EP4278627A1 - Procédé, programme informatique, support de stockage lisible par ordinateur et système pour fournir des informations à protéger qui concernent un véhicule de transport de passagers - Google Patents

Procédé, programme informatique, support de stockage lisible par ordinateur et système pour fournir des informations à protéger qui concernent un véhicule de transport de passagers

Info

Publication number
EP4278627A1
EP4278627A1 EP22707642.9A EP22707642A EP4278627A1 EP 4278627 A1 EP4278627 A1 EP 4278627A1 EP 22707642 A EP22707642 A EP 22707642A EP 4278627 A1 EP4278627 A1 EP 4278627A1
Authority
EP
European Patent Office
Prior art keywords
information
protected
land
vid
transport vehicle
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
EP22707642.9A
Other languages
German (de)
English (en)
Inventor
Hermann Jung
Stefan Lenz
Gerd Rother
Hagen Scheibe
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens Mobility GmbH
Original Assignee
Siemens Mobility GmbH
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Mobility GmbH filed Critical Siemens Mobility GmbH
Publication of EP4278627A1 publication Critical patent/EP4278627A1/fr
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/42Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for mass transport vehicles, e.g. buses, trains or aircraft
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/03Protecting confidentiality, e.g. by encryption
    • H04W12/033Protecting confidentiality, e.g. by encryption of the user plane, e.g. user's traffic
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/44Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for communication between vehicles and infrastructures, e.g. vehicle-to-cloud [V2C] or vehicle-to-home [V2H]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption

Definitions

  • the invention relates to a method and a system for providing information to be protected.
  • the object of the invention is to improve the provision of information to be protected.
  • This task is solved by a method for providing information to be protected.
  • the information to be protected is generated on a passenger transport vehicle.
  • An order for providing the information to be protected is sent from a land-based device, with the order being accompanied by encryption information for encrypting the information to be protected.
  • the information to be protected is encrypted using the encryption information on the passenger transport vehicle.
  • the encrypted information to be protected is transmitted to the shore-side facility.
  • the invention is based on the knowledge that information generated on a passenger transport vehicle is often subject to data protection regulations. At the same time, it is desirable to no longer manually pick up records of the information stored, for example, on a physical storage medium, from the vehicle and physically to the landside To transport device, but to transmit via a vehicle-land communication from the vehicle to the land side. It is necessary to protect the recordings of the information over the transmission path and when it is stored on a land-based system.
  • the solution according to the invention solves these problems by providing the information to be protected by the land-based device with a
  • Encryption information for encrypting the information to be protected is attached.
  • the encryption information is used to encrypt the information to be protected prior to transmission (from the vehicle to the land-based facility). In this way, the information is protected from unwanted access on its way to the shoreside facility.
  • the information to be protected is, for example, information for which specified data protection requirements must be met.
  • the information to be protected that is generated is preferably stored on a storage device of the passenger transport vehicle and/or is encrypted for storage.
  • the order sent from said land-side facility is preferably sent to a land-side facility of an operator of the
  • the landside The operator's facility is installed, for example, in the operator's operations control center.
  • a portion of the encrypted information to be protected that is relevant to the order is decrypted.
  • this is a portion that is permissible for decryption based on the order under data protection law.
  • the encrypted information to be protected is decrypted by means of a computing device of the land-based device using decryption information.
  • the decryption information is, for example, a decryption certificate.
  • the decrypted information can preferably be evaluated on the land-based device.
  • the evaluation is carried out by image recognition or by people on the land-based facility who view and evaluate the information on a display.
  • decryption information on the land-side device preferably on a storage device of the land-side device. Access to the decryption information from the passenger transport vehicle and/or a land-based facility of an operator of the passenger transport vehicle is denied.
  • the operator's shore-side facility is installed, for example, in the operator's operations control center.
  • a computing device of the passenger transport vehicle and/or a computing device the operator's land-side facility accesses the decryption information.
  • the decryption information is exclusively stored on the land-side facility, which is not part of the operator's land-side facility.
  • the decryption information is unknown to the passenger transport vehicle, the communication link and the operator's land-based facility. Furthermore, these components cannot access the decryption information.
  • the encryption information is preferably transmitted to the passenger transport vehicle for the sole purpose of encrypting the video data (prior to transmission to the shore-side facility). More preferably, each order is accompanied by its own encryption information and sent to the passenger transport vehicle.
  • the decryption information includes a private key and the encryption information includes a public key.
  • private and public key to mean a pair of keys consisting of a secret and non-secret part in the sense of an asymmetric encryption.
  • the information to be protected includes video data which are generated by means of a video surveillance device.
  • This embodiment is particularly suitable for the application of the method according to the invention, since video data generated by a video surveillance device are subject to special data protection regulations subject. Because video data of this type in particular can show people and their behavior.
  • the video surveillance device is preferably a video surveillance device of the passenger transport vehicle.
  • Video surveillance device includes, for example, a plurality of camera units that are installed on the passenger transport vehicle. More preferably, a video server, which has the storage device mentioned above, is installed on the passenger transport vehicle. The generated video data is stored on the video server and can be accessed from there.
  • the video data generated is preferably encoded in a standard format, for example MPEG4 part 10 (H.264).
  • the land-side facility is a facility of an authorized user or an authorized service provider who has been commissioned by the authorized user.
  • the authorized user is to be understood as an entity or institution that has a legitimate interest in the information to be protected, in particular in part of the information to be protected.
  • the authorized user is a law enforcement agency.
  • the authority is, for example, the federal police, the state police or the public prosecutor's office.
  • the authorized service provider is, for example, a commercial provider who is commissioned by the authorized user to retrieve the information to be protected.
  • This embodiment is particularly suitable for the application of the method according to the invention since video data is protected by the method according to the invention can reach the authorized user or the service provider.
  • the generated information to be protected is accompanied by signature information which is used to check the integrity of the information to be protected on the land-based device. In this way, it is prevented, for example, that falsified information is evaluated on the land-based device.
  • the signature information is attached before the information to be protected is encrypted using the encryption information and—in the case of encryption of the stored information—after the information to be protected is decrypted.
  • the passenger transport vehicle can be a bus, an automobile (e.g. a taxi), an airplane, etc.
  • the passenger transport vehicle a track-bound vehicle.
  • the track-bound vehicle is, for example, a rail vehicle, in particular a multiple unit.
  • the application of the method according to the invention is particularly expedient and advantageous when operating a rail-bound vehicle, since several types of information to be protected are generated in rail-bound vehicles, which can be the subject of evaluations on the land-side device, for example by the authorized user.
  • the invention also relates to a computer program, comprising instructions which, when the program is executed by a computing unit of a passenger transport vehicle and/or a land-based device, cause the latter to carry out the method of the type described above.
  • the invention also relates to a computer-readable storage medium, comprising instructions which, when executed by a computing unit of a passenger transport vehicle and/or a land-based facility, cause the latter to carry out the method of the type described above.
  • the invention also relates to a system for providing information to be protected.
  • the system includes a passenger vehicle and a land-based facility.
  • a device of the passenger transport vehicle is designed to generate the information to be protected.
  • the land-based device is designed to send an order for providing the information to be protected, with the order being accompanied by encryption information for encrypting the information to be protected.
  • a computing device in the passenger transport vehicle is designed to encrypt the information to be protected using the encryption information.
  • a communication link is configured to transmit the encrypted information to be protected to the land-based facility.
  • Figure 1 shows schematically the structure of a system according to the invention with a passenger transport vehicle and a land-based facility and
  • Figure 2 schematically shows the sequence of a
  • Figure 1 shows a schematic view of a system 1 with a passenger transport vehicle 3, a land-based device 5, which belongs to an operations control center of an operator of the passenger transport vehicle 3, and a land-based device 105, which belongs to an authorized user or its authorized service provider.
  • the authorized user is an executive authority, for example the public prosecutor's office or the police.
  • the land-based device 105 comprises a computing device 107, for example a PC (personal computer), and a storage device 109.
  • the passenger transport vehicle 3 is a rail vehicle 4, in particular a rail vehicle, for example a subway.
  • the passenger transport vehicle 3 has a communication network 7 which is in the form of an Ethernet network.
  • a video surveillance device 10 is connected to the communication network 7 in terms of data technology.
  • a mobile communication gateway 11 is connected to the communication network 7, which is connected to a wireless communication interface 13.
  • the mobile communication gateway 11 together with the wireless communication interface 13 forms a communication device 15 which is designed to send data to the land-side device 5 and to receive data from the land-side device 5 .
  • the land-based device 5 has a communication network 17 which is in the form of an Ethernet network.
  • a server device 19 is connected to the communication network 17 in terms of data technology.
  • a ground communication gateway 21 is connected to the communication network 17 which is connected to a wireless communication interface 23 .
  • the ground communication gateway 21, together with the wireless communication interface 23, forms a communication device 25 which is designed to transfer data to the
  • the communication devices 15 and 25 together form a communication link 30 for transmitting data between the passenger transport vehicle 3 and the land-based device 5, i. H. starting from the passenger transport vehicle 3 to the land-based facility 5 and starting from the land-based facility 5 to the passenger transport vehicle 3.
  • FIG. 2 schematically shows the course of an exemplary embodiment of the method according to the invention.
  • a method step A information that is to be protected is generated:
  • a method step A1 for example, video images are captured by the video surveillance device 10 and in a method step A2 corresponding video data Vid are generated as information to be protected.
  • the video data Vid is generated according to a standard format such as MPEG4 part 10 (H.264).
  • the video data are encrypted in a method step A3 using a computing device 9 of the passenger transport vehicle 3 and stored using a storage device 12 .
  • the computing device 9 and the storage device 12 are, for example, part of a server device 14.
  • an order 42 for providing the information to be protected is generated using the computing device 107 of the land-based device 105 . The generation is triggered, for example, by an employee of the user.
  • this order 42 is accompanied by encryption information 44 and a request 40, which includes the order 42 and the encryption information 44, is generated.
  • the request is accompanied by information on the storage period, which represents an event-related or non-event-related storage period in accordance with the GDPR (General Data Protection Regulation).
  • the request 40 is, for example, a data backup request according to the international standard ISO/IEC 27001.
  • the user is provided with an exclusive interface for an indirect request via the communication network 7 through user administration.
  • Encryption information 44 is an encryption certificate, for example.
  • a method step D the query 40 is first sent to the land-based device 5 via a public communication network 46 (for example the World Wide Web).
  • the land-based device 5 checks the request 40 in a method step E.
  • a method step F the land-based device 5 sends the request 40 via the communication link 30 to the
  • Passenger transport vehicle 3 further.
  • the query 40 is transmitted to the server device 14 via the communication network 7 within the passenger transport vehicle 3 .
  • a method step G the video data that are encrypted in method step A3 are decrypted by means of the computing device 9 .
  • signature information is attached to the decrypted video data.
  • the Signature information can be used to check the integrity of the video data using the computing device 107 of the land-based device 105 .
  • the computing device 9 uses the encryption information 44 contained in the request 40 to encrypt the requested video data in a method step J.
  • the encrypted video data is transmitted via the communication connection 30 to the land-based device 5 and further via the public communication network 46 .
  • the encrypted video data is stored on the land-side device 5, for example on the server device 19, and is made available for download by the computing device 107 of the land-side device 105. Any computing devices of the land-based device 5 are generally not able to decrypt the encrypted video data.
  • a method step L the video data, which are encrypted in method step J, are decrypted using the computing device 107 .
  • the computing device 107 uses decryption information 108 which is stored on a storage device 109 of the land-based device 105 .
  • the signature information attached to the video data in method step H is used by the computing device 107 to check the integrity.
  • the decryption information 108 is a decryption certificate and is stored exclusively on the land-side device 105 of the user.
  • the decryption information 108 is not known to the components of the passenger transport vehicle 3 , the communication link 30 and the land-based device 5 .
  • the encryption information 44 is only to transferred to the passenger transport vehicle 3 for the purpose of encrypting the video data (before the transmission K). For example, the
  • Encryption information 44 a public key (public key) and the decryption information 108 a private key (private key), which form a key pair in the sense of an asymmetric encryption.
  • the video data is only kept for a specified period of time and deleted when the specified period of time has expired.

Abstract

L'invention concerne un procédé et un système permettant de fournir des informations à protéger (Vid). Afin d'améliorer la fourniture des informations à protéger, dans ce procédé les informations à protéger (Vid) sont générées dans un véhicule de transport de passagers (3) (A) et un ordre (42) de fournir les informations à protéger (Vid) est envoyé par un dispositif terrestre (105), et des informations de chiffrement (44) pour chiffrer les informations à protéger (Vid) sont ajoutés à l'ordre (42). Les informations à protéger (Vid) sont chiffrées dans le véhicule de transport de passagers (3) en utilisant les informations de chiffrement (44) (J), et les informations chiffrées à protéger (Vid) sont transmises au dispositif terrestre (105) (K).
EP22707642.9A 2021-02-26 2022-02-07 Procédé, programme informatique, support de stockage lisible par ordinateur et système pour fournir des informations à protéger qui concernent un véhicule de transport de passagers Pending EP4278627A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
DE102021201847 2021-02-26
PCT/EP2022/052852 WO2022179837A1 (fr) 2021-02-26 2022-02-07 Procédé, programme informatique, support de stockage lisible par ordinateur et système pour fournir des informations à protéger qui concernent un véhicule de transport de passagers

Publications (1)

Publication Number Publication Date
EP4278627A1 true EP4278627A1 (fr) 2023-11-22

Family

ID=80628698

Family Applications (1)

Application Number Title Priority Date Filing Date
EP22707642.9A Pending EP4278627A1 (fr) 2021-02-26 2022-02-07 Procédé, programme informatique, support de stockage lisible par ordinateur et système pour fournir des informations à protéger qui concernent un véhicule de transport de passagers

Country Status (2)

Country Link
EP (1) EP4278627A1 (fr)
WO (1) WO2022179837A1 (fr)

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP1632903A1 (fr) * 2004-09-01 2006-03-08 Alexander Merkle Procédé et système de surveillance extérieure d'un moyen de transport
US8644512B2 (en) * 2011-03-17 2014-02-04 Massachusetts Institute Of Technology Mission planning interface for accessing vehicle resources
WO2015044502A1 (fr) * 2013-09-27 2015-04-02 Teleste Oyj Système de délestage de données sans fil

Also Published As

Publication number Publication date
WO2022179837A1 (fr) 2022-09-01

Similar Documents

Publication Publication Date Title
DE102016218982B3 (de) Verfahren zur Kommunikation von Fahrzeugen
WO2001090855A1 (fr) Chiffrement de donnees a memoriser d'un systeme iv
WO2019175006A1 (fr) Procédé pour échanger des données avec un appareil de commande de véhicule
WO2019242975A1 (fr) Procédé et dispositif pour convenir d'une collaboration entre un premier système et un second système
WO2010084017A1 (fr) Dispositif pour générer une personne virtuelle pénétrant dans un réseau
DE102019127100A1 (de) Verfahren und system zum bereitstellen von sicherheit eines fahrzeuginternen netzwerkes
EP3743844B1 (fr) Système d'identité basé sur chaînes de blocs
DE102016206630A1 (de) Verfahren und Vorrichtung zur Vermeidung von Manipulation einer Datenübertragung
EP3732913A1 (fr) Unité de commande et procédé pour acquérir sans manipulation frauduleuse des données de surveillance d'intégrité pertinentes en termes de sécurité de fonctionnement
EP3619638A1 (fr) Procédé d'accès sécurisé à des données
EP3235212B1 (fr) Utilisation de données securisée et spécifique d'un utilisateur dans un véhicule
WO2001046785A2 (fr) Procede et dispositif permettant de verifier un fichier
EP3756172B1 (fr) Dispositif pour la multiplication et la sécurisation de données d'un système d'enregistrement de déplacements dans le trafic ferroviaire
EP4278627A1 (fr) Procédé, programme informatique, support de stockage lisible par ordinateur et système pour fournir des informations à protéger qui concernent un véhicule de transport de passagers
EP3345366B1 (fr) Procédé d'accès sûr et efficace à des données de connexion
EP3134845A1 (fr) Procédé et système de détection d'une manipulation d'enregistrements de données
EP3156932A1 (fr) Procede et systeme de protection de donnees electroniques confidentielles
EP3586261A1 (fr) Procédé d'accès sécurisé à des données
EP3441945A1 (fr) Procédé de fonctionnement d'un système de contrôle d'accès comprenant un serveur, au moins un dispositif de contrôle d'accès et au moins un appareil de point de ventes de droits d'accès pour la zone contrôlée par le système de contrôle d'accès
WO2017063803A1 (fr) Procédé et système de protection de données électroniques confidentielles
DE102015015468A1 (de) Verfahren zum Ausführen einer sicherheitskritischen Funktion in einem Fahrzeug
WO2020169502A1 (fr) Procédé de transfert de données
DE102020216277A1 (de) Verfahren zur initialen Verteilung von schützenswerten Daten in einem ETCS-Zugsicherungssystem
WO2023030735A1 (fr) Procédé et dispositif de gestion de risques dans un système technique
EP2843872A1 (fr) Méthode et matériel pour la registration d'une acquisition de services sur demande

Legal Events

Date Code Title Description
STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: UNKNOWN

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: THE INTERNATIONAL PUBLICATION HAS BEEN MADE

PUAI Public reference made under article 153(3) epc to a published international application that has entered the european phase

Free format text: ORIGINAL CODE: 0009012

STAA Information on the status of an ep patent application or granted ep patent

Free format text: STATUS: REQUEST FOR EXAMINATION WAS MADE

17P Request for examination filed

Effective date: 20230817

AK Designated contracting states

Kind code of ref document: A1

Designated state(s): AL AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HR HU IE IS IT LI LT LU LV MC MK MT NL NO PL PT RO RS SE SI SK SM TR