Disclosure of Invention
It is an object of the invention to provide a concept for providing specific commands to a computer program or to a programmably arranged entity, even if no direct interface for interacting with the computer program or the programmably arranged entity is provided.
The present invention is based on the discovery that: a standard uniform resource identifier field (URI) provided by various programs or programmably settable entities may form an interface for indirect interaction, for example, with a computer program or with a programmably settable entity. Thus, the existing resources can be effectively utilized.
An embodiment provides a processing device for detecting a specific computer command in a string of characters representing a uniform resource identifier, the specific command comprising a predefined command header followed by a command name from a plurality of predefined command names. The processing device includes a determiner for determining whether the string includes a predefined command header, wherein in the case where the string includes a predefined command header, the determiner may further determine whether a sub-string following the command header includes a command name. The processing device further comprises a provider for providing the predefined command header and command name as the specific computer command, if the command header comprises the command name. A command structure comprising a predefined command header and a command name following the command header allows to identify a specific command in the URI with low complexity.
According to a further embodiment, in case the substring following the command header comprises a command name, the determiner may determine whether a further substring following the command name comprises at least one command argument. Further, the determiner may determine whether the at least one command argument corresponds to a predetermined parameter (e.g., a predefined character) of a particular command. In the event that the at least one command argument corresponds to a predetermined parameter, the provider may provide the predefined command header, command name, and the at least one command argument as the specific computer command. Thus, a particular computer command is composed on the basis of the command part detected in the URI and may be executed, for example, by a processor.
According to a further embodiment, the processing means may comprise, for example, a programmably arranged processor for executing specific commands.
Another embodiment provides a method for detecting a specific computer command in a string of characters representing a uniform resource identifier, the specific command comprising a predefined command header followed by a command name from a plurality of predefined command names. The method includes determining whether the string includes a predefined command header; in the case where the character string includes a predefined command header, determining whether a sub-character string following the command header includes a command name; and providing the predefined command header and command name as the specific computer command, in case the command header comprises the command name.
According to a further embodiment, the command name is followed by one or more command arguments, and the method comprises: in the case that the substring following the command header comprises a command name, determining whether a further substring following the command name comprises at least one command argument; and providing the predefined command header, the command name and the at least one command argument as the specific computer command in case the further substring following the command name comprises the at least one command argument.
According to a further embodiment, the method comprises: in the case that the substring following the command header comprises a command name, determining whether a further substring following the command name comprises at least one command argument; determining whether the at least one command argument corresponds to a predetermined parameter for a particular command; and providing a predefined command header, command name and the at least one command argument as the specific computer command in case the at least one command argument corresponds to a predetermined parameter.
According to a further embodiment, the predetermined parameter separates the command name from further command arguments, and the method further comprises providing the predefined command header, the command name and the at least one command argument and the further command arguments as the specific computer command.
According to a further embodiment, the specific command instructs to establish a network connection to the remote network entity via the communication network in order to obtain the user specific information.
According to a further embodiment, the method comprises executing the specific computer program in a programmable manner.
According to another aspect, an entity that can be set programmatically can control further entities by: a specific command is transmitted or requested to be transmitted to a non-existing (i.e. dummy) network address in order to control the further programmably settable entity. The transmission or transmission request may be intercepted by an additional programmably arranged (e.g. controlling) entity which provides specific commands to further programmably arranged entities. Thus, commands are distributed indirectly, which reduces additional complexity. In this respect, the term "programmably arranged entity" may refer to programmably arranged means or a computer program capable of running on a computer.
One embodiment provides a communication device having a first member that is programmable, a second member that is programmable, and a third member that is programmable. The programmably settable first means may be configured to request the programmably settable second means to transmit a particular command to a non-existing network address (e.g., a dummy address). The programmably arranged second means may be configured to inform the programmably arranged third means about a request to transmit a specific command. In response to the information indicating the request, a third component, which may be set by programming, may execute the particular command. Thus, the programmably arranged first means can indirectly control the programmably arranged third means even if the programmably arranged first means cannot directly interact with the programmably arranged third means.
According to a further embodiment, the second programmatically configurable means may execute a second computer program providing a virtual machine providing, for example, a host or environment for another program. Thus, the first component, which may be set by programming, may execute the first computer program on the virtual machine. Thus, the first computer program runs on a virtual machine provided by the second computer program, so that the second computer program can supervise the first computer program and, for example, capture requests.
According to a further embodiment, the first computer program comprises a non-executable script. Further, the second computer program may provide web browsing functionality, such as a web browser, when executed. Further, the third computer program, when executed, may provide a user application, such as a user environment (e.g., a native application).
Another embodiment provides a communication device configurable to execute a first computer program, a second computer program and a third computer program, the first computer program requesting the second computer program to transmit a specific command to a non-existing network address, the second computer program informing the third computer program of a request to transmit the specific command, the third computer program executing the specific command in response to information indicative of the request. Thus, the first computer program may indirectly control the third computer program when being executed, even if, for example, the first computer program does not comprise an executable routine for directly interacting with the third computer program.
According to a further embodiment, the second computer program may provide a virtual machine when executed, wherein the first computer program may run on the virtual machine provided by the second computer program. Thus, when executed, for example, on a computer, the first computer program provides an environment by means of the virtual machine that enables the first computer program to be supervised and the requests to be captured, and the specific commands to be captured indirectly.
According to a further embodiment, the first computer program may provide a non-executable script, the second computer program may provide a web browsing functionality, such as a web browser, and the third computer program may provide a user application, such as a user environment.
For example, the specific command indicates that a network connection to a remote network entity is established via a communication network, e.g. by a third computer program.
Another embodiment provides a method of communication, comprising: requesting, by the second computer program, the first computer program to transmit the specific command to the non-existent network address; providing information indicative of the request to a third computer program; and executing, by the third computer program, the specific command in response to the information indicating the request to transmit the specific command.
Another embodiment provides a computer program comprising a first computer program, a second computer program and a third computer program, the first computer program, when running on a computer, requesting the second computer program to transmit a specific command to a non-existing network address, the second computer program, when running on a computer, notifying the third computer program of a request to transmit the specific command, the third computer program, when running on the computer, executing the specific command in response to information about the request.
According to another aspect, another program may be used to simulate the behavior of the navigation device as long as the other program simulates the device firmware installed on the navigation device. Thus, the further program may be installed on the further device as, for example, an embedded simulator, and executed to simulate the navigation device. However, before emulating the navigation device, it has to be ensured that the further program corresponds to the device firmware, e.g. the source code of the further program corresponds to the source code of the device firmware. Thus, the user can work with the navigation device using the simulation program even if the navigation device is turned off.
An embodiment provides a communication device for simulating a behavior of a navigation device in response to executing a device firmware program installed on the navigation device. Preferably, the communication device includes: a provider for providing information about a device firmware program; a determiner for determining whether a current firmware program installed on the communication device corresponds to a device firmware program installed on the navigation device; and a processor for executing a current firmware program on the communication device if the current firmware program corresponds to the device firmware, so as to simulate a behavior of the navigation device.
According to a further embodiment, the processor may establish a network connection with a remote network entity via the communication network in order to obtain an updated version of the current firmware program if the current firmware program does not correspond to the device firmware program. Further, the processor may execute an updated version of the current firmware program in order to simulate the behavior of the navigation device.
According to a further embodiment, the provider may be connected to a navigation device in order to retrieve information indicative of the device firmware program.
According to a further embodiment, the determiner may determine whether the current firmware program installed on the communication device corresponds to the device firmware, based on a table of content files including information indicating the device firmware program, or based on a table of content files including information indicating the current firmware program.
According to a further embodiment, the processor may control the navigation device based on a simulation of a behavior of the navigation device.
Another embodiment provides a method for simulating behavior of a navigation device in response to executing a device firmware program installed on the navigation device. The method comprises the following steps: providing information about a device firmware program from a navigation device; determining whether the current firmware program corresponds to device firmware installed on the navigation device; and executing the current firmware program on the communication device if the current firmware program corresponds to the device firmware so as to simulate a behavior of the navigation device.
According to another embodiment, the method comprises: establishing a network connection with a remote network entity via a communication network to obtain an updated version of a current firmware program if the current firmware program does not correspond to the device firmware program; and executing the updated version of the current firmware program so as to simulate the behavior of the navigation device.
According to a further embodiment, the method comprises connecting to a navigation device in order to retrieve information indicative of a device firmware program.
According to another embodiment, the method includes determining whether the current firmware program corresponds to the device firmware program based on a table of content files including information indicative of the device firmware program or based on a table of content files including information indicative of the current firmware program.
Another embodiment provides a programmably arranged communication device for simulating a behavior of a navigation device in response to executing a device firmware program installed on the navigation device. The programmably settable communication device may: executing a first computer program for providing information about a device firmware program; executing a second computer program for determining whether a current firmware program available for the programmatically settable communication device corresponds to a device firmware program installed on the navigation device; and executing the current firmware program on the communication device if the current firmware program corresponds to the device firmware program so as to simulate behavior of the navigation device.
Preferably, the programmably arranged communication device is configured to perform the steps of the above-described method.
According to another aspect, certain information may be provided in a timely manner in the following cases: in response to a request for the remote server to provide the specific information, instead of transmitting the specific information, time information is provided indicating a time instant when the remote server is again connected to obtain the specific information. Thus, problems associated with managing or evaluating outdated information by, for example, a user, are avoided.
An embodiment provides a method for providing specific information from a further network entity (e.g. a network server) to a network entity (e.g. a communication device). The method comprises the following steps: transmitting a request for specific information from the network entity to a further network entity via the communication network; and transmitting time information from the further network entity to the network entity via the communication network, the time information indicating a specific time instant at which to connect to the further network entity to obtain the specific information.
According to a further embodiment, the method comprises: establishing a network connection between the network entity and a further network entity at a specific time instant; and transmitting the specific information from the further network entity to the network entity via the communication network.
According to a further embodiment, the method comprises: establishing a connection between the network entity and a further network entity at a specific time instant; transmitting specific information from a further second network entity to the network entity via the communication network; and displaying the specific information through the network entity.
According to a further embodiment, the method comprises receiving, by a network entity, a request for specific information.
According to a further embodiment, the specific information comprises traffic information relating to a user-specific navigation route.
According to a further embodiment, the method comprises storing the request in a further network entity.
Another embodiment provides a network entity for obtaining specific information from a further network entity via a communication network. The network entity may transmit a request for the specific information to a further network entity via the communication network and receive time information from the further network entity via the communication network, the time information indicating a specific time instant at which to connect to the further network entity to obtain the specific information.
According to a further embodiment, the respective network entity may connect to the further network entity at a specific time instant to obtain the specific information.
Another embodiment provides a network entity for providing specific information to a further network entity via a communication network in response to a request for the specific information transmittable by the further network entity via the communication network, the network entity being configured to transmit time information via the communication network, a time instant indicating a time instant at which to connect to the network entity to obtain the specific information.
According to a further embodiment, the network entity may transmit specific information to the further network entity at a specific time instant in case the further network entity has established a network connection to the network entity.
According to another aspect, navigation content (which may be user-specific) may be efficiently managed on a remote server accessible via a communication network. Preferably, the remote server provides navigation content in dependence on, for example, navigation content currently installed on the navigation device, user or device rights or other parameters. Thus, updated navigation content may be customized at the remote server, which may reduce the complexity of the navigation device or the computer program managing the navigation device.
An embodiment provides a communication device for updating current navigation content stored in a navigation device. The communication apparatus includes: a retrieving element for retrieving information indicative of current navigation content from a navigation device; a transmitter for transmitting information indicative of current navigation content to a remote network device via a communication network; a receiver for receiving updated navigation content from a remote communication device; and a processor for displaying information related to the updated navigation content or for installing the updated navigation content on the navigation device.
According to a further embodiment, the retrieving element may retrieve information indicative of a device identification or a user identification from the navigation device, wherein the transmitter may transmit the user device identification to the remote communication device.
According to a further embodiment, the transmitter may transmit the information indicating the current navigation content as metadata or as a content file table.
According to a further embodiment, the retrieving element may be connected to the navigation device in order to obtain the current navigation content from the navigation device. For example, the retrieval element or the communication device may be wirelessly connected to the navigation device. According to a further embodiment, the navigation device or the communication device may possibly be connectable to the retrieving element via a wire, such that the retrieving element may initiate a wired connection to the navigation device (or vice versa).
Another embodiment provides a method for updating current navigation content stored in a navigation device. Preferably, the method comprises: retrieving information indicating current navigation content from a navigation device; transmitting information indicating current navigation content to a remote network device via a communication network; receiving updated navigation content from a remote communication device; and displaying information related to the updated navigation content or installing the updated navigation content on the navigation device.
According to another embodiment, the method comprises retrieving information indicative of a device identity or a user identity from the navigation device or transmitting the user device identity to the remote communication device.
According to another embodiment, the method comprises transmitting information indicating the current navigation content as metadata or as a table of content files.
According to a further embodiment, the method comprises verifying the rights of a user associated with the navigation device, or verifying the rights of the navigation device, in order to obtain the specific updated navigation content.
According to another embodiment, the navigation content or updated navigation content comprises information indicative of routing information or updated firmware or map information.
According to a further embodiment, the information indicating updated navigation content comprises priority information indicating that a particular navigation content has a higher priority than another navigation content.
According to another aspect, if a (e.g., executable) computer command comprises a command name and one or more command arguments (e.g., a list of command arguments), a computer command that can be cryptographically verified with reduced overhead can be obtained when, for example, automatically signing the command name and composing a verifiable computer command using the (signed) command name and its cryptographic signature as additional arguments.
An embodiment provides a method for providing a cryptographically signed command, the command comprising a command name and at least one command argument. The method includes generating a cryptographic signature of the command name, and composing the cryptographically signed command using the command name, the signature, and the at least one command argument.
According to a further embodiment, the method comprises concatenating the command name, the cryptographic signature of the command name and the at least one command argument to form the cryptographically signed command.
According to a further embodiment, the method comprises generating a cryptographic signature of the command name based on an asymmetric cryptographic algorithm, in particular the RSA (Rivest-Shamir-Adleman) algorithm or based on a digital signature algorithm.
According to a further embodiment, the command name indicates determining a navigation route to a destination determined by the at least one command argument and/or indicates providing a navigation map determined by address data indicated by the at least one command argument or executing a computer program with the at least one command argument.
Another embodiment provides a method of providing a cryptographically verified command based on a cryptographically signed command comprising a command name, a cryptographic signature of the command name and at least one command argument. The method comprises the following steps: decrypting the cryptographic signature to obtain a first cryptographic value; processing the command name to obtain a second cryptographic value; comparing the first cryptographic value with the second cryptographic value to obtain a comparison result; and providing or executing the command name and the at least one command argument as a password verified command in dependence on the comparison result.
According to a further embodiment, the first cryptographic value comprises a hash value of a cryptographic signature and the second cryptographic value comprises a hash value of a command name.
According to a further embodiment, the method comprises providing or performing a command for password authentication in case the first password value and the second password value are equal. For example, the method further comprises comparing the hash values.
Another embodiment provides a device for providing a cryptographically signed command, the command comprising a command name and at least one command argument. The device comprises: a generator for generating a cryptographic signature of the command name; and a composer for composing (e.g., concatenating) the cryptographically signed command using the command name, the signature, and the at least one command argument.
Preferably, the device (or elements thereof) is configured to perform the above-described method steps for providing a cryptographically signed command.
Another embodiment provides a device for providing a cryptographically verified command on the basis of a cryptographically signed command comprising a command name, a cryptographic signature of the command name and at least one command argument. The device comprises: a decryptor for decrypting the cryptographic signature to obtain a first cryptographic value; a processor for processing the command name to obtain a second cryptographic value; a comparator for comparing the first cryptographic value with the second cryptographic value to obtain a comparison result; and a provider for providing or executing the command name and the at least one command argument as a password-verified command depending on the comparison result. Preferably, the device (or elements thereof) is configured to perform the above-described method steps for providing a password-verified command.
Another embodiment provides a computer program for performing at least one of the inventive methods, when the computer program runs on a computer.
Detailed Description
FIG. 1 shows a block diagram of a communication device, the communication device comprising: a first member 101 settable by programming; a programmably arranged second member 103 connected to the programmably arranged first member 101; and a programmably arranged third member 105 connected to the programmably arranged first member 105.
The first component 101, which can be set by programming, requests the second component, which can be set by programming, to transmit a specific command to a non-existing network address (i.e., to a non-existing HTTP address). In response thereto, the programmably arranged second means 103 informs the programmably arranged third means 105 about the request to transmit a specific command. In response to the information indicative of the request, the programmably arranged third means 105 executes a specific command in response to the information indicative of the request.
The programmably arranged first means 101 may execute a first program comprising a non-executable script, such as a Java script, for example, within an environment provided by a second computer program, such as a web browser, which may be executed by the programmably arranged second means 103.
The third means 103, which can be set by programming, preferably executes a third computer program, such as a user application (native application), which receives the command, since the first computer program interrogates the environment in which it runs (web browser, and thus the user application) to send the command on its own behalf. A web browser (second computer program) is provided because the Java script is present on the web page and cannot communicate directly with the third computer program.
For example, the above concepts may be employed to manage navigation content (such as, for example, routing information or routing maps). For example, the first computer program may initiate communication between, for example, a remote server (including, for example, an active page) and a third computer program (providing a local client application). For example, a local application (or remote server) contains an online (web) store that sells voice, maps, etc. This webstore is preferably implemented using an integrated web browser. The local application instructs the embedded browser to download a web page representing the store. In addition, web store pages may contain Java scripts, and thus, the downloaded pages may communicate with a remote server using, for example, so-called AJAX technology. However, at a particular point, the Java script on the page must provide a particular command to the local application client. An example command is to "download the voice" after the user has purchased the voice in the webstore. While Java script may implement credit card processing, it cannot actually be downloaded and installed to, for example, a navigation device, so it sends or requests to send commands.
Sending a command to the local application client by: first make a special request (e.g., in a Java script on a webpage in a store) and then send the request to a non-existent address (e.g., http:// ttds). The (e.g., embedded) web browser notifies its host, the local client application, of the request. The local client knows that no address exists such as http:// tt.ds, so the local client (for example) fetches the command [ s ] and executes it. To speed up further processing, the dummy request to http:// tt.ds may then be canceled.
In addition to downloading navigation content such as maps and voice, for example, the local client (provided by a third computer program) may be instructed to open more web pages (e.g., a second store page) or close the web page, display a pop-up message, switch to a particular window within the local application (e.g., an "install to device" panel useful after downloading voice), check for a new local application version, check for updates to device firmware, check for updates to navigation content, check for updates to a simulator of a simulated navigation device, or query and send user credentials.
Fig. 2 shows a block diagram of a processing device that detects a specific computer command in a string of characters representing a Uniform Resource Identifier (URI). A particular command may include a predefined command header followed by a command name from a plurality of predefined command names, and optionally followed by one or more command arguments. The processing device includes: a determiner 201 for determining whether the character string comprises a predefined command header, the determiner further configured to determine whether a sub-character string following the command header comprises a command name if the character string comprises the predefined command header; and a provider 203 connected to the determiner 201, the provider 203 providing a predefined command header and command name as the specific computer command if the command header includes the command name.
The concept depicted in fig. 2 may also be implemented, for example, using an (executable) computer program. Further, the description relating to the URI also applies to a URL (uniform resource identifier).
As for URIs, the same URI may also be used as a "target" for a hyperlink on a web page or in an email. In that case, the URI may be activated by, for example, clicking on this hyperlink. It is further possible to use URIs from Java scripts embedded on web pages. However, other programs that are locally installed on, for example, a computer may also use this URI. For example, an email address book plug-in may use this URI to send an address from an email program to a local application installed on, for example, a PC.
For example, a local application (e.g., managing navigation content) provides its own UI. However, further content may be available for navigation purposes stored outside of the local application. For example, an email program contains an address book that, like the world wide web, includes a plurality of addresses. An address book would be useful in cases where the local client can utilize the address. Other parties may be interested in providing navigational content on the world wide web in a format that allows installation through a local application, for example, which may implement a custom < header >// URI scheme that allows such access.
The URI scheme defined by RFC 3986 defines a framework within which multiple protocols can be implemented. Modern operating systems allow applications to register themselves as a designated handle for URIs having a given protocol. The local application (local client), such as provided by the third computer program mentioned above, registers itself as a handle for the URI that starts with < header >//.
The remainder of the URI is used as a list of commands in the local client. Using this method, addresses like "Amsterdam, Rembrandtplein 35" can be encoded, for example, as < header >// Address Amsterdam & Rembrandtplein & 35.
In this regard, "? The "and" & "characters are optional and may be replaced by other predefined characters or character strings.
Any application other than the native client that supports the URI may require the Operating System (OS) to resolve the URI when encountering the URI. The OS will in turn inform the local client that the user intends to use "Address Amsterdam & Rembrandtplein & 35". The local client then provides the user with a list of choices of what to do with the address. However, there are multiple navigation tasks that can use addresses.
Using the same approach, and assuming that "http:// shop. < web address >/voices/dutch/bram.toc" is a dutch voice, it is possible to create the following URI:
<header>:///Installhttp%3a%2f%2fshop.<web
address>%2fvoices%2fdutch% 2fbram.toc
if this URI were to appear on a web page, and the user clicked on the URI, the web browser may ask the OS to forward this URI. The OS will require the local client to take the action implied by Installhttp% 3 a% 2 f% 2fshop. < web address >% 2 fvocies% 2 fdutch% 2fbram.
The format specification of the command will be described below.
Referring to the generic URL format (which may be RFC 3986 compliant), the command may have the following structure:
<header>:///command-list
wherein:
command-list =command[′#′command]+
command =command-name′?′argument-list
command-name ═ (name of supported command, see below)
argument-list =UrlEncode(argument)[′&′argument-list]+
argument =UTF8-string
Referring to the traditional URL format, the command may have the following structure:
<header>://legacy-command-list
wherein:
legacy-command-list =legacy-command[′&′legacy-command]+
legacy-command =command-name′(′legacy-argument-list′)′
legacy-argument-list =UrlEncode(argument)[′,′legacy-argument-list]+
the conventional URL cannot contain the character? ", and the appropriate URL always contains the character. This makes it possible to distinguish a conventional URL from an appropriate URL. Note that these URLs are not RFC compliant. Many URL processing entities will change the URL during processing. In particular, many Windows web browsers will add an extra "/" in order to conform the URL. Some web browsers do not support the URL at all. Local applications attempt to intercept improperly formed URLs in order to handle a wide variety of URL-enabled applications, but using traditional URL formats makes the approach more complex.
The commands may have the following structure and arguments:
the structure is as follows: EMAIlContactfolder-ID & entry-ID
Independent variable: e-mail contact ID.
The local application will retrieve the contact data from the email program and ask the user what to do with it (display on a map, navigate to the data, add as preferences, etc.).
The structure is as follows: address & street & number
Independent variable: address data.
The local application will ask the user what to do with the address (display on a map, navigate to the address, add as a preference, etc.).
The structure is as follows: ShowOnMapcity & street & number
Independent variable: address data.
At least one city or street must not be empty.
The structure is as follows: NavigateTocity & street & number
Independent variable: address data.
At least one city or street must not be empty.
The structure is as follows: AddFavoritevepoison-name & city & street & number
Independent variable: name and address data of the preference.
At least one city or street must not be empty.
InstallURL
Independent variable: HTTP URL of TOC description of item to be downloaded, install if device is connected.
The resource indicated by the URL has the MIME type "text/xml".
The TOC (table of contents) format may be specified by an XML schema (schema) in, for example, the file "TOC format.
The following types of items may be installed by a user (e.g., a third party): POI (point of interest), data set, voice, color scheme.
The structure is as follows: ExecuteURL
Independent variable: HTTP URL of text file containing the actual command list.
The resource indicated by the URL has the MIME type "text/play".
For example, a command may be used if passing it as part of a URL would result in a URL that is too long.
When the Execute () command name is used in a conventional command, the URL may provide a conventional command list in response thereto.
The structure is as follows: s witch TabTabname
Independent variable: name of the tag (tab) created by the server.
If a tag is present, the local application will switch to this tag. If the tag does not exist, the local application will remember the name and switch to the tag once the server has indeed created the tag. The local application will remember only one name; the second SwitchTab command will replace the first.
The structure is as follows: < user or host name > PagetTabname & hostname & URL-path & anchor
Independent variable: the tag name, host name, path (relative to host name), and URL anchor (anchor) of the newly created tag.
The local application first checks if there is a tag with a given tag name, otherwise it creates a tag. This tag then sets its URL to http:// hostname. < web address >/URL-path # anchor
The local application may reject host names with non-alphanumeric characters, which may prevent name injection. For example, the host name "badguys. com/ignore" may be rejected because ". and"/"are invalid.
As will be mentioned below, the command may be provided with a cryptographic signature, allowing the command to be verified. For example, the following command structure may be used:
the structure is as follows: < public keydentistry >? command-list & signature
Independent variable: a command list and a signature.
This command is used to execute a list of commands that can only be executed by the user. The signature verifies the authenticity of the command list.
signature=Sign<PrivateKey>(command-list)
It should be noted that anyone can verify the signature (using the public key).
Sign < PrivateKey > (command-list) can be implemented as follows:
the command list is a UFT-8 string and thus may be expressed as a byte sequence.
The command list should not be URL encoded when used as an input to Sign < PrivateKey >.
Referring to the encoding scheme, the SHA-256 hash H (256 bits) of this byte sequence is computed. Further, using the private key (Q, M), a signature value (Q) is calculated
HModulus M). The signature is stored as a Base-64 encoded sequence of small header (little-endian) bytes (neither padding is required nor added, in order to keep the URL short). As with all arguments, the command list and signature arguments will be URL-encoded. When used in conventional commands<PublicKeyldentifier>() The first argument, when the command name, should preferably be a conventional command list.
Decryption is the reverse process: the local application holds a public key (P, M). The SHA-256 hash H of the command list (after URL decoding) is computed (256 bits). Calculating a countersignature (P) using the public key (P, M)HModulus M). Base-64 decoding the signature to obtain (Q)HModulus M), in which the product (P) is calculatedH·QH) The modulus M. Accept the signature if it matches the countersignature, which means (P)H·QH) The modulus M is equal to 1.
The above concept can also be applied if no command arguments are present. Further, the command name may include several parameters that assign semantics to the arguments. For example, each argument may be matched to a parameter in two possible ways, hereinafter referred to as localization and nomenclature, similar to the function call syntax in programming languages.
Referring to the positioning syntax, if the command name has, for example, three arguments, and three arguments are provided, then the first argument matches the first argument, and so on. For example, an address command has three parameters: city, street and house numbers. The actual URI will contain three arguments with the first argument interpreted as a city name, etc.
Alternatively, the following syntax may be supported:
AddressStreet=RembrandtPlein & City=Amsterdam。
in this case, each argument contains a parameter name. Thus, these are referred to as "named" arguments.
Further, the above-mentioned parameters may be specified as mandatory parameters. This means that there must be a matching argument. Instead of using e.g. "? ", other parameters may be used to indicate the separation between the command name and the command argument. In addition, other mechanisms may also be employed, such as imposing a fixed length command name (which implies that the first letter after the position begins the first command argument).
< header >// URI in general may contain one or more commands. Thus, the command may be concatenated using the "#" character (or any other character, such as "and").
Figure 3 shows a block diagram of a communication device for simulating the behaviour of a navigation device in response to executing a device firmware program installed on the navigation device. The communication apparatus includes: a provider 301 for providing information relating to a device firmware program; a determiner 303 connected to the provider 301 for determining whether a current firmware program installed on the communication device corresponds to a device firmware program installed on the navigation device; and a processor 305 connected to the determiner 303 for executing a current firmware program on the communication device in order to simulate a behavior of the navigation device in case the current firmware program corresponds to the device firmware.
The communication device may be programmed and configured to execute the above-mentioned local application program that may control the simulation process.
The simulation concept further supports the portability and usability of the navigation device. Typically, a (portable) navigation device has e.g. a small screen, which also serves as its input. In contrast, for example (desktop) computers (e.g. PCs) have much larger screens and more advanced input methods. Thus, many tasks that can be performed on a navigation device are easier to perform if the navigation device is controlled by a computer that can, for example, be connected to the navigation device. In addition, the processor (e.g., CPU) of the computer is faster.
Furthermore, the simulation concept may be implemented programmatically, and for example embedded in a local application, in order to effectively enable, for example, a computer (representing an embodiment of the communication device) to use more capable computer resources for controlling the navigation device.
When a navigation device is connected to a local client (or to a communication device), a firmware version installed on the navigation device is determined. If the local client has a computer-equivalent version of the firmware, the firmware is launched. If no equivalent version is available, but a network connection (e.g., an internet connection) is available, the local client may ask the local server which the equivalent version is, and from where it can be downloaded.
Fig. 4 illustrates a method of providing specific information from a further network entity to a network entity. The method comprises transmitting 401 a request for specific information from the network entity to the further network entity via the communication network, and transmitting 403 time information from the further network entity to the network entity via the communication network, the time information indicating a specific time instant for connecting to the further network entity for obtaining the specific information. The method may be implemented, for example, in software (e.g., as a local application) that, when executed, performs the method steps.
For example, a user may ask a local application for daily traffic reports (specific and user-specific information) about a particular road. The local application will then display a report on traffic congestion and traffic accidents on the requested road, for example daily at the requested time. When a traffic report request is made in a local client, the client forwards the request to the server, for example, immediately. The requested data is stored on the server for a given user. In response to the request, the server sends back a time at which the local client should poll the local server. In addition, the local server will tell the local client when to poll the server each time the same user logs in again. The server sends the actual traffic report in response to the polling report. The local application, for example, formats the traffic report for display purposes. The result is that all data is stored on the server side, but the connection is still initiated by the client. This allows the local client, when executed as a software program on a computer, to break a firewall or pop up an interceptor to display a traffic warning.
In order to determine user information in order to obtain, for example, user-specific information, login credentials manually entered by the user may be utilized. Alternatively, the local client may have stored the login credentials at an earlier time. Either way, if the local client has login credentials, the local client may automatically send the login credentials each time the local client provided by the software program is executed. If the local client does not already have credentials, the user may manually initiate login. In that case, the local client will prompt for the certificate, send the certificate to the remote server immediately, and also store the certificate for future use.
FIG. 5 illustrates a method for providing a cryptographically signed command that includes a command name and at least one command argument. The method includes generating 501 a cryptographic signature of the command name, and composing 503 (e.g., concatenating) the cryptographically signed command using the command name, the signature, and the at least one command argument.
For example, the encryption and decryption scheme described in connection with the embodiment of FIG. 2 may be employed to provide and verify the digital signature.
For example, an authenticated URI may include a command with two arguments; the first argument is a character string as a command. The second argument is a "digital signature" of the first argument. Preferably, standard public key cryptography is employed to sign the first argument using a private key, the private key providing a digital signature. For example, a local client with a matching public key may countersign a first argument. The signature and countersignature are complementary if and only if the keys are equal. If this is the case, the local client trusts the first command and will execute the first command even if the command in the first argument would be considered dangerous.
The URI mechanism identified above may also be used to update firmware on the navigation device. Preferably, the command may be allowed to be copied or updated, however, the command cannot be changed. Thus, for example, updating a navigation device with wrong firmware may cause irreparable damage to the navigation device.
According to an embodiment, the signed command is then used as a first argument in another command (cryptographically signed command), where the signature is used as a second argument, for example. The structure of the cryptographically signed command may be as follows:
verify_command(commandnamel(argument1,argument2,argument3),signature)
a signature (second argument for an external command) can be generated by applying e.g. a private (secret) key to the command that should be authenticated, i.e.:
Commandnamel(argument1,argument2,argument3)+private_key=signature
to generate the countersignature, a similar algorithm may be used:
commandnamel(argument1,argument2,argument3)+public_key=countersignature。
if the signature and countersignature correspond to each other, the command is verified. Preferably, standard public key cryptography methods like e.g. the RSA or DSA algorithms can be employed for signature purposes.
For example, consider the command < header >? Installl% 3 fhttp% 3 a% 2 f% 2 fintranet% 2 fplus% 2 fdocuments% 2 ftemp% 2 fnavcore-6.522.7709. go510-go710.toc & JYRSIQ, where < PublicKeyIdentifier > is the actual command name for the command authenticated by the user. The first argument is Installl% 3 fhtp% 3 a% 2 f% 2 fintranet% 2 fplus% 2 fdocuments% 2 ftemp% 2 fnavcore-6.522.7709. go510-go710.toc
This is an embedded command. The actual command name is installation, "? "encode as% 3f, and the rest are arguments of the install command. The user signs the install command with his private key and the signature that appears is JYrSIQ. To validate the command, a countersignature may be generated. If the command is signed correctly, the countersignatures will match.
If another user attempts to edit a command, for example, < header >? Install% 3 fhttp% 3 a% 2 f% evil.com% 2fnavcore _6.522.7709.go510-go710.toc & JYrSIQ, then a different countersignature that does not match the signature will be calculated. Com will therefore be refused to install content from evil.
Fig. 6 shows a communication device for updating current navigation content stored in a navigation device. The communication apparatus includes: a retrieving element 601 for retrieving information indicative of current navigation content from a navigation device; a transmitter 603 connected to the retrieving element for transmitting information indicative of the current navigation content to a remote network device via a communication network; a receiver 605 for receiving updated navigation content from a remote communication device; and a processor 607 for displaying information related to the updated navigation content or for installing the updated navigation content on the navigation device.
Information indicating current or updated navigation content may be transmitted as a content file table indicating, for example, content type, content name, content size, or content version. Further, information related to the device identification or the user identification may be transmitted.
The remote communication device (e.g., server) may include a database that stores a list of available navigation items (e.g., maps, routing information, GPS fixes, etc.), for example. Further, the remote server may check the rights of the user granted due to, for example, subscription status or the rights of the navigation device granted due to, for example, device identification, before transmitting the updated content.
As mentioned above, the content information may be summarized in the TOC file (table of contents). An exemplary TOC file is listed below:
<Program>
<Id>13214</Id>
<Version>1.2</Version>
<Target>target</Target>
<Name>NameOfItem</Name>
<Preview>http://download.<download_address>/somepreview.exe</Preview>
<Location>http://download.<web address>/someitem.cab</Location>
<Size>546484</Size>
</Program>
<Map>
<Id>8977</Id>
<Version>1.2</Version>
<Target>Thistarget</Target>
<Name>Benelux</Name><Category>Category</Category>
<Preview>http://download.<download_address>/mappreview.png</Preview>
<Location>http://download.<download_address>/mapdownload.cab</Location>
<Icon>http://download.<download_address>/mapicon.png</Icon>
<Size>46464987</Size>
<InstallRestrictions DeviceId="35265252"/>
</Map>
<Voice language="en"gender="male">
<Id>4657</Id>
<Version>1.1</Version>
<Name>user_name</Name>
<Preview>http://download.<download_address>/voicepreview.mp3</Preview>
<Location>http://download.<download_address>/voicedownload.cab</Location>
<Size>468797946231</Size>
<Picture>http://<download_address>/voicepicture.png</Picture>
<Icon>http://<download_address>/voiceicon.png</Icon>
</Voice>
<Colorscheme>
<Id>98797</Id>
<Version>1.1</Version>
<Name>Bright Black</Name>
<Location>http://download.<download_address>/colordownload.cab</Location>
<Size>6464</S ize>
</Colorscheme>
<Poi>
<Id>65446</Id>
<Version>1.3</Version>
<Name>Wifi Hotspots</Name>
<Category>Connectivity</Category>
<Location>http://download.<download_address>/poidownload.cab</Location>
<Size>54567</Size>
</Poi>
</Toc>
the field < installresults DeviceId ═ 35265252 "/> specifies the limit of installability for this item (except for the < Target > element). It has no content. The optional attributes are: deviceId (string) indicating that an item can only be installed on a device with this device ID; and minnavigator version, which indicates the lowest version of the navigator program that must be installed for this item to be installed.
Fig. 7 shows a block diagram of a communication scenario, such as running an executable application 701 (sweet-spot application), a local application, on a computer that communicates with a remote server 705 via a communication network 703 in order to exchange information as depicted in fig. 7. The server 707 may provide a message that is presented in the form of a balloon message 707 or a browser component provided by, for example, the application 701.
The particular combinations of elements and features in the above embodiments are exemplary only; the interchanging and substitution of these teachings with other teachings in this invention and the patents/applications incorporated by reference are also expressly contemplated. Those skilled in the art will recognize that variations, modifications, and other implementations of what is described herein can occur to those of ordinary skill in the art without departing from the spirit and the scope of the invention as claimed. Accordingly, the above description is by way of example only and is not intended as limiting. The scope of the invention is defined in the appended claims and equivalents thereof. Furthermore, reference signs used in the description and claims do not limit the scope of the invention as claimed.