtered data to be transmitted to at least one data consumer.
  - 9. The method of claim 8, further comprising:
    - receiving a request for the filtered data from the at least one data consumer.
  - 10. The method of claim 7, wherein the trusted execution environment is a secure workspace in which only known-good programs execute, the privacy enforcement circuitry being a known-good program executed in the secure workspace.
  - 11. The method of claim 7, wherein generating filtered data comprises removing at least a portion of the operational data from the filtered data based on the privacy settings.
  - 12. The method of claim 7, further comprising:
    - providing a user interface in the vehicle for allowing the privacy settings to be configured.

13. At least one machine-readable storage medium having stored thereon, individually or in combination, instructions that when executed by one or more processors result in the following operations comprising:
- receiving operational data in a device from a vehicular control architecture for controlling a vehicle in which the device is situated;
  
  generating filtered data by filtering the operational data based on privacy settings, the filtered data being generated by a privacy enforcement circuitry included in a trusted execution environment in the device;
  
  causing the filtered data to be transmitted;
  
  wherein the operational data comprises data identifying at least one vehicle operator and vehicular operational data recorded during operation of the vehicle by the at least one vehicle operator; and
  
  wherein generating filtered data comprises replacing the data identifying the at least one vehicle operator with coded identification data or altering the data identifying the at least one vehicle operator to render the at least one vehicle operator anonymous based on the privacy settings.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The medium of claim 13, wherein causing the filtered data to be transmitted comprises causing the filtered data to be transmitted to at least one data consumer.
  - 15. The medium of claim 14, further comprising instructions that when executed by one or more processors result in the following operations comprising:
    - receiving a request for the filtered data from the at least one data consumer.
  - 16. The medium of claim 13, wherein the trusted execution environment is a secure workspace in which only known-good programs execute, the privacy enforcement circuitry being a known-good program executed in the secure workspace.
  - 17. The medium of claim 13, wherein generating filtered data comprises removing at least a portion of the operational data from the filtered data based on the privacy settings.
  - 18. The medium of claim 13, further comprising instructions that when executed by one or more processors result in the following operations comprising:
    - providing a user interface in the vehicle for allowing the privacy settings to be configured.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intel Corporation
Original Assignee
Intel Corporation
Inventors
Smith, Ned M., Willis, Thomas G., Heldt-Sheller, Nathan
Primary Examiner(s)
Alharbi, Adam M

Application Number

US14/361,516
Publication Number

US 20150178999A1
Time in Patent Office

1,587 Days
Field of Search
US Class Current
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G07C 5/008   communicating information t...

G07C 5/085   using electronic data carriers

H04W 12/02   Protecting privacy or anony...

H04W 4/40   for vehicles, e.g. vehicle-...

H04W 4/60   Subscription-based services...

Secure vehicular data management with enhanced privacy

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

14 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Secure vehicular data management with enhanced privacy

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others