Title:
Cellular phone Entry Techniques
Kind Code:
A1


Abstract:
A cell phone is mated with the vehicle system and thereafter used to obtain access to the vehicle. A user who has a cell phone automatically can obtain access to the vehicle. An embodiment describes a USB key that provides access to the vehicle, and in an emergency, either a complete or partial version of the key can be downloaded from a server.



Inventors:
Harris, Scott C. (Rancho Santa Fe, CA, US)
Application Number:
12/017343
Publication Date:
07/23/2009
Filing Date:
01/22/2008
Primary Class:
International Classes:
G08C19/00
View Patent Images:



Primary Examiner:
SYED, NABIL H
Attorney, Agent or Firm:
SCOTT C HARRIS (Rancho Santa Fe, CA, US)
Claims:
What is claimed is:

1. A method, comprising: storing information in a vehicle, said information being indicative of at least a first cellular phone, wherein said information includes unique information indicative of said first cellular phone; detecting a proximity of said first cellular phone; and allowing access to said vehicle responsive to said detecting said proximity of said cellular phone.

2. A method as in claim 1, wherein said detecting wirelessly senses the cellular phone.

3. A method as in claim 1, further comprising an initial step of establishing authorization, and once establishing said authorization, to store said information indicative of said first cellular phone in said vehicle, and thereafter to use the first cellular phone to obtain access to said vehicle.

4. A method as in claim 1, wherein said obtaining access comprises allowing a user to enter the vehicle.

5. A method as in claim 1, wherein said obtaining access comprises allowing the user to start the vehicle.

6. A method as in claim 1, further comprising allow requiring at least one additional security aspect in addition to proximity of said cellular phone, prior to granting access to the vehicle.

7. A method as in claim 6, wherein said additional information is digits entered using said cellular phone.

8. A method as in claim 6, wherein said additional information is an automatically-obtained location. from cell phone

9. A method as in claim 1, wherein said establishing authorization comprises reading a code from a non-volatile memory, and using said code to establish said access.

10. A method as in claim 2, further comprising requiring at least one cryptographic code from said cellular phone that cannot be provided by another cellular phone.

11. An automobile access system, comprising: a wireless detection part, that determines presence of wireless phones, and allows connection with said wireless phones and exchanging information with said wireless phones; a processor, that controls access to at least one of entry to the vehicle and/or starting of the vehicle, and accesses a list of authorized cellular phones, and determines if information indicative of one of said cellular phones is on said list, detects proximity of said one cellular phone, and allows said access to the vehicle based on said proximity of said cellular phone.

12. A system as in claim 11, wherein said processor also requires at least one additional security aspect prior to allowing said access to the vehicle.

13. A system as in claim 11, wherein said at least one additional item of information is entered on the cellular phone, and said vehicle detects said entry on the cellular phone and verifies said item of information as said at least one additional security aspect.

14. A system as in claim 11, wherein said at least one additional item of information is a determination of an automatically-detected location.

15. A system as in claim 12, wherein said at least one additional security aspect includes verifying a code produced by said cellular phone as having been created by said cellular phone.

16. A method, comprising: using an electronic key, which includes an electronic code thereon to provide access to a secured part; allowing the user to access a server, and to download a new electronic code; and using said new electronic code to access said part.

17. A method as in claim 16, wherein said area is an automobile.

18. A method as in claim 17, further comprising requiring that the code includes location information, and allowing access to said automobile only if said location information agrees with an automatically-determined location information.

19. A method as in claim 17, wherein said key is usable only for a specified short period of time.

20. A method as in claim 18, further comprising determining location information using a GPS device in an automobile, and comparing said location information obtained said GPS device with location information included within said new electronics code.

Description:

BACKGROUND

Many automobiles have the capability to communicate with a cellular phone. For example, a cellular-phone may have Bluetooth capabilities that allow mating between the cellular-phone and the automobile so that the user of cellular phone can communicate through the automobile subsystems, e.g., use an in-vehicle microphone and/or speaker.

In addition, it is conventional to use a key to enter and drive the automobile. The key is for security, e.g., to prevent theft. However, keys can be lost. High security keys are often difficult to duplicate especially for the higher security keys. Keys are one more thing that a person needs to carry.

SUMMARY

The present application describes new ways of controlling access to an automobile.

One aspect describes use of a cellular phone to control access to the automobile. Different aspects describe different ways in which the access can be granted.

BRIEF DESCRIPTION OF THE DRAWINGS

These and other aspects will now be described in detail to the accompanying drawings in which:

FIG. 1 shows a an entry system and its access to a computer in an automobile;

FIG. 2 shows a flowchart of operation . . .

DETAILED DESCRIPTION

A conventional way of obtaining access to an automobile is to use a key. In order to do this, the key is put into a key slot, sometimes turned or otherwise clicked into place.

FIG. 1 illustrates an access control part 100 of an embodiment. The part 100 may be within an automobile, e.g. on the dashboard of the automobile. However, it should be understood that this can also be in any other part of the automobile, such as the door to the automobile that allows entry to the automobile from the outside. The access control part 100 includes a key slot 102 into which a key can be inserted.

Many automobiles operate using a controllable microprocessor. The microprocessor 110 is shown communicating with the key slot 102. In this embodiment, the key slot 102 may be sized and configured to accept and connect to a non volatile memory device, e.g., a USB key or other flash memory. The key slot 102 includes inner surfaces with contacts 103 that allow connection to the USB stick. In addition, however, a conventional key shown as 104 or other kind of keys such as laser cut key can also be fit into the same socket. In the embodiment, either a conventional key 104, or the USB key 105 can be put into the same hole, and either can be used to provide access to the vehicle, as explained herein.

Once either key is inserted in the proper way, an indication of authorized access is the processor 110. This allows access to the automobile systems. For example the access allows the automobile to be started, or the door to be opened, or different menus to be accessed. The processor 10 also controls connection to a wireless module 120. This wireless module may be, for example, a Bluetooth module that communicates with a number of different Bluetooth telephones such as 125. It may also be, however, any other format of wireless module.

The embodiment may also allow coupling with the different Bluetooth-enabled phones in a conventional way.

FIG. 2 illustrates a flowchart that is carried out by the microprocessor 110. At 200, the key is inserted. This enables communication with the different subsystems in the automobile, for example, to allow entry into the automobile, and/or allow other functions. After access is granted based on the key being inserted at 200, one option at 210 may be the selection of a phone scan. This scans for phones in the vicinity at 220. When a phone is found at 220, 230 questions the user whether they want to pair the phone with the automobile. This pairing can only be done when the key is inserted, and therefore during a time when there is security (by virtue of the key having been inserted) that the authorized user is operating the vehicle. If the user selects pairing, when the phone is paired to the key at 235.

A limited function key may also be provided with the vehicle, for temporary uses such as valets and car loans. The limited function key allows access to the vehicle systems, but does not allow pairing. Therefore, the valet or other vehicle user cannot set their own cell phone to allow access to the vehicle.

After pairing has been carried out, the phone is detected to allow access to the vehicle even when the key is not inserted. The proximity of the cellphone is detected, and that proximity allows access to the vehicle systems.

The vehicle may include sensors for the phone both inside and outside of the vehicle to allow the phone (once paired) to be used for, in essence, keyless entry.

One embodiment may require at least one additional security aspect to be carried out in order to grant the access via cell phone only (without a key). Different alternative security techniques are described herein. Some are more conventional security techniques like biometrics and codes. Others are totally new security techniques that are specially adapted for use with a vehicle.

A first of these new techniques is shown as 245. Many vehicles, and virtually all cellphones, have GPS capability that allows determination of their specific location. The inventor noticed that determining and logging the location of a vehicle is a very strong indicia of security—since the location of the vehicle provides the ability to reclaim the vehicle. The automatically-obtained location, e.g., the GPS location from either the phone or the automobile is either sent or stored at 245. The location of the vehicle at the time of vehicle access is therefore logged by a remote server. The remote server that logs the location may be for example the automobile manufacturer's server, or may be via cell phone carrier, or may be for example the user's personal computer or e-mail address.

In one embodiment, a mobile server within the automobile sends an e-mail to the user's e-mail address any time the car is accessed using the mobile phone, including its location. Another embodiment keeps a log of vehicle locations when the car is accessed using the mobile phone. This minimizes the possibility of improper access, since the user running the automobile location is automatically logged.

In another embodiment, this technique of ensuring security using automatically-detected position, is used for security verification of some other function, other than unlocking using a cell phone.

Another way of verifying at 250 uses a biometric and/or a pin in addition to the cell phone proximity. Either the biometric or the pin can be entered using a keyboard associated with the vehicle, or on the keyboard or other entry device or part on the phone. For example, the user may be required to enter their pin on the phone, the digits of which are detected by the Bluetooth connection. A user may be required to take a picture or scan of a body part, such as a finger. This second layer of authentication can further identify the user, and can match with a prestored image or other information indicative of the user.

After detecting a matched phone, and, if selected, passing the additional security steps at 245/250, the car is started or opened at 255.

An advantage of this system is the capability of obtaining access to the automobile with their cellular phone. No additional key is necessary. Simply possessing the cellular phone, after the initial pairing, provides the user with the ability to enter the automobile without needing a special key.

Other functions can also be carried out on the menu. For example, the menu can be used to override electronic key (e.g., USB) access, for those who do not trust the USB key as a secure mode of access.

Optional additional security embodiments may also be used. For example, a key exchange system may be used between the phone and the automobile, so that all communications between the phone and the automobile is encrypted. This prevents man in the middle or other kinds of techniques, whereby unauthorized users can intercept the communication between the phone and the automobile, clone the phone or otherwise provide simulated phone information and then obtain access to the automobile.

Another embodiment may use a token type system running as an application in the phone, e.g., using the RSA token encryption system. For example, the token type system often starts with a specified seed, and uses that seed and real time clock to produce a number. The server, here the car, also has the seed, and also has the real time. Therefore, the car is able to determine from the number whether the proper seed has been used, and hence, whether the provided token is authorized. The automobile can hence determine if the token is correct. In the embodiment, part of the pairing may include transferring a unique token seed from the vehicle to the phone, or from the phone to the vehicle.

Another embodiment may require that the phone be connected via a wire to the vehicle for the initial pairing. Subsequent uses of the phone to obtain access can be wireless, but the initial pairing in this embodiment must be over a wire, e.g., a USB cable. This prevents a listener from obtaining the token information by eavesdropping.

After pairing, an interceptor of the token obtains no information that could be used to create a token at any other time.

The token is only good for a few minutes. For example, the token system may allow 1-5 minutes of leeway in their system between the times of the two real-time clocks to allow for drift between the clocks. After that few minutes has elapsed, the token number cannot be used again.

The token that is sent to the vehicle may be determined within the cellular phone in a way that is transparent to the cell phone user. The user might not even know that the token is being created. Other techniques may also be used to ensure that the actual cellphone that was paired, is later the one used to However, a man in the middle cannot clone the phone and steal or otherwise obtain access to the vehicle. Access requires the actual cellular phone, with its token and its unique seed therein.

Other techniques beside a token can be used; for example, any technique that verifies the cellphone hardware can be used for this purpose. The technique is preferably encryption based, but can use other techniques.

In an embodiment, the key is a code on a non-volatile device such as a USB key 105. The code on that key is verified by the automobile to allow starting or other access to the vehicle. This code can be a very large number, for example a 2048 byte number. If the code on the key matches to one or many codes within the automobile, then the car systems can be accessed; and the engine can be started.

This system may also use a biometric verification.

One advantage of this system is that when USB key is used as a key, it allows simplified copying of the key. The key can simply be put into a computer, and copied to another USB key into the computer. Therefore, user can easily make many copies. Also, if many different automobiles use a USB key, the USB key can store many different codes thereon. The same key can be used to control many different vehicles. For example, the key can have five different codes thereon, one of which may start the vehicle. A different one of the codes can be used to control and start some other vehicle. A single USB key, therefore, acts as a key to many different vehicles. The same key can also be used, for example, for entry to a house, or the like.

In another embodiment, the USB key may have a number thereon, and the car can be trained to accept that number in the same way it is trained to detect to accept a matched phone. In this way, the single number on the key can control many different vehicles. The number on the key may be rewritable, or may be fixed. In this embodiment, the key can be purchased with a fixed code, and the vehicle trained to operate using that key.

Another advantage of the USB key is that the code can be downloaded. If you lose or misplace your car key, you are not stranded: you can download a number that can be used to operate the vehicle. That can be either the actual number from the USB key, or a one time use temporary number.

The download may be from the user's own personal server, or from the automobile's server (run as a web appliance, for example), or from the automobile company's server. Once identifying yourself, the system allows download of a key that represents access to your vehicle. The key may be the real key, or may be a temporary key. Temporary keys may be made like tokens, where they are based on the unique seed in the server, and are valid for some limited period, e.g., 15 minutes or 2 hours.

Another embodiment teaches that when a lower security entry is obtained, for example when the key is downloaded, or when the cell phone is used for access, then the location of the vehicle is logged. One embodiment allows a limited location key to be downloaded. This downloaded key is specific to a specific location. In this embodiment, for example, a new key is requested including an indication of a location of the vehicle. For example—the request may indicate a location, or may be initiated from a location near the vehicle. The downloaded key is only good to access the vehicle at or near that location. The automobile has a GPS unit 140 therein. The key that is downloaded has a location coded therein. The vehicle checks its own location against the location in the downloaded key. The key cannot be used unless the location is correct or at least close to accurate. However, if the location is correct, then the key can be used for a certain period (e.g., one ride) even if the vehicle thereafter is moved.

FIG. 3 illustrates a flow chart of this embodiment. At 300, the user identifies themselves to a server. The server recognizes the credentials at 305, and allows the user to get a new key. In one embodiment, the new key is limited in some way. The new key may be limited in time and usable for only 3 to 15 minutes, for example, to start the vehicle. In another embodiment, the user provides their location information at 310. This could be done via GPS over cell phone, or may be done using a map or by entering address information. The location information is converted to GPS information. At 315, a key is provided that is combined with location information and is limited in the location where it can be used.

At 320, the user takes the key and uses it in the vehicle. The vehicle determines at 325 whether the actual location information correctly matches with the location information in the key. For example, in an embodiment, the user must be within 2000 feet of the entered location in order for the key to the accepted. This may use, for example, the GPS information in the automobile. If correct, access is granted at 330. The user having requested this information provides, therefore, the vehicle location. Therefore, the key is only good if it starts the car at a known location, requiring, therefore, that the vehicle location becomes known.

According to another embodiment, the keys can simply be downloaded, and are usable for some short amount of time without the location information. Another embodiment may allow the keys to be downloaded and to be maintained forever.

In this way, simply walking up to the vehicle with a cell phone in your pocket or on your person allows access to the vehicle systems including but not limited to door opening, and ignition access.same slot, memory or key.

The general structure and techniques, and more specific embodiments which can be used to effect different ways of carrying out the more general goals are described herein.

Although only a few embodiments have been disclosed in detail above, other embodiments are possible and the inventor intends these to be encompassed within this specification. The specification describes specific examples to accomplish a more general goal that may be accomplished in another way. This disclosure is intended to be exemplary, and the claims are intended to cover any modification or alternative which might be predictable to a person having ordinary skill in the art. For example, other case sizes and shapes are intended to be encompassed. Other kinds of communicators beyond cell phones and blackberry type devices are contemplated. The electronic keys can be in any nonvolatile memory form—smart card, SD memory, FireWire memories, smart cards, as well as other flash memory, can be used for this purpose. Other vehicles beside automobiles may be controlled in this way.

Also, the inventor intends that only those claims which use the words “means for” are intended to be interpreted under 35 USC 112, sixth paragraph. Moreover, no limitations from the specification are intended to be read into any claims, unless those limitations are expressly included in the claims. The communicator described herein may include any kind of computer, either general purpose, or some specific purpose computer such as a workstation. The computer may be an Intel (e.g., Pentium or Core 2 duo) or AMD based computer, running Windows XP or Linux, or may be a Macintosh computer.

The programs may be written in C or Python, or Java, Brew or any other programming language. The programs may be resident on a storage medium, e.g., magnetic or optical, e.g. the computer hard drive, a removable disk or media such as a memory stick or SD media, wired or wireless network based or Bluetooth based Network Attached Storage (NAS), or other removable medium or other removable medium. The programs may also be run over a network, for example, with a server or other machine sending signals to the local machine, which allows the local machine to carry out the operations described herein.

Where a specific numerical value is mentioned herein, it should be considered that the value may be increased or decreased by 20%, while still staying within the teachings of the present application, unless some different range is specifically mentioned. Where a specified logical sense is used, the opposite logical sense is also intended to be encompassed.