EP3306587A1 - Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule - Google Patents

Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule Download PDF

Info

Publication number
EP3306587A1
EP3306587A1 EP17177232.0A EP17177232A EP3306587A1 EP 3306587 A1 EP3306587 A1 EP 3306587A1 EP 17177232 A EP17177232 A EP 17177232A EP 3306587 A1 EP3306587 A1 EP 3306587A1
Authority
EP
European Patent Office
Prior art keywords
mobile communication
communication device
vehicle
identifier
identification data
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn
Application number
EP17177232.0A
Other languages
German (de)
English (en)
Inventor
Beat Meier
Laurence Krpoun
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Fast Recognition AG
Original Assignee
Fast Recognition AG
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Fast Recognition AG filed Critical Fast Recognition AG
Priority to EP17177232.0A priority Critical patent/EP3306587A1/fr
Publication of EP3306587A1 publication Critical patent/EP3306587A1/fr
Withdrawn legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G08SIGNALLING
    • G08GTRAFFIC CONTROL SYSTEMS
    • G08G1/00Traffic control systems for road vehicles
    • G08G1/01Detecting movement of traffic to be counted or controlled
    • G08G1/0104Measuring and analyzing of parameters relative to traffic conditions
    • G08G1/0108Measuring and analyzing of parameters relative to traffic conditions based on the source of data
    • G08G1/012Measuring and analyzing of parameters relative to traffic conditions based on the source of data from other sources than vehicle or roadside beacons, e.g. mobile networks
    • GPHYSICS
    • G08SIGNALLING
    • G08GTRAFFIC CONTROL SYSTEMS
    • G08G1/00Traffic control systems for road vehicles
    • G08G1/01Detecting movement of traffic to be counted or controlled
    • G08G1/0104Measuring and analyzing of parameters relative to traffic conditions
    • G08G1/0108Measuring and analyzing of parameters relative to traffic conditions based on the source of data
    • G08G1/0116Measuring and analyzing of parameters relative to traffic conditions based on the source of data from roadside infrastructure, e.g. beacons
    • GPHYSICS
    • G08SIGNALLING
    • G08GTRAFFIC CONTROL SYSTEMS
    • G08G1/00Traffic control systems for road vehicles
    • G08G1/01Detecting movement of traffic to be counted or controlled
    • G08G1/017Detecting movement of traffic to be counted or controlled identifying vehicles
    • GPHYSICS
    • G08SIGNALLING
    • G08GTRAFFIC CONTROL SYSTEMS
    • G08G1/00Traffic control systems for road vehicles
    • G08G1/01Detecting movement of traffic to be counted or controlled
    • G08G1/0104Measuring and analyzing of parameters relative to traffic conditions
    • G08G1/0137Measuring and analyzing of parameters relative to traffic conditions for specific applications

Definitions

  • the present invention relates to a method and system for identifying mobile communication devices used together with vehicles, or vehicles used together with mobile communication devices.
  • ANPR Automatic number plate recognition
  • ALPR Automatic License Plate recognition
  • the images of license plates can be captured by cameras specifically designed for ANPR.
  • ANPR cameras are mounted on top of a road or next to a road and capture images of vehicles passing through. The images are then analyzed resulting in a set of data called meta-data extracted from each captured license plate.
  • data comprising the information gathered with ANPR can be stored, e.g. in a database hosted by a computer server, for further use by authorized entities, e.g. for law enforcement and security.
  • a mobile communication device e.g. a user equipment, UE
  • UE is identified by a unique identification, the International Mobile Equipment Identity.
  • a user of a UE is identified by another unique identification, the International Mobile Subscriber Identity, or IMSI, which identifies the user in a mobile communication network of a mobile communication provider.
  • IMSI International Mobile Subscriber Identity
  • one or both identifications can be captured by a cellular identification (CID) device, which implements functionality of a base transceiver station, BTS. That is, a CID device can identify the above mentioned unique identification of a nearby UE and/or its user.
  • the data captured by a CID device can also be stored, e.g. in a database hosted by a computer server.
  • a 1 st embodiment of the invention is a method for identifying mobile communication devices used together with vehicles, or vehicles used together with mobile communication devices, the method comprising the steps of:
  • a vehicle identifier acquisition site corresponds to a mobile communication device identifier acquisition site if:
  • the time comprised in a vehicle identifier acquisition site corresponds to the time comprised in a mobile communication device identifier acquisition site if the time comprised in the vehicle identifier acquisition site and the time comprised in the mobile communication device identifier acquisition site are within the same predefined time interval.
  • the method comprises further:
  • calculating the confidence score for the association of the specified vehicle identifier with a mobile communication device identifier comprises:
  • the method comprises further:
  • calculating the confidence score for the association of the specified mobile communication device identifier with a vehicle identifier comprises:
  • calculating the confidence score comprises multiplying the sum with a factor, preferably 0.5.
  • the method comprises further the steps of
  • a 10th embodiment of the invention is a method for acquiring, in a secured manner, a mobile communication device identification data set, the method comprising the steps of:
  • a 12th embodiment of the invention is a method for handling, in a secured manner, information regarding mobile communication devices used together with vehicles, and/or regarding vehicles used together with mobile communication devices, the method comprising the steps of:
  • the method further comprises the steps of
  • the at least one mobile communication device used together with the vehicle identified by the specified vehicle identifier is identified in accordance with the method of any one of the 1st to 5 th embodiment, or the 8 th embodiment.
  • the method comprises further the steps of
  • the at least one vehicle used together with the mobile communication device identified by the specified mobile communication device identifier is identified in accordance with the method of any one of claim 1 to 3, or any one of claims 6 to 8.
  • the method comprises further the steps of the 9 th embodiment.
  • the method comprises further the steps of acquiring, for each of the one or more vehicles, the one or more vehicle identification data sets.
  • a mobile communication device identification data set does not comprise an unencrypted mobile communication device identifier of the respective mobile communication device.
  • the second encryption method is a hash encryption.
  • acquiring a vehicle identification data set for a vehicle comprises:
  • the camera is configured for Automatic Number Plate recognition, ANPR, or for Automatic License Plate recognition, ALPR.
  • acquiring a vehicle identification data set for one of the plurality of vehicles further comprises:
  • acquiring a mobile communication device identification data set for a mobile communication device comprises capturing at least one identification of the mobile communication device by a capturing device, preferably one of a base station operating according to a standard for wireless communication.
  • an identification of the mobile communication device captured by the capturing device is:
  • acquiring a mobile communication device identification data set for a mobile communication device further comprises:
  • a 28 th embodiment of the invention is a system for identifying mobile communication devices used together with vehicles, or vehicles used together with mobile communication devices, the system comprising means configured for carrying out the steps of the method of any one of the 1st to 9 th embodiments, or any one of the 22nd to 27 th embodiments, when depending from the 1 st embodiment.
  • a 29th embodiment of the invention is an apparatus for acquiring, in a secured manner, a mobile communication device identification data set, the apparatus comprising means configured for carrying out the steps of the method according to the 10the embodiment, or any one of the 20th or 21 st embodiments, when dependent from the 10 th embodiment, or any one of the 25th to 27 th embodiments when depending from the 10 th embodiment.
  • a 30th embodiment of the invention is a server for handling, in a secured manner, information regarding mobile communication devices which are used together with vehicles, or regarding vehicles used together with mobile communication devices, the server comprising means configured for carrying out the steps of the method of any one of the 12th to 19 th embodiments, or any one of the 20th or 21 st embodiments, when dependent from the 11 th embodiment.
  • a 31 st embodiment of the invention is a system for identifying, in a secured manner, mobile communication devices used together with vehicles, or vehicles used together with mobile communication devices, the system comprising one or more apparatus according to the 29 th embodiment and one or more servers according to the 30 th embodiment, and optionally one or more apparatus comprising means configured for carrying out the steps of the method mentioned in any one of the 22nd to 24 th embodiments, or a combination thereof.
  • Fig. 1 is a flowchart showing the steps of a method according to an embodiment of the present invention.
  • the method shown in Fig. 1 is for identifying mobile communication devices used together with vehicles, or vehicles used together with mobile communication devices.
  • a step 110 for each of one or more vehicles, one or more vehicle identification data sets are obtained, e.g. acquired by a camera which is configured for Automatic Number Plate recognition, ANPR (also referred to as Automatic License Plate recognition, ALPR).
  • ANPR also referred to as Automatic License Plate recognition, ALPR.
  • the ANPR camera captures an image of the vehicle.
  • the captured image is processed with image processing to extract license plate data associated with a license plate of the vehicle, e.g. the plate number.
  • the extracted license plate data can then be used to query a vehicle identification server, to receive a vehicle identifier which identifies the vehicle.
  • a vehicle identification data set obtained for a vehicle comprises the vehicle identifier, and further a vehicle identifier acquisition site.
  • the vehicle identifier acquisition site is used to store time and location at which the vehicle identifier has been acquired, e.g. captured by the respective ANPR camera.
  • a vehicle identification data set is also referred to as a transit. There is usually more than one transit per plate number. This corresponds to a vehicle being recorded at different locations in a city.
  • one or more mobile communication device identification data sets are obtained, e.g. acquired by capturing at least one identification of the mobile communication device by a capturing device.
  • the capturing device is preferably a base station operating according to a standard for wireless communication, also referred to as a CID device as discussed above.
  • an identification of the mobile communication device captured by the capturing device is e.g. an identifier associated with a subscriber module comprised by the mobile communication device (preferably an International Mobile Subscriber Identity, or IMSI), or an identifier associated with the mobile communication device (preferably an International Mobile Station Equipment Identity, or IMEI).
  • IMSI International Mobile Subscriber Identity
  • IMEI International Mobile Station Equipment Identity
  • a mobile communication device identification data set obtained for a mobile communication device comprises the mobile communication device identifier and further a mobile communication device identifier acquisition site.
  • the mobile communication device identifier acquisition site is used to store time and location at which the mobile communication device identifier has been acquired, e.g. captured by the respective base station.
  • a vehicle and mobile communication device association set is generated in step 130.
  • Each entry of the association set associates a vehicle identification data set and a mobile communication device identification data set.
  • the vehicle identifier acquisition site comprised in the vehicle identification data set corresponds to the mobile communication device identifier acquisition site comprised in the associated mobile communication device identification data set.
  • a vehicle identifier acquisition site is determined to correspond to a mobile communication device identifier acquisition site if the location comprised in the vehicle identifier acquisition site corresponds to the location comprised in the mobile communication device identifier acquisition site, and the time comprised in the vehicle identifier acquisition site corresponds to the time comprised in the mobile communication device identifier acquisition site.
  • the time comprised in a vehicle identifier acquisition site is determined to correspond to the time comprised in a mobile communication device identifier acquisition site if the time comprised in the vehicle identifier acquisition site and the time comprised in the mobile communication device identifier acquisition site are within the same predefined time interval.
  • a preferably time interval is a time interval of five seconds, however other time intervals are also possible.
  • FIG. 9 shows an example of an acquisition site.
  • An acquisition site preferably comprises one CID device 810 and one or more ANPR cameras 830, preferably one ANPR camera per road lane. While the CID device and the ANPR cameras deployed at a specific acquisition site can have slightly different GPS coordinates, each acquisition site is identified by a unique site identifier, e.g. a name or descriptor, represented by the location comprised in the vehicle identifier acquisition site and the mobile communication device identifier acquisition site. Accordingly, the CID device and the ANPR cameras deployed at a specific acquisition site are associated with the respective unique site identifier, stored as location.
  • a unique site identifier e.g. a name or descriptor
  • the location comprised in a vehicle identifier acquisition site is determined to correspond to the location comprised in a mobile communication device identifier acquisition site if they are similar.
  • the location of an acquisition site can be stored as GPS coordinates, and a range can be defined for slightly different GPS coordinates to be similar, thus defining the location of a specific acquisition site.
  • At least one mobile communication device which is used together with a specified vehicle is identified in step 140.
  • at least one vehicle which is used together with a specified mobile communication device is identified in step 140.
  • Fig. 2 is a flowchart showing further steps of the method of Fig. 1 , according to a preferred embodiment of the present invention.
  • a vehicle can be specified by a user of a system implementing the method.
  • a user input specifying a vehicle identifier is acquired.
  • a vehicle identifier associated set is determined.
  • the vehicle identifier associated set preferably comprises all mobile communication device identifiers which are comprised in the mobile communication device identification data sets, which have been associated previously, in the associated set, with vehicle identification data sets comprising the specified vehicle identifier.
  • step 230 confidence scores are calculated for the determined associations between the specified vehicle and previously captured mobile communication devices.
  • a confidence score for an association of the specified vehicle identifier with the mobile communication device identifier is calculated.
  • the confidence score indicates a likelihood that the vehicle identified by the specified vehicle identifier has correctly been associated with the mobile communication device identified by the mobile communication device identifier.
  • Fig. 3 is a flowchart showing the sub-steps of step 230 of the method of Fig. 2 according to a preferred embodiment of the present invention.
  • the step 230 of calculating the confidence score for an association of a specified vehicle identifier with a mobile communication device identifier comprises a step 230-1 of determining, in the association set, a first number A (p, cid ), which specifies a number of entries associating a vehicle identification data set comprising the specified vehicle identifier p with a mobile communication device identification data set comprising the mobile communication device identifier cid .
  • is determined.
  • step 230-3 a second ratio of the first number A (p, cid) and a third number
  • specifies a number of mobile communication device identification data sets comprising the mobile communication device identifier cid .
  • step 230-4 the sum of the first ratio and the second ratio is determined, and the sum is preferably multiplied with a factor of 0.5.
  • a(p, cid ) representing the number of associations between a plate number p and a mobile communication device identifier cid . It is noted that a(p, cid ) is determined as discussed above, by combining two obtained data sets regarding vehicles and mobile communication devices, based on the respective acquisition time and location. As discussed above, a plate p is associated to a cid if they were captured in the same time interval at the same site, with a site being a single location where road traffic and mobile phones presence are monitored. A plate p and a cid should be seen together many times for the associations to be likely.
  • a (p, cid) be the set of associations between p and cid , and
  • the resulting confidence score is always in between 0 and 1.
  • a score of 0 indicates that a mobile communication device identifier cid was never associated with the plate p .
  • a score of 1 indicates that the cid was always associated with the plate p .
  • the search will return a score of 1 in the case that there are for example five transits with the plate number p , and every one of these transits is associated with the same cid . At the same time this specific cid will also appear exactly five times in the specified search parameters and every time will be associated with the specified plate number p .
  • "associated" means that they were captured at the same site at about the same time. It should be noted that this does not mean that the transit will not be associated with other cid , and that the cid will not be associated with other plate numbers outside the search parameters.
  • the steps of the method as shown in Figs. 1 to 3 allow a user to search for mobile communication devices that are associated with a vehicle specified by the user.
  • the method can however also be used for searching vehicles that are associated with a mobile communication device identified by the user.
  • Fig. 4 is a flowchart showing further steps of the method of Fig. 1 according to a preferred embodiment of the present invention.
  • a mobile communication device can be specified by the user.
  • a user input specifying a mobile communication device identifier is acquired.
  • a mobile communication device identifier associated set is determined.
  • the mobile communication device identifier associated set preferably comprises all vehicle identifiers which are comprised in the vehicle identification data sets, which previously have been associated, in the associated set, with mobile communication device identification data sets comprising the specified mobile communication device identifier.
  • step 430 similar to the method shown in Fig. 2 and discussed above, confidence scores are calculated, this time for the determined associations between the specified mobile communication device and previously captured vehicles.
  • a confidence score for an association of the specified mobile communication device identifier with the vehicle identifier is calculated. The confidence score again indicates a likelihood that the mobile communication device identified by the specified mobile communication device identifier has correctly been associated with a vehicle identified by the vehicle identifier.
  • Fig. 5 is a flowchart showing the sub-steps of step 430 of the method of Fig. 4 according to a preferred embodiment of the present invention.
  • the step 430 of calculating the confidence score for an association of a specified mobile communication device identifier with a vehicle identifier comprises a step 430-1 of determining, in the association set, a first number A (p, cid), which again specifies a number of entries associating a vehicle identification data set comprising the vehicle identifier p with a mobile communication device identification data set comprising the specified mobile communication device identifier cid .
  • step 430-2 again a first ratio of the first number A (p, cid ) and a second number
  • step 430-3 again a second ratio of the first number A (p, cid ) and a third number
  • the sum of the first ratio and the second ratio is determined, and the sum is preferably multiplied with a factor of 0.5.
  • a user searches for vehicle identifiers, e.g. plate numbers, that are associated with a mobile communication device specified by the user.
  • the search is similar to the above as shown in Figs. 2 and 3 .
  • the calculated score is the same for both searches, but because the search is done differently (looking for all cids captured together with a given plate p versus looking for all plates p captured together with a given cid ), the result may be slightly different, e.g. due to point where the time intervals used for capturing are centered.
  • the present invention allows to combine the advances in the field of video surveillance and license plate recognition with new trends in mobile communications to associate traffic data to mobile data.
  • the present invention thus leverages both technologies to collect information about traffic, namely license plates meta-data, time, and location information with mobile phone meta-data such as cellular and hardware identification, frequency, operator information, time, and location.
  • the proposed methods use the data collected independently from both systems, namely ANPR cameras and CID devices, and merge them based on common information such as location and time.
  • the invention involves making a statistical analysis on the merged data to provide statistically significant associations of traffic and mobile phones. This results in the possibility to track mobile communication devices, e.g. mobile phones, used with or in vehicles, e.g. cars, in an advantageous and efficient way.
  • some embodiments relate to security measures to protect the data and the results of the proposed algorithms from unauthorized use.
  • the above discussed IMSI and IMEI numbers can be used to track individuals, and therefore this information should be accessible only by authorized persons, e.g. authorized agencies.
  • Fig. 6 is a flowchart showing steps of a method according to a further embodiment of the present invention.
  • the method of Fig. 6 is for acquiring a mobile communication device identification data set in a secured manner.
  • a mobile communication device identifier is acquired for each of one or more mobile communication devices. This is preferably done by a capturing device as discussed above, i.e. by a base station operating according to a standard for wireless communication, also referred to as a CID device.
  • a first encrypted mobile communication device identifier is generated by encrypting the mobile communication device identifier with a first encryption method.
  • the first encryption method uses a public key for encryption and further requires a paired private key for decryption.
  • An example for the first encryption method is RSA (for Rivest-Shamir-Adleman), which is an asymmetric encryption method that can be used for secure data transmission. "Asymmetric" here means that the key used for encryption is public and differs from the decryption key which is kept secret.
  • RSA is used with a 1024-bit encryption key.
  • a mobile communication device identification data set comprising the first encrypted mobile communication device identifier is transmitted to a server.
  • the method of Fig. 6 is preferably executed by a CID device as discussed above.
  • step 620 of generating the first encrypted mobile communication device identifier further comprises generating a second encrypted mobile communication device identifier by encrypting the mobile communication device identifier with a second encryption method.
  • the second encryption method uses a one-way mapping function such that a second encrypted mobile communication device identifier cannot be decrypted. Accordingly, in these embodiments the mobile communication device identification data set transmitted in the transmitting step 630 comprises the first and second encrypted mobile communication device identifiers.
  • the steps of the method of Fig. 6 are performed batch-wise. That is, the CID device performs the steps of the method in certain time intervals, e.g. every five seconds.
  • the time interval is a parameter, and other time intervals are possible.
  • a plurality of mobile communication device identifiers are acquired in step 610.
  • each of the acquired plurality of mobile communication device identifiers are encrypted (either only using RSA, or using both, RSA and SHA) in step 620.
  • a corresponding plurality of mobile communication device identification data sets is transmitted to the centralized server in step 630.
  • the advantage of the batch-wise performing of the method of Fig. 6 is that the CID device only needs to set up a connection to the centralized server once, to transmit a plurality of mobile communication device identification data sets in a single transmission step 630, in contrast to setting up one connection to the centralized server for each acquired and encrypted mobile communication device identifier.
  • Fig. 7 is a flowchart showing steps of a method according to a further embodiment of the present invention.
  • the method of Fig. 7 is for handling information regarding mobile communication devices used together with vehicles, and/or regarding vehicles used together with mobile communication devices, in a secured manner.
  • the method is for handling the data acquired, encrypted and transmitted from a CID device according to the method of Fig. 6 , e.g. on a centralized server.
  • step 710 one or more vehicle identification data sets are stored for each of one or more vehicles.
  • Each vehicle identification data set comprises a vehicle identifier.
  • the vehicle identification data sets are for instance the vehicle identification data sets acquired by an ANPR camera as used in the method of Fig. 1 .
  • each mobile communication device identification data set comprises a first and a second encrypted mobile communication device identifier generated with a first and a second encryption method, wherein the first encryption method uses a public key for encryption and requires a paired private key for decryption, and wherein the second encryption method uses a one-way mapping function such that the second encrypted mobile communication device identifier cannot be decrypted.
  • the mobile communication device identification data sets are for instance the mobile communication device identification data sets acquired by a CID device as used in the methods of Fig. 1 or Fig. 6 .
  • An example for the first encryption method is the above discussed RSA method.
  • An example of the second encryption method is SHA (for Secure Hash Algorithm), which is based on cryptographic hash functions.
  • a cryptographic hash function is a mathematical algorithm that maps data of arbitrary size to a bit string of a fixed size. It is designed to be a one-way function, that is, a function which cannot be inverted.
  • SHA is used with a 256-bit encryption key.
  • the method of Fig. 7 allows identifying mobile communication devices used together with a vehicle.
  • a user input is acquired which specifies a vehicle identifier.
  • the user can enter e.g. a plate number p .
  • at least one mobile communication device used together with a vehicle identified by the specified vehicle identifier is identified. This is done by means of the mobile communication device identification data sets and the vehicle identification data sets.
  • the identification is done using any of the methods as shown in Figs. 1 to 3 and discussed above, which allow a user to search for mobile communication devices that are associated with a vehicle specified by the user, and which further allow to determine a confidence score for each determined association.
  • step 750 information regarding the identified at least one mobile communication device is outputted, e.g. provided to the user.
  • the information can e.g. be the first and/or second encrypted mobile communication device identifier comprised in the mobile communication device identification data set of the identified at least one mobile communication device.
  • the method of Fig. 7 allows identifying vehicles used together with a mobile communication device.
  • a user input is acquired which specifies a mobile communication device identifier, e.g. a CID as discussed above. If the mobile communication device identifier as provided by the user is not encrypted with the second encryption method, it is then encrypted in step 770, using the second encryption method, e.g. the above discussed SHA encryption method. Otherwise, i.e. if the mobile communication device identifier as provided by the user is already encrypted, the method continues with step 780.
  • step 770 is necessary, because the mobile communication device identification data sets only comprise mobile communication device identifiers in RSA and SHA encrypted form, but not in unencrypted form. Further, an RSA-encrypted CID is not suitable for querying, while a hashed CID allows for an efficient, yet secure way of querying, as discussed above.
  • step 780 at least one vehicle used together with the mobile communication device identified by the specified mobile communication device identifier is identified. This is done by means of the second encrypted mobile communication device identifiers comprised in the mobile communication device identification data sets and the vehicle identification data sets.
  • the vehicle identifier of the identified at least one vehicle is outputted in step 790, e.g. provided to the user.
  • the method as shown in Fig. 7 and as discussed above also allows identifying mobile communication devices used together with a vehicle, or vice versa, however in a secured manner.
  • storing both, SHA and RSA encrypted data allows providing two levels of authorization:
  • Non-authorized users can access the CID data through the hash version, meaning that they can get information on the associations between CID and plates, but will not see the real IMSI and IMEI.
  • non-authorized users can search for a known mobile communication identifier, e.g. an IMSI, if they know it, by using the hashed data. It is noted that this kind of search works in a similar same way as password matching, and thus is very efficient.
  • authorized users like security authorities, will have access to the unencrypted data, e.g. through a security dongle providing the private key necessary to decrypt the data.
  • hashed data cannot be decrypted, and thus for the purpose of providing encrypted data that can be decrypted by authorized users, RSA-encrypted data and hashed data are stored in parallel.
  • a mobile communication device identification data set does not comprise an unencrypted mobile communication device identifier of the respective mobile communication device, to ensure that the CID data is acquired and handled in a secured manner, to prevent unauthorized use thereof, even by the provider of the system or the server on which the data is stored.
  • detective B In contrast, another user "detective B" is authorized to access decrypted data. Accordingly, if detective B wants to know the IMSIs in an area, he can provide the required private key for decrypting the data to the system, e.g. using a dongle with the private key. Alternatively, detective B may enter a password to get access to decrypted data. In case detective B performs a search by starting a query, all mobile communication device identifiers involved in that query are decrypted using the RSA private key.
  • the method of Fig. 6 is executed by a CID device, e.g. CID device 810 in Fig. 8 .
  • the CID device 810 starts by encrypting captured CID numbers with an asymmetric encryption algorithm, namely RSA with a key of 1024 bits, before transmitting the CID numbers to a centralized server, e.g. centralized server 820 in Fig. 9 .
  • a centralized server 820 which preferably executes the method of Fig. 7
  • the transmitted RSA-encrypted CID numbers are decrypted with the respective private key (e.g. provided to the centralized server 820 by means of a dongle) corresponding to the device, and are immediately encrypted again, using RSA and SHA encryption.
  • the RSA encrypted CID numbers are used in case of a query wherein a user asks for decryption, providing that he is authorized.
  • the hash (SHA) encrypted CID numbers are used for any query of a user (without special authorization) wherein the real HW ID is provided as query.
  • the hash encrypted version of a CID number cannot be decrypted as SHA is a one-way function, as discussed above. A has value can however be used for querying the stored data.
  • the RSA encrypted version of a CID number cannot be used for querying the stored data, because the RSA encryption method, applied to a specific CID number as input, returns a different value each time it is applied. The reason is to prevent a brute force attack to RSA encrypted data. Accordingly, it is advantageous to store two encrypted versions of the CID numbers in the database stored in the centralized server 810, and thus the CID numbers are securely stored in the two different formats: the first being the RSA-encrypted format, the other is a hashed version of the data.
  • the table below shows what data is transmitted from the CID device(s), and what data is stored at the centralized server.
  • Captured Sent Stored in centralized server Stored in centralized server IMEI RSA 1024 (IMEI) RSA 1024 (IMEI) SHA 256 (IMEI) IMSI RSA 1024 (IMSI) RSA 1024 (IMSI) SHA 256 (IMSI)
  • the advantage of the embodiments in which the CID device 810 provides only the RSA encrypted CID numbers is that the CID device 810 only needs to perform one encryption method, namely RSA, while the second encryption of the CID numbers, namely the hashed version using SHA, is performed by the centralized server 810. Accordingly, the CID device 810 needs less hardware resources and computing effort. This also allows to reduce the complexity and size of the CID device 810, leading to further effects, e.g. reduced power consumption and space requirements.
  • the captured CID numbers could be transmitted by the CID device in unencrypted form and then be encrypted on the centralized server, using both encryption methods.
  • the centralized server only receives encrypted CID numbers, it can be ensured that not even the operator or provider of the server can access the CID numbers.
  • the CID device 810 encrypts and transmits the acquired mobile communication device identifier using both, the first and second encryption methods, e.g. the RSA and SHA. Accordingly, in these embodiments the centralized server 810 is relieved of the burden to decrypt and encrypt the CID numbers. This is advantageous if the complexity of the centralized server 810 is limited, and further allows to use the resources of the centralized server 810 for other tasks.
  • system 800 comprises a CID device 810 comprising means to carry out the steps as shown in Fig. 6 . That is, CID device 810 is configured to capture CID numbers of nearby mobile communication devices. As discussed above, the captured CID data is preferably encrypted by the CID device 810, before being transmitted to a centralized server 820.
  • the centralized server 820 comprises means for carrying out the steps as shown in Fig. 7 . That is, the centralized server 820 is configured to store the CID data as provided by CID device 810, wherein the CID data is stored in two encrypted forms, RSA and SHA, as shown in the table above.
  • system 800 comprises an ANPR camera 830 comprising means to carry out the steps of Fig. 1 relating to the acquiring of plate numbers.
  • the ANPR camera 830 can preferably be mounted above the lanes of a road, to be able to capture images of passing vehicles.
  • FIG. 9 shows an alternative view of system 800.
  • a scenario as shown in Fig. 9 is also referred to as an acquisition site.
  • An acquisition site preferably comprises one CID device 810 and one or more ANPR cameras 830, preferably one ANPR camera per road lane.
  • a CID device 810 preferably comprises a directional antenna which allows targeting the capture of the mobile communication devices to the road in line of sight.
  • Both, the ANPR cameras 830 and the CID device 810 are connected to a network, e.g. the Internet, via a respective network interface.
  • the data obtained by the ANPR cameras 830 and the CID device 810 are securely transmitted over the Internet to centralized server 820 and stored therein as discussed above.
  • the centralized server 820 gathers data from all these acquisition sites.
  • the methods as discussed above and as shown in Figs. 1 to 5 and 7 are executed by the centralized server 820, i.e. obtaining and storing the vehicle and mobile communication device identification data sets and combining these data to identify mobile communication devices used together with a vehicle, and vice versa vehicles used together with mobile communication devices.
  • the entities of system 800 perform the above discussed methods in a secured manner.
  • the present invention is more efficient if used with more than one acquisition site.
  • the present invention is not limited to a specific number of acquisition sites.
  • the present invention is also efficient if used with one acquisition site used for an extended period of time, e.g. on several days.
  • Fig. 10 shows another alternative view of system 800.
  • CID device 810 comprises a device manager and a database DB for storing data acquired by the acquisition sites.
  • the CID device connects to the interceptor and creates a secure channel for transmitting data.
  • the CID device retrieves all new entries from the database, i.e. all new entries acquired in the meantime by the acquisition sites, encrypts the HW/SIM IDs, i.e. the mobile communication device identifiers using RSA and a public key of e.g. 1024 bits, and puts the entries in a list which is then sent together with their metadata, e.g. time and acquisition site, over the secured channel to the interceptor 820.
  • the interceptor 820 receives the data transmitted by the CID device 810 in a list. For each entry, the HW ID and SIM ID, i.e. the mobile communication device identifiers, are decrypted using the private key. Then the interceptor 810 generates RSA and SHA values for HW ID and SIM ID, which are then both stored in the local database maintained at the interceptor 820.

Landscapes

  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Chemical & Material Sciences (AREA)
  • Analytical Chemistry (AREA)
  • Mobile Radio Communication Systems (AREA)
  • Traffic Control Systems (AREA)
EP17177232.0A 2016-10-04 2016-10-04 Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule Withdrawn EP3306587A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
EP17177232.0A EP3306587A1 (fr) 2016-10-04 2016-10-04 Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
EP16192155.6A EP3306586A1 (fr) 2016-10-04 2016-10-04 Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule
EP17177232.0A EP3306587A1 (fr) 2016-10-04 2016-10-04 Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule

Related Parent Applications (2)

Application Number Title Priority Date Filing Date
EP16192155.6A Division EP3306586A1 (fr) 2016-10-04 2016-10-04 Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule
EP16192155.6A Division-Into EP3306586A1 (fr) 2016-10-04 2016-10-04 Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule

Publications (1)

Publication Number Publication Date
EP3306587A1 true EP3306587A1 (fr) 2018-04-11

Family

ID=57144790

Family Applications (2)

Application Number Title Priority Date Filing Date
EP17177232.0A Withdrawn EP3306587A1 (fr) 2016-10-04 2016-10-04 Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule
EP16192155.6A Withdrawn EP3306586A1 (fr) 2016-10-04 2016-10-04 Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule

Family Applications After (1)

Application Number Title Priority Date Filing Date
EP16192155.6A Withdrawn EP3306586A1 (fr) 2016-10-04 2016-10-04 Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule

Country Status (1)

Country Link
EP (2) EP3306587A1 (fr)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030072450A1 (en) * 2001-10-16 2003-04-17 Mark Maggenti Method and apparatus for providing privacy of user identity and characteristics in a communication system
WO2014072971A1 (fr) * 2012-11-06 2014-05-15 Givon Assaf Procédé de détermination d'une plaque d'immatriculation d'un véhicule suivi par un système de surveillance
US20140195100A1 (en) * 2013-01-04 2014-07-10 Soren K. Lundsgaard Smartphone based system for vehicle monitoring security
EP2887333A1 (fr) * 2013-12-17 2015-06-24 Xerox Corporation Preuve du respect de la confidentialité dans des applications ALPR
WO2015105287A1 (fr) * 2014-01-10 2015-07-16 에스케이플래닛 주식회사 Procédé de collecte d'informations de trafic, appareil et système associés
WO2016055226A1 (fr) * 2014-10-07 2016-04-14 Kapsch Trafficcom Ag Paiements mobiles reposant sur une balise

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2012013228A1 (fr) * 2010-07-28 2012-02-02 Traffic Network Solutions, S. L. Procédé et système pour contrôler un trafic de véhicules

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030072450A1 (en) * 2001-10-16 2003-04-17 Mark Maggenti Method and apparatus for providing privacy of user identity and characteristics in a communication system
WO2014072971A1 (fr) * 2012-11-06 2014-05-15 Givon Assaf Procédé de détermination d'une plaque d'immatriculation d'un véhicule suivi par un système de surveillance
US20140195100A1 (en) * 2013-01-04 2014-07-10 Soren K. Lundsgaard Smartphone based system for vehicle monitoring security
EP2887333A1 (fr) * 2013-12-17 2015-06-24 Xerox Corporation Preuve du respect de la confidentialité dans des applications ALPR
WO2015105287A1 (fr) * 2014-01-10 2015-07-16 에스케이플래닛 주식회사 Procédé de collecte d'informations de trafic, appareil et système associés
WO2016055226A1 (fr) * 2014-10-07 2016-04-14 Kapsch Trafficcom Ag Paiements mobiles reposant sur une balise

Also Published As

Publication number Publication date
EP3306586A1 (fr) 2018-04-11

Similar Documents

Publication Publication Date Title
CN105516103B (zh) 绑定智能家电设备的方法、装置和系统
CN110677411B (zh) 一种基于云存储的数据共享方法及系统
CN104660589B (zh) 一种对信息进行加密控制、解析信息的方法、系统和终端
US9325507B2 (en) System and method for managing mobile device using device-to-device communication
EP2940959A1 (fr) Procédé de traitement d'informations, procédé de récupération d'informations, dispositif, terminal d'utilisateur, et serveur
CN105553932A (zh) 智能家电设备的远程控制安全绑定方法、装置和系统
US20150134959A1 (en) Instant Communication Method and System
CN110460580B (zh) 图像采集装置、服务器及加、解密方法
CN112533202B (zh) 身份鉴别方法及装置
US20140082728A1 (en) Dongle device for wireless intrusion prevention
CN105260640A (zh) 一种基于指纹认证与gps的取证系统和方法
JP4962237B2 (ja) 携帯装置の位置に関する情報とファイル用暗号鍵とを管理するためのプログラムおよび方法
RU2014136397A (ru) Законный перехват зашифрованных обменов данными
CN115118419B (zh) 安全芯片的数据传输方法、安全芯片装置、设备及介质
CA3129803A1 (fr) Methodes et systemes pour permettre des services axes sur l'identite au moyen d'un identifiant aleatoire
KR101367264B1 (ko) 차량 주차시 차량번호를 이용한 사용자 휴대단말번호 노출 제한 방법, 그리고 이를 구현하기 위한 휴대단말번호 노출 제한 서버
CN106339623B (zh) 登录方法和装置
CN108932420B (zh) 人证核验装置、方法和系统以及证件解密装置和方法
CN107995616B (zh) 用户行为数据的处理方法以及装置
EP3306587A1 (fr) Identification d'un dispositif mobile utilisé par l'utilisateur d'un véhicule
KR101289888B1 (ko) 감청 방법 및 이를 수행하는 단말
CN101827094B (zh) 数字证书的下发方法、装置及系统
CN110213201B (zh) 数据安全的处理方法、装置、计算机设备及存储介质
US20090097648A1 (en) Content service providing method and authentication method between devices using broadcast encryption, display device, and resource-constrained device
CN108566367B (zh) 一种终端的认证方法和装置

Legal Events

Date Code Title Description
PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

AC Divisional application: reference to earlier application

Ref document number: 3306586

Country of ref document: EP

Kind code of ref document: P

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR

AX Request for extension of the european patent

Extension state: BA ME

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE APPLICATION IS DEEMED TO BE WITHDRAWN

18D Application deemed to be withdrawn

Effective date: 20181012