FIELD OF THE INVENTION

[0001] The invention relates to a method for operating a multimedia system for a motor vehicle according to claim 1. Further, the invention relates to a computer program as well as multimedia system.

BACKGROUND INFORMATION

[0002] Cloud hosted services are known in the state of the art. US 9,679,567 B2 shows a method of managing a speech interface to computer-based services, which include a beginning of a first speech session that is carried out in a vehicle of a short-range wireless connection between a vehicle occupant and a mobile device; detecting an initiation of a second speech session while the first speech session is being carried out; determining an assigned priority level of the first speech session relative to an assigned priority level of the second speech session based on a first speech contact identified in the first speech session and a second speech context identified in the second speech session; and when the assigned priority level of the second speech session has a higher priority than the assigned priority level of the first speech session, carrying out the session-appropriate action on the first speech session.

[0003] US 2019/0265884 A1 shows a method for interfacing a mobile device with a vehicle. The method includes providing a connection to the Internet for the vehicle via wireless connection circuitry associated with an on-board computer of the vehicle. The connection used to communicate with a server of a cloud service provider for the vehicle. The cloud service provider is configured to manage user accounts to enable one or more vehicles to connect with the cloud service provider. A user account is assigned to a user and the user account is associated with custom settings of the user. The method includes enabling communication, by the on-board computer, with a mobile device proximate to the vehicle. The communication provides for pairing the mobile device with the on-board computer using credentials saved by the on-board computer from a previous paring or pairing the mobile device with the on-board computer via a pairing routine processed between the on-board computer and the mobile device.

[0004] US 2012/0174212 A1 describes a connected account provider system that allows a user of multiple electronic devices to set up a user account on one device with the device's settings saved in the cloud for application across different devices. A user can obtain secure access to the saved settings using a second (or subsequent) device and can select settings from the initial device to be synchronized to the second device.

[0005] It is an object of the invention to provide a method, a computer program as well as a multimedia system by which in a simplified way the multimedia system can be operated.

[0006] This object is solved by a method, a computer program as well as the multimedia system according to the independent claims of the present disclosure. Advantageous embodiments are indicated in the dependent claims.

SUMMARY OF THE INVENTION

[0007] One aspect of the invention relates to a method for operating a multimedia system for a motor vehicle, wherein a first mobile network connection is established between a cloud server of the multimedia system external to the motor vehicle, and a multimedia device of the multimedia system internal to the motor vehicle and wherein a second mobile network connection is established between the cloud server and a mobile device of a user of the multimedia system.

[0008] It is provided that at least one user setting of the mobile device is accessed via the first mobile network connection by using the multimedia device by the user.

[0009] The multimedia device is authorized by the user in a time step before the access to the at least one user setting. In particular, it can be provided that to connect the mobile device and the multimedia device through the same authentication server, a hosted service is used on the multimedia device. The hosted service can be established via either a wireless LAN or a cellular service provider. In other words, the first mobile network connection and the second mobile network connection can be a wireless LAN connection or a cellular service provider connection.

[0010] The multimedia device is authorized by the user in a time step before the access to the at least one user setting. In other words, the user must authorize the multimedia device for connecting to the mobile device. In particular, the mobile device must be authorized to get access to the at least one user setting. For that, it is possible, that a secure connection between the multimedia device and the service can be realized.

[0011] Furthermore, the authorization is made via a token process between the mobile device and the multimedia device. For example, an initial setup process can be done by a user using a first step, where the user navigates to a sign-in screen on the car, in particular, at the multimedia device. The car responds with a request to input user credentials. The user enters information such as a phone number, name and password or an established form of identification to generate a unique identification and sends it to the authorization server to request an access token. The car receives the user ID via the server and returns an access token and a temporary passcode for the phone to verify. The user sends the passcode to the phone along with the token to connect. This setup happens only once and does not require any physical connection to the mobile device.

An authorization framework is used to enable the vehicle to obtain access to a user’s data without giving away a user’s password. With an initial authorization in place, a user can then subsequently connect the mobile device to the car by providing valid credentials, for example, login ID and password or via biometric scan, without having the actual phone in the car. Any suitable form of identification may be used.

[0012] Additionally, for the token a refresh token is used. For example, the user data is on the motor vehicle using a private client. A private client runs in an area where the end user cannot not access them or where they could be reverse engineered by an attack, thus it can be trusted to store tokens. The token is of type refresh token. A refresh token is long-lived, for example, days, months and years. It can be extended by requesting a new token or it can be revoked any time. Every time a user accesses a refresh token, the user will receive a new cryptographical assigned access token. With the token, a secure and trustworthy standard for the token authentication allows a user to digitalize information. A copy of the token that is stored on the phone is also stored on the server of the vehicle. Therefore, the user has the ability at any time to revoke or change consent after the smartphone is mutually authenticated and connected with the car.

[0013] Thereby it is facilitated that in a simplified way the multimedia system can be operated from the user with the mobile device.

[0014] In other words, the goal of the invention is to, in particular, store user information in such a way as to be simple, resource efficient and high-level enough to facilitate a personalized ecosystem based on individual user preferences. It is a methodology of connecting the mobile device, which can be a user device or a smartphone, to a motor vehicle’s hosted services which are facilitated by a cloud connected head-unit, which is in particular the multimedia device, with the ability to take on the function of the mobile device.

[0015] Further, it has turned out to be advantageous if the access to the at least one user setting is personalized by the user. In particular, the delegated authorization framework allows the user to personalize a token to grant access to only what a user wants to authorize. For subsequent access, a user only needs to send a request along with the token. The best example for these scopes are bundles of permissions personalized by the user when requesting a token. It decouples indication from authorization and supports multiple use cases. In our case, a user can choose to allow access to phone calls, messages and/or applications remotely from the motor vehicle once the mobile device is connected.

[0016] According to an advantageous embodiment, at least one credential for using the user setting is submitted by operating the multimedia device. Especially, once the motor vehicle is configured to the information of the applications or the user settings that now run on the motor vehicle and the relevant preferences of a user had set up on the mobile device, the user can then access the applications directly on the motor vehicle. In general, a user is required to provide credentials for individual applications. To avoid the need of entering credentials for each application every time the application is accessed and the user credentials may be stored on the motor vehicle’s head-unit, in other words the multimedia device. [0017] In a further advantageous form of configuration, the at least one credential is stored by the multimedia device. For example, a script can be implemented on the motor vehicle’s head-unit that stores the credentials. Here, a user needs to provide the credentials for the first attempt to access this application on the vehicle’s head-unit.

Once a successful login has been granted, the credentials may be stored in a script so subsequent use of the applications on the vehicle’s head-unit will not prompt user to provide them, as the script will inject a stored login form, fetch and hash the credentials, and send it to the applications of the indication servers for log in. Note the script should use local state of the art encryption or a remote server. Furthermore, a software running in the background of the motor vehicle’s head-unit will need to detect when a user is launching an application that requires credentials and whether it is a new application from a previously defined template. The software will then fetch the previously safe credentials on the vehicle’s head-unit and submit the credential for a user. The software needs to be installed and maintained on the vehicle’s head-unit where applications are launched.

[0018] Further, it has turned out to be advantageous if the at least one user setting is used for a phone call and/or a message service and/or mobile device applications and/or data of the mobile device. In particular, here, the user setting contains information such as data, for example, for a contact, documents or photos, or texts/calls and applications, in particular including credentials. This methodology is assuming that the service of, for example, wireless LAN or cellular provider service is established.

[0019] A further aspect of the invention relates to a computer program comprising instructions, which, when the program is executed by a multimedia system, causes the multimedia system to carry out the method according to the preceding aspect.

[0020] Another aspect relates to a multimedia system for a motor vehicle with at least a cloud server and a multimedia device, wherein the multimedia system is configured to carry out a method according to the preceding aspect.

[0021] Further advantageous embodiments of the method are to be regarded as advantageous embodiments of the computer program and the multimedia system. The multimedia system as well as the computer program for this purpose comprise substantive features, which facilitate a performance of the method or advantageous embodiment thereof.

[0022] Further advantages, features and details of the invention derive from the following description of preferred embodiments as well as from the drawings. The features and the feature combinations previously mentioned in the description as well as the features and the feature combinations mentioned in the following description of the figure or shown in the figure alone can be employed not only in the respectively indicated combination but also in any other combination or taken alone without leaving the scope of the invention.

BRIEF DESCRIPTION OF THE DRAWINGS

[0023] Fig: 1 is a schematic view of an embodiment of a multimedia system.

[0024] Fig. 2 is a schematic view of an embodiment of a token process.

[0025] Fig. 3 is another schematic view of an embodiment of a token process.

[0026] Fig. 4 is a schematic view of an embodiment of the multimedia system.

[0027] Fig. 5 is a schematic view of an embodiment of the multimedia system.

[0028] Fig. 6 is a schematic view of an embodiment of the multimedia system.

[0029] Fig. 7 is another schematic of an embodiment of the multimedia system.

[0030] In the figures the same elements or elements having the same function are indicated by the same references.

DETAILED DESCRIPTION

[0031] Fig. 1 shows in a schematic view an embodiment of the multimedia system 10. One aspect of the invention relates to a method for operating the multimedia system 10 for a motor vehicle 12, wherein a first mobile network connection 14 is established between a cloud server 16 of the multimedia system 10 external to the motor vehicle 12 and a multimedia device 18 (Fig. 4) of the multimedia system 10 internal to the motor

ANY REFERENCE TO FIGURE 7 SHALL BE CONSIDERED NON-EXISTENT

vehicle 12 and wherein a second mobile network connection 20 is established between the cloud server 16 and a mobile device 22 (Fig. 5) of a user 24 of the multimedia system 10.

[0032] It is provided that at least one user setting 26 (Fig. 5) of the mobile device 22 is accessed via the first mobile network connection 14 by using the multimedia device 18 by the user 24.

[0033] In particular, the multimedia device 18 is authorized by the user 24 in a time step before the access to the at least one user setting 26. In particular, the authorization is made via a token process 28 (Fig. 2) between the mobile device 18 and the multimedia device 22 and the multimedia device 18.

[0034] In particular, at least one credential for using the user setting 26 is submitted by operating the multimedia device 18. In particular, the at least one credential is stored by the multimedia device 18.

[0035] In particular, the at least one user setting 26 is used for a phone and/or a message service and/or mobile device applications and/or data of the mobile device 26.

[0036] In particular, the goal of the invention is to store the user 24 information in such a way as to be simple, resource efficient and high-level enough to facilitate a personalized ecosystem based on individual user 24 preferences. The methodology of connecting the mobile device 22 to the motor vehicle 12 hosted service which is facilitated by a cloud connected head-unit, which is, in particular the multimedia device 18, with the ability to take the function of the mobile device 22.

[0037] To connect both the mobile device 22 and the motor vehicle 12 through the same authentication server, a hosted service is used on the multimedia device 18. The hosted server can be established via using a wireless LAN or a cellular service provider. In other words, the first mobile network connection 14 and the second mobile network connection 20 can be a wireless LAN or a cellular service provider connection.

[0038] Fig. 1 shows that in a first step S1 the user 24 navigates to a sign in screen on the car 12. In a second step S2, the motor vehicle 12 responds with request to input user 24 credentials. In a third step S3, the user 24 enters information such as phone number, name and password to an established form to identification to generate a unique identification (ID) and sends it to the authorization server, which is the cloud server 16 in this embodiment, to request an access token 30 (Fig. 2). In a fourth step S4, the motor vehicle 12 receives the unique ID via the cloud server 16 and returns an access token 30 and a temporary passcode for the phone to verify. In a fifth step S5, the user 24 sends the passcode on the phone along with the token 30 to connect.

[0039] This setup happens only once and does not require any physical connection to the mobile device 22. An authorization framework is used to enable the motor vehicle 12 to obtain access to a user’s 24 data without giving away a user’s 24 password. With an initial authorization in place a user 24 can then subsequently connect the mobile device 22 to the motor vehicle 12 by providing valid credentials, for example, the login ID and password or via biometrical scan without having the actual mobile device 22 in the motor vehicle 12. Any suitable form of identification may be used.

[0040] Fig. 2 shows in a schematic view the multimedia system 10. Fig. 2 shows that the token 30 is the refresh token 32. Further, the access to the at least one user setting 26 is personalized by the user 24.

[0041] The delegated authorization framework allows the user 24 to personalize the token 30 to grant access to only what the user 24 wants to authorize. For subsequent access, user 24 only needs to send a request along with the token 30.

[0042] These scopes are bundles of permissions personalized by the server 24 when requesting a token 30. It decouples authentication from authorization and supports multiple use cases. In our case, the user 24 can choose the allowed access to phone calls, messages and/or applications remotely from the motor vehicle 12, once it is connected.

[0043] As shown in Fig. 2, user 24 data is on the motor vehicle 12 using private client.

A private client runs in a protected area where the end user 24 cannot access them or where they could be reserve engineered by an attack, thus it can be trusted to store tokens 30. The token 30 is type of refresh token 32. A refresh token 32 is long-lived, for example, days, months or years. It can be extended by requesting a new token 30 or it can be revoked any time. Every time a user 24 is accessing a refresh token 32, the user 24 will receive a new cryptographical assigned access token 30. For example, as shown in Fig. 2 in a sixth step S6 an authorization is done by getting consent and authorization from the user 24. In a seventh step S7, the user 24 consent is made when there is a grant of authorization. In an eighth step S8, a token 30 is generated. With the refresh token 32 the user 24 obtains the refresh token 32, using it to get a new access token 30. The ninth step S9 is an introspection, while the tenth step S10 is a revocation, where the access token 30 is revoked.

[0044] A copy of the token 30 is stored in the mobile device 22 and is stored in the cloud server 16 or in the multimedia device 18 of the motor vehicle 12. Therefore, the user 24 has the ability at any time to revoke or change consent after the mobile device 22 is mutually authenticated and connected with the car.

[0045] Fig. 3 shows in a schematic view the multimedia system 10. Especially, it is a token security shown. In particular, it is shown that the user 24 delegates an access token 30 to the application on the motor vehicle 12 with the user ID and credentials. The motor vehicle 12 uses an authentication server 34 to verify the user 24 ID and credentials with the refresh token 32 and grant the user 24 access with this access token 30. The private server then stores user 24 credentials and the access token 30 for the future access. Forthgoing, a user 24 can remotely access a private server 36 then stores user’s 24 credentials and the access token 30 for future access. Forthgoing, a user 24 can remotely access the mobile device 32 from the motor vehicle 12, while the mobile device 22 does not have to be in the motor vehicle 12.

[0046] Fig. 4 shows another embodiment of the multimedia system 10. Fig. 4 shows in detail how the motor vehicle 12 authorizes the user 24 and stores the access token 30 on the private server 34. In a eleventh step S11 , the user 24 requests access. In a twelfth step S12, the application sends user 24 request to an authorized end point of the authentication server 34. In a thirteenth step S13, the authentication server 34 verifies credentials and returns access token 30. If no cached cookie, for example in a first time login, the login information will be asked. If a cached cookie is available from the private server 36, consent dialogue appears. In a fourteenth step S14, the user 24 connects with the access token 30. In a fifteenth step S15, the application sends access token 30 to the private server 36 with the user 24 credentials for future use. Here, there are two servers. The authentication server 34 to verify user 24 and private server 36 to manage and store user 24 data and access token 30. The private server 36 will manage token 30 exploration, type and user 24 data/settings. [0047] Fig. 5 shows another embodiment of the multimedia system 10. In particular, a protocol to send messages/actions between the mobile device 22 and the motor vehicle 12 is shown. After connection between the mobile device 22 and the motor vehicle 12 is established, web service end points or API protocols are established to allow user 24 to manage and use resources on the user’s 24 mobile device 22 remotely from the motor vehicle 12 through standard HTTP-methods. For example, a user 24 can create, read and update phone numbers, calls, text messages and can receive or initiate calls and message or interact with applications running on the mobile device 22.

[0048] To do this, a library or SDK will be created on the mobile device 24 to receive and act on incoming requests from the user 24 initiated in the motor vehicle 12. The SDK can be simple, like sending a text and as complicated as accessing applications on the mobile device 22.

[0049] A standard, such as REST is an example of an optimal approach to handle, create, read, update and delete operations on data. REST is public, has its own API and uses standard HTTP via a wireless data format. Typically, REST accesses the resources through associated URI using HTTP GET with for example a query string.

[0050] Fig. 6 shows in a schematic view another embodiment of the multimedia system 10. Fig. 6 shows the logic communication between the mobile device 22 and the motor vehicle 12. In a sixteenth step S16, a handshake is done. In a seventeenth step S17, a connection is opened. In an eighteenth step S18, there are back and forth messages made. In a nineteenth step S19, one side closes the channel and the connection is closed. After communication is closed, the result of the action will be sent from the cloud server 16 to the motor vehicle 12. This enables the user 24 to send messages to the mobile device 22 and to receive results remotely via the motor vehicle 12. In this example, all the computation will be done remotely on the mobile device 22 while the cloud server 16 will facilitate the data transfer to the motor vehicle 12.

[0051] In particular, the Fig. 1 to 6 show a car hosted loT application.