A vehicle is provided that comprises two or more radio frequency (RF) antennas and two or more RF transceivers to communicate wirelessly sensitive information associated with a user of the vehicle (the two or more RF antennas being at different physical locations on an exterior of the vehicle). The vehicle determines which one of the two or more RF antennas is receiving a strongest signal from a common signal source, selects a first RF transceiver associated with the RF antenna with the strongest signal to send the sensitive information associated with the user to the common signal source, and sends the sensitive information associated with the user to the first RF transceiver for transmission to the common signal source.

A method comprises a server generating a server nonce and transmitting a server public key, a key signature and the server nonce to a device, the device verifying the server public key, signing the server nonce with a device private key, generating a device nonce, and transmitting the server nonce, the server nonce signature, a device public key, a device key signature, and the device nonce to the server, the server verifying the server nonce and the device public key, generating a session key, encrypting the session key with the device public key, signing the device nonce and the session key with a server private key, and transmitting the device nonce, the signed device nonce and session key, and the encrypted session key to the device, and the device verifying the device nonce, decrypting the encrypted session key with the device private key, and verifying the decrypted session key.

Systems and methods are described that enable trusted communications between two entities. In one implementation, a controller of a vehicle may include one or more processors configured to receive data and a controller signature from a second controller of the vehicle. The controller signature may be generated based on at least a first portion of the data. The one or more processors may be further configured to transmit the data and the controller signature to a gateway of the vehicle and receive a gateway signature from the gateway. The gateway signature may be generated based on at least a second portion of the data and transmitted to the controller after the gateway verified the controller signature. In addition, the one or more processors may be configured to verify the gateway signature and process the data.

An access control system for electric vehicle charging is provided that includes an access device, a secure reservation interface, a reservation server and a smartphone application installed on the smartphone. The access device includes a short-range wireless communication module connected to a processor having control of an electric vehicle charger. The secure reservation interface receives a reservation request for a reservation at a given destination. The reservation server receives the reservation request for the destination, issues a reservation certificate, and transmits the reservation certificate from the reservation server to a smartphone. The smartphone application has access to a short range wireless communication setting corresponding to the access device. The access device receives the reservation certificate from the smartphone application based on use by the smartphone application of the short-range wireless communication setting. The processor activates the electric vehicle charger based on at least the receipt of the reservation certificate.

An example operation may include one or more of identifying transports operating on a roadway, determining a degree of transport traffic based on the identified transports, when the degree of transport traffic has exceeded a traffic level, assigning one or more of the identified transports as a roadway manager, controlling movement of the roadway manager, and generating a roadway indicator on the roadway manager to direct the identified transports.

Disclosed herein are system, method, and computer program product embodiments for scrubbing anomalies from an expanding dataset. In an embodiment, a data sanitization system may determine whether data is anomalous to a set of data stored on a first blockchain. The data sanitization system may perform this determination using a first machine learning algorithm trained using the set of data. Upon determining that data is anomalous, the data sanitization system may publish the data in a second blockchain different from the first blockchain. The data sanitization system may monitor data of the second blockchain and apply a second machine learning algorithm to this data to identify a pattern of anomalous data. In response to identifying the pattern, the data sanitization system may publish the anomalous data of the second blockchain to the first blockchain.

In a method for conducting communications, a first terminal device in a vehicle-to-vehicle (V2V) network sends a first request message to a server of the V2V network to request the server to allocate an encryption key corresponding to a first service. The first request message includes an identifier of the first service and an identifier of the first terminal device. The first terminal device receives from the server a first response message that includes an encryption key corresponding to the first service. The first terminal device uses the encryption key to encrypt first information related to the first terminal device in the V2V network, and broadcasts a broadcast message that includes the encrypted first information to the V2V network.

The present disclosure provides a provisioning method and a terminal device. The provisioning method is applied to the terminal device, including: the security module establishes a secure channel with the certificate authority CA server through one or more session keys shared by the security module and the CA server; and obtains one or more digital certificates from the CA server; wherein, the security module is to implement Universal Subscriber Identity Module (USIM) functions.

The disclosed technology teaches delegating authorization to access a resource server contingent upon group membership confirmation by a third-party identity management provider. As part of the technology, a client obtains a Macaroon Access Token with a third-party caveat that requires the client to obtain a one-time Discharge Macaroon Authorization from a third-party authority, and identifies both user group membership that needs to be checked, and a hint how to find the third-party authority. The client provides the Macaroon Access Token to the third-party authority. The client obtains, from the third-party authority, a Discharge Macaroon Access Token that identifies user group membership, and sends the Macaroon Access Token and the Discharge Macaroon Authorization to the resource server as proof of authorization.

A key management method serves as an electronic control unit (ECU) in an onboard network system having a plurality of ECUs that perform communication by frames via a network. The method includes storing a shared key and executing encryption processing based on the shared key. The method further includes executing inspection of a security state of the shared key stored in a case where a vehicle is in at least one of the following particular states: the vehicle is not driving and is an accessory-on state; a fuel cap of the vehicle is open, and the vehicle is not driving and is fueling; the vehicle is parked, which is indicated by the gearshift; the vehicle is in a stopped state before driving, which is indicated by the gearshift; and a charging plug is connected to the vehicle, and the vehicle is electrically charging.