A METHOD FOR PROVIDING PRIVATE DATA OF A MOTOR VEHICLE FOR AN
EXTERNAL ELECTRONIC COMPUTING DEVICE, A COMPUTER PROGRAM PRODUCT, A NON-TRANSITORY COMPUTER-READABLE STORAGE MEDIUM, AS
WELL AS A TOKENIZATION SYSTEM
FIELD OF THE INVENTION
[0001] The present invention relates to a field of automobiles. More specifically, the present invention relates to a method for providing private data of a motor vehicle for an external electronic computing device by a tokenization system of the motor vehicle. Furthermore, the present invention relates to a corresponding computer program product, a corresponding non-transitory computer-readable storage medium, as well as to a corresponding tokenization system.
BACKGROUND INFORMATION
[0002] In today's time, there are many regulations around the globe that defines and protects consumer privacy rights. Some examples are the California consumer privacy act, California privacy rights act, and general data protection regulation. In the autonomous world, there are many private personally identifiable information (P11) that is generated and used in the motor vehicle and eventually sent to a cloud. Such examples include the vehicle identification number (VIN), owner's name, and owner's email. With all these Pll data available on the motor vehicle, it is extremely important to properly protect this information to comply with regulation and to decrease the impacts of security and data breaches.
[0003] Even though encryption is heavily used to protect P II data stored, and during transportation, it still does not protect the database in the case a bad actor is able to gain credentials and get access to read the data.
SUMMARY OF THE INVENTION
[0004] It is an object of the present invention to provide a method, a corresponding computer program product, a corresponding non-transitory computer-readable storage medium, as well as a corresponding tokenization system, by which private data can be highly secured.
[0005] This object is solved by a method, a corresponding computer program product, a corresponding non-transitory computer-readable storage medium, as well as a corresponding tokenization system according to the independent claims. Advantageous embodiments are presented in the dependent claims.
[0006] One aspect of the invention relates to a method for providing private data of a motor vehicle for an external electronic computing device by a tokenization system of the motor vehicle. Private data in the motor vehicle by one or more vehicle services to an electronic computing device of the tokenization system are provided. A tokenization key from an encrypted storage device of the motor vehicle which is provided by the external electronic computing device by the tokenization system for use by the one or more vehicle services is obtained. The private data are tokenized by the one or more vehicle services depending on the provided tokenization key, and the tokenized private data is transmitted to the external electronic computing device by a transmitting device of the motor vehicle.
[0007] Therefore, the invention proposes using a tokenization technology to further protect the P11 personally-identifiable information, which is regarded to the private data, on the motor vehicle through pseudonymization and to add additional security access controls to increase the level of difficulty/effort required to truly breach the original P11 data type.
[0008] In particular, the invention proposes a method on the motor vehicle to create a software service on the motor vehicle that is used by other vehicle services to tokenize their Pll data. From there, the tokenized Pll data can be shared with other vehicle services and ultimately communicated with the external electronic computer device, for example a cloud.
[0009] With tokenization technology, a security key is used to encrypt each Pll data type. The security keys need to be safely stored at an external storage on the cloud/external computer device and downloaded/cached on the motor vehicle in an encrypted storage/cache.
[0010] According to an embodiment the external electronic computer device is provided as a cloud computing device or service.
[0011] In another embodiment a vehicle identification number is tokenized such, that the tokenized format has the same format as the vehicle identification number.
[0012] In another embodiment, the external electronic computer device mirrors the tokenization performed by the tokenization system by using the same tokenization key to obtain the private data of the motor vehicle.
[0013] In another embodiment the security keys for the tokenization are stored in an encrypted local storage device on the motor vehicle when the motor vehicle is started.
[0014] In another embodiment tokenized private data is cached by the tokenization system.
[0015] In another embodiment, if a data breach is detected, a rotation of a corresponding security key in the external electronic computing device is performed, and the new security keys are transmitted to the motor vehicle.
[0016] In particular, the method is a computer-implemented method. Therefore, another aspect of the invention relates to a computer product, comprising program code means for the form of method according to the preceding aspect.
[0017] A further aspect of the invention relates to a non-transitory computer-readable storage medium comprising at least a computer product according to the preceding aspect.
[0018] Furthermore, the present invention relates to a tokenization system for providing private data of a motor vehicle for an external electronic computer device, comprising at least one electronic computer device and one transmitting device, wherein the tokenization system is configured for the formula method according to the preceding aspect. In particular, the method is performed by the tokenization system point.
[0019] Furthermore, the present invention relates to a motor vehicle comprising at least a tokenization system.
[0020] A computing unit/electronic computing may in particular be understood as a data processing device, which comprises processing circuitry. The computing unit can therefore in particular process data to perform computing operations. This may also include operations to perform indexed accesses to a data structure, for example a look-up table, LUT.
[0021] In particular, the computing unit may include one or more computers, one or more microcontrollers, and/or one or more integrated circuits, for example, one or more application-specific integrated circuits, ASIC, one or more field-programmable gate arrays, FPGA, and/or one or more systems on a chip, SoC. The computing unit may also include one or more processors, for example one or more microprocessors, one or more central processing units, CPU, one or more graphics processing units, GPU, and/or one or more signal processors, in particular one or more digital signal processors, DSP. The computing unit may also include a physical or a virtual cluster of computers or other of said units.
[0022] In various embodiments, the computing unit includes one or more hardware and/or software interfaces and/or one or more memory units.
[0023] A memory unit may be implemented as a volatile data memory, for example a dynamic random access memory, DRAM, or a static random access memory, SRAM, or as a non-volatile data memory, for example a read-only memory, ROM, a programmable read-only memory, PROM, an erasable programmable read-only memory, EPROM, an electrically erasable programmable read-only memory, EEPROM, a flash memory or flash EEPROM, a ferroelectric random access memory, FRAM, a magnetoresistive random access memory, MRAM, or a phase-change random access memory, PCRAM.
[0024] Further advantages, features, and details of the invention derive from the following description of preferred embodiment as well as from the drawing. The features and feature combinations previously mentioned in the description as well as the features and feature combinations mentioned in the following description of the figure and/or shown in the figure alone can be employed not only in the respectively indicated combination but also in any other combination or taken alone without leaving the scope of the invention.
BRIEF DESCRIPTION OF THE DRAWING
[0025] The novel features and characteristic of the disclosure are set forth in the appended claims. The accompanying drawings, which are incorporated in and constitute a part of this disclosure, illustrate exemplary embodiments and together with the description, serve to explain the disclosed principles. The same numbers are used throughout the figures to reference like features and components. Some embodiments of system and/or methods in accordance with embodiments of the present subject matter are now described below, by way of example only, and with reference to the accompanying figures.
[0026] Therefore the only figure shows a schematic block diagram according to the embodiment of a motor vehicle comprising an embodiment of a tokenization system.
[0027] In the figure the same elements or elements having the same function are indicated by the same reference signs.
DETAILED DESCRIPTION
[0028] In the present document, the word "exemplary" is used herein to mean "serving as an example, instance, or illustration". Any embodiment or implementation of the present subject matter described herein as "exemplary" is not necessarily to be construed as preferred or advantageous over other embodiments.
[0029] While the disclosure is susceptible to various modifications and alternative forms, specific embodiments thereof have been shown by way of example in the drawing and will be described in detail below. It should be understood, however, that it is not intended to limit the disclosure to the particular forms disclosed, but on the contrary, the disclosure is to cover all modifications, equivalents, and alternatives falling within the scope of the disclosure.
[0030] The terms "comprises", "comprising", or any other variations thereof, are intended to cover a non-exclusive inclusion so that a setup, device or method that comprises a list of components or steps does not include only those components or steps but may include other components or steps not expressly listed or inherent to such setup or device or method. In other words, one or more elements in a system or apparatus preceded by "comprises" or "comprise" does not or do not, without more constraints, preclude the existence of other elements or additional elements in the system or method.
[0031] In the following detailed description of the embodiment of the disclosure, reference is made to the accompanying drawing that forms part hereof, and in which is shown by way of illustration a specific embodiment in which the disclosure may be practiced. This embodiment is described in sufficient detail to enable those skilled in the art to practice the disclosure, and it is to be understood that other embodiments may be utilized and that changes may be made without departing from the scope of the present disclosure. The following description is, therefore, not to be taken in a limiting sense.
[0032] Fig. 1 shows a schematic block diagram according to the embodiment of a motor vehicle 10 comprising an embodiment of a tokenization system 12. The tokenization system 12 comprises at least one electronic computing device 14 and one transmitting device 16. Furthermore, a storage device 18 is shown.
[0033] Furthermore, Fig. 1 shows an external electronic computing device 20, which is for example configured as a cloud server.
[0034] According to the shown embodiment a method for providing private data 22, 24, 26 of the motor vehicle 10 for the external electronic computing device 20 is performed by the tokenization system 12. The private data 22, 24, 26 is provided by the electronic computing device 14 of the tokenization system 12. The private data 22, 24, 26 is tokenized depending on a tokenization key 28 by the electronic computing device 14. The tokenized private data is transmitted to the external electronic computing device 20 by the transmitting device 16 of the tokenization system 12.
[0035] In particular, Fig. 1 shows, that the external electronic computing device 20 is provided as a cloud computing device. Furthermore, a vehicle identification number may be tokenized such, that the tokenized format has the same format as the vehicle identification number.
[0036] Furthermore, the external electronic computing device 20 mirrors the tokenization performed by the tokenization system 12.
[0037] In another embodiment the security keys for the tokenization are stored in an encrypted local storage device 18 of the tokenization.
[0038] In another embodiment tokenized private data 22, 24, 26 is cached by the tokenization system 12.
[0039] In particular Fig. 1 shows further, that the external electronic computing device 20 may comprise a tokenization service cloud 32, which synchronizes the security keys with the tokenized system 14. Furthermore, the tokenization service 32 may be configured for providing the private data 22, 24, 26 to a different service 34, which uses the private data 22, 24, 26.
[0040] In particular Fig. 1 shows, to protect the private data 22, 24, 26 on the motor vehicle 10 there is a need to create a software service on the motor vehicle 10 that is used by other vehicle services 34 to target their private data 22, 24, 26. From there, the tokenized private data 30 can be shared with other vehicle services 34 ultimately communicated with the cloud.
[0041] There are different types of private data 22, 24, 23 on the motor vehicle 10 and may require different types of tokenization format. For example, the vehicle identification number may be tokenized using format preserving encryption so the generated token looks and feels like the original vehicle identification number. A user name may be tokenized as a normal string. A phone number may also be fully tokenized as a normal string. An E-Mail address may be tokenized and the domain may be left plain if desired.
[0042] With tokenization technology, a security key 28 is used to encrypt each private data 22, 24, 25. The security keys 28 need to be safely stored in an external storage on the cloud and downloaded/cached on the motor vehicle 10 in an encrypted storage device 18 which may also be configured as a cache.
[0043] There is a cloud tokenization service 32 that mirrors the vehicle's tokenization service. The cloud tokenization service 32 may be used by other cloud services 34 to tokenize/detokenize private data 22, 24, 26 as well. The cloud tokenization service 32 may use the same set of security keys 28 from the same external cloud storage in order to produce the same set of tokenized private data 22, 24, 26.
[0044] From the vehicle side, when the motor vehicle 10 is first flashed and calibrated during the factory calibration process, the first set of security keys 28 are downloaded and stored in the vehicle's protected/encrypted local storage device 18. When the motor vehicle 10 starts up, the tokenization software service may load these security keys 28 and then this tokenization service may be called by other services 34 to tokenize various private data 22, 24, 26.
[0045] To decrease the amount of unnecessary repeated encryption for data that does not change, the motor vehicle 10 may cache some of the tokenized data. For example, the tokenized vehicle identification number does not change unless the security key 28 used for the tokenization process changes, so the tokenized vehicle identification number may be cached and used for the cache to speed up operations.
[0046] In the event that a security or data breach does happen, the bad actor may only get the tokenized data and not the original private data 22, 24, 26. This means the tokenized private data 13 is not very useful. The bad actor may have to try and break the tokenization/detokenization system as well to be able to figure out the original private data 22, 24, 26.
[0047] In the event that a data breach may happen, the appropriate security keys 28 may be rotated in the external cloud key storage system. Then the new security keys 28 may be pushed to the motor vehicle 10. The next time power is cycled on the motor vehicle 10, the new security keys 28 are loaded, which may now generate new tokens for the relevant private data 22, 24, 26. This renders the previous tokenized private data 30 as irrelevant.
Reference signs motor vehicle 12 tokenization system 14 electronic computing device 16 transmitting device 18 an encrypted local storage device external electronic computing device 22 private data 24 private data 26 private data 28 tokentization keys tokenized private data 32 tokenization service cloud 34 service 36 vehicle service