公开(公告)号：US20100049976A1

公开(公告)日：2010-02-25

申请号：US12195737

申请日：2008-08-21

申请人： Aditya R. Karnik

发明人： Aditya R. Karnik

IPC分类号： H04L9/00

CPC分类号： H04L63/12 ,  H04L63/105 ,  H04L67/12

摘要： A system and method for adaptively verifying data in resource constrain systems. The adaptive data verification mechanism employs the proper mode of verification adaptively to balance cost/performance requirements plus security requirements. The algorithm uses a belief level for the validity of a received message, and assigns the belief level to a scale between a bona fide message at one end of the scale and a malicious message at an opposite end of the scale. Depending where on the scale the belief level falls determines which validation mode will be used to authenticate the message. In an alternate embodiment, the belief level relative to a scale and the amount of data waiting to be processed in a buffer are both used to determine which mode will be used to validate the message.

摘要翻译： 一种用于自适应地验证资源约束系统中的数据的系统和方法。 自适应数据验证机制采用适当的验证模式，以平衡成本/性能要求加上安全性要求。 该算法对所接收的消息的有效性使用置信水平，并将置信水平分配给比例的一端的真实消息与比例尺的相对端的恶意消息之间的比例。 根据比例尺，信念级别下降决定了哪种验证模式将用于验证消息。 在替代实施例中，相对于比例的置信水平和等待在缓冲器中处理的数据量都用于确定将使用哪种模式来验证消息。

公开(公告)号：US20090235071A1

公开(公告)日：2009-09-17

申请号：US12047865

申请日：2008-03-13

申请人： Bhargav Ramchandra Bellur ,  Anitha Varghese ,  Rajeev Shorey ,  Srinivasan Rajavelu ,  Aditya R. Karnik

发明人： Bhargav Ramchandra Bellur ,  Anitha Varghese ,  Rajeev Shorey ,  Srinivasan Rajavelu ,  Aditya R. Karnik

IPC分类号： H04L9/00

CPC分类号： H04L9/3268 ,  H04L2209/80 ,  H04L2209/84 ,  H04W12/04

摘要： A system and method for assigning certificates and reducing the size of the certificate revocation lists in a PKI based architecture for a vehicle wireless communications system that includes separating a country, or other area, into geographic regions and assigning region-specific certificates to the vehicles. Therefore, a vehicle need only process certificates and certificate revocation lists for the particular region that it is traveling in. Vehicles can be assigned multiple certificates corresponding to more than one region in the vehicles vicinity as advance preparation for possible travel or transmission into nearby regions. Further, the expiration time of certificates assigned to vehicles corresponding to a given geographic region can be tailored to be inversely proportional to the distance from a registered home region of the vehicle. A scalable design for a back-end certifying authority with region-based certificates can also be provided.

摘要翻译： 一种用于为包括将国家或其他区域分离成地理区域并将区域特定证书分配给车辆的车辆无线通信系统的基于PKI的架构中的证书撤销列表的分配证书和减小证书吊销列表的大小的系统和方法。 因此，车辆只需要处理其正在行驶的特定区域的证书和证书撤销列表。可以为车辆附近的多个区域分配多个与多个区域相对应的证书，作为可能的旅行或传输到附近地区的预先准备。 此外，分配给对应于给定地理区域的车辆的证书的到期时间可以被定制成与从车辆的登记的家庭区域的距离成反比。 还可以提供具有基于区域的证书的后端认证机构的可扩展设计。

公开(公告)号：US09100418B2

公开(公告)日：2015-08-04

申请号：US12195737

申请日：2008-08-21

申请人： Aditya R Karnik

发明人： Aditya R Karnik

IPC分类号： H04L9/00 ,  H04L29/06 ,  H04L29/08

CPC分类号： H04L63/12 ,  H04L63/105 ,  H04L67/12

摘要： A system and method for adaptively verifying data in resource constrain systems. The adaptive data verification mechanism employs the proper mode of verification adaptively to balance cost/performance requirements plus security requirements. The algorithm uses a belief level for the validity of a received message, and assigns the belief level to a scale between a bona fide message at one end of the scale and a malicious message at an opposite end of the scale. Depending where on the scale the belief level falls determines which validation mode will be used to authenticate the message. In an alternate embodiment, the belief level relative to a scale and the amount of data waiting to be processed in a buffer are both used to determine which mode will be used to validate the message.

摘要翻译： 一种用于自适应地验证资源约束系统中的数据的系统和方法。 自适应数据验证机制采用适当的验证模式，以平衡成本/性能要求加上安全性要求。 该算法对所接收的消息的有效性使用置信水平，并将置信水平分配给比例的一端的真实消息与比例尺的相对端的恶意消息之间的比例。 根据比例尺，信念级别下降决定了哪种验证模式将用于验证消息。 在替代实施例中，相对于比例的置信水平和等待在缓冲器中处理的数据量都用于确定将使用哪种模式来验证消息。

公开(公告)号：US08090949B2

公开(公告)日：2012-01-03

申请号：US12047865

申请日：2008-03-13

申请人： Bhargav Ramchandra Bellur ,  Anitha Varghese ,  Rajeev Shorey ,  Srinivasan Rajavelu ,  Aditya R. Karnik

发明人： Bhargav Ramchandra Bellur ,  Anitha Varghese ,  Rajeev Shorey ,  Srinivasan Rajavelu ,  Aditya R. Karnik

IPC分类号： H04L9/32 ,  H04L29/06 ,  G01C21/00

CPC分类号： H04L9/3268 ,  H04L2209/80 ,  H04L2209/84 ,  H04W12/04

摘要： A system and method for assigning certificates and reducing the size of the certificate revocation lists in a PKI based architecture for a vehicle wireless communications system that includes separating a country, or other area, into geographic regions and assigning region-specific certificates to the vehicles. Therefore, a vehicle need only process certificates and certificate revocation lists for the particular region that it is traveling in. Vehicles can be assigned multiple certificates corresponding to more than one region in the vehicles vicinity as advance preparation for possible travel or transmission into nearby regions. Further, the expiration time of certificates assigned to vehicles corresponding to a given geographic region can be tailored to be inversely proportional to the distance from a registered home region of the vehicle. A scalable design for a back-end certifying authority with region-based certificates can also be provided.

摘要翻译： 一种用于为包括将国家或其他区域分离成地理区域并将区域特定证书分配给车辆的车辆无线通信系统的基于PKI的架构中的证书撤销列表的分配证书和减小证书吊销列表的大小的系统和方法。 因此，车辆只需要处理其正在行驶的特定区域的证书和证书撤销列表。可以为车辆附近的多个区域分配多个与多个区域相对应的证书，作为可能的旅行或传输到附近地区的预先准备。 此外，分配给对应于给定地理区域的车辆的证书的到期时间可以被定制成与从车辆的登记的家庭区域的距离成反比。 还可以提供具有基于区域的证书的后端认证机构的可扩展设计。

公开(公告)号：US09106611B2

公开(公告)日：2015-08-11

申请号：US13534329

申请日：2012-06-27

申请人： Aditya R Karnik ,  Aravind V. Iyer ,  Bhargav R. Bellur

发明人： Aditya R Karnik ,  Aravind V. Iyer ,  Bhargav R. Bellur

IPC分类号： G06F15/16 ,  H04L29/06 ,  H04L12/861

CPC分类号： H04L63/0227 ,  H04L49/9047 ,  H04L63/1441 ,  H04W4/046

摘要： A method is provided for processing packets in a security module of a node in a real-time tracking system. The security module receives messages via a communication module. Each message contains an identifier associated with a transmitting entity of the message. A respective identifier is associated with a respective buffer. Messages having a same identifier are stored to an associated buffer. At least one message is selected from each buffer. For each buffer, a verification mode is selected for the message selected based on state variables and identifier-level properties of the identifier associated with that buffer. A buffer for message verification is selected based on state variables and identifier-level properties of all identifiers. The message selected is verified utilizing the selected verification mode. The state variables and the identifier-level properties of all identifiers are updated based on a result of the verification of the at least one message.

摘要翻译： 提供了一种用于在实时跟踪系统中的节点的安全模块中处理分组的方法。 安全模块通过通信模块接收消息。 每个消息包含与消息的发送实体相关联的标识符。 相应的标识符与相应的缓冲器相关联。 具有相同标识符的消息被存储到相关联的缓冲器中。 从每个缓冲区中选择至少一个消息。 对于每个缓冲区，为基于与该缓冲器相关联的标识符的状态变量和标识符级属性选择的消息选择验证模式。 基于所有标识符的状态变量和标识符级属性选择消息验证缓冲区。 使用所选择的验证模式验证所选择的消息。 基于至少一个消息的验证结果来更新所有标识符的状态变量和标识符级属性。

公开(公告)号：US20140006615A1

公开(公告)日：2014-01-02

申请号：US13534329

申请日：2012-06-27

申请人： ADITYA R. KARNIK ,  ARAVIND V. IYER ,  BHARGAV R. BELLUR

发明人： ADITYA R. KARNIK ,  ARAVIND V. IYER ,  BHARGAV R. BELLUR

IPC分类号： G06F15/16

CPC分类号： H04L63/0227 ,  H04L49/9047 ,  H04L63/1441 ,  H04W4/046

摘要： A method is provided for processing packets in a security module of a node in a real-time tracking system. The security module receives messages via a communication module. Each message contains an identifier associated with a transmitting entity of the message. A respective identifier is associated with a respective buffer. Messages having a same identifier are stored to an associated buffer. At least one message is selected from each buffer. For each buffer, a verification mode is selected for the message selected based on state variables and identifier-level properties of the identifier associated with that buffer. A buffer for message verification is selected based on state variables and identifier-level properties of all identifiers. The message selected is verified utilizing the selected verification mode. The state variables and the identifier-level properties of all identifiers are updated based on a result of the verification of the at least one message.

摘要翻译： 提供了一种用于在实时跟踪系统中的节点的安全模块中处理分组的方法。 安全模块通过通信模块接收消息。 每个消息包含与消息的发送实体相关联的标识符。 相应的标识符与相应的缓冲器相关联。 具有相同标识符的消息被存储到相关联的缓冲器中。 从每个缓冲区中选择至少一个消息。 对于每个缓冲区，为基于与该缓冲器相关联的标识符的状态变量和标识符级属性选择的消息选择验证模式。 基于所有标识符的状态变量和标识符级属性选择消息验证缓冲区。 使用所选择的验证模式验证所选择的消息。 基于至少一个消息的验证结果来更新所有标识符的状态变量和标识符级属性。

公开(公告)号：US20140002276A1

公开(公告)日：2014-01-02

申请号：US13534348

申请日：2012-06-27

申请人： Aravind V. Iyer ,  Aditya R. Karnik ,  Bhargav R. Bellur

发明人： Aravind V. Iyer ,  Aditya R. Karnik ,  Bhargav R. Bellur

IPC分类号： G08G1/0962

CPC分类号： H04W12/06 ,  H04L63/0823 ,  H04W4/046 ,  H04W4/90 ,  H04W84/18

摘要： A packet processing framework is provided for a vehicle-to-vehicle communication packet processing system. The framework includes a neighborhood vehicle tracking module for tracking neighboring vehicles relative to a host vehicle. The neighborhood vehicle tracking module assigns a priority level of neighboring vehicles relative to a host vehicle. An adaptive security processing module regulates messages streamed to the neighboring vehicle tracker module that are in accordance with the priorities set forth by the neighborhood vehicle tracking module. The adaptive security processing module selects security modes and schedules messages streamed to the neighborhood vehicle tracking module as a function of priorities set forth by the neighborhood vehicle tracking module, a communication reliability of the transmitting neighboring vehicle, and a likelihood that a message from the neighboring vehicle is genuine as determined by the adaptive security processing module. The neighborhood vehicle tracking module outputs processed kinematics and alert information to at least one vehicle-to-vehicle application.

摘要翻译： 提供了一种用于车对车通信分组处理系统的分组处理框架。 该框架包括用于跟踪相对于主车辆的相邻车辆的邻域车辆跟踪模块。 邻里车辆跟踪模块相对于主车辆分配相邻车辆的优先级。 自适应安全处理模块根据邻近车辆跟踪模块所阐述的优先级来调节流向相邻车辆跟踪器模块的消息。 自适应安全处理模块根据邻近车辆跟踪模块所提出的优先级，传输邻近车辆的通信可靠性以及来自邻近车辆跟踪模块的消息的可能性来选择安全模式并且调度流传输到邻近车辆跟踪模块的消息 车辆是由自适应安全处理模块确定的。 邻里车辆跟踪模块将已处理的运动学和警报信息输出到至少一个车对车辆应用。

公开(公告)号：US08704679B2

公开(公告)日：2014-04-22

申请号：US13534348

申请日：2012-06-27

申请人： Aravind V. Iyer ,  Aditya R Karnik ,  Bhargav R. Bellur

发明人： Aravind V. Iyer ,  Aditya R Karnik ,  Bhargav R. Bellur

IPC分类号： G08G1/00

CPC分类号： H04W12/06 ,  H04L63/0823 ,  H04W4/046 ,  H04W4/90 ,  H04W84/18

摘要： A packet processing framework is provided for a vehicle-to-vehicle communication packet processing system. The framework includes a neighborhood vehicle tracking module for tracking neighboring vehicles relative to a host vehicle. The neighborhood vehicle tracking module assigns a priority level of neighboring vehicles relative to a host vehicle. An adaptive security processing module regulates messages streamed to the neighboring vehicle tracker module that are in accordance with the priorities set forth by the neighborhood vehicle tracking module. The adaptive security processing module selects security modes and schedules messages streamed to the neighborhood vehicle tracking module as a function of priorities set forth by the neighborhood vehicle tracking module, a communication reliability of the transmitting neighboring vehicle, and a likelihood that a message from the neighboring vehicle is genuine as determined by the adaptive security processing module. The neighborhood vehicle tracking module outputs processed kinematics and alert information to at least one vehicle-to-vehicle application.

摘要翻译： 提供了一种用于车对车通信分组处理系统的分组处理框架。 该框架包括用于跟踪相对于主车辆的相邻车辆的邻域车辆跟踪模块。 邻里车辆跟踪模块相对于主车辆分配相邻车辆的优先级。 自适应安全处理模块根据邻近车辆跟踪模块所阐述的优先级来调节流向相邻车辆跟踪器模块的消息。 自适应安全处理模块根据邻近车辆跟踪模块所提出的优先级，传输邻近车辆的通信可靠性以及来自邻近车辆跟踪模块的消息的可能性来选择安全模式并且调度流传输到邻近车辆跟踪模块的消息 车辆是由自适应安全处理模块确定的。 邻里车辆跟踪模块将已处理的运动学和警报信息输出到至少一个车对车辆应用。