JP2020113065A - Information management system - Google Patents

Abstract

To provide an information management system capable of accessing information of a vehicle owner stored in a vehicle when a driver in the vehicle is the owner.SOLUTION: In a vehicle system (information management system) 10, an on-vehicle device 100 includes in an authentication ECU 110: a vehicle storage unit configured to store owner information about an owner of a vehicle; an identification unit configured to identify a driver in the vehicle; and a permission unit configured to control the mode to a permission mode, when the driver identified by the identification unit is the owner of the vehicle, to permit access to the owner information stored in the vehicle storage unit. This allows the owner information to be accessed when the driver in the vehicle is the owner of the vehicle.SELECTED DRAWING: Figure 1

Description

The disclosure in this specification relates to an information management system that manages information stored in a vehicle.

The control program for controlling the vehicle is stored in the memory of the vehicle control device. Then, the vehicle control device executes the control program stored in the memory to control the engine, the navigation system, the automatic parking system, and the like. The memory of the vehicle control device stores not only the control program but also various setting information and user's personal information. The personal information includes, for example, vehicle information about a vehicle such as a vehicle body number and a vehicle registration number, and navigation system action data, route search records, address lists, and navigation information such as telephone numbers.

Such personal information needs to be properly protected. In order to protect personal information, for example, there is a technique in which information can be read from a memory only when authentication information such as a user ID is input. However, if the authentication information is unintentionally disclosed to a third party, it may be illegally accessed by the third party.

Therefore, in the technique described in Patent Document 1, when a vehicle communicates with an external personal computer (abbreviated as PC), it is determined whether the vehicle key is near the PC, and when there is a key nearby, communication is performed. The key identification information is transmitted to the vehicle via the network. The vehicle receives the identification information, and permits the communication with the PC when the received identification information is authenticated as the authentic identification information. As a result, the information can be read out only when the vehicle key is near a predetermined PC outside the vehicle, and thus unauthorized access by a third party is restricted.

JP, 2009-33264, A

The technique described in the above-mentioned Patent Document 1 is premised on establishing safety of communication between the vehicle and an external system such as a PC, and does not consider information provided by the vehicle when the vehicle is used. Therefore, with the technique described in Patent Document 1, information cannot be read when the user is inside the vehicle.

Therefore, the object of the disclosure is made in view of the above-mentioned problems, and in the case where the driver in the vehicle is the user who is stored in the information, the information for each user of the vehicle stored in the vehicle is used. The purpose is to provide an accessible information management system.

The present disclosure adopts the following technical means in order to achieve the above-mentioned object.

The information management system disclosed herein is an information management system (10) for managing access right to information stored in a vehicle, and is installed in the vehicle and corresponds to a plurality of users of the vehicle. A vehicle storage unit (130) in which user information related to the user is stored for each user;
When the specifying unit (123) specifying the driver in the vehicle and the driver specified by the specifying unit are the users stored in the vehicle storage unit, access to the user information corresponding to the specified user is performed. An information management system including a permission unit (125) for controlling a permission mode to permit.

According to such an information management system, when the driver is a user stored in the vehicle storage unit, the permission unit controls the permission mode to permit access to the user information corresponding to the identified user. It This allows the driver in the vehicle to access his user information. Therefore, the convenience for the user can be improved.

In addition, the reference numerals in parentheses of the respective means described above are examples showing the correspondence with the specific means described in the embodiments described later.

Block diagram showing vehicle system The flowchart which shows the process regarding the setting of the permission mode of a permission part. Flowchart showing a process related to transmission of owner information of the permitting section The flowchart which shows the process regarding the driving mode of a permission part. The flowchart which shows the process regarding the information which a permission part memorize|stores.

(First embodiment)
The first embodiment of the present disclosure will be described with reference to FIGS. 1 to 5. The vehicle system 10 according to the first embodiment includes an electronic key 200 carried by a user and an in-vehicle device 100 provided in the vehicle. The vehicle system 10 has an authentication function that allows the vehicle-mounted device 100 to authenticate the electronic key 200 by wireless communication and to control the vehicle when the authentication is successful. The vehicle system 10 also has a function as an information management system that manages the access right to the information stored in the vehicle.

Each of the vehicle-mounted device 100 and the electronic key 200 is configured to be capable of performing short-range wireless communication that complies with a predetermined short-range wireless communication standard having a communication range of, for example, several tens of meters at the maximum. As the short-range wireless communication standard here, for example, Bluetooth Low Energy (Bluetooth is a registered trademark), Wi-Fi (registered trademark), ZigBee (registered trademark), or the like can be adopted.

The electronic key 200 is a device that is associated with the in-vehicle device 100 and functions as a so-called key of the vehicle. The electronic key 200 may be any device that has a short-range communication function and can be carried by a user. The electronic key 200 may be a dedicated device, or may be mounted as a part of a function on a smartphone, a tablet terminal, a wearable device, a portable music player, a portable game console, or the like. The signal transmitted by the electronic key 200 as the short-distance communication includes the transmission source information. The transmission source information is, for example, unique identification information (hereinafter referred to as a terminal ID) assigned to the electronic key 200. The terminal ID functions as information for identifying another communication terminal and the electronic key 200. The terminal ID also stores information that identifies the type of user. The type of user is, for example, whether or not the vehicle owner is a vehicle owner, a relative of the vehicle owner, or a third party authorized by the vehicle owner to operate the vehicle. And so on.

The electronic key 200 includes a key control unit 230, a key reception antenna 215, a key reception unit 210, a key transmission antenna 221, a key transmission unit 220, a key input unit 250, and a key storage unit 240. The key receiving antenna 215 receives a radio wave using a predetermined short-range wireless communication, and gives a signal based on the received radio wave to the key receiving unit 210. The key receiving unit 210 acquires data from the signal from the key receiving antenna 215 based on the short-range communication standard, and gives the acquired data to the key control unit 230.

Upon receiving the data to be transmitted from the key control unit 230, the key transmission unit 220 converts the data into a signal for transmission based on the short-range communication standard, and supplies the signal to the key transmission antenna 221. The key transmission antenna 221 transmits the signal from the key transmission unit 220 to the outside.

The key input unit 250 is a switch operated by the user. When the key input unit 250 is operated, a signal based on the operation content is given to the key control unit 230. The key storage unit 240 stores vehicle information that specifies a vehicle in which the in-vehicle apparatus 100 is mounted, if necessary. The vehicle information may be any information that can uniquely identify the vehicle, and is, for example, a vehicle number, a vehicle ID managed by a manufacturer or a dealer, and a vehicle verification number. The key storage unit 240 stores the above-mentioned terminal ID.

The key control unit 230 controls the operation of the electronic key 200. The key control unit 230 includes a CPU, a ROM, a RAM, and the like, and executes various processes related to the authentication function. Specifically, for example, when the key receiving unit 210 receives a request signal from the vehicle, the key control unit 230 sends a response signal in response to the request signal from the key transmitting antenna 221 via the key transmitting unit 220. Send it. At this time, the key control unit 230 includes the terminal ID for authenticating the electronic key 200 in the response signal.

Next, the in-vehicle device 100 will be described. As shown in FIG. 1, the in-vehicle apparatus 100 includes an authentication ECU (Electronic Control Unit) 110, an exterior antenna 181, an exterior communication unit 180, an interior antenna 182, an interior communication unit 183, an input unit 140, a door handle button 15, and a start button. 16, an engine ECU 17, a body ECU 18, and a DCM (Data Communication Module) 19 are provided.

The in-vehicle antenna 182 is an antenna of the in-vehicle communication unit 183, and a plurality of in-vehicle communication units 183 are arranged such that the communication area of the in-vehicle communication unit 183 is inside the vehicle. The in-vehicle antenna 182 is an antenna for transmitting and receiving radio waves in the frequency band used for near field communication. In this embodiment, the antenna is an omnidirectional antenna as an example. As another aspect, the antenna may have directivity. The in-vehicle antenna 182 is electrically connected to the in-vehicle communication unit 183. The vehicle exterior antenna 181 is an antenna of the vehicle exterior communication unit 180, and a plurality of vehicle exterior antennas 181 are arranged such that the communication area of the vehicle exterior communication unit 180 is a vehicle exterior and a communication area that covers the periphery of the vehicle. The remaining functions of the vehicle exterior antenna 181 and the vehicle interior antenna 182 are the same.

The in-vehicle communication unit 183 and the in-vehicle communication unit 180 are both communication modules for performing near field communication. The vehicle exterior communication unit 180 and the vehicle interior communication unit 183 play a role of the authentication ECU 110 transmitting and receiving data to and from the electronic key 200, and function as a vehicle side communication unit. Further, the in-vehicle communication unit 183 and the out-of-vehicle communication unit 180 play a role of providing the authentication ECU 110 with the reception intensity of the signal transmitted from the electronic key 200.

The in-vehicle communication unit 183 and the out-of-vehicle communication unit 180 are different only in the service they are in charge of, and can be realized by a communication device having the same configuration. The in-vehicle communication unit 183 and the out-of-vehicle communication unit 180 are connected to the authentication ECU 110 via a dedicated communication line or an in-vehicle network so that they can communicate with each other.

Since the vehicle interior communication unit 183 and the vehicle exterior communication unit 180 have the same configuration, only the vehicle interior communication unit 183 will be described in detail, and the vehicle exterior communication unit 180 will not be described. The in-vehicle communication unit 183 is a microcomputer that controls data exchange with the authentication ECU 110. The in-vehicle communication unit 183 demodulates the signal received by the in-vehicle antenna 182 and gives it to the authentication ECU 110. The in-vehicle communication unit 183 also modulates a signal input from the authentication ECU 110, outputs the modulated signal to the in-vehicle antenna 182, and radiates it as a radio wave. Further, the in-vehicle communication unit 183 has a reception intensity detection function of sequentially detecting the intensity of the signal received by the in-vehicle antenna 182. The in-vehicle communication unit 183 sequentially provides the detected reception intensity to the authentication ECU 110 as the reception intensity data associated with the terminal ID included in the reception data.

The in-vehicle communication unit 183 has already executed the key exchange protocol with the electronic key 200, so-called pairing. The terminal information about the electronic key 200 acquired by the pairing is stored in the nonvolatile memory included in the in-vehicle communication unit 183. Alternatively, the terminal information is stored in the authentication unit 121 in the authentication ECU 110. The terminal information is, for example, key information and terminal ID exchanged by pairing. Saving the exchanged key information is also called bonding. When the vehicle is used by a plurality of users, the terminal ID of the electronic key 200 owned by each user is stored.

Upon receiving the signal from the electronic key 200, the in-vehicle communication unit 183 automatically establishes a communication connection with the electronic key 200 using the stored terminal information. Then, the authentication ECU 110 transmits/receives data to/from the electronic key 200. When the communication connection with the electronic key 200 is established, the in-vehicle communication unit 183 provides the authentication ECU 110 with the terminal ID of the electronic key 200 in communication connection.

The authentication ECU 110 is an ECU that cooperates with another electronic device, determines the position of the electronic key 200, and implements vehicle control according to the determination result in cooperation with another ECU. The authentication ECU 110 is realized by using a computer. The authentication ECU 110 is mainly configured by a microcomputer including a processor, a vehicle storage unit 130, an I/O, and a bus connecting these, and executes a control program stored in the vehicle storage unit 130 to perform processing related to the authentication function. It is an electronic control device that executes the above. Executing the control program by the processor corresponds to executing the method corresponding to the control program. The vehicle storage unit 130 here is a memory, and is a non-transitory tangible storage medium that non-temporarily stores a computer-readable program and data. The non-transitional physical storage medium is realized by a semiconductor memory, a magnetic disk, or the like.

In the vehicle storage unit 130, user information regarding the user of the vehicle and a terminal ID assigned to the electronic key 200 owned by the user are registered. The user information is stored in association with the terminal ID. The user information corresponds to a plurality of users of the vehicle, and user information regarding each user is stored for each user. The user information varies depending on the type of the user, and includes owner information about the owner of the vehicle, close relative information about a close relative of the owner, and third-party information that is information about each third-party user. Therefore, when the terminal ID is specified, the user type can also be specified.

The owner information includes setting information for making the traveling ability of the vehicle unique to the owner. The setting information is, for example, information on how much the engine output is limited.

In addition, the owner information includes accumulated information indicating the distance traveled by the owner of the vehicle as information to be provided to the insurance company. The vehicle storage unit 130 stores the total traveling distance. The cumulative traveling distance is a distance after the vehicle is manufactured and the vehicle starts traveling. On the other hand, the integrated information in the owner information is information indicating the traveling distance only when the driver is the owner.

Further, the owner information includes history information indicating a travel history when the owner of the vehicle drives the vehicle, as information to be provided to the insurance company. The traveling history is, for example, the speed, position, acceleration, and traveling image of the vehicle. If it is a so-called drive recorder, the travel history is stored regardless of the type of driver. On the other hand, the history information in the owner information is information indicating the traveling history only when the driver is the owner. The same contents of the owner information are stored for each user. For example, as the third party information, the above-mentioned setting information, accumulated information, and history information are stored for each user.

The vehicle storage unit 130 also stores programs for executing various controls of the authentication ECU 110. Further, the vehicle storage unit 130 stores a determination threshold value for the authentication ECU 110 to determine whether or not the electronic key 200 exists in the vehicle interior based on the reception intensity of the signal from the electronic key 200. ..

The authentication ECU 110 is configured to supply the electric power required for performing the authentication function from the vehicle-mounted battery even when the vehicle driving power supply, for example, the ignition power supply is turned off.

The door handle button 15 is a button for the user to unlock and lock the vehicle door, and is realized by a switch button, a touch sensor, or the like. The door handle button 15 is provided on each door handle of the vehicle. When the door handle button 15 is operated by the user, it outputs an electric signal to that effect to the authentication ECU 110. The door handle button 15 is a structure for the authentication ECU 110 to receive an unlocking instruction and a locking instruction from the user.

The start button 16 is a push switch for the user to start a drive source, for example, an engine. When the start button 16 is operated by the user, the start button 16 outputs an electric signal to that effect to the authentication ECU 110.

The engine ECU 17 is an ECU that controls the operation of the engine mounted on the vehicle. For example, the engine ECU 17 starts the engine when it receives a start instruction signal for instructing to start the engine from the authentication ECU 110.

The body ECU 18 is an ECU that controls the vehicle-mounted actuator 19 based on a request from the authentication ECU 110. The body ECU 18 is communicably connected to various in-vehicle actuators 19 and various in-vehicle sensors. The vehicle-mounted actuator 19 here is, for example, a door lock motor that constitutes a lock mechanism of each door, an actuator for adjusting a seat position, and the like. The in-vehicle sensor is a courtesy switch or the like arranged for each door. The courtesy switch is a sensor that detects opening/closing of a door. The body ECU 18 locks or unlocks each door by outputting a predetermined control signal to a door lock motor provided in each door of the vehicle based on a request from the authentication ECU 110, for example.

A DCM (Data Communication Module) 20 is a communication module mounted on a vehicle. The DCM 20 functions as a vehicle communication device that transmits information stored in the vehicle storage unit 130 to the outside of the vehicle storage unit 130. Here, the object with which the DCM 20 communicates is not limited to the outside of the vehicle storage unit 130 outside the vehicle, and includes devices outside the vehicle storage unit 130 in the in-vehicle device 100. The DCM 20 transmits and receives radio waves to and from base stations around the vehicle by wireless communication according to a communication standard such as LTE (Long Term Evolution). By mounting the DCM 20, the vehicle becomes a connected car that can be connected to the Internet 300. The DCM 20 enables transmission/reception of vehicle information with a provider 400 that provides a data distribution service. The DCM 20 also communicates with other devices in the vehicle via the in-vehicle LAN.

Next, specific processing of the authentication ECU 110 will be described. The authentication ECU 110 includes, as functional blocks, an authentication unit 121, a travel control unit 122, a specification unit 123, a position determination unit 124, and a permission unit 125. Note that a part or all of the functions executed by the authentication ECU 110 may be configured by one or a plurality of ICs or the like as hardware. Further, some or all of the functional blocks included in the authentication ECU 110 may be realized by a combination of execution of software by a processor and hardware members.

The authentication unit 121 authenticates the electronic key 200 and, as a result of the authentication, if the electronic key 200 is the authorized electronic key 200, permits the control of each unit. As the authentication process, the authentication unit 121 collates the terminal ID transmitted from the electronic key 200 with the regular terminal ID stored in the vehicle storage unit 130, and if they match, determines that the collation is successful. The timing at which the authentication unit 121 performs the authentication process may be appropriately designed. The authentication unit 121 executes the authentication process, for example, when the door handle button 15 is operated by the user or when the start button 16 is operated by the user.

As a result of the authentication processing, when the electronic key 200 is a legitimate electronic key 200, vehicle control for the user to use the vehicle, for example, operations such as locking and unlocking the door lock mechanism and starting the engine are permitted. For example, if the authentication process is successful when the vehicle door is locked, the vehicle door lock mechanism is set to the unlocked state in cooperation with the body ECU 18. If the authentication process is successful while the engine is stopped, the engine is started in cooperation with the engine ECU 17.

The position determination unit 124 determines whether or not the electronic key 200 is inside the vehicle by using transmission and reception of a signal with the electronic key 200. The position determination unit 124 compares the reception intensity of the signal from the electronic key 200 with the determination threshold value stored in the vehicle storage unit 130, and determines whether or not the electronic key 200 exists in the vehicle interior.

Specifically, the position determination unit 124 specifies the position of the electronic key 200 based on the reception intensities specified by the plurality of vehicle interior communication units 183 and vehicle exterior communication units 180. More specifically, the pattern of the reception intensity of the radio waves received from the electronic key 200 by the vehicle interior communication unit 183 and the vehicle exterior communication unit 180 changes according to the position of the electronic key 200 inside and outside the vehicle. The position determination unit 124 identifies the position of the electronic key 200 by comparing it with the determination threshold value based on the change in the reception intensity pattern.

The identifying unit 123 identifies the driver in the vehicle. When the position determining unit 124 determines that the electronic key 200 is inside the vehicle, the identifying unit 123 identifies the driver in the vehicle by using the terminal ID of the electronic key 200 received by the in-vehicle communication unit 183. As described above, since the user information is associated with the terminal ID, the user information associated with the received terminal ID is read out, and whether the driver is the owner or not and whether the driver is a close relative or not is read according to the user information. , Specify whether or not you are a third party.

Next, the processing of the permission unit 125 will be described with reference to FIG. The process shown in FIG. 2 is repeatedly executed when the authentication ECU 110 is powered on.

The process is started, and in step S11, it is determined whether or not the electronic key 200 is in the vehicle interior. If the electronic key 200 is in the vehicle interior, the process proceeds to step S12. If the electronic key 200 is not in the vehicle interior, Moves to step S15.

In step S12, since the electronic key 200 is inside the vehicle, the user information of the electronic key 200 is acquired from the specifying unit 123, and the process proceeds to step S13. In step S13, the user information is used to determine whether or not the user is the owner. If the user is the owner, the process proceeds to step S14. If the user is not the owner, the process proceeds to step S15.

In step S14, the electronic key 200 is in the vehicle compartment, and since the electronic key 200 belongs to the owner, the permission mode is set and the present flow ends. In step S15, since the electronic key 200 is not in the vehicle compartment or the electronic key 200 is not the property of the owner, the restriction mode is set, and this flow ends.

In this way, the permission unit 125 sets the permission mode when the driver identified by the identification unit 123 is the owner of the vehicle. The permission mode is a mode in which access to the owner information stored in the vehicle storage unit 130 is permitted. In other words, in the permission mode, the access right to the owner information stored in the vehicle storage unit 130 is given. The restriction mode is a mode in which access to the owner information stored in the vehicle storage unit 130 is restricted. In other words, in the restricted mode, the access right to the owner information stored in the vehicle storage unit 130 is not given. This allows access to the owner information if the driver is the owner.

Next, another process of the permission unit 125 will be described with reference to FIG. The process shown in FIG. 3 is repeatedly executed when the authentication ECU 110 is powered on.

The process starts, and in step S21, it is determined whether or not there is a transmission request for the owner information. If there is a transmission request, the process proceeds to step S22, and if there is no transmission request, this flow ends. The transmission request is, for example, a request for transmission of owner information from an external server and the provider 400 via the DCM 20.

In step S22, since there is a transmission request, it is determined whether or not the mode is the permission mode. If the mode is the permission mode, the process proceeds to step S23, and if the mode is not the permission mode, this flow ends. Therefore, when the permission mode is not set, the owner information is not transmitted even if there is a transmission request.

In step S23, since the permission mode is set, the owner information requested to be transmitted is read from the vehicle storage unit 130, and the process proceeds to step S24. In step S24, the read vehicle storage unit 130 is controlled to be transmitted to the outside, and the present flow ends. For example, the owner information read out via the DCM 20 is controlled to be transmitted to an external server that has made a transmission request.

Thus, when there is a transmission request, the permission unit 125 permits the owner information to be read only in the permission mode. Therefore, when the driver is the owner, the owner information is transmitted to the outside, but when the driver is not the owner, the transmission of the owner information to the outside is restricted by the restriction mode. For example, when the charging service is used in the charging station, the charging station may communicate with the charging station via a cable connection or the like. When communicating with the charging station, if the owner of the vehicle is the driver, the charging mode account information, which is the owner information, can be transmitted because it is the permission mode. On the contrary, when the third party who is not the owner of the vehicle is the driver, the account information can be prohibited from being transmitted because the mode is the restriction mode. This can prevent the owner's account information from being used when a third party is a driver.

Next, still another process of the permission unit 125 will be described with reference to FIG. The process shown in FIG. 4 is repeatedly executed when the authentication ECU 110 is powered on.

In step S31, it is determined whether or not the mode is the permission mode. If the mode is the permission mode, the process proceeds to step S32. If the mode is not the permission mode, this flow is ended. In step S33, since the permission mode is set, the setting information is read out, and the process proceeds to step S33. In step S33, the traveling control unit 122 is controlled so as to set the traveling mode based on the setting information, and the present flow ends.

In this way, the permission unit 125 is permitted to access the setting information in the permission mode, and the traveling control unit 122 controls the engine ECU 17 so as to set the traveling ability based on the setting information. The setting information is, for example, setting permission and setting prohibition of the output up service provided by the automobile manufacturer on a pay-per-use basis. In the case of such an output up service, the output up is permitted only in the permission mode, and the third party electronic key 200 such as car sharing is in the limited mode and the output up is prohibited.

Next, still another process of the permission unit 125 will be described with reference to FIG. The process shown in FIG. 5 is repeatedly executed when the authentication ECU 110 is powered on.

In step S41, it is determined whether or not the mode is the permission mode. If the mode is the permission mode, the process proceeds to step S42, and if the mode is not the permission mode, this flow is ended. In step S43, since it is the permission mode, the storage of the accumulated information of the traveling distance is permitted, and the process proceeds to step S43. In step S43, since it is the permission mode, the storage of the history information of the traveling history is permitted, and the present flow ends.

In this way, the permitting unit 125 permits the storage of the accumulated information and the storage of the history information in the permission mode. The accumulated information and the history information are information to be provided to the insurance company. For example, as a service provided by an insurance company, there is a discount service applied when the annual mileage is less than a certain value. In such a case, the traveling distance is accumulated while the owner is driving and the accumulated information is stored, but the traveling distances of other users are not accumulated in the accumulated information. This allows the insurance company to receive a discount service based on the distance traveled by the owner.

Further, as a service provided by, for example, an insurance company, there is a safe driving, for example, a discount service due to no sudden acceleration and sudden stop. In such a case, the traveling history is stored as history information when the owner is driving, but the traveling history of another user driving is not stored. As a result, it is possible to receive the discount service of the insurance company based on the traveling history of the owner.

The accumulated information and the history information may be regularly provided to the external server. Since the accumulated information and the history information are owner information, they are appropriately provided to the external server, for example, the server of the insurance company, by the process shown in FIG.

As described above, the vehicle system 10 according to the present embodiment enters the permission mode and can access the owner information when the driver inside the vehicle is the owner of the vehicle. Therefore, if the driver in the car is not the owner, it will be in a restricted mode and the owner information cannot be accessed. Therefore, when the owner rents the vehicle to another user, the other user prevents access to the owner information. be able to. This can prevent other users from obtaining the owner information. In addition, when the driver is the owner of the vehicle, the owner information can be automatically accessed, so to speak, so that the convenience of the owner can be secured.

Further, in the present embodiment, when it is determined that the electronic key 200 is inside the vehicle, the driver in the vehicle is specified using the identification ID of the electronic key 200. Since the electronic key 200 determines whether or not the driver is the owner, it is possible to easily identify the driver. Further, by properly managing the electronic key 200 by the owner, access to the owner information can be easily restricted.

Further, in the present embodiment, in the permission mode, the DCM 20 is permitted to transmit the owner information to the outside. Therefore, when the driver is the owner, the owner information such as login information that the driver wants to use can be transmitted to the outside. This can improve convenience.

Further, in the present embodiment, in the permission mode, access to the setting information is permitted. Therefore, when the driver is the owner, the driver can travel in the set travel mode. This allows the owner to drive in the desired driving mode. Conversely, for example, when the vehicle is rented to a third party, it is possible to prevent the vehicle from being driven by a third party in a traveling mode in which the load on the vehicle is large.

Further, in the present embodiment, in the permission mode, storage of the traveling distance in the integrated information is permitted. This allows the owner to receive a discount service of the insurance company based on the mileage driven by the self-confidence.

Further, in the present embodiment, the storage of the travel history in the history information is permitted in the permission mode. As a result, the owner can receive the discount service of the insurance company based on the driving history driven by the self-confidence.

(Other embodiments)
Although the preferred embodiments of the present disclosure have been described above, the present disclosure is not limited to the above-described embodiments and can be variously modified and implemented without departing from the gist of the present disclosure.

The structures of the above-described embodiments are merely examples, and the scope of the present disclosure is not limited to the scope of these descriptions. The scope of the present disclosure is shown by the description of the claims, and includes meaning equivalent to the description of the claims and all modifications within the scope.

In the above-described first embodiment, the specifying unit 123 uses the electronic key 200, but the specification is not limited to specifying the driver using the electronic key 200. The identifying unit 123 may capture an image of the driver sitting in the driver's seat by using, for example, an image recognition device, and identify whether or not the driver is the owner. The identifying unit 123 may identify the driver using biometrics.

In the above-described first embodiment, the specifying unit specifies whether or not the driver is the owner of the vehicle, but the present invention is not limited to such a configuration. The identifying unit may allow the driver to identify an owner, a close relative, a third party, or an individual user. When the identified driver is the user stored in the vehicle storage unit, the permission mode may be set to permit access to the user information corresponding to the identified user. With this, when the driver is a third party, it is possible to set the permission mode in which the access to the user information unique to the user is permitted. Further, in this way, when the driver is a third party, the traveling ability of the vehicle can be set uniquely to the user.

In the above-described first embodiment, the information management system is realized by using the configuration of the vehicle system 10, but the configuration is not limited to such a configuration. The information management system may be a system partially or wholly different from the vehicle system 10, and for example, the in-vehicle communication unit 183 may use a communication device dedicated to the information management system.

In the first embodiment described above, the vehicle storage unit 130 is provided in the authentication ECU 110, but the configuration is not limited to this. The vehicle storage unit 130 may be provided in another ECU, for example, the engine ECU 17 and the body ECU 18, or may be distributed and stored in a plurality of ECUs. For example, when vehicle storage unit 130 is provided in engine ECU 17 and body ECU 18, permission unit 125 is preferably arranged in the same ECU.

10...Vehicle system (information management system) 20...DCM (vehicle communication device)
100... In-vehicle device 110... Authentication ECU 121... Authentication part 122... Travel control part 123... Specification part 124... Position determination part 125... Permit part 130... Vehicle storage part 180... Vehicle outside communication part (vehicle side communication part) 183... In-vehicle communication Department (vehicle side communication department)
200... Electronic key 210... Key receiving unit 220... Key transmitting unit 230... Key control unit 240... Key storage unit

Claims (6)

An information management system (10) for managing access right to information stored in a vehicle, comprising:
A vehicle storage unit (130) mounted on the vehicle, corresponding to a plurality of users of the vehicle, and storing user information regarding each user for each user;
A specifying unit (123) for specifying a driver in the vehicle,
When the driver specified by the specifying unit is a user stored in the vehicle storage unit, a permission unit (125) for controlling the permission mode to permit access to the user information corresponding to the specified user. And an information management system including. The information management system according to claim 1, comprising an electronic key (200) and an in-vehicle device (100),
The electronic key is
A key receiving unit (210) for receiving a signal from the in-vehicle device,
A key transmission unit (220) for transmitting a signal to the in-vehicle device,
A key storage unit (240) in which identification information for identifying the electronic key is stored,
A key control unit (230) for controlling the operation of the electronic key,
The vehicle-mounted device includes the vehicle storage unit, the specification unit, and the permission unit, and
A vehicle-side communication unit (180, 183) that transmits and receives signals to and from the electronic key;
A position determination unit (124) for determining whether or not the electronic key is in a vehicle by using transmission and reception of a signal with the electronic key,
The identifying unit identifies the driver in the vehicle by using the identification information of the electronic key received by the vehicle-side communication unit when the position determining unit determines that the electronic key is inside the vehicle. The information management system according to claim 1. A vehicle communication device (20) mounted on the vehicle, for transmitting information stored in the vehicle storage unit to the outside of the vehicle storage unit;
The information management system according to claim 1, wherein the permission unit permits transmission of the user information permitted to be accessed by the vehicle communication device to the outside in the permission mode. The information management system according to any one of claims 1 to 3, wherein each of the user information includes setting information for setting a traveling ability of the vehicle unique to the user. The user information includes accumulated information indicating a mileage when the vehicle is driven for each user as information for provision to an insurance company,
The information management system according to claim 3, wherein in the permission mode, the permission unit permits storage of the traveling distance in the integrated information included in the user information for which access is permitted. Each of the user information includes history information indicating a traveling history when driving the vehicle for each user as information for provision to an insurance company,
The information management system according to claim 3 or 5, wherein the permission unit permits storage of a travel history in the history information included in the user information for which access is permitted in the permission mode.

Images