Irdeto believes strongly in enabling the world to embrace connected mobility without fear. As vehicle ownership models change, so too must the means to access and control vehicles and the services deployed on them. As with the introduction of any new technology, the use of a mobile phone as an access key is being deployed with somewhat mixed success. Irdeto’s Keystone solution addresses the core security considerations as well as offering the ability for vehicle owners, fleet operators, service providers the secure the control needed to evolve their businesses; ultimately improving the monetization of the vehicle as an asset over time.
In this partnership, Keystone takes advantage of the powerful, secure Link Motion Carputer; the scalable, robust Microsoft Connected Vehicle Platform; and the in-depth diagnostics experience of DSA to bring together a powerful system for connected vehicle operation & management. Keystone powers a number of different use cases through this integration and will be on display at IZB in Wolfsburg. Come see us!
Key Sharing
Keystone facilitates local key sharing via Bluetooth Low-Energy(or BLE) for in-person exchange of access keys, not unlike borrowing or copying a traditional car key. In addition, remote key sharing via mobile phone or web can enable many fleet, car sharing, and commercial scenarios. It also offers more tra ditional consumer scenarios where proximity is either overlooked or not expected, such as providing access to infrequent users like delivery companies, mechanics, or neighbors, enabling others to pick up a vehicle unexpectedly, or granting otherwise restricted access for safety or security reasons.
Easily Key Policy Management
In addition to sharing keys in different ways, Keystone makes it possible to create both pre-defined key policies to assign to shared keys, on a per-key basis, as well as customized key policies at the time of sharing. These policies can control many different parameters like time and date of vehicle access, geo-fencing or geo-alerting, discrete access to different areas of the vehicle (driver’s door, passenger door, trunk, hood, fuel door, etc.), driving behavior controls or monitoring (speed limiting, traction control modes, ADAS features, performance options, etc.), and other controls as available in the vehicle.
Cloud Management
In addition to being able to share keys and create, configure, and assign policies via the cloud, Keystone, together with DSA, Microsoft, and Link Motion also enable cloud-based management of family vehicles or commercial fleets, including key revocation, enhanced vehicle status and diagnostics monitoring. Third-party service integrations through the Keystone and DSA API’s via the Microsoft Connected Vehicle Platform can also be supported.
Proven Security
Amplified relay attacks, replay attacks, mobile-based key-cloning attacks, protocol attacks, app tampering and reverse engineering are just a few of the ways attackers are trying and succeeding at compromising modern access management systems. Keystone has been designed from the ground up to be secure against all of the current demonstrated attacks, known weaknesses, and unforeseen vulnerabilities. In addition, the integration of Cloakware Secure Environment in the Link Motion Carputer greatly increases the level of effort required in-vehicle to identify and exploit newly discovered zero-day vulnerabilities as they occur in the wild.
-
Dan Murdock
Principal System Architect, Cybersecurity Services
Irdeto