DE102016220618A1 - Method for assigning access permissions to data of a first entity - Google Patents

Abstract

The invention relates to a method for assigning access authorizations to data (24) of a first entity (12), comprising the step of granting a first-order access permission to a second entity (14) by a third entity (16) of a first entity (18) generally allows the second entity (14) to access data stored on the third entity (16).
It is envisaged that the method comprises granting a first-ranking access authorization for the first entity (18) of the second entity (14) by the first entity (12) authorizing the first entity (18) of the second entity (14) to do so to directly access the data (24) of the first entity (12) stored on the third entity (16).
The invention has for its object to enable a secure transfer of already granted access to data of an entity.

Description

The invention relates to a method for assigning access authorizations to data of a first entity and to a system for assigning access authorizations to data of a first entity.

The personalization of vehicles will continue to increase in the future. In addition to already known personal vehicle settings, such as a personal seat adjustment or individually preferred air conditioning settings, in the future regularly personal mobile online services will be used in the vehicle.

In order to be able to comfortably use personal mobile online services in a vehicle, the vehicle must have access authorization to data stored on a server of a third-party provider and assigned to the vehicle user. This can be, for example, calendar data or address data which the vehicle user has previously deposited when using third-party usage offers.

In order for a vehicle to be able to access such data on third-party servers, a corresponding authorization is required by the user.

This is out DE 103 49 723 A1 a method for verifying the authority of a user request for content delivery by a content server, wherein the request is made by transmitting a string comprising a user-identifying token, and wherein the content is provided to the user only if the token is valid.

Further, in the document EP 1 231 531 A1 discloses a method for authenticating a user for access to confidential data or areas of a data processing device, wherein an access code is read from a database stored on a security medium and transmitted to the data processing device.

In addition revealed DE 697 35 486 T2 a computer-implemented system comprising a plurality of electronic entities, each electronic entity containing protected personal data of a network member, rights rules governing access to the data, and a digital certificate ensuring that the personal data is from the entity; having. Further, the system includes computer-implemented means for providing secure processing between two interacting electronic entities such that only one secure process is able to securely access the personal data of each interacting electronic entity and securely calculate the rights rules of each entity to determine whether An exchange of some or all personal data will take place.

However, these and other approaches do not take into account that a user will use multiple vehicles in the future, in particular due to the increasing number of car-sharing options and other comparable uses of vehicle pools.

In order for a user to always have his personal data and services available in the various vehicles, all vehicles currently still have to be authorized to access the data of the user on the various third-party servers. This is associated with a considerable effort for the user and considerably weakens the attractiveness of car sharing.

The invention is based on the object of enabling a secure transfer of already granted access authorizations to data of an entity.

This object is achieved by a method according to claim 1 or a system according to claim 14.

In the inventive method for assigning access permissions to data of a first entity, a first-level access permission is granted by a third entity for a second entity, which generally allows a first entity of the second entity to access data stored on the third entity , In accordance with the invention, first level access permission is granted by the first entity to the first instance of the second entity, which authorizes the first entity of the second entity to directly access the data of the first entity stored on the third entity.

The method according to the invention has the advantage that the assignment of access authorizations is now based both on an access permission and on an access authorization, so that a hierarchical authorization management is possible.

In this case, the individual entities may have a plurality of hierarchically related instances, in the sense of the invention, the first instance is to be regarded as the highest hierarchical hierarchy. The access rights of hierarchically lower instances of an entity depend on the access permissions of the hierarchically higher instances of this entity. This can be a hierarchically higher instance of an entity Issue subclaims for hierarchically lower instances of this entity, by means of which the hierarchically lower instances can directly access data of another entity without the other entity having to agree to new access permissions. Thus, a secure transfer of already granted access authorizations to data of an entity is made possible. The first-level access permission for the first instance of the second entity may have a shorter validity period than the first-level access permission for the second entity.

The method may include transforming the first-level access right of the first instance of the second entity into a second-level access permission for the second instance of the second entity, allowing the second instance of the second entity to obtain second-level access permission from the third entity; which authorizes the second instance of the second entity to directly access the data of the first entity stored on the third entity without the consent of the first entity. The first-level access permission of the first instance of the second entity may be transformed into a second-level access permission for the second instance of the second entity by the first instance of the second entity. The first instance of the second entity may have a transformation operator or a transformation operator. For example, the first entity of the second entity itself may comprise a transformation operator or a transformation operator, and / or a transformation operator of a foreign device may be available for use by the first entity of the second entity. The second-level access permission of the second instance of the second entity may have the same or a shorter validity period than the first-level access permission of the first instance of the second entity.

The method may include granting the second-level access privilege to the second entity of the second entity based on the second-level access permission of the second entity of the second entity by the third entity. The second-level access authorization of the second instance of the second entity may have a shorter validity period than the second-level access permission of the second instance of the second entity.

The method may comprise transforming the second-tier access privilege of the second entity of the second entity into a third-party access permission for the third entity of the second entity, allowing the third entity of the second entity to obtain third-party access permission from the third entity. which authorizes the third entity of the second entity to directly access the data of the first entity stored on the third entity without the consent of the first entity. The second-level access authorization of the second entity of the second entity may be transformed into a third-party access permission for the third entity of the second entity by the second entity of the second entity. The second instance of the second entity may have a transformation operator or a transformation operator. For example, the second entity of the second entity itself may comprise a transformation operator or a transformation operator and / or the second entity of the second entity may have available for use a transformation operator or a transformation operator of a foreign device. The third-level access permission of the third instance of the second entity may have the same or a shorter validity period than the second-level access authorization of the second instance of the second entity.

The method may include granting third-party access permission to the third entity of the second entity based on the third-party access permission of the third entity of the second entity by the third entity. The third-party access authorization of the third entity of the second entity may have a shorter validity period than the third-party access permission of the third entity of the second entity.

According to the system described above, the method can be extended to any number of instances of the second entity. The method may thus comprise transforming an access privilege of any rank of the corresponding instance of the second entity into a next higher rank access permission for the next highest instance of the second entity allowing the next higher instance of the second entity an upper level privilege of the third Entity that entitles the next higher entity of the second entity to directly access the data of the first entity, which are stored on the third entity, without the consent of the first entity needs. Thus, the method may also include granting the next higher level access permission to the next higher instance of the second entity based on the next higher level access permission of the next higher instance of the second entity by the third entity. For example, one or more instances of the second entity are configured as software components.

The first instance of the second entity may be a vehicle manufacturer. Alternatively or In addition, the second instance of the second entity may be a vehicle, in particular a vehicle of the vehicle manufacturer of the first instance of the second entity. Alternatively or additionally, the third instance of the second entity may be an electronic device of a vehicle, in particular an electronic device of the vehicle of the second instance of the second entity. In particular, a method is preferred in which the hierarchically highest instance is the vehicle manufacturer and hierarchically an instance under the vehicle manufacturer is a vehicle of the vehicle manufacturer, where hierarchically an instance under the vehicle of the vehicle manufacturer is an electronic device of the vehicle of the vehicle manufacturer. The electronic device may be, for example, an on-board controller or an on-vehicle media player. The vehicle manufacturer can thus transform an access authorization, which entitles the vehicle manufacturer to directly access data of the first entity, which are stored on the third entity, into an access permission for the vehicle, which allows the vehicle to obtain access authorization from the third entity received, which entitles the vehicle to directly access the data of the first entity, which are stored on the third entity, without requiring the consent of the first entity. Based on this access permission, the third party can then grant the access authorization for the vehicle. The vehicle may further transform the access authorization that authorizes the vehicle to directly access data of the first entity stored on the third entity into an access permission for the electronic device of the vehicle that allows the electronic device of the vehicle Obtain access authorization from the third entity which authorizes the electronic device of the vehicle to directly access the data of the first entity stored on the third entity without requiring the consent of the first entity. Based on this access permission, the third party can then grant the access authorization for the electronic device of the vehicle.

The first entity may be a vehicle user. Alternatively or additionally, the third entity may be a third-party server. A vehicle manufacturer can thus an access authorization, which entitles the vehicle manufacturer to directly access data of the vehicle user, which are stored on the server of the third party, transform into an access permission for the vehicle, which allows the vehicle, an access authorization from the server of the third party which entitles the vehicle to directly access the data of the vehicle user stored on the third-party server without the vehicle user's consent. Based on this access permission, the third-party server can then grant access to the vehicle. The vehicle may further transform the access authorization that authorizes the vehicle to directly access data of the vehicle user stored on the third-party server into an access permission for the electronic device of the vehicle that allows the electronic device of the vehicle Obtain access authorization from the third-party server that authorizes the vehicle's electronic device to directly access the data of the vehicle user stored on the third-party server without the vehicle user's consent. Based on this access permission, the third-party server may then grant access to the electronic device of the vehicle. The access authorization of a particular rank can be used either once or multiple times.

Based on an access permission, multiple peer access permissions can be granted. For example, on the basis of a second-level access permission, multiple second-level access permissions can be granted. This may be advantageous, for example, if a car sharing company wants to authorize several vehicles for direct access to the same data, which are stored on a server of a third party. For example, several third-level access permissions can also be granted on the basis of third-level access permission. This may be advantageous, for example, if a vehicle wants to authorize several on-board electronic components for direct access to the same data, which are stored on the server of a third party. Alternatively or additionally, an access authorization can be transformed into a plurality of higher-level access permissions. For example, first-level access permission can be transformed into multiple second-level access permissions.

When transforming an access right to a higher-level access permission, the access permission can be preserved and kept usable. Thus, for example, an instance of the second entity may continue to directly access data stored on the third entity, while at the same time a higher-level entity may use the higher-level access permission. The higher-ranking instance can, for example, have the higher-level access permission transformed into an appropriate access authorization. In this way, multiple instances of the second entity can directly access the same data of the first entity stored in the third entity.

When transforming an access permission to a higher-level access permission, the access rights can be restricted. This can limit access to selected data. This is advantageous, for example, if the access rights should differ between the different hierarchy levels of an entity. For example, a vehicle manufacturer may grant one or more vehicles only rights to access part of the data of a vehicle user, the vehicle manufacturer himself having access to all data of the vehicle user. Furthermore, the vehicle can grant individual vehicle-specific electronic components access rights, which are restricted in relation to their own access rights.

The method may include extending the validity of an access permission and / or extending the validity of an access authorization. Preferably, the number of extension operations for access permission and / or access authorization is limited. Extending the validity of an access permission may also be referred to as refreshing an access permission. Extending the validity of an access authorization can also be referred to as a refresh of an access authorization. The renewal or refreshing of an access authorization and / or an access permission is preferably carried out by the issuing entity or the issuing entity of an entity. The renewal or refreshing of an access authorization and / or an access permission can already take place if the access authorization and / or the access permission are still valid. Alternatively or additionally, the renewal or refreshing of an access authorization and / or an access permission can take place if the access authorization and / or the access permission have expired and are therefore invalid.

A loss of validity of an access permission and / or an access authorization can lead to a loss of validity of all higher-level access permissions. Alternatively or additionally, a loss of validity of an access permission and / or an access authorization can lead to a loss of validity of all higher-level access authorizations. All access permissions and access permissions are in a dependency relationship, with the validity of the higher-level access permissions and access permissions depending on the validity of the lower-level access permissions and access permissions. Because of this dependency, an access permission and / or an access authorization can only be valid if the hierarchically superior access permission and / or the access authorization are also valid.

The method may include deleting an access permission, deleting an access authorization, revoking an access permission, and / or revoking an access authorization. The deletion of an access permission and / or the deletion of an access authorization is performed by an entity or an entity of an entity which has not issued the access authorization or the access permission itself. The revocation of an access permission and / or the revocation of an access authorization is carried out by an entity or an entity of an entity which has issued the access authorization or the access permission itself. By deleting and / or revoking an access permission and / or an access authorization, the data access can be prevented subsequently.

The inventive system for assigning access permissions to data of a first entity comprises a second entity and a third entity. According to the invention, the system is configured to execute the method for assigning access authorizations to data of a first entity according to one of the embodiments described above. The same advantages and modifications apply as described above.

The first instance of the second entity may be a vehicle manufacturer. Alternatively or additionally, the second instance of the second entity may be a vehicle. Alternatively or additionally, the third entity of the second entity may be an electronic device of a vehicle. Alternatively or additionally, the first instance may be a vehicle user and / or the third instance may be a third-party server. The same advantages and modifications apply as described above.

Further preferred embodiments of the invention will become apparent from the remaining, mentioned in the dependent claims characteristics. The various embodiments of the invention mentioned in this application are, unless otherwise stated in the individual case, advantageously combinable with each other.

• 1 ein Ausführungsbeispiel des erfindungsgemäßen Systems zur Vergabe von Zugriffsberechtigungen auf Daten einer ersten Entität;
• 2 ein Ausführungsbeispiel des erfindungsgemäßen Verfahrens zur Vergabe von Zugriffsberechtigungen auf Daten einer ersten Entität; und
• 3 ein weiteres Ausführungsbeispiel des erfindungsgemäßen Verfahrens zur Vergabe von Zugriffsberechtigungen auf Daten einer ersten Entität.

The invention will be explained below in embodiments with reference to the accompanying drawings. Show it:

• 1 An embodiment of the inventive system for assigning access to data of a first entity;
• 2 an embodiment of the inventive method for assigning access to data of a first entity; and
• 3 a further embodiment of the inventive method for assigning access permissions to data of a first entity.

1 shows a system 10 with a first entity 12 , a second entity 14 and a third entity 16 , The second entity 14 comprises a total of three hierarchically related instances 18 - 22 , where the instance 18 over the instance 20 and the instance 20 over the instance 22 stands.

The first entity 12 is a vehicle user. The first instance 18 the second entity 14 is a vehicle manufacturer. The second instance 20 the second entity 14 is a vehicle of the vehicle manufacturer and the third instance 22 the second entity 14 is an electronic device of the vehicle of the vehicle manufacturer. The third entity 16 is a third-party server, with data on the server 24 of the vehicle user 12 are stored.

The third-party server 16 granted to the vehicle manufacturer 18 via the communication link 26 a first-level access permission, which it the vehicle manufacturer 18 generally allowed to access data stored on the server 16 are stored. About the communication link 28 issued by the vehicle user 12 the vehicle manufacturer 18 an access authorization of the first order, which the vehicle manufacturer 18 entitled to directly access the data 24 of the vehicle user 12 to access which on the server 16 are stored. The grant can be made by the declaration of a grant of the vehicle user 12 opposite the server 16 be initiated via the communication link 28 ', wherein via the communication link 28 "of the vehicle manufacturer 18 the authorization gets directly to the data 24 of the vehicle user 12 to access which on the server 16 are stored. The direct retrieval of the data 24 on the server 16 occurs via the communication link 30. The by the vehicle user 12 granted access authorization of the first rank of the vehicle manufacturer 18 has a shorter period of validity than the one from a third-party server 16 granted access permission of the first order.

The vehicle manufacturer 18 has a transformation operator, which is set up, the access authorization of the first rank of the vehicle manufacturer 18 in a second-order access permission for the vehicle 20 to transform. The second-level access permission allows the vehicle 20 a second-level access permission from the server 16 to get which the vehicle 20 entitled to directly access the data 24 of the vehicle user 12 to access which on the server 16 are saved without the consent of the vehicle user 12 requirement. The access permission of the second rank of the vehicle 20 has the same or a shorter validity period than the first-order access authorization of the vehicle manufacturer 18 on. The access permission of the second rank is given to the vehicle 20 provided via the communication link 32.

The vehicle requests via the communication link 34 20 at the server 16 under proof of access permission second rank direct access to the data 24 of the vehicle user 12 , The server 16 then grants second-level access to the vehicle 20 based on the second-order access permission of the vehicle 20 , The direct retrieval of the data 24 on the server 16 takes place via the communication connection 36. The access authorization of the second rank of the vehicle 20 has a shorter validity period than the second-order access permission of the vehicle 20 on.

The vehicle 20 has a transformation operator, which is set to the second-level access authorization of the vehicle 20 in a third-tier access permission for the electronic device 22 of the vehicle 20 to transform. The third-level access permission allows the electronic device 22 of the vehicle 20 third-party access permission from the server 16 to get which the electronic device 22 of the vehicle 20 entitled to directly access the data 24 of the vehicle user 12 to access which on the server 16 are saved without the consent of the vehicle user 12 requirement. The third-tier access permission of the electronic device 22 of the vehicle 20 has the same or a shorter validity period than the second-level access authorization of the vehicle 20 on. The third-level access permission is given to the electronic device 22 of the vehicle 20 provided via the communication link 38.

The electronic device requests via the communication link 40 22 of the vehicle 20 at the server 16 proof of third-level access permission direct access to the data 24 of the vehicle user 12 , The server 16 then grants third-party access permission to the electronic device 22 of the vehicle 20 based on third-party access permission of the electronic device 22 of the vehicle 20 , The direct retrieval of the data 24 on the server 16 takes place via the communication connection 42. The third-level access authorization of the electronic device 22 of the vehicle 20 has a shorter validity period than the third-tier access permission of the electronic device 22 of the vehicle 20 on.

2 shows a method for assigning access permissions, wherein a system 10 With a first entity 12 , a second entity 14 and a third entity 16 Use finds. The second entity 14 comprises a total of two hierarchically related instances 18 . 20 , where the instance 18 hierarchically over the instance 20 stands.

The first entity 12 is a vehicle user. The first instance 18 the second entity 14 is a vehicle manufacturer. The second instance 20 the second entity 14 is a vehicle of the vehicle manufacturer. The third entity 16 is a third-party server, with data on the server 24 of the vehicle user 12 are stored.

The vehicle user 12 calls in the procedural step 44 Access to the data 24 on the server 16 out of the vehicle 20 at.

The frame with the numeral 46 includes the process steps that are performed when the vehicle 20 no second-level access permission is given to the vehicle 20 allows second level access permission from the server 16 to get which the vehicle 20 entitled to directly access the data 24 of the vehicle user 12 to access which on the server 16 are saved without the consent of the vehicle user 12 requirement. If the vehicle 20 there is no second-level access permission, the vehicle prompts 20 at the vehicle manufacturer 18 the second-level access permission with the method step 48 at.

The frame with the numeral 50 includes the process steps that are performed when the vehicle manufacturer 18 In addition, no access permission of the first order is available to the vehicle manufacturer 18 generally allowed to access data stored on the server 16 are stored. If the vehicle manufacturer 18 In addition, no first-class access permission exists, the vehicle manufacturer demands 18 First-level access permission to the server 16 with the method step 52. In step 54, the request is checked and the first-level access permission by the server 16 created. In method step 56, the first-level access permission is given to the vehicle manufacturer 18 then provided.

The frame with the numeral 58 includes the process steps that are performed when the vehicle manufacturer 18 an invalid first-level access permission exists. If the vehicle manufacturer 18 an invalid first-class access permission exists, the vehicle manufacturer demands 18 the refresh of the first level access permission at the server 16 with the method step 60. In method step 62, the first-level access permission is issued by the server 16 checked and refreshed. In method step 64, the refreshed access permission of the first order is given to the vehicle manufacturer 18 then provided.

The frame with the numeral 66 includes the process steps that are performed when the vehicle manufacturer 18 no access authorization of the first order is available to the vehicle manufacturer 18 entitled to directly access the data 24 of the vehicle user 12 to access which on the server 16 are stored. If the vehicle manufacturer 18 no access authorization of the first order, the vehicle manufacturer demands 18 First-level access permissions to the server 16 with the method step 68. In step 70, the request is made by the server 16 checked. In method step 72, the vehicle user issues the access authorization of the first order. In method step 74, the request is checked and the access authorization of the first order is created and in method step 76 the vehicle manufacturer 18 then provided.

The frame with the numeral 78 includes the process steps that are performed when the vehicle manufacturer 18 There is an invalid access authorization of the first order. If the vehicle manufacturer 18 invalid authorization of the first order is required by the vehicle manufacturer 18 refreshing the first level access privilege on the server 16 with the method step 80. In method step 82, access authorization of the first order is given by the server 16 checked and refreshed. In method step 84, the refreshed access authorization of the first order is given to the vehicle manufacturer 18 then provided.

So the vehicle 20 now the second-level access permission can be granted, transformed the vehicle manufacturer 18 in the method step 86, the access authorization of the first rank into the second-order access permission. The method step 88 is the vehicle 20 the access permission second rank provided.

The frame with the numeral 90 includes the process steps that are performed when the vehicle 20 There is an invalid second-level access permission. If the vehicle 20 invalid second level access permission is requested by the vehicle 20 at the vehicle manufacturer 18 the renewal of the second-level access permission with the method step 92 at.

The frame with the numeral 94 includes the process steps that are performed when the vehicle manufacturer 18 In addition, an invalid first-level access permission exists. If the vehicle manufacturer 18 an invalid one Access permission of the first order, the vehicle manufacturer demands 18 the refresh of the first level access permission at the server 16 with the method step 96. In method step 98, the first-level access permission is issued by the server 16 checked and refreshed. In method step 100, the refreshed access permission of the first order is given to the vehicle manufacturer 18 then provided.

The frame with the numeral 102 includes the process steps that are performed when the vehicle manufacturer 18 In addition, no access authorization of the first order exists. If the vehicle manufacturer 18 no access authorization of the first order, the vehicle manufacturer demands 18 First-level access permissions to the server 16 with the method step 104. In step 106, the request is made by the server 16 checked. In method step 108, the vehicle user issues the access authorization of the first order. In method step 110, the request is checked and the access authorization of the first order is created and in method step 112 the vehicle manufacturer 18 then provided.

The frame with the numeral 114 includes the process steps that are performed when the vehicle manufacturer 18 There is an invalid access authorization of the first order. If the vehicle manufacturer 18 invalid authorization of the first order is required by the vehicle manufacturer 18 refreshing the first level access privilege on the server 16 with the method step 116. In method step 118, access authorization of the first order is given by the server 16 checked and refreshed. In method step 120, the refreshed access authorization of the first order is given to the vehicle manufacturer 18 then provided.

So the vehicle 20 now the renewed access permission second tier can be provided, transformed the vehicle manufacturer 18 in the method step 122, the access authorization of the first rank into the second-order access permission. The method step 124 is the vehicle 20 the access permission second rank provided.

The frame with the numeral 126 includes the process steps that are performed when the vehicle 20 no access authorization of second rank is present, which the vehicle 20 entitled to directly access the data 24 of the vehicle user 12 to access which on the server 16 are stored. If the vehicle 20 there is no second-level access permission, the vehicle prompts 20 at the server 16 the access authorization of the second rank by means of a valid access permission of the second rank with the method step 128. In method step 130, the request is checked and the access authorization of the second rank by the server 16 created. In method step 132, the second-level access authorization created is the vehicle 20 then provided.

The frame with the numeral 138 includes the process steps that are performed when the vehicle 20 an invalid access authorization of the second rank exists. If the vehicle 20 invalid second level access permission is requested by the vehicle 20 at the server 16 the refreshing of the second-level access authorization by means of a valid access permission of the second rank with the method step 140. In method step 142, the access authorization of the second rank is given by the server 16 checked and refreshed. In method step 144, the refreshed access authorization of the second rank is assigned to the vehicle 20 then provided.

The direct access to the data of the vehicle user 12 which is on the server 16 are stored, the vehicle practices 20 with the method step 146.

3 shows another method for assigning access permissions, using a system 10 with a first entity 12 , a second entity 14 and a third entity 16 Use finds. The first entity 12 is a vehicle user. The second entity 14 is a web-based customer portal of a vehicle manufacturer, which accesses data stored on a backend of the vehicle manufacturer. The third entity 16 is a third-party server, with data on the server 24 of the vehicle user 12 are stored.

The vehicle user 12 at step 148, requests access to the data 24 on the server 16 at.

The frame with the numeral 150 includes the process steps that are performed when the customer portal 14 There is no access permission of the first order, which is the customer portal 14 generally allowed to access data stored on the server 16 are stored. If the customer portal 14 No access permission of the first order is required by the customer portal 14 First-level access permission to the server 16 with the method step 152. In step 154, the request is checked and the first-level access permission by the server 16 created. In method step 156, the access permission of the first order is given to the customer portal 14 then provided.

The frame with the numeral 158 includes the process steps that are performed when the customer portal 14 an invalid one Access permission of the first order exists. If the customer portal 14 invalid access permission of the first order is required by the customer portal 14 the refresh of the first level access permission at the server 16 with the method step 160. In method step 162, the first-level access permission is issued by the server 16 checked and refreshed. In process step 164, the refreshed first level access permission becomes the customer portal 14 then provided.

The frame with the numeral 166 includes the process steps that are performed when the customer portal 14 no access authorization of the first rank exists, which is the customer portal 14 entitled to directly access the data 24 of the vehicle user 12 to access which on the server 16 are stored. If the customer portal 14 no access authorization of the first order is required by the customer portal 14 First-level access permissions to the server 16 with the method step 168. In step 170, the request is made by the server 16 checked. In method step 172, the vehicle user issues the first-order access authorization. In method step 174, the access authorization of the first rank is checked and created, and in method step 176 the customer portal 14 then provided.

The frame with the numeral 178 includes the process steps that are performed when the customer portal 14 There is an invalid access authorization of the first order. If the customer portal 14 invalid access authorization of the first order is required by the customer portal 14 refreshing the first level access privilege on the server 16 with the method step 180. In step 182, first level access is granted by the server 16 checked and refreshed. In method step 184, the refreshed first level access right becomes the customer portal 14 then provided.

With method step 186, the vehicle user becomes 12 informed that the vehicle manufacturer now on the data 24 on the server 16 can access; if necessary, the vehicle manufacturer also offers an interface in this context, via which the vehicle user 12 about the vehicle manufacturer on the data 24 can access. The vehicle user 12 thus grants the vehicle manufacturer the authorization to use his data via the customer portal 24 access. The authorization can be the vehicle user 12 for example, in the vehicle or via a web-based customer portal or a smartphone or tablet application of the vehicle manufacturer.

The fact that the first entity of the second entity is granted a first-ranking access right, which entitles the first entity of the second entity to directly access data of the first entity, which are stored on the third entity, the invention allows a secure transfer of already granted access permissions to data of the first entity.

LIST OF REFERENCE NUMBERS

10

system

12

first entity

14

second entity

16

third entity

18

first instance

20

second instance

22

third instance

24

dates

26-42

communication links

44

step

46

Step complex

48

step

50

Step complex

52-56

steps

58

Step complex

60-64

steps

66

Step complex

68-76

steps

78

Step complex

80-88

steps

90

Step complex

92

step

94

Step complex

96-100

steps

102

Step complex

104-112

steps

114

Step complex

116-124

steps

126

Step complex

128-132

steps

138

Step complex

140-148

steps

150

Step complex

152-156

steps

158

Step complex

160-164

steps

166

Step complex

168-176

steps

178

Step complex

180-186

steps

QUOTES INCLUDE IN THE DESCRIPTION

This list of the documents listed by the applicant has been generated automatically and is included solely for the better information of the reader. The list is not part of the German patent or utility model application. The DPMA assumes no liability for any errors or omissions.

Cited patent literature

• DE 10349723 A1 [0005]
• EP 1231531 A1 [0006]
• DE 69735486 T2 [0007]

Claims (15)

A method for assigning access authorizations to data (24) of a first entity (12), comprising the step of: - granting a first-order access permission for a second entity (14) by a third entity (16) to a first entity (18) the second entity (14) generally being allowed to access data stored on the third entity (16); characterized by the step of: granting first level access permission to the first entity (18) of the second entity (14) by the first entity (12) directly authorizing the first entity (18) of the second entity (14) to access the data (24) of the first entity (12) stored on the third entity (16). Method according to Claim 1 CHARACTERIZED BY the step of: - transforming first level access privilege of the first entity (18) of the second entity (14) into a second level access permission for the second entity (20) of the second entity (14) which informs the second entity (20 ) allows the second entity (14) to obtain a second-level access permission from the third entity (16) authorizing the second entity (20) of the second entity (14) to directly access the data (24) of the first entity (16). 12) stored on the third entity (16) without requiring the consent of the first entity (12). Method according to Claim 2 Characterized by the step of: - issuing the access authorization of the second rank for the second instance (20) of the second entity (14) based on the access permission of the second rank of the second instance (20) of the second entity (14) by the third entity (16) , Method according to Claim 3 CHARACTERIZED BY the step of: - transforming the second level access privilege of the second instance (20) of the second entity (14) into a third level access permission for the third entity (22) of the second entity (14) which informs the third entity (22 ) allows the second entity (14) to obtain third level access permission from the third entity (16) authorizing the third entity (22) of the second entity (14) to directly access the data (24) of the first entity (12 ) stored on the third entity (16) without the consent of the first entity (12). Method according to Claim 4 Characterized by the step of: - issuing the access permission third rank for the third instance (22) of the second entity (14) based on the access permission of the third rank of the third entity (22) of the second entity (14) by the third entity (16) , Method according to one of the preceding claims, characterized in that the first entity (18) of the second entity (14) is a vehicle manufacturer, the second entity (20) of the second entity (14) is a vehicle and / or the third entity (22) of second entity (14) is an electronic device of a vehicle. Method according to one of the preceding claims, characterized in that the first entity (12) is a vehicle user and / or the third entity (16) is a third-party server. Method according to one of the preceding claims, characterized in that based on an access permission several equal access permissions are issued and / or wherein an access authorization are transformed into a plurality of higher-level access permissions. Method according to one of the preceding claims, characterized in that the access authorization is maintained and usable when transforming an access authorization into a higher-level access permission. Method according to one of the preceding claims, characterized in that the access rights are restricted when transforming an access authorization into a higher-level access permission. Method according to one of the preceding claims, characterized by at least one of the following steps: - extending the validity of an access permission; - extend the validity of an access authorization; wherein the number of access authorization and / or access authorization extension operations is preferably limited. Method according to one of the preceding claims, characterized in that a loss of validity of an access permission and / or an access authorization leads to a loss of validity of all higher-level access permissions and / or wherein a loss of validity of an access permission and / or an access authorization leads to a loss of validity of all higher-level access permissions. Method according to one of the preceding claims, characterized by at least one of the following steps: - deleting an access permission; - delete an access authorization; - Revoking an access permission; - Revoke an access authorization. A system (10) for granting access permissions to data (24) of a first entity (12), comprising: - a second entity (14); and - a third entity (16); characterized in that the system (10) is adapted to carry out the method for assigning access authorizations to data (24) of a first entity (12) according to one of the preceding claims. System (10) after Claim 14 , characterized in that the first entity (18) of the second entity (14) is a vehicle manufacturer, the second entity (20) of the second entity (14) is a vehicle and / or the third entity (22) of the second entity (14) electronic device of a vehicle and / or wherein the first entity (12) is a vehicle user and / or the third entity (16) is a third-party server.

Images