WO2023030628A1 - Computer implemented method for anonymizing data packages generated by vehicles - Google Patents

Computer implemented method for anonymizing data packages generated by vehicles Download PDF

Info

Publication number
WO2023030628A1
WO2023030628A1 PCT/EP2021/074207 EP2021074207W WO2023030628A1 WO 2023030628 A1 WO2023030628 A1 WO 2023030628A1 EP 2021074207 W EP2021074207 W EP 2021074207W WO 2023030628 A1 WO2023030628 A1 WO 2023030628A1
Authority
WO
WIPO (PCT)
Prior art keywords
vehicle
upload
data package
pool
data
Prior art date
Application number
PCT/EP2021/074207
Other languages
French (fr)
Inventor
Jithin Reju
Original Assignee
Volkswagen Aktiengesellschaft
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Volkswagen Aktiengesellschaft filed Critical Volkswagen Aktiengesellschaft
Priority to PCT/EP2021/074207 priority Critical patent/WO2023030628A1/en
Publication of WO2023030628A1 publication Critical patent/WO2023030628A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/06Protocols specially adapted for file transfer, e.g. file transfer protocol [FTP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/44Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for communication between vehicles and infrastructures, e.g. vehicle-to-cloud [V2C] or vehicle-to-home [V2H]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/30Services specially adapted for particular environments, situations or purposes
    • H04W4/40Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P]
    • H04W4/46Services specially adapted for particular environments, situations or purposes for vehicles, e.g. vehicle-to-pedestrians [V2P] for vehicle-to-vehicle communication [V2V]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/06Selective distribution of broadcast services, e.g. multimedia broadcast multicast service [MBMS]; Services to user groups; One-way selective calling services
    • H04W4/08User group management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • H04W88/02Terminal devices
    • H04W88/04Terminal devices adapted for relaying to or from another terminal or user

Definitions

  • the present invention is directed to a computer implemented method for anonymizing data packages generated by vehicles, a vehicle communication device, a computer implemented method for operating a computer network structure for requesting and analysing anonymized data generated by vehicles, a computer network structure, and a vehicle.
  • the methods to anonymize data include getting offset data and changing time stamps as well as similar technologies.
  • data handling in vehicles for example passenger vehicles
  • a lot of personal data can be acquired and/or generated.
  • extra computation and resources in the vehicle are required.
  • the inventors of the present invention identified the need to reduce the needed computation and resources in the vehicle for anonymizing personal data.
  • the object of the present invention may be seen in providing an improved computer implemented method for anonymizing data packages generated by vehicles.
  • the problem is solved by a computer implemented method for anonymizing data packages generated by vehicles according to claim 1 .
  • Further embodiments and advantages of the present invention are incorporated in the dependent claims and the following description.
  • the computer implemented method for anonymizing data packages generated by vehicles comprises the steps of:
  • An advantage of this embodiment may be that by shuffling the data packages amongst the vehicles, the original owner of the data packages may be hidden and therefore the privacy is assured. Furthermore, the traceability of the data packages can be avoided by assigning the first upload data package to the second vehicle. In other words, the computer network structure thinks that the first upload data packages belong to the second vehicle and not to the original creator of the data package the first vehicle. If a computer network structure comprises a list of all vehicles the traceability may be nearly impossible because the data packages are not only shuffled amongst these cars, but also the data packages are assigned to the corresponding entries in this list.
  • the method comprises the step of generating, receiving and/or calculating in the first vehicle the first data package comprising at least one measurement value obtained by the first vehicle.
  • Obtained by the first vehicle can comprise that the first data package contains an information gathered by a sensor of the first vehicle, a user input and/or a computed value by the first vehicle.
  • the first data package can also be generated for example by a sensor of the first vehicle and then processed by the vehicle communication module, which will be explained in further detail in the following.
  • the computer implemented method comprises the step of establishing, providing and/or generating the vehicle-to-vehicle connection and/or a car-to-car communication, connecting the first vehicle with the second vehicle for transferring, the first data package from the first vehicle to the second vehicle.
  • the first data package can be sent from the first vehicle to the second vehicle.
  • the vehicle- to-vehicle communication can be a dedicated short range communication system thereby reducing the computation and resources required for anonymizing the data packages.
  • the method can comprise the step of generating and/or computing in the second vehicle the first upload data package comprising at least the first data package.
  • the generating of the first upload data package can comprise that the first data package is freed from any traces that said data package was generated in the first vehicle.
  • the method comprises the step of establishing a first upload connection between the second vehicle and the computer network structure for uploading the first upload package from the second vehicle to the computer network structure, respectively, connecting the second vehicle with the computer network structure so that the first upload data package can be transferred from the second vehicle to the computer network structure.
  • the computer network structure assigns or links the first upload data package to the second vehicle.
  • the computer network structure links the first upload data package to entry of the second vehicle of a list which comprises a plurality of vehicles.
  • the computer network structure can be any server, cloud computing and/or cloud storing system.
  • the first upload connection between the second vehicle and the computer network structure can be for example a 5G connection, WIFI connection and/or any other connection.
  • the origin of the first data package is anonymized for the computer network structure.
  • the computer network structure By generating the first upload data package in the second vehicle based on the first data package, all traces in the first data package that said package was created by the first vehicle can be erased and/or replaced by traces that said data package was generated in the second vehicle and therefore the computer network structure identifies the first upload data package as being generated or created by the second vehicle thereby masking the origin of the first data package. This aspect can easily be gathered from Fig. 1 and the corresponding description.
  • the method comprises further the steps of:
  • An advantage of this embodiment can be that by using the same vehicle-to- vehicle connection, the amount of computation and resources can be further reduced for anonymizing an origin of the data packages.
  • the method may comprise the step of generating, receiving and/or computing in the second vehicle the second data package comprising at least one measurement value obtained by the second vehicle.
  • the measurement value obtained by the second vehicle can be for example a data package generated by a sensor of the vehicle, a user input and/or a computation value generated by the second vehicle.
  • the method may comprise the step of transferring and/or sending the second data package from the second vehicle to the first vehicle via the vehicle-to-vehicle connection.
  • the vehicle-to-vehicle connection can be for example a dedicated short range communication system.
  • the method may comprise the step of generating and/or computing in the first vehicle a second upload data package comprising at least the second data package.
  • This step may remove any traces in the second data package that said data package was generated by the second vehicle.
  • the step of generating the second upload data packages may also comprise adding or exchanging information to the second data package that said data package was generated by the first vehicle.
  • the method may comprise the step of establishing and/or generating a second upload connection between the first vehicle and the computer network structure for uploading the second upload data package from the first vehicle to the computer network structure, respectively, sending the second upload data package via the second upload connection from the first vehicle to the computer network structure.
  • the computer network structure assigns and/or allocates the second upload data package to the first vehicle.
  • the second upload data connection can be a 5G connection and/or a WIFI connection or any other form of internet connection between the vehicle and the computer network structure.
  • the computer network structure may comprise a list comprising a plurality of vehicles wherein the second upload data package is allocated to the first vehicle which is in said list.
  • the origin of the second upload data package is anonymized for the computer network structure since all traces of the second vehicle in the second upload data package have been erased and/or replaced by the information of the first vehicle.
  • the step of generating the first upload data package and/or the second upload data package further comprises:
  • An advantage of this embodiment may be that the amount of data transferred between a vehicle and the computer network structure can be further reduced by combining the first and second data package to the first upload data package or the second upload data package.
  • the step of generating the first upload data package and/or the second upload data package may comprise the addition/integration of at least the second data package to the first upload data package such that the first upload data package comprises the first data package and the second data package. Furthermore, the method further comprises the addition/integration of at least the first data package to the second upload data package such that the second upload data package comprises the first data package and the second data package.
  • the second upload data package may comprise the removal of any traces comprised in the second data package or in the first data package of the origin. For example, when the second data package is added to the first upload data package, all traces are removed from the second data package that the second data package was generated by the second vehicle.
  • the method further comprises the steps of:
  • each data package generated by a vehicle of a plurality of vehicles and each of the pluralities of different data packages comprises at least one measurement value generated in said vehicle
  • An advantage of said embodiment may be that merging the first data package, the second data package and/or the plurality of data packages to the first upload data package and/or the second upload data package, the computation resources and data transfer amount can be further reduced.
  • the traceability of the data packages is further decreased because the data packages of a plurality of vehicles can be combined into one data package and therefore all traces can be removed prior to merging the plurality of data packages into the first upload data package and/or the second upload data package.
  • the method may comprise generating, receiving and/or computing the plurality of different data packages each data package generated by a vehicle of the plurality of vehicles.
  • multiple vehicles form or define the plurality of vehicles.
  • Each of said plurality of vehicles is capable of generating and/or receiving data packages which were generated for example by a sensor of the vehicle, a user input inside the vehicle and/or a computing value generated in said vehicle.
  • the method may comprise the step of establishing a plurality of vehicle-to-vehicle connections.
  • the plurality of vehicle-to- vehicle connections each can be a dedicated short range communication between each of the plurality of vehicles to the first and/or the second vehicle. Therefore, the plurality of data packages can be transferred from the plurality of vehicles to the first vehicle and/or the second vehicle.
  • the method may comprise the step of combining, merging and/or creating in the first vehicle and/or in the second vehicle the first data package, the second data package and/or the plurality of data packages for generating, computing and/or merging the first upload data package and/or the second upload data package. Any traces which were comprised in the first data package, the second data package and/or the plurality of data packages from the vehicle in which they were created can be removed prior to combining said packages to form and/or generate the first upload data package and/or the second upload data package.
  • the origin of the first data package, the second data package and the plurality of data packages can be anonymized by forming one upload data package which does not make a difference between the different origins of the different vehicles.
  • the method further comprises the steps of: - defining a first pool of vehicles by selecting vehicles according to a first parameter from a group comprising the first vehicle, the second vehicle, and the plurality of vehicles,
  • An advantage of said embodiment can be that by forming a first pool according to a first parameter, the efficiency of transferring data packages from vehicles to the computer network structure can be improved and at the same time the anonymity of the origin of the data packages can be ensured.
  • the method may comprise the step of defining, forming and/or establishing a first pool of vehicles by selecting vehicles according to a first parameter from the group comprising the first vehicle, the second vehicle and the plurality of vehicles.
  • a vehicle may detect a plurality of vehicles in its surroundings but will only form a vehicle-to-vehicle connection between these vehicles which have for example an adequate software compatibility. Therefore, a first pool is selected from vehicles which are in the surrounding of a vehicle according to the first parameter.
  • the method may comprise the step of selecting and/or choosing a first upload vehicle according to a second parameter from the first pool for uploading a first pool upload data package to the computer network structure.
  • one vehicle is selected for transferring data from the pool to the computer network structure.
  • all data packages are merged in the upload vehicle and then uploaded to the computer network structure.
  • the method may comprise the step of transferring, sending and/or uploading data packages of each vehicle of the first pool to the first upload vehicle via vehicle-to-vehicle connections defining a first plurality of data packages.
  • each vehicle of the first pool may have generated a data package, for example a sensor value or user input. These data packages are then transferred to the first upload vehicle via vehicle-to-vehicle connections which connect each vehicle of the first pool to the first upload vehicle.
  • the method may comprise the step of combining, merging and/or joining the first plurality of data packages of the vehicles of the first pool and the data package of the first upload vehicle for generating the first pool upload data package.
  • the first plurality of data packages in combination with the data package of the first upload vehicle is merged to the first pool upload data package.
  • all traces or hints in the data packages can be removed such that the traceability of the creating vehicle can be assured.
  • the method may comprise the step of establishing and/or creating the third upload connection between the first upload vehicle and the computer network structure for uploading the first pool upload data package from the first upload vehicle to the computer network structure.
  • the third upload connection can be for example a 5G connection or WIFI connection or similar data transfer technologies. With the third upload connection, the first pool upload data package is transferred or uploaded from the first upload vehicle to the computer network structure. Thereby, the anonymity of all data packages which are comprised in the first pool upload data package can be anonymized for the computer network structure.
  • the first parameter is a parameter selected from a group consisting of: vehicle-to-vehicle distance, vehicle-to-vehicle compatibility, vehicle-to-vehicle data bandwidth and/or vehicle-to-vehicle data format.
  • An advantage of this embodiment can be that the selection process for the first pool can be simplified by selecting vehicles according to the parameter. Therefore, the result of the selection process can be predetermined according to the available parameters.
  • the second parameter is a parameter selected from a group consisting of: data bandwidth to the computer network structure, data format to the computer network structure and compatibility with the computer network structure.
  • An advantage of said embodiment can be that the efficiency of the data transfer between the vehicles and the computer network structure can be further improved since typical sources of error in the data uploading from vehicles to computer network structures can be avoided.
  • the method may further comprise the steps of:
  • An advantage of this embodiment may be that by forming the second pool of vehicles, the efficiency of the data transfer between the vehicles and the computer network structure can be further improved because vehicles which do not fit in the first pool of vehicles can be formed into the second pool of vehicles, for example assuring that a sufficient Internet connection is available between the second upload vehicle and the computer network structure.
  • the method may comprise the step defining, forming and/or selecting a second pool of vehicles by selecting, choosing and/or picking different vehicles not comprised by the first pool, according to the first parameter from the group comprising the first vehicle, the second vehicle and the plurality of vehicles. Furthermore, the method may comprise the step of selecting, choosing and/or identifying the second upload vehicle according to the second parameter from the second pool for uploading and/or transferring the second pool upload data package to the computer network structure. The method may comprise the step of transferring, uploading and/or sending data packages of each vehicle of the second pool to the second upload vehicle via vehicle-to-vehicle connections.
  • the method may comprise the step of combining, merging and/or joining the second plurality of data packages of the vehicles of the second pool and the data package of the second upload vehicle for generating and/or creating the second pool upload data package. For example, during the combining of the data packages, all traces or information regarding the origin of the data package can be removed when forming or generating the second pool upload data package.
  • the method may further comprise the step of establishing and/or creating the fourth upload connection between the second upload vehicle and the computer network structure for uploading and/or sending the second pool upload data package from the second upload vehicle to the computer network structure.
  • the fourth upload connection can be for example a 5G connection or a WIFI connection or similar technologies for transferring data packages.
  • the method may further comprise the step of:
  • An advantage of this embodiment can be that the traceability of the origin of the data packages is further complicated since the upload pool data packages are exchanged between the upload vehicles. Furthermore, the efficiency of the data transfer between the upload data vehicle and the computer network structure can be improved since the anonymization of the origin of the data packages is achieved via vehicle-to-vehicle communication which does not require any data transfer between the vehicles and the computer network structure.
  • the method may further comprise the step of establishing, creating and/or forming an upload vehicle to upload vehicle connection.
  • This upload vehicle to upload vehicle connection can be for example a vehicle-to-vehicle communication, for example a dedicated short range communication.
  • the first upload data package can be transferred from the first upload vehicle to the second upload vehicle and the second upload data package can be transferred with the vehicle-to-vehicle connection from the second upload vehicle to the first upload vehicle.
  • the method may comprise the step of uploading, transferring and/or sending the second pool upload data package with the third upload connection and uploading, transferring and/or sending the first pool upload data package with the fourth upload connection.
  • the third upload connection and the fourth upload connection can be for example a 5G connection or WIFI connection between the upload vehicles and the computer network structure.
  • the computer network structure assigns and/or links the second pool upload data package to the first pool of vehicles and the first upload data package to the second pool of vehicles.
  • the origin of the first pool upload data package and of the second pool upload data package can be anonymized, respectively, any traces have been removed in the corresponding pool upload data packages and the pool upload data packages are uploaded from a different pool from where the content of the data packages was created.
  • the method further comprises the step of:
  • An advantage of this embodiment may be that by randomly switching data packages from the first pool upload data package with the second pool upload data package, the degree of anonymization can be further improved.
  • the method may comprise the step of transferring, switching and/or exchanging randomly selected or by chance selected data packages from the first upload data package with data packages from the second pool upload data package in the first upload vehicle and/or in the second upload vehicle.
  • entries of these data packages Prior to uploading the first and/or second pool upload data package, entries of these data packages can be exchanged with each other in the first upload vehicle or the second upload vehicle for further improving the anonymization process of the data packages.
  • the method may comprise the step of generating an upload connection between the first vehicle and/or the second vehicle and a communication component like a wall box.
  • Further communication components may be for example, traffic lights, gas and/or charging stations or other structures which are able to connect to the internet.
  • any form of upload connection as explain above and hereinafter, in particular in the context of pools, can be between a vehicle and the communication component.
  • a further aspect of the invention is a vehicle communication device for transferring data packages comprising at least one measurement value generated by a vehicle, wherein the vehicle communication device comprises:
  • a first connection module for establishing a vehicle-to-vehicle connection for transferring said data packages between vehicles
  • a second connection module for uploading data packages, which are generated by a vehicle other than the vehicle comprising said communication device, to a computer network structure.
  • An advantage of said embodiment may be that with the help of the vehicle communication device, the origin of data packages can be anonymized and thereby the data packages can be used for very different scenarios.
  • the vehicle communication device may comprise an interface which is configured for receiving data packages which comprise and/or contain at least one measurement value generated by the vehicle.
  • the interface can be an interface connecting the vehicle communication device to a sensor of the vehicle.
  • the vehicle communication device comprises a first connection module for establishing and/or creating a vehicle-to-vehicle connection for transferring said data packages between vehicles.
  • the first connection module can be for example a vehicle-to-vehicle communication device, a dedicated short range communication device.
  • the vehicle communication device may comprise a second connection module for uploading and/or sending data packages which are generated by a vehicle other than the vehicle comprising said communication device to a computer network structure.
  • the second connection module can be for example a 5 G device or a Wi-Fi device which are configured for uploading data packages.
  • the vehicle communication device comprises a computing element, which is configured for performing the steps of the method for anonymizing data packages generated by vehicles as described before and hereinafter and wherein the vehicle communication device comprises a storing element, which stores a program element, which is configured for performing the steps of the method as described before and hereinafter on the computing element.
  • the program element may be part of a computer program, but it can also be an entire program itself.
  • the program element may be used to update an already existing computer program to get to the present invention.
  • the storing element may be seen as a storage medium such as for example a USB stick, a CD, a DVD, a data storage device, a server, a hard disk or any medium on which a program element as described above can be stored.
  • a further aspect of the invention is a computer implemented method for operating a computer network structure for requesting and analysing anonymized data generated by vehicles:
  • An advantage of this embodiment can be that the computer implemented method for operating the computer network structure has access to a list of vehicles which can send data packages to a computer network structure.
  • a signal can be sent to the vehicles on that list for triggering and/or starting the upload of measurement values generated by the vehicles of that list.
  • data packages can be entered into the list as an answer to the sent signal.
  • a further aspect of the invention is a computer network structure for requesting and analysing anonymized data generated by vehicles, wherein the computer network structure comprises a computing element, which is configured for performing the steps of the method for operating the computer network structure as described hereinbefore and hereinafter, and wherein the computer network structure comprises and/or is connected to a storing element, which stores a program element, which is configured for performing the steps of the method for operating the computer network structure as described before and hereinafter on the computing element, wherein the computer network structure comprises at least one interface, which is configured for establishing a connection to at least one vehicle.
  • the computer network structure can be for example a server or any other form of computing element.
  • the computer network structure can be a cloud computing and/or a cloud storing system which comprises a plurality of computing elements.
  • a further aspect of the invention is a vehicle comprising a communication device as described before and hereinafter and/or is configured for performing the steps of the method as described before and hereinafter.
  • Fig. 1 shows a process chart of the method according to an embodiment of the invention.
  • Fig. 2 shows a process chart of the method according to an embodiment of the invention.
  • Fig. 3 shows a process chart of the method according to an embodiment of the invention.
  • Fig. 4 shows a schematic embodiment of the vehicle communication device.
  • Fig. 5 shows a schematic embodiment of the computer network structure according to an embodiment of the invention.
  • Fig. 6 shows a schematic vehicle according to an embodiment of the invention.
  • Fig. 7 shows a flow-chart illustrating the steps of the method according to an embodiment of the invention.
  • Fig. 8 shows a flow-chart illustrating the steps of the method according to an embodiment of the invention.
  • Fig. 9 shows a flow-chart illustrating the steps of the method for operating a computer network structure according to an embodiment of the invention.
  • Fig. 1 shows the computer implemented method 1 for anonymizing data packages generated by vehicles comprising the steps of: - generating in a first vehicle 2 a first data package 4 comprising at least one measurement value obtained by the first vehicle 2,
  • the second vehicle 8 can generate a second data package 16 which is transferred with the vehicle-to-vehicle connection 6 to the first vehicle 2.
  • a second upload data package 18 can be created which contains the second data package 16.
  • a second upload connection 20 is established between the first vehicle 2 and the computer network structure 14 for uploading the second upload data package 18.
  • the first data package 4 can be added to the second upload data package 18 which then contains the second data package 16 and the first data package 4 for uploading the second upload data package 18 via the second upload connection 20 to the computer network structure 14.
  • the second data package 16 can be added to the first upload data package 10 which then contains the first data package 4 and the second data package 16 for uploading the first upload data package 10 to the computer network structure 14 from the second vehicle 8.
  • Fig. 2 shows a plurality of vehicles 24 which each generates a data package which leads to a plurality of different data packages 22.
  • Each of the plurality of vehicles 24 can establish a vehicle-to-vehicle connection thereby forming a plurality of vehicle-to-vehicle connections 26 to the first vehicle 2.
  • the first vehicle 2 contains the first data package 4.
  • the first vehicle 2 can then generate the first upload data package 18 which contains the plurality of different data packages 22 and the first data package 4 thereby anonymizing an origin of the data packages.
  • the first upload data packages can then be uploaded via the second upload connection 20 from the first vehicle 2 to the computer network structure 14.
  • Fig. 3 shows a first pool of vehicles 28 and a second pool of vehicles 36.
  • the first pool 28 is defined by selecting vehicles from the group of the first vehicle 2, the second vehicle 8 and the plurality of vehicles 24.
  • a first upload vehicle 30 is selected.
  • the first upload vehicle 30 then establishes vehicle- to-vehicle connections between the first upload vehicle and/or vehicles of the first pool.
  • Each data package of the vehicles in the first pool is then transferred to the first upload vehicle 30 via vehicle-to-vehicle connections.
  • the first upload vehicle 30 then generates the first pool upload data package containing more data packages generated by the vehicles in the first pool 28.
  • the first pool upload data package 32 can then be transferred to the computer network structure 14 or to the second upload vehicle 38 via vehicle-to-vehicle connections.
  • the second pool 36 is formed by selecting vehicles from the group of the first vehicle 2, the second vehicle 8 and the plurality of vehicles 24.
  • a second upload vehicle 38 is selected according to a corresponding second parameter. All data packages generated by vehicles in the second pool 36 are transferred via vehicle-to-vehicle connections to the second upload vehicle 38.
  • the second upload vehicle 38 then generates the second pool upload data package 40 which contains all data packages generated from vehicles in the second pool 36.
  • the second pool upload data package 40 can then be uploaded to the computer network structure 14 or can be transferred via an upload vehicle to upload vehicle connection 43 to the first upload vehicle 30 of the first pool 28.
  • the first upload vehicle 30 then establishes a third upload connection 34 which can be configured for uploading the first pool upload data package 32 to the computer network structure 14 or the second pool upload data package 40 to the computer network structure 14.
  • the second upload vehicle 38 can generate a fourth upload connection between the second upload vehicle 38 and the computer network structure 14.
  • the second upload vehicle 38 can upload the second pool upload data package 40 to the computer network structure via the fourth upload connection 42.
  • the second upload vehicle 38 is also configured to upload the first pool upload data package 32 with the fourth upload connection.
  • Fig. 4 shows the vehicle communication device 44 which comprises an interface 46.
  • the interface is configured for receiving data packages which comprise said at least one measurement value generated by the vehicle.
  • the vehicle communication device 44 comprises a first connection module 48 for establishing vehicle-to-vehicle connection.
  • the vehicle communication device 44 comprises a second connection module for uploading data packages.
  • the vehicle communication device comprises a computing element 52 and the storing element 54.
  • Fig. 5 shows a computer network structure 14 which comprises a computing element 58, a storing element 60 and an interface 62.
  • the computer network structure can be any server structure or any cloud computing or storing structure.
  • Fig. 6 shows a vehicle 64 which comprises a communication device 44.
  • Fig. 7 shows a flow-chart illustrating the steps of the method for anonymizing data packages generated by vehicles.
  • the method 1 comprises the step generating S1 in a first vehicle 2, a first data package comprising at least one measurement value obtained by the first vehicle 2. Furthermore, the method 1 comprises the step of establishing S2 a vehicle-to-vehicle connection 6 connecting the first vehicle 2 with the second vehicle 8 for transferring the first data package 4 from the first vehicle 2 to the second vehicle 8. In addition, the method 1 comprises the step generating S3 in a second vehicle 8 a first upload data package 10 comprising at least the first data package 4.
  • the method 1 comprises the step of establishing S4 a first upload connection 12 between the second vehicle 8 and the computer network structure 14 for uploading the first upload data package 10 from the second vehicle 8 to a computer network structure 14 such that the computer network structure 4 assigns the first upload data package 12 to the second vehicle 8, thereby anonymizing an origin of the first data package 4 for the computer network structure 14.
  • Fig. 8 shows a flow-chart of the further method 66.
  • the further method 66 comprises the step generating S1 , establishing S2, generating S3 and establishing S4 as explained above.
  • the further method 66 may further comprise the step generating S5 in the second vehicle 8, the second data package 16 comprising at least one measurement value obtained by the second vehicle 8.
  • the further method 66 may comprise the step of transferring S6 the second data package 16 from the second vehicle 8 to the first vehicle 2 via the vehicle-to- vehicle connection 6.
  • the step of generating S7 in the first vehicle 2 a second upload data package 18 may be comprised by the further method 66.
  • the further method 66 comprises the step of establishing S8 a second upload connection 20 between the first vehicle 2 and the computer network structure 14.
  • the further method 66 can have the step of adding S9 at least the second data package 16 to the first upload data package 10.
  • the step adding S10 at least the first data package 4 to the second upload data package 18 may be comprised by the further method 66.
  • the further method 66 can comprise the step of generating S11 a plurality of different data packages 22 each data package generated by a vehicle of a plurality of vehicles 24.
  • the step of establishing S12 a plurality of vehicle-to-vehicle connections 26 between the first vehicle 2, the second vehicle 8 and/or each of the plurality of vehicles 24 may be comprised by the further method 66.
  • Combining S13 in the first vehicle 2 and/or in the second vehicle 8 the first data package 4 may be a part of the further method 66.
  • the further method 66 further comprises the step of defining S14 a first pool 28 of vehicles. Selecting S15 the first upload vehicle 30 may be part of the further method 66.
  • the further method 66 may comprise the step of transferring S16 data packages of each vehicle of the first pool 28 to the first upload vehicle 30.
  • the step of combining S17 the first plurality of data packages 22 of the vehicles of the first pool 28 and the data package of the first upload vehicle 30 for generating the first pool upload data package 32 may be comprised by the further method 66.
  • the further method 66 may comprise the step of establishing S18 a third upload connection 34 between the first upload vehicle 30 and the computer network structure 14.
  • the step of defining S19 a second pool 36 of vehicles by selecting different vehicles not comprised by the first pool 28 may be comprised by the further method 66. Further, the further method 66 may comprise selecting S20 a second upload vehicle 38 according to the second parameter. The step of transferring S21 data packages of each vehicle of the second pool 36 to the second upload vehicle 38 may be comprised by the further method 66. The further method 66 may comprise the step of combining S22 the second plurality of data packages 22 of the vehicles of the second pool 36 and the data package of the second upload vehicle 38. Further, the further method 66 may comprise the step of establishing S23 a fourth upload connection 42 between the second upload vehicle 38 and the computer network structure 14.
  • Establishing S24 an upload vehicle to upload vehicle connection 43 at least between the first upload vehicle 30 and the second upload vehicle 38 may be a step of the further method 66.
  • the further method 66 may comprise the step of uploading S25 the second pool upload data package 40 with the third upload connection 34 and uploading the first pool upload data package 32 with the fourth upload connection 42.
  • Transferring S26 randomly selected data packages from the first pool upload data package 32 with data packages from the second pool upload data package 40 in the first upload vehicle 30 and/or in the second upload vehicle 38 may be a step of the further method 66.
  • Fig.9 shows a flow-chart of the third method 68.
  • the third method 68 may comprise the step generating S27 a signal for triggering an upload of measurement values generated by at least one vehicle. Further, sending the signal to at least two vehicles may be a step S28of the third method 68. Furthermore, the third method 68 may comprise the step of receiving as an answer to the sent signal data packages from the at least two vehicles according to the method 1 as explained before and herein after.
  • REFERENCE SYMBOLS computer implemented method vehicle first data package vehicle-to-vehicle connection second vehicle first upload data package first upload connection computer network structure second data package second upload data package second upload connection plurality of different data packages plurality of vehicles plurality of vehicle-to-vehicle connections first pool first upload vehicle first pool upload data package third upload connection second pool second upload vehicle second pool upload data package fourth upload connection upload vehicle to upload vehicle connection vehicle communication device interface first connection module second connection module computing element storing element method computing element storing element interface vehicle further method third method generating establishing generating establishing establishing generating transferring generating establishing adding adding generating establishing combining defining selecting transferring combining defining selecting transferring combining establishing establishing uploading transferring generating sending receiving

Abstract

The invention is directed to a computer implemented method (1) for anonymizing data packages generated by vehicles, comprising the steps of - generating in a first vehicle (2) a first data package (4) comprising at least one measurement value obtained by the first vehicle (2), - establishing a vehicle-to-vehicle connection (6) connecting the first vehicle (2) with a second vehicle (8) for transferring the first data package (4) from the first vehicle (2) to the second vehicle (8), - generating in the second vehicle (8) a first upload data package (10) comprising at least the first data package (4), - establishing a first upload connection (12) between the second vehicle (8) and a computer network structure (14) for uploading the first upload data package (10) from the second vehicle (8) to the computer network structure (14), such that the computer network structure (4) assigns the first upload data package (12) to the second vehicle (8), thereby anonymizing an origin of the first data package (4) for the computer network structure (14).

Description

Computer implemented method for anonymizing data packages generated by vehicles
FIELD OF THE INVENTION
The present invention is directed to a computer implemented method for anonymizing data packages generated by vehicles, a vehicle communication device, a computer implemented method for operating a computer network structure for requesting and analysing anonymized data generated by vehicles, a computer network structure, and a vehicle.
BACKGROUND OF THE INVENTION
Due to the rising requirements of personal data security, the anonymization of data is challenging and important for privacy as well as legal requirements. It is getting more and more challenging to anonymize data and sending this data to server like systems without traces of the original creator of the data. The methods to anonymize data include getting offset data and changing time stamps as well as similar technologies. In the field of data handling in vehicles, for example passenger vehicles, a lot of personal data can be acquired and/or generated. To anonymize this data, extra computation and resources in the vehicle are required. The inventors of the present invention identified the need to reduce the needed computation and resources in the vehicle for anonymizing personal data.
SUMMARY OF THE INVENTION
The object of the present invention may be seen in providing an improved computer implemented method for anonymizing data packages generated by vehicles. The problem is solved by a computer implemented method for anonymizing data packages generated by vehicles according to claim 1 . Further embodiments and advantages of the present invention are incorporated in the dependent claims and the following description.
Technical terms are used by the common sense. If a specific meaning is conveyed to certain terms, definitions of terms will be given in the following in the context of which the terms are used.
According to a first aspect of the present invention, the computer implemented method for anonymizing data packages generated by vehicles, comprises the steps of:
- generating in a first vehicle a first data package comprising at least one measurement value obtained by the first vehicle,
- establishing a vehicle-to-vehicle connection connecting the first vehicle with a second vehicle for transferring the first data package from the first vehicle to the second vehicle,
- generating in the second vehicle a first upload data package comprising at least the first data package,
- establishing a first upload connection between the second vehicle and a computer network structure for uploading the first upload data package from the second vehicle to the computer network structure, such that the computer network structure assigns the first upload data package to the second vehicle, thereby anonymizing an origin of the first data package for the computer network structure.
An advantage of this embodiment may be that by shuffling the data packages amongst the vehicles, the original owner of the data packages may be hidden and therefore the privacy is assured. Furthermore, the traceability of the data packages can be avoided by assigning the first upload data package to the second vehicle. In other words, the computer network structure thinks that the first upload data packages belong to the second vehicle and not to the original creator of the data package the first vehicle. If a computer network structure comprises a list of all vehicles the traceability may be nearly impossible because the data packages are not only shuffled amongst these cars, but also the data packages are assigned to the corresponding entries in this list.
In other words, the method comprises the step of generating, receiving and/or calculating in the first vehicle the first data package comprising at least one measurement value obtained by the first vehicle. Obtained by the first vehicle can comprise that the first data package contains an information gathered by a sensor of the first vehicle, a user input and/or a computed value by the first vehicle. Furthermore, the first data package can also be generated for example by a sensor of the first vehicle and then processed by the vehicle communication module, which will be explained in further detail in the following. Furthermore, the computer implemented method comprises the step of establishing, providing and/or generating the vehicle-to-vehicle connection and/or a car-to-car communication, connecting the first vehicle with the second vehicle for transferring, the first data package from the first vehicle to the second vehicle. By the establishing of the vehicle-to-vehicle communication, the first data package can be sent from the first vehicle to the second vehicle. For example, the vehicle- to-vehicle communication can be a dedicated short range communication system thereby reducing the computation and resources required for anonymizing the data packages. Furthermore, the method can comprise the step of generating and/or computing in the second vehicle the first upload data package comprising at least the first data package. The generating of the first upload data package can comprise that the first data package is freed from any traces that said data package was generated in the first vehicle. Furthermore, the method comprises the step of establishing a first upload connection between the second vehicle and the computer network structure for uploading the first upload package from the second vehicle to the computer network structure, respectively, connecting the second vehicle with the computer network structure so that the first upload data package can be transferred from the second vehicle to the computer network structure. The computer network structure assigns or links the first upload data package to the second vehicle. The computer network structure links the first upload data package to entry of the second vehicle of a list which comprises a plurality of vehicles. The computer network structure can be any server, cloud computing and/or cloud storing system. Furthermore, the first upload connection between the second vehicle and the computer network structure can be for example a 5G connection, WIFI connection and/or any other connection. By assigning the first upload data package to the second vehicle, the origin of the first data package is anonymized for the computer network structure. By generating the first upload data package in the second vehicle based on the first data package, all traces in the first data package that said package was created by the first vehicle can be erased and/or replaced by traces that said data package was generated in the second vehicle and therefore the computer network structure identifies the first upload data package as being generated or created by the second vehicle thereby masking the origin of the first data package. This aspect can easily be gathered from Fig. 1 and the corresponding description.
According to an exemplary embodiment of the present invention, the method comprises further the steps of:
- generating in the second vehicle a second data package comprising at least one measurement value obtained by the second vehicle,
- transferring the second data package from the second vehicle to the first vehicle via the vehicle-to-vehicle connection,
- generating in the first vehicle a second upload data package comprising at least the second data package, - establishing a second upload connection between the first vehicle and the computer network structure for uploading the second upload data package from the first vehicle to the computer network structure, such that the computer network structure assigns the second upload data package to the first vehicle, thereby anonymizing an origin of the second upload data package for the computer network structure.
An advantage of this embodiment can be that by using the same vehicle-to- vehicle connection, the amount of computation and resources can be further reduced for anonymizing an origin of the data packages.
In other words, the method may comprise the step of generating, receiving and/or computing in the second vehicle the second data package comprising at least one measurement value obtained by the second vehicle. The measurement value obtained by the second vehicle can be for example a data package generated by a sensor of the vehicle, a user input and/or a computation value generated by the second vehicle. Furthermore, the method may comprise the step of transferring and/or sending the second data package from the second vehicle to the first vehicle via the vehicle-to-vehicle connection. The vehicle-to-vehicle connection can be for example a dedicated short range communication system. Furthermore, the method may comprise the step of generating and/or computing in the first vehicle a second upload data package comprising at least the second data package. This step may remove any traces in the second data package that said data package was generated by the second vehicle. Furthermore, the step of generating the second upload data packages may also comprise adding or exchanging information to the second data package that said data package was generated by the first vehicle. Furthermore, the method may comprise the step of establishing and/or generating a second upload connection between the first vehicle and the computer network structure for uploading the second upload data package from the first vehicle to the computer network structure, respectively, sending the second upload data package via the second upload connection from the first vehicle to the computer network structure. The computer network structure assigns and/or allocates the second upload data package to the first vehicle. For example, the second upload data connection can be a 5G connection and/or a WIFI connection or any other form of internet connection between the vehicle and the computer network structure. Furthermore, the computer network structure may comprise a list comprising a plurality of vehicles wherein the second upload data package is allocated to the first vehicle which is in said list. Thereby, the origin of the second upload data package is anonymized for the computer network structure since all traces of the second vehicle in the second upload data package have been erased and/or replaced by the information of the first vehicle.
According to an exemplary embodiment of the present invention, the step of generating the first upload data package and/or the second upload data package further comprises:
- adding at least the second data package to the first upload data package, and/or
- adding at least the first data package to the second upload data package.
An advantage of this embodiment may be that the amount of data transferred between a vehicle and the computer network structure can be further reduced by combining the first and second data package to the first upload data package or the second upload data package.
The step of generating the first upload data package and/or the second upload data package may comprise the addition/integration of at least the second data package to the first upload data package such that the first upload data package comprises the first data package and the second data package. Furthermore, the method further comprises the addition/integration of at least the first data package to the second upload data package such that the second upload data package comprises the first data package and the second data package. In the addition of the second and/or the first data package to the first upload data package and respectively the second upload data package may comprise the removal of any traces comprised in the second data package or in the first data package of the origin. For example, when the second data package is added to the first upload data package, all traces are removed from the second data package that the second data package was generated by the second vehicle. By adding/integrating both data packages a combined data package without traces of the origin of the data packages can be created.
According to an exemplary embodiment of the present invention, the method further comprises the steps of:
- generating a plurality of different data packages each data package generated by a vehicle of a plurality of vehicles and each of the pluralities of different data packages comprises at least one measurement value generated in said vehicle,
- establishing a plurality of vehicle-to-vehicle connections between the first vehicle, the second vehicle and/or each of the plurality of vehicles for transmitting the plurality of data packages to the first vehicle and/or to the second vehicle,
- combining in the first vehicle and/or in the second vehicle the first data package, the second data package and/or the plurality of data packages for generating the first upload data package and/or the second upload data package, thereby anonymizing the origin of the first data package, the second data package and the plurality of data packages.
An advantage of said embodiment may be that merging the first data package, the second data package and/or the plurality of data packages to the first upload data package and/or the second upload data package, the computation resources and data transfer amount can be further reduced. In addition to that, the traceability of the data packages is further decreased because the data packages of a plurality of vehicles can be combined into one data package and therefore all traces can be removed prior to merging the plurality of data packages into the first upload data package and/or the second upload data package.
The method may comprise generating, receiving and/or computing the plurality of different data packages each data package generated by a vehicle of the plurality of vehicles. In other words, multiple vehicles form or define the plurality of vehicles. Each of said plurality of vehicles is capable of generating and/or receiving data packages which were generated for example by a sensor of the vehicle, a user input inside the vehicle and/or a computing value generated in said vehicle. Furthermore, the method may comprise the step of establishing a plurality of vehicle-to-vehicle connections. For example the plurality of vehicle-to- vehicle connections each can be a dedicated short range communication between each of the plurality of vehicles to the first and/or the second vehicle. Therefore, the plurality of data packages can be transferred from the plurality of vehicles to the first vehicle and/or the second vehicle. Furthermore, the method may comprise the step of combining, merging and/or creating in the first vehicle and/or in the second vehicle the first data package, the second data package and/or the plurality of data packages for generating, computing and/or merging the first upload data package and/or the second upload data package. Any traces which were comprised in the first data package, the second data package and/or the plurality of data packages from the vehicle in which they were created can be removed prior to combining said packages to form and/or generate the first upload data package and/or the second upload data package. Furthermore, by generating the first upload data package and/or the second upload data package, the origin of the first data package, the second data package and the plurality of data packages can be anonymized by forming one upload data package which does not make a difference between the different origins of the different vehicles.
According to an exemplary embodiment of the present invention, the method further comprises the steps of: - defining a first pool of vehicles by selecting vehicles according to a first parameter from a group comprising the first vehicle, the second vehicle, and the plurality of vehicles,
- selecting a first upload vehicle according to a second parameter from the first pool for uploading a first pool upload data package to the computer network structure,
- transferring data packages of each vehicle of the first pool to the first upload vehicle via vehicle-to-vehicle connections defining a first plurality of data packages,
- combining the first plurality of data packages of the vehicles of the first pool and the data package of the first upload vehicle for generating the first pool upload data package,
- establishing a third upload connection between the first upload vehicle and the computer network structure for uploading the first pool upload data package from the first upload vehicle to the computer network structure.
An advantage of said embodiment can be that by forming a first pool according to a first parameter, the efficiency of transferring data packages from vehicles to the computer network structure can be improved and at the same time the anonymity of the origin of the data packages can be ensured.
In other words, the method may comprise the step of defining, forming and/or establishing a first pool of vehicles by selecting vehicles according to a first parameter from the group comprising the first vehicle, the second vehicle and the plurality of vehicles. For example, a vehicle may detect a plurality of vehicles in its surroundings but will only form a vehicle-to-vehicle connection between these vehicles which have for example an adequate software compatibility. Therefore, a first pool is selected from vehicles which are in the surrounding of a vehicle according to the first parameter. Furthermore, the method may comprise the step of selecting and/or choosing a first upload vehicle according to a second parameter from the first pool for uploading a first pool upload data package to the computer network structure. To said first pool of vehicles as explained above, one vehicle is selected for transferring data from the pool to the computer network structure. To reduce the data transfer between the vehicles and the computer network structure, all data packages are merged in the upload vehicle and then uploaded to the computer network structure. Furthermore, the method may comprise the step of transferring, sending and/or uploading data packages of each vehicle of the first pool to the first upload vehicle via vehicle-to-vehicle connections defining a first plurality of data packages. For example, each vehicle of the first pool may have generated a data package, for example a sensor value or user input. These data packages are then transferred to the first upload vehicle via vehicle-to-vehicle connections which connect each vehicle of the first pool to the first upload vehicle. Furthermore, the method may comprise the step of combining, merging and/or joining the first plurality of data packages of the vehicles of the first pool and the data package of the first upload vehicle for generating the first pool upload data package. In other words, the first plurality of data packages in combination with the data package of the first upload vehicle is merged to the first pool upload data package. In this step, all traces or hints in the data packages can be removed such that the traceability of the creating vehicle can be assured. Furthermore, the method may comprise the step of establishing and/or creating the third upload connection between the first upload vehicle and the computer network structure for uploading the first pool upload data package from the first upload vehicle to the computer network structure. The third upload connection can be for example a 5G connection or WIFI connection or similar data transfer technologies. With the third upload connection, the first pool upload data package is transferred or uploaded from the first upload vehicle to the computer network structure. Thereby, the anonymity of all data packages which are comprised in the first pool upload data package can be anonymized for the computer network structure.
According to an exemplary embodiment of the present invention, the first parameter is a parameter selected from a group consisting of: vehicle-to-vehicle distance, vehicle-to-vehicle compatibility, vehicle-to-vehicle data bandwidth and/or vehicle-to-vehicle data format.
An advantage of this embodiment can be that the selection process for the first pool can be simplified by selecting vehicles according to the parameter. Therefore, the result of the selection process can be predetermined according to the available parameters.
According to an exemplary embodiment of the present invention, the second parameter is a parameter selected from a group consisting of: data bandwidth to the computer network structure, data format to the computer network structure and compatibility with the computer network structure.
An advantage of said embodiment can be that the efficiency of the data transfer between the vehicles and the computer network structure can be further improved since typical sources of error in the data uploading from vehicles to computer network structures can be avoided.
According to an exemplary embodiment of the present invention, the method may further comprise the steps of:
- defining a second pool of vehicles by selecting different vehicles not comprised by the first pool, according to the first parameter from the group comprising the first vehicle, the second vehicle, and the plurality of vehicles,
- selecting a second upload vehicle according to the second parameter from the second pool for uploading a second pool upload data package to the computer network structure,
- transferring data packages of each vehicle of the second pool to the second upload vehicle via vehicle-to-vehicle connections defining a second plurality of data packages, - combining the second plurality of data packages of the vehicles of the second pool and the data package of the second upload vehicle for generating the second pool upload data package,
- establishing a fourth upload connection between the second upload vehicle and the computer network structure for uploading the second pool upload data package from the second upload vehicle to the computer network structure.
An advantage of this embodiment may be that by forming the second pool of vehicles, the efficiency of the data transfer between the vehicles and the computer network structure can be further improved because vehicles which do not fit in the first pool of vehicles can be formed into the second pool of vehicles, for example assuring that a sufficient Internet connection is available between the second upload vehicle and the computer network structure.
In other words, the method may comprise the step defining, forming and/or selecting a second pool of vehicles by selecting, choosing and/or picking different vehicles not comprised by the first pool, according to the first parameter from the group comprising the first vehicle, the second vehicle and the plurality of vehicles. Furthermore, the method may comprise the step of selecting, choosing and/or identifying the second upload vehicle according to the second parameter from the second pool for uploading and/or transferring the second pool upload data package to the computer network structure. The method may comprise the step of transferring, uploading and/or sending data packages of each vehicle of the second pool to the second upload vehicle via vehicle-to-vehicle connections. Further, the method may comprise the step of combining, merging and/or joining the second plurality of data packages of the vehicles of the second pool and the data package of the second upload vehicle for generating and/or creating the second pool upload data package. For example, during the combining of the data packages, all traces or information regarding the origin of the data package can be removed when forming or generating the second pool upload data package. The method may further comprise the step of establishing and/or creating the fourth upload connection between the second upload vehicle and the computer network structure for uploading and/or sending the second pool upload data package from the second upload vehicle to the computer network structure. The fourth upload connection can be for example a 5G connection or a WIFI connection or similar technologies for transferring data packages.
According to an exemplary embodiment of the present invention, the method may further comprise the step of:
- establishing an upload vehicle to upload vehicle connection at least between the first upload vehicle and the second upload vehicle, for exchanging the first pool upload data package with the second pool upload data package,
- uploading the second pool upload data package with the third upload connection and uploading the first pool upload data package with the fourth upload connection, such that the computer network structure assigns the second pool upload data package to the first pool of vehicles and the first upload data package to the second pool of vehicles, thereby anonymizing an origin of the first pool upload data package and of the second pool upload data package.
An advantage of this embodiment can be that the traceability of the origin of the data packages is further complicated since the upload pool data packages are exchanged between the upload vehicles. Furthermore, the efficiency of the data transfer between the upload data vehicle and the computer network structure can be improved since the anonymization of the origin of the data packages is achieved via vehicle-to-vehicle communication which does not require any data transfer between the vehicles and the computer network structure.
The method may further comprise the step of establishing, creating and/or forming an upload vehicle to upload vehicle connection. This upload vehicle to upload vehicle connection can be for example a vehicle-to-vehicle communication, for example a dedicated short range communication. Within the upload vehicle to upload vehicle connection between the first upload vehicle and the second upload vehicle, the first upload data package can be transferred from the first upload vehicle to the second upload vehicle and the second upload data package can be transferred with the vehicle-to-vehicle connection from the second upload vehicle to the first upload vehicle. Furthermore, the method may comprise the step of uploading, transferring and/or sending the second pool upload data package with the third upload connection and uploading, transferring and/or sending the first pool upload data package with the fourth upload connection. The third upload connection and the fourth upload connection can be for example a 5G connection or WIFI connection between the upload vehicles and the computer network structure. By uploading the second pool upload data package with the third upload connection and uploading the first pool upload data package with the fourth upload connection, the computer network structure assigns and/or links the second pool upload data package to the first pool of vehicles and the first upload data package to the second pool of vehicles. Thereby, the origin of the first pool upload data package and of the second pool upload data package can be anonymized, respectively, any traces have been removed in the corresponding pool upload data packages and the pool upload data packages are uploaded from a different pool from where the content of the data packages was created.
According to an exemplary embodiment of the present invention, the method further comprises the step of:
- transferring randomly selected data packages from the first pool upload data package with data packages from the second pool upload data package in the first upload vehicle and/or in the second upload vehicle.
An advantage of this embodiment may be that by randomly switching data packages from the first pool upload data package with the second pool upload data package, the degree of anonymization can be further improved.
The method may comprise the step of transferring, switching and/or exchanging randomly selected or by chance selected data packages from the first upload data package with data packages from the second pool upload data package in the first upload vehicle and/or in the second upload vehicle. Prior to uploading the first and/or second pool upload data package, entries of these data packages can be exchanged with each other in the first upload vehicle or the second upload vehicle for further improving the anonymization process of the data packages.
Furthermore, the method may comprise the step of generating an upload connection between the first vehicle and/or the second vehicle and a communication component like a wall box. Further communication components may be for example, traffic lights, gas and/or charging stations or other structures which are able to connect to the internet. Furthermore, any form of upload connection as explain above and hereinafter, in particular in the context of pools, can be between a vehicle and the communication component.
A further aspect of the invention is a vehicle communication device for transferring data packages comprising at least one measurement value generated by a vehicle, wherein the vehicle communication device comprises:
- an interface for receiving data packages which comprises said at least one measurement value generated by the vehicle,
- a first connection module for establishing a vehicle-to-vehicle connection for transferring said data packages between vehicles,
- a second connection module for uploading data packages, which are generated by a vehicle other than the vehicle comprising said communication device, to a computer network structure.
An advantage of said embodiment may be that with the help of the vehicle communication device, the origin of data packages can be anonymized and thereby the data packages can be used for very different scenarios.
The vehicle communication device may comprise an interface which is configured for receiving data packages which comprise and/or contain at least one measurement value generated by the vehicle. For example, the interface can be an interface connecting the vehicle communication device to a sensor of the vehicle. Furthermore, the vehicle communication device comprises a first connection module for establishing and/or creating a vehicle-to-vehicle connection for transferring said data packages between vehicles. The first connection module can be for example a vehicle-to-vehicle communication device, a dedicated short range communication device. Furthermore, the vehicle communication device may comprise a second connection module for uploading and/or sending data packages which are generated by a vehicle other than the vehicle comprising said communication device to a computer network structure. The second connection module can be for example a 5 G device or a Wi-Fi device which are configured for uploading data packages.
According to an exemplary embodiment of the present invention, the vehicle communication device comprises a computing element, which is configured for performing the steps of the method for anonymizing data packages generated by vehicles as described before and hereinafter and wherein the vehicle communication device comprises a storing element, which stores a program element, which is configured for performing the steps of the method as described before and hereinafter on the computing element.
The program element may be part of a computer program, but it can also be an entire program itself. For example, the program element may be used to update an already existing computer program to get to the present invention. The storing element may be seen as a storage medium such as for example a USB stick, a CD, a DVD, a data storage device, a server, a hard disk or any medium on which a program element as described above can be stored.
A further aspect of the invention is a computer implemented method for operating a computer network structure for requesting and analysing anonymized data generated by vehicles:
- generating a signal for triggering an upload of measurement values generated by at least one vehicle, - sending the signal to at least two vehicles,
- receiving as an answer to the sent signal data packages from the at least two vehicles according to the method as described before and hereinafter.
An advantage of this embodiment can be that the computer implemented method for operating the computer network structure has access to a list of vehicles which can send data packages to a computer network structure. In order to fill this list with data entries from the vehicles, a signal can be sent to the vehicles on that list for triggering and/or starting the upload of measurement values generated by the vehicles of that list. Furthermore, data packages can be entered into the list as an answer to the sent signal.
A further aspect of the invention is a computer network structure for requesting and analysing anonymized data generated by vehicles, wherein the computer network structure comprises a computing element, which is configured for performing the steps of the method for operating the computer network structure as described hereinbefore and hereinafter, and wherein the computer network structure comprises and/or is connected to a storing element, which stores a program element, which is configured for performing the steps of the method for operating the computer network structure as described before and hereinafter on the computing element, wherein the computer network structure comprises at least one interface, which is configured for establishing a connection to at least one vehicle.
The computer network structure can be for example a server or any other form of computing element. In addition, the computer network structure can be a cloud computing and/or a cloud storing system which comprises a plurality of computing elements.
A further aspect of the invention is a vehicle comprising a communication device as described before and hereinafter and/or is configured for performing the steps of the method as described before and hereinafter. These and other features of the invention will become apparent from and elucidated with reference to the embodiments described hereinafter.
BRIEF DESCRIPTION OF THE DRAWINGS
The reference symbols used in the drawings and their meaning are listed in summary form in the list of reference symbols. In principle, identical parts are provided with the same reference symbols in the figures.
Fig. 1 shows a process chart of the method according to an embodiment of the invention.
Fig. 2 shows a process chart of the method according to an embodiment of the invention.
Fig. 3 shows a process chart of the method according to an embodiment of the invention.
Fig. 4 shows a schematic embodiment of the vehicle communication device.
Fig. 5 shows a schematic embodiment of the computer network structure according to an embodiment of the invention.
Fig. 6 shows a schematic vehicle according to an embodiment of the invention.
Fig. 7 shows a flow-chart illustrating the steps of the method according to an embodiment of the invention.
Fig. 8 shows a flow-chart illustrating the steps of the method according to an embodiment of the invention.
Fig. 9 shows a flow-chart illustrating the steps of the method for operating a computer network structure according to an embodiment of the invention.
DETAILED DESCRIPTION OF THE DRAWINGS
Fig. 1 shows the computer implemented method 1 for anonymizing data packages generated by vehicles comprising the steps of: - generating in a first vehicle 2 a first data package 4 comprising at least one measurement value obtained by the first vehicle 2,
- establishing a vehicle-to-vehicle connection 6 connecting the first vehicle 2 with the second vehicle 8 for transferring the first data package 4 from the first vehicle 2 to the second vehicle 8,
- generating in the second vehicle 8 a first upload data package 10 comprising at least the first data package 4,
- establishing a first upload connection 12 between the second vehicle 8 and the computer network structure 14 for uploading the first upload data package 10 from the second vehicle 8 to the computer network structure 14, such that the computer network structure 4 assigns the first upload data package 12 to the second vehicle 8, thereby anonymizing an origin of the first data package 4 for the computer network structure 14.
As can be further seen in Fig. 1 , the second vehicle 8 can generate a second data package 16 which is transferred with the vehicle-to-vehicle connection 6 to the first vehicle 2. In the first vehicle 2, a second upload data package 18 can be created which contains the second data package 16. Furthermore, a second upload connection 20 is established between the first vehicle 2 and the computer network structure 14 for uploading the second upload data package 18. Furthermore, in the first vehicle 2, the first data package 4 can be added to the second upload data package 18 which then contains the second data package 16 and the first data package 4 for uploading the second upload data package 18 via the second upload connection 20 to the computer network structure 14. Furthermore, in the second vehicle 8, the second data package 16 can be added to the first upload data package 10 which then contains the first data package 4 and the second data package 16 for uploading the first upload data package 10 to the computer network structure 14 from the second vehicle 8. Fig. 2 shows a plurality of vehicles 24 which each generates a data package which leads to a plurality of different data packages 22. Each of the plurality of vehicles 24 can establish a vehicle-to-vehicle connection thereby forming a plurality of vehicle-to-vehicle connections 26 to the first vehicle 2. The first vehicle 2 contains the first data package 4. The first vehicle 2 can then generate the first upload data package 18 which contains the plurality of different data packages 22 and the first data package 4 thereby anonymizing an origin of the data packages. The first upload data packages can then be uploaded via the second upload connection 20 from the first vehicle 2 to the computer network structure 14.
Fig. 3 shows a first pool of vehicles 28 and a second pool of vehicles 36. The first pool 28 is defined by selecting vehicles from the group of the first vehicle 2, the second vehicle 8 and the plurality of vehicles 24. Within the first pool 28, a first upload vehicle 30 is selected. The first upload vehicle 30 then establishes vehicle- to-vehicle connections between the first upload vehicle and/or vehicles of the first pool. Each data package of the vehicles in the first pool is then transferred to the first upload vehicle 30 via vehicle-to-vehicle connections. The first upload vehicle 30 then generates the first pool upload data package containing more data packages generated by the vehicles in the first pool 28. The first pool upload data package 32 can then be transferred to the computer network structure 14 or to the second upload vehicle 38 via vehicle-to-vehicle connections. The second pool 36 is formed by selecting vehicles from the group of the first vehicle 2, the second vehicle 8 and the plurality of vehicles 24. Within the second pool 36, a second upload vehicle 38 is selected according to a corresponding second parameter. All data packages generated by vehicles in the second pool 36 are transferred via vehicle-to-vehicle connections to the second upload vehicle 38. The second upload vehicle 38 then generates the second pool upload data package 40 which contains all data packages generated from vehicles in the second pool 36. The second pool upload data package 40 can then be uploaded to the computer network structure 14 or can be transferred via an upload vehicle to upload vehicle connection 43 to the first upload vehicle 30 of the first pool 28. The first upload vehicle 30 then establishes a third upload connection 34 which can be configured for uploading the first pool upload data package 32 to the computer network structure 14 or the second pool upload data package 40 to the computer network structure 14. Furthermore, the second upload vehicle 38 can generate a fourth upload connection between the second upload vehicle 38 and the computer network structure 14. The second upload vehicle 38 can upload the second pool upload data package 40 to the computer network structure via the fourth upload connection 42. The second upload vehicle 38 is also configured to upload the first pool upload data package 32 with the fourth upload connection.
Fig. 4 shows the vehicle communication device 44 which comprises an interface 46. The interface is configured for receiving data packages which comprise said at least one measurement value generated by the vehicle. Furthermore, the vehicle communication device 44 comprises a first connection module 48 for establishing vehicle-to-vehicle connection. In addition, the vehicle communication device 44 comprises a second connection module for uploading data packages. Moreover, the vehicle communication device comprises a computing element 52 and the storing element 54.
Fig. 5 shows a computer network structure 14 which comprises a computing element 58, a storing element 60 and an interface 62. The computer network structure can be any server structure or any cloud computing or storing structure.
Fig. 6 shows a vehicle 64 which comprises a communication device 44.
Fig. 7 shows a flow-chart illustrating the steps of the method for anonymizing data packages generated by vehicles. The method 1 comprises the step generating S1 in a first vehicle 2, a first data package comprising at least one measurement value obtained by the first vehicle 2. Furthermore, the method 1 comprises the step of establishing S2 a vehicle-to-vehicle connection 6 connecting the first vehicle 2 with the second vehicle 8 for transferring the first data package 4 from the first vehicle 2 to the second vehicle 8. In addition, the method 1 comprises the step generating S3 in a second vehicle 8 a first upload data package 10 comprising at least the first data package 4. Moreover, the method 1 comprises the step of establishing S4 a first upload connection 12 between the second vehicle 8 and the computer network structure 14 for uploading the first upload data package 10 from the second vehicle 8 to a computer network structure 14 such that the computer network structure 4 assigns the first upload data package 12 to the second vehicle 8, thereby anonymizing an origin of the first data package 4 for the computer network structure 14.
Fig. 8 shows a flow-chart of the further method 66. The further method 66 comprises the step generating S1 , establishing S2, generating S3 and establishing S4 as explained above. Furthermore, the further method 66 may further comprise the step generating S5 in the second vehicle 8, the second data package 16 comprising at least one measurement value obtained by the second vehicle 8. The further method 66 may comprise the step of transferring S6 the second data package 16 from the second vehicle 8 to the first vehicle 2 via the vehicle-to- vehicle connection 6. Moreover, the step of generating S7 in the first vehicle 2 a second upload data package 18 may be comprised by the further method 66. The further method 66 comprises the step of establishing S8 a second upload connection 20 between the first vehicle 2 and the computer network structure 14. Further, the further method 66 can have the step of adding S9 at least the second data package 16 to the first upload data package 10. The step adding S10 at least the first data package 4 to the second upload data package 18 may be comprised by the further method 66. The further method 66 can comprise the step of generating S11 a plurality of different data packages 22 each data package generated by a vehicle of a plurality of vehicles 24. Further, the step of establishing S12 a plurality of vehicle-to-vehicle connections 26 between the first vehicle 2, the second vehicle 8 and/or each of the plurality of vehicles 24 may be comprised by the further method 66. Combining S13 in the first vehicle 2 and/or in the second vehicle 8 the first data package 4 may be a part of the further method 66. Further, the further method 66 further comprises the step of defining S14 a first pool 28 of vehicles. Selecting S15 the first upload vehicle 30 may be part of the further method 66. The further method 66 may comprise the step of transferring S16 data packages of each vehicle of the first pool 28 to the first upload vehicle 30. The step of combining S17 the first plurality of data packages 22 of the vehicles of the first pool 28 and the data package of the first upload vehicle 30 for generating the first pool upload data package 32 may be comprised by the further method 66. The further method 66 may comprise the step of establishing S18 a third upload connection 34 between the first upload vehicle 30 and the computer network structure 14. The step of defining S19 a second pool 36 of vehicles by selecting different vehicles not comprised by the first pool 28 may be comprised by the further method 66. Further, the further method 66 may comprise selecting S20 a second upload vehicle 38 according to the second parameter. The step of transferring S21 data packages of each vehicle of the second pool 36 to the second upload vehicle 38 may be comprised by the further method 66. The further method 66 may comprise the step of combining S22 the second plurality of data packages 22 of the vehicles of the second pool 36 and the data package of the second upload vehicle 38. Further, the further method 66 may comprise the step of establishing S23 a fourth upload connection 42 between the second upload vehicle 38 and the computer network structure 14. Establishing S24 an upload vehicle to upload vehicle connection 43 at least between the first upload vehicle 30 and the second upload vehicle 38 may be a step of the further method 66. The further method 66 may comprise the step of uploading S25 the second pool upload data package 40 with the third upload connection 34 and uploading the first pool upload data package 32 with the fourth upload connection 42. Transferring S26 randomly selected data packages from the first pool upload data package 32 with data packages from the second pool upload data package 40 in the first upload vehicle 30 and/or in the second upload vehicle 38 may be a step of the further method 66.
Fig.9 shows a flow-chart of the third method 68. The third method 68 may comprise the step generating S27 a signal for triggering an upload of measurement values generated by at least one vehicle. Further, sending the signal to at least two vehicles may be a step S28of the third method 68. Furthermore, the third method 68 may comprise the step of receiving as an answer to the sent signal data packages from the at least two vehicles according to the method 1 as explained before and herein after.
REFERENCE SYMBOLS computer implemented method vehicle first data package vehicle-to-vehicle connection second vehicle first upload data package first upload connection computer network structure second data package second upload data package second upload connection plurality of different data packages plurality of vehicles plurality of vehicle-to-vehicle connections first pool first upload vehicle first pool upload data package third upload connection second pool second upload vehicle second pool upload data package fourth upload connection upload vehicle to upload vehicle connection vehicle communication device interface first connection module second connection module computing element storing element method computing element storing element interface vehicle further method third method generating establishing generating establishing generating transferring generating establishing adding adding generating establishing combining defining selecting transferring combining establishing defining selecting transferring combining establishing establishing uploading transferring generating sending receiving

Claims

- 27 -
Claims Computer implemented method (1 ) for anonymizing data packages generated by vehicles, comprising the steps of:
- generating in a first vehicle (2) a first data package (4) comprising at least one measurement value obtained by the first vehicle (2),
- establishing a vehicle-to-vehicle connection (6) connecting the first vehicle (2) with a second vehicle (8) for transferring the first data package (4) from the first vehicle (2) to the second vehicle (8),
- generating in the second vehicle (8) a first upload data package (10) comprising at least the first data package (4),
- establishing a first upload connection (12) between the second vehicle
(8) and a computer network structure (14) for uploading the first upload data package (10) from the second vehicle (8) to the computer network structure (14), such that the computer network structure (4) assigns the first upload data package (12) to the second vehicle (8), thereby anonymizing an origin of the first data package (4) for the computer network structure (14). Method according to claim 1 , further comprising the steps of:
- generating in the second vehicle (8) a second data package (16) comprising at least one measurement value obtained by the second vehicle (8),
- transferring the second data package (16) from the second vehicle (8) to the first vehicle (2) via the vehicle-to-vehicle connection (6), - generating in the first vehicle (2) a second upload data package (18) comprising at least the second data package (16),
- establishing a second upload connection (20) between the first vehicle (2) and the computer network structure (14) for uploading the second upload data package (18) from the first vehicle (2) to the computer network structure (14), such that the computer network structure (14) assigns the second upload data package (18) to the first vehicle (2), thereby anonymizing an origin of the second upload data package (18) for the computer network structure (14). Method according to any of the preceding claims, wherein the step of generating the first upload data package (10) and/or the second upload data package (18) further comprises:
- adding at least the second data package (16) to the first upload data package (10), and/or
- adding at least the first data package (4) to the second upload data package (18). Method according to any of the preceding claims, further comprising the steps of:
- generating a plurality of different data packages (22) each data package generated by a vehicle of a plurality of vehicles (24) and each of the pluralities of different data packages (22) comprises at least one measurement value generated in said vehicle, - establishing a plurality of vehicle-to-vehicle connections (26) between the first vehicle (2), the second vehicle (8) and/or each of the plurality of vehicles (24) for transmitting the plurality of data packages (22) to the first vehicle (2) and/or to the second vehicle (4),
- combining in the first vehicle (2) and/or in the second vehicle (8) the first data package (4), the second data package (16) and/or the plurality of data packages (20) for generating the first upload data package (10) and/or the second upload data package (18), thereby anonymizing the origin of the first data package (4), the second data package (16) and the plurality of data packages (22). Method according to claim 4, further comprising the steps of:
- defining a first pool (28) of vehicles by selecting vehicles according to a first parameter from a group comprising the first vehicle (2), the second vehicle (8), and the plurality of vehicles (24),
- selecting a first upload vehicle (30) according to a second parameter from the first pool (28) for uploading a first pool upload data package (32) to the computer network structure (14),
- transferring data packages of each vehicle of the first pool (28) to the first upload vehicle (30) via vehicle-to-vehicle connections defining a first plurality of data packages (22),
- combining the first plurality of data packages (22) of the vehicles of the first pool (28) and the data package of the first upload vehicle (30) for generating the first pool upload data package (32), - establishing a third upload connection (34) between the first upload vehicle (30) and the computer network structure (14) for uploading the first pool upload data package (32) from the first upload vehicle (30) to the computer network structure (14). Method according to claim 5, wherein the first parameter is a parameter selected from a group consisting of: vehicle-to-vehicle distance, vehicle- to-vehicle compatibility, vehicle-to-vehicle data bandwidth and/or vehicle- to-vehicle data format. Method according to claim 5 or 6, wherein the second parameter is a parameter selected from a group consisting of: data bandwidth to the computer network structure (14), data format to the computer network structure (14), compatibility with the computer network structure (14). Method according to any of the claims 5 to 7, further comprising the steps of:
- defining a second pool (36) of vehicles by selecting different vehicles not comprised by the first pool (28), according to the first parameter from the group comprising the first vehicle (2), the second vehicle (8), and the plurality of vehicles (24),
- selecting a second upload vehicle (38) according to the second parameter from the second pool (36) for uploading a second pool upload data package (40) to the computer network structure (14), - 31 -
- transferring data packages of each vehicle of the second pool (36) to the second upload vehicle (38) via vehicle-to-vehicle connections defining a second plurality of data packages (22),
- combining the second plurality of data packages (22) of the vehicles of the second pool (36) and the data package of the second upload vehicle (38) for generating the second pool upload data package (40),
- establishing a fourth upload connection (42) between the second upload vehicle (38) and the computer network structure (14) for uploading the second pool upload data package (40) from the second upload vehicle (38) to the computer network structure (14). Method according to claim 8, further comprising the steps of:
- establishing an upload vehicle to upload vehicle connection (43) at least between the first upload vehicle (30) and the second upload vehicle (38), for exchanging the first pool upload data package (32) with the second pool upload data package (40),
- uploading the second pool upload data package (40) with the third upload connection (34) and uploading the first pool upload data package (32) with the fourth upload connection (42), such that the computer network structure (14) assigns the second pool upload data package (32) to the first pool (28) of vehicles and the first upload data package (32) to the second pool (36) of vehicles, thereby anonymizing an origin of the first pool upload data package (32) and of the second pool upload data package (40). Method according to claim 9, further comprising the steps of: - 32 -
- transferring randomly selected data packages from the first pool upload data package (32) with data packages from the second pool upload data package (40) in the first upload vehicle (30) and/or in the second upload vehicle (38). Vehicle communication device (44) for transferring data packages comprising at least one measurement value generated by a vehicle, wherein the vehicle communication device (44) comprises:
- an interface (46) for receiving data packages which comprises said at least one measurement value generated by the vehicle,
- a first connection module (48) for establishing a vehicle-to-vehicle connection for transferring said data packages between vehicles,
- a second connection module (50) for uploading data packages, which are generated by a vehicle other than the vehicle comprising said communication device, to a computer network structure (14). Vehicle communication device according to claim 11 , wherein the vehicle communication device (44) comprises a computing element (52), which is configured for performing the steps of the method according to claims 1 to 10, and wherein the vehicle communication device (44) comprises a storing element (54), which stores a program element, which is configured for performing the steps of the method according to claims 1 to 10 on the computing element (52). - 33 -
13. Computer implemented method (56) for operating a computer network structure for requesting and analysing anonymized data generated by vehicles:
- generating a signal for triggering an upload of measurement values generated by at least one vehicle,
- sending the signal to at least two vehicles,
- receiving as an answer to the sent signal data packages from the at least two vehicles according to a method of any of claims 1 to 10.
14. Computer network structure (14) for requesting and analysing anonymized data generated by vehicles, wherein the computer network structure (14) comprises a computing element (58), which is configured for performing the steps of the method according to claim 13, and wherein the computer network structure (14) comprises and/or is connected to a storing element (60), which stores a program element, which is configured for performing the steps of the method according to claim 13 on the computing element (58), wherein the computer network structure (14) comprises at least one interface (62), which is configured for establishing a connection to at least one vehicle.
15. Vehicle (64) comprising a communication device (44) according to any of the claims 11 to 12 and/or is configured for performing the steps of the method according to any of the claims 1 to 10.
PCT/EP2021/074207 2021-09-02 2021-09-02 Computer implemented method for anonymizing data packages generated by vehicles WO2023030628A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/EP2021/074207 WO2023030628A1 (en) 2021-09-02 2021-09-02 Computer implemented method for anonymizing data packages generated by vehicles

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/EP2021/074207 WO2023030628A1 (en) 2021-09-02 2021-09-02 Computer implemented method for anonymizing data packages generated by vehicles

Publications (1)

Publication Number Publication Date
WO2023030628A1 true WO2023030628A1 (en) 2023-03-09

Family

ID=77821749

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/EP2021/074207 WO2023030628A1 (en) 2021-09-02 2021-09-02 Computer implemented method for anonymizing data packages generated by vehicles

Country Status (1)

Country Link
WO (1) WO2023030628A1 (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180098203A1 (en) * 2016-09-30 2018-04-05 Volkswagen Ag Method for communication between vehicles
US20180338001A1 (en) * 2017-05-19 2018-11-22 Veniam, Inc. Data-driven managed services built on top of networks of autonomous vehicles
US20200092261A1 (en) * 2018-09-17 2020-03-19 Ford Global Technologies, Llc User anonymity through data swapping
DE102019205033A1 (en) * 2019-04-09 2020-10-15 Audi Ag Method for anonymized provision of data from a first vehicle for a server device external to the vehicle, as well as anonymization device and motor vehicle

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20180098203A1 (en) * 2016-09-30 2018-04-05 Volkswagen Ag Method for communication between vehicles
US20180338001A1 (en) * 2017-05-19 2018-11-22 Veniam, Inc. Data-driven managed services built on top of networks of autonomous vehicles
US20200092261A1 (en) * 2018-09-17 2020-03-19 Ford Global Technologies, Llc User anonymity through data swapping
DE102019205033A1 (en) * 2019-04-09 2020-10-15 Audi Ag Method for anonymized provision of data from a first vehicle for a server device external to the vehicle, as well as anonymization device and motor vehicle

Similar Documents

Publication Publication Date Title
Ebert et al. Automotive software
CN108923908B (en) Authorization processing method, device, equipment and storage medium
CN111726399A (en) Docker container secure access method and device
CN107832275A (en) The generation method of intelligent Contract ID, apparatus and system in block chain
US11838375B2 (en) Universal software communication bus
CN111586629A (en) Vehicle remote diagnosis method in ZigBee mode and related device
CN108287894B (en) Data processing method, device, computing equipment and storage medium
EP3975602A1 (en) Methods, apparatus and systems to enforce data boundaries through the use of boundary labels
CN112817617A (en) Software upgrading method, device and system
US20100146123A1 (en) Resource allocation method of each terminal apparatus using resource management system and resource management server apparatus
WO2023030628A1 (en) Computer implemented method for anonymizing data packages generated by vehicles
CN112328363B (en) Cloud hard disk mounting method and device
CN110830822A (en) Resource updating method, device and computer readable storage medium
WO2023123493A1 (en) Data management method and apparatus
CN112650710B (en) Data migration sending method and device, storage medium and electronic device
KR102155562B1 (en) System for providing simulation and mornitoring information on vehicle network
CN111464395B (en) Method and device for creating blockchain and readable storage medium
CN113919511A (en) Federal learning method and device
Kotur et al. Utilization of design patterns in AUTOSAR Adaptive standard
CN115203676B (en) Database connection method, database connection device, proxy server and medium
CN111953637A (en) Application service method and device
CN112671547B (en) Resource allocation method, device and system for service slices in vehicle
CN115587394B (en) Human resource data processing method and device of cloud native architecture
CN112737872B (en) ARINC664P7 end system cross-network testing system and method
CN114676950A (en) Method, device and equipment for distributing functional safety requirements

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21773045

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2021773045

Country of ref document: EP

ENP Entry into the national phase

Ref document number: 2021773045

Country of ref document: EP

Effective date: 20240221