Patent application number | Description | Published |
20080232583 | Vehicle Segment Certificate Management Using Shared Certificate Schemes - The present invention advantageously provides techniques to solve problems with combinatorial anonymous certificate management by addressing critical issues concerning its feasibility, scalability, and performance. Methods and procedures to manage IEEE 1609.2 anonymous and identifying cryptographic keys and certificates in the Vehicle Infrastructure Integration (VII) system are presented, along with methods for management of identifying and anonymous certificates in a partitioned Certificate Authority architecture designed to enhance vehicle privacy. Novel methods for vehicles to dynamically change an anonymous certificate for use while maintaining vehicle privacy are given. Refinements to basic combinatorial schemes are presented including probabilistic key replacement, rekey counter decrement, dynamic rekey threshold, geographic attack isolation and proofs of geographic position. | 09-25-2008 |
20080232595 | Vehicle Segment Certificate Management Using Short-Lived, Unlinked Certificate Schemes - The present invention advantageously provides a system and method for management of cryptographic keys and certificates for a plurality of vehicles. Each vehicle of the plurality of vehicles generates public/private key pairs, requests multiple time-distributed certificates, creates an encrypted identity, and surrenders expired certificates. An assigning authority receives the public/private key pairs, the request for multiple time-distributed certificates, the encrypted identity, and the expired certificates from said vehicle. The assigning authority authorizes the vehicle with an authorizing authority, validates the expired certificates, proves ownership, and distributes the requested time-distributed certificates to said vehicle. Validation can comprise checking expired certificates against misused, compromised and/or previously surrendered certificates. Time-distributed certificates can have lifetimes adjustable based on certificate misuse detection system algorithms, amount of malicious activity detected, and/or certificate authority capacity. | 09-25-2008 |
20100031025 | Method and system to authorize and assign digital certificates without loss of privacy, and/or to enhance privacy key selection - A method and system for public key infrastructure key and certificate management provides anonymity to certificate holders and protects the privacy of certificate holders from the compromise of a certificate authority. Functional separation is provided in the authorization of a certificate request and the assignment of certificates and key pairs. The authorizing certificate authority approves or denies each certificate request from a requestor whose identity is not made available to the assigning certificate authority. The assigning certificate authority, upon approval from the authorizing certificate authority, issues one or more certificates and optionally generates and provides the associated key pairs to the requester without disclosing these certificates and key pairs to the authorizing certificate authority. In another aspect, a distributed method is disclosed that allows individual nodes and/or units in a network to select certificates for broadcasting messages to a community of interest with a non-unique key. | 02-04-2010 |
20100031042 | Method and System for Secure Session Establishment Using Identity-Based Encryption (VDTLS) - The inventive system for providing strong security for UDP communications in networks comprises a server, a client, and a secure communication protocol wherein authentication of client and server, either unilaterally or mutually, is performed using identity based encryption, the secure communication protocol preserves privacy of the client, achieves significant bandwidth savings, and eliminates overheads associated with certificate management. VDTLS also enables session mobility across multiple IP domains through its session resumption capability. | 02-04-2010 |
20100037057 | SYSTEM AND METHOD FOR USING NETWORKED MOBILE DEVICES IN VEHICLES - A system and method for using networked mobile devices in a vehicle in a tightly integrated manner is presented. The vehicle has an OBE, a mobile device client, and vehicle components, and the mobile device has a mobile device proxy and applications, such that the mobile device client and the mobile device proxy communicate, enabling dynamic transfer of the applications to the OBE and execution of the applications on the mobile device and the OBE using the plurality of vehicle components at runtime. In one embodiment, the mobile device client and the mobile device proxy authenticate each other. The authentication can be performed using digital certificates. The mobile device client can communicate the vehicle components on the vehicle to the mobile device proxy. The mobile device client and the mobile device proxy can communicate using Bluetooth. The vehicle components can include dashboard displays, speakers, and voice I/O systems. | 02-11-2010 |
20100262641 | Method and System for Estimating and Applying a Step Size Value for LMS Echo Cancellers - Disclosed is an improved method and apparatus for estimating and applying a step size value for a least mean squares echo canceller. A power estimate of an excitation signal is compared to a reference power level to determine a shift adjustment. The shift adjustment is added to a reference shift amount to determine a shift amount. The product of an excitation signal and an error signal is then calculated and the product is stored in a memory register comprising a plurality of bits. The bits stored in the memory register are shifted either left or right based upon the shift amount. The shift adjustment may be based in part upon the ratio of the excitation signal power estimate and the reference power level. | 10-14-2010 |
20110191581 | METHOD AND SYSTEM FOR USE IN MANAGING VEHICLE DIGITAL CERTIFICATES - A system and method is provided for managing digital certificates, the system including one or more a certificate authorities and a vehicle-bound digital certificate manager, the apparatus comprising: a mobile client having a wireless transceiver with internet protocol capabilities and a vehicle communication device; the client further including at least one processor and at least one non-transitory computer readable medium encoded with instructions, which when loaded on the at least one computer, establishes processes for information handling, comprising: establishing secure communications with a certificate authority to receive at least one of a Vehicle Identification Digital Certificate (“VIDC”), an Anonymous Vehicle digital Certificate (“AVDC”), and a Certificate Revocation Lists (“CRLs”); storage management of at least one of the VIDC, AVDCs, and CRLs; and forwarding of at least one of the VIDC, AVDCs, and CRLs received from the certificate authority to the digital certificate manager using the vehicle communication device. | 08-04-2011 |
20110213968 | System and Methods to Perform Public Key Infrastructure (PKI) Operations in Vehicle Networks using One-Way Communications Infrastructure - A set of certificate management methods designed to significantly reduce or eliminate reliance on infrastructure network connectivity after vehicles are sold uses techniques to support certificate management operations in order to reduce the frequency which vehicles need to communicate with the Certificate Authorities (CAs) and the amount of data that needs to be exchanged between vehicles and the CA. These methods include, for example, approaches to use one-way communications and vehicle-to-vehicle (V2V) communications to replace expired certificates, approaches to use one-way communications and V2V communications to replace revoked certificates, and use of a small subset of vehicles as proxies to help retrieve and distribute Certificate Revocation Lists (CRLs) and replacement certificates. The combination of these techniques leads to solutions that can eliminate the need for roadside infrastructure networks completely. | 09-01-2011 |
20130226485 | MULTI-FUNCTION ELECTRIC METER ADAPTER AND METHOD FOR USE - An adapter, and a method of using the adapter, for an electric meter, which includes a set of connections for interfacing to a panel box, a set of connectors for interfacing to the electric meter; and circuitry for intercepting FAN or HAN traffic, injecting FAN or HAN traffic and communicating intercepted traffic and local information from the electric meter and sensors over a network to a management entity that collects and process the data. Data from environmental, electric quality, and usage sensors are supplied to the network. External commands, originating in a management entity or with a customer are provided from the network. A computer readable non-transitory storage medium stores instructions of a computer program, which when executed by a computer system results in performance of steps of a method for intercepting FAN or HAN traffic, injecting FAN or HAN traffic, transmitting intercepted FAN or HAN traffic or utility usage data to a network, by using a utility usage sensor to acquire data representing utility usage; and using electrical circuitry in the adapter for communicating information from the sensor over a network to a management entity that collects and process the data. | 08-29-2013 |
20130227689 | METHOD AND SYSTEM FOR PACKET ACQUISITION, ANALYSIS AND INTRUSION DETECTION IN FIELD AREA NETWORKS - A system for intrusion detection in a field area network where data is transmitted via packets, includes a processor for analyzing the packets to ascertain whether the packets conform to a sets of rules indicating an intrusion, and a database for storing an alert indicating an intrusion if the packets conform to at least one rule in the sets. The sets of rules are for field network layer data, internet protocol traffic data and field area application traffic data. A method for detecting intrusion in a field area network where data is transmitted via packets, including analyzing the packets to ascertain whether the packets conform to the sets of rules, and storing an alert indicating an intrusion if the packets conform to at least one rule in the sets of rules. | 08-29-2013 |
20130305043 | System and Methods to Perform Public Key Infrastructure (PKI) Operations in Vehicle Networks using One-Way Communications Infrastructure - A set of certificate management methods designed to significantly reduce or eliminate reliance on infrastructure network connectivity after vehicles are sold uses techniques to support certificate management operations in order to reduce the frequency which vehicles need to communicate with the Certificate Authorities (CAs) and the amount of data that needs to be exchanged between vehicles and the CA. These methods include, for example, approaches to use one-way communications and vehicle-to-vehicle (V2V) communications to replace expired certificates, approaches to use one-way communications and V2V communications to replace revoked certificates, and use of a small subset of vehicles as proxies to help retrieve and distribute Certificate Revocation Lists (CRLs) and replacement certificates. The combination of these techniques leads to solutions that can eliminate the need for roadside infrastructure networks completely. | 11-14-2013 |
20140204799 | METHOD AND SYSTEM FOR VISUALIZING AND ANALYZING A FIELD AREA NETWORK - A method for visualizing and analyzing a field area network, which includes obtaining, network, traffic data that includes atomic communications and packet detail from a packet intercept system on a field area. This field area network includes a number of network nodes. The method also includes a processor extracting connectivity and routing information from the traffic data, where the connectivity and routing information includes packet information and node information, determining network characteristics based on the extracted connectivity and routing information, retaining the network characteristics in a data structure, and importing the data structure into a computer readable storage medium that is accessible to the processor. | 07-24-2014 |