Optional features that may be created and offered by independent technology providers through their utilization of platform capabilities could include these below (which do not mention some exciting possibilities not yet publicly disclosed):
Vehicle-to-vehicle (V2V) automobile technology is designed to allow automobiles to communicate with each other. V2V communications is expected to form a wireless ad hoc network on the roads. Devices in secure IoT devices groups that are managed under one PKI, may be authenticated to communicate with IoT devices of authenticated groups of other vehicles that are managed by another PKI through the application of Cross-Certification. V2V communications work by using the input of IoT devices, such as sensors, which monitor automobile operation and conditions, such as speed, brake action, traveled distance, and location. The collected data may be protected by encryption and may be automatically uploaded to a server using a wireless network after the occurrence of an event.
The Security Ecosystem’s Group, Secure Communication Line and rules/business logic technology is useful for controlling specific access to devices and/or data. The technology of using IoT Device Secure Groups can be useful for V2V needs. For example, the external sensors required for V2V activities could be grouped in (for example) an “External Sensor Group”. For privacy concerns the External Sensor Group could be provided with carefully controlled identifying information (e.g., as minimal as generic make and model of car). Personal information regarding the driver or registration could remain private. External devices allowed to communicate with the V2V sensors would not have credentials to gain access beyond sensors and a management ECU into the vehicle. Those sensors could have carefully defined and credentialized access to specific devices within the vehicle.
The Security Ecosystem’s capability to support multiple identities for an endpoint can be useful in the V2V scenario. For example, an External Sensor Group may have variable configurations for its own identity that it may transmit externally. The configuration of the system provides for endpoints to be able to maintain multiple identities that may dynamically change based on certain mode and/or time of the operation of the vehicle or its sensors (IoT devices). A vehicle or vehicle device groups may have multiple identities. One identity may be as minimal as generic make and model of car. A vehicle may additionally have one or more identities that provide more detailed information, such as: license plate; registration information; insurance information, etc. Such variable identity configurations may be modified automatically or manually. A selection of vehicle identities may be provisioned to defined classes of vehicles. For example as emergency vehicle, such as a fire truck that is not operating in an emergency situation may broadcast an identity of a large vehicle or of a non-emergency fire truck. However, if the fire truck changes its operation into a mode of responding to an emergency call, then the identity that fire truck may broadcast will become that of a responding emergency vehicle. Relying on the trust granted to PKI certificates, a real-time or near real-time confirmation of an emergency vehicle’s claimed identity can be validated by the vehicles around it through their Attribute Authority to their Certification Authority, and possibly to a Cross-Certified PKI (as needed). Therefore an autonomous vehicle (or the driver of a non-autonomous vehicle) will be able to trust that a specific emergency vehicle is trustworthy and should be obeyed.
VEHICLE-2-X (“X” = “anything”)
Vehicle-to-X (V2X, i.e., anything) is a superset of V2V and other terms. Vehicle-to-Infrastructure (V2I) includes wireless exchange of critical safety and operational data between vehicles and roadway infrastructure. Vehicle-to-Grid (V2G) is a system in which certain electric or hybrid vehicles communicate with the power grid to sell demand response services by returning electricity to the grid or by throttling their charging rate. Vehicle-to-X (V2X) refers to an intelligent transport system where all vehicles and infrastructure systems are interconnected with each other, thus providing more precise knowledge of the traffic situation across the entire road network.
Besides V2V, the combined technology of: Authenticated, Secure Communication Lines; Digital Obedience; IoT Device Secure Groups; IoT Device Group Management; and PKI Cross-Certification can also be used to support the implementation of V2I, V2G and V2X. The interexchange between endpoints to support such useful services should be implemented only when: (a) the security and privacy of user, device and network data is well secured and viewable only by authorized entities; (b) where all connected endpoints are strongly authenticated; (c) where physical endpoints have effective protection from hacking and other compromises; and (d) where endpoints, their allowed connections, the rules under which they operate are known, managed well and auditable.
INTEGRATION OF MULTIPLE OEM’S & GOVERNMENTAL ENTITIES
The integration and cross-certification of separate infrastructure sources administered by independent government, states, cities, and possibly private businesses must be done with care. The security and certification of those external entities, through the seamless integration of those different sources of infrastructure, together with the integration of devices of vehicles from different OEM’s (and getting them all to integrate together seamlessly in order to provide security and trusted data to all parties) will be a challenge.
Vehicles are expected to be managed within a unique OEM security ecosystem. Certification Authorities of the various Security Ecosystems should be cross-certified to trust one to another. Emergency vehicles can then be authenticated on a near to-real-time basis. The coordination of multiple, and independently managed Security Ecosystems should be monitored by a central authority. Each Security Ecosystem should be able to trust that other Security Ecosystems are properly certifying the vehicles that they are managing and know that claimed vehicle identities are authentic.
For example, by using this cross-certification technology, the Police Car (managed by the Government Security Ecosystem) can be trusted by Vehicle 2 (managed by OEM 2’s Security Ecosystem) and Truck 1 (managed by OEM 2’s Security Ecosystem).
The Security Ecosystem’s technology of Trustworthiness and Scoring can be expanded for use in V2V and V2X scenarios.
Through use of the TrustCentral API, it would be possible to provide AI systems with a number of innovative capabilities, so that AI systems may, for example:
- View, track and know about designated IoT device communications as well as other supported IoT devices with which those devices may or may not communicate
- Attain visibility to designated IoT endpoint authenticated communication line relationships, PKI certificates, etc. as well as to audit trails of IoT device activities to determine source of information/communication
- Direct the security ecosystem to create new secure communication lines between designated devices as well as to provide rules of use for those communication lines so as to manage and create authenticated relationships between designated pairs of IoT devices
- Gain authorized access to IoT endpoints for the purpose of providing direction to them or obtain information from them
- Use these capabilities so that the AI system could create an “exoskeleton” (built with IoT devices) for the AI’s use and control
As all communication lines established by such an AI capability and all access would be conducted under authority of certificates issued by the security ecosystem. Such activity would be open to external monitoring and ultimate control, thus mitigating a “SkyNet” scenario.
Another of the valuable capabilities of the TrustCentral security ecosystem is its unique ability to authenticate remote identities and associate them digitally unique endpoints (both IoT and other). Dr. David Kravitz (inventor of the Digital Signature* Algorithm – DSA – as well as TrustCentral’s Security Ecosystem) recently authored a soon-to-be-published IEEE paper entitled: “Transaction Immutability and Reputation Traceability: Blockchain as a Platform for Access-controlled IoT and Human Interactivity.” In this paper Dr. Kravitz makes the case for the importance of this datum: “Trusted transactions require trusted provenance (origin)”. Yes, “garbage in, garbage out” can even apply to blockchain. One should consider this: how valuable are records that may not be trustworthy? To achieve trustworthiness, in his IEEE paper Dr. Kravitz relies on technology that he designed for TrustCentral (e.g. an “Inviter-Invitee” protocol and “communication lines” between endpoints). This IEEE paper cites TrustCentral patents and includes five figures from a recently issued TrustCentral patent). One conclusion in the paper is:
“Credible reputation lies at the core of users and devices communicating and transacting successfully . . . [a methodology] that has considerable implications relative to addressing the reputation issue . . . [is] IoT and human interaction that is securely facilitated through use of an ‘Inviter-Invitee’ protocol to set up dedicated maintainable ‘communication lines’”.