Vehicular Public Key Infrastructure Scalability

Slides:



Advertisements
Similar presentations
Wenmao Liu Harbin Institute of Technology China. Outline ITS & VANETs Security Issues and Solutions An autonomous architecture Conclusion.
Advertisements

Windows® Deployment Services
Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
High throughput chain replication for read-mostly workloads
By Ram Gopal, Alex Audu, Chaoping Wu, Hormuzd Khosravi Forwarding and Control Element Protocol (FACT)
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
BILL WHITE Presents… VEHICULAR NETWORKING: A SURVEY AND TUTORIAL ON REQUIREMENTS, ARCHITECTURES, CHALLENGES, STANDARDS, AND SOLUTIONS GEORGIO KARAGIANNIS.
ECS and LDAP Karen Krivaa Product Marketing Manager.
8.
6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.
overview Motivation Ongoing research on VANETs Introduction Objectives Applications Possible attacks Conclusion.
Overview Distributed vs. decentralized Why distributed databases
Public Key Distribution and X.509 Wade Trappe. Distribution of Public Keys There are several techniques proposed for the distribution of public keys:
Emerging Research Dimensions in IT Security Dr. Salar H. Naqvi Senior Member IEEE Research Fellow, CoreGRID Network of Excellence European.
Word Wide Cache Distributed Caching for the Distributed Enterprise.
ETSI TC ITS WG5 STANDARDIZATION ACTIVITIES ETSI ITS Workshop 2011.
Safety support in the automotive industry Jacob Bangsgaard Director of External Affairs and Communications 1st Annual International Conference on ICTs.
2/1/00 Porcupine: a highly scalable service Authors: Y. Saito, B. N. Bershad and H. M. Levy This presentation by: Pratik Mukhopadhyay CSE 291 Presentation.
Exercises for Chapter 2: System models
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 22 – Internet Authentication.
1 Emergency Alerts as RSS Feeds with Interdomain Authorization Filippo Gioachin 1, Ravinder Shankesi 1, Michael J. May 1,2, Carl A. Gunter 1, Wook Shin.
Europe's work in progress: quality of mHealth Pēteris Zilgalvis, J.D., Head of Unit, Health and Well-Being, DG CONNECT Voka Health Community 29 September.
Advanced Computer Networks Topic 2: Characterization of Distributed Systems.
Translate tech terms into plain English. ?
Presented by: Defense Manpower Data Center Access Card Office
VANETs. Agenda System Model → What is VANETs? → Why VANETs? Threats Proposed Protocol → AOSA → SPCP → PARROTS Evaluation → Entropy → Anonymity Set → Tracking.
Eyal Hamo Berry Shnaider בס " ד 1.
ETSI TC ITS Status on Standardization Martin ARNDT ETSI ESP © ETSI All rights reserved M2M Market and Technology Opportunities
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
Grid Services for Digital Archive Tao-Sheng Chen Academia Sinica Computing Centre
Delay Tolerant Network (DTN) Security Key Management Design Alternatives IETF94 DTN Working Group November 3, 2015 Fred L. Templin
Overview Issues in Mobile Databases – Data management – Transaction management Mobile Databases and Information Retrieval.
Communication Protocol Engineering Lab. VANET-cloud : a generic cloud computing model for vehicular ad hoc networks IEEE Wireless Communications February.
Digital Single Market Valentinas KVIETKUS Baltic Assembly, Ryga
Indian Institute Of Technology, Delhi Page 1 Enhancements in Security, Performance Modeling and Optimization in Vehicular Networks Ashwin Rao 2006SIY7513.
SPaT Challenge Overview and Execution
Presented by Edith Ngai MPhil Term 3 Presentation
Replication & Fault Tolerance CONARD JAMES B. FARAON
Resource subscription using DDS in oneM2M
Grid Computing Security Mechanisms: the state-of-the-art
VANET.
The ITU-T X.500 series and X.509 in a changing world
Transmission of IPv6 Packets over IEEE OCB Networks
ETHANE: TAKING CONTROL OF THE ENTERPRISE
Peer-to-peer networking
Adaptable safety and security in v2x systems
CSE 4340/5349 Mobile Systems Engineering
Muhammad Taqi Raza, Fatima Muhammad Anwar and Songwu Lu
R*: An Overview of the Architecture
Architecture of Parallel Computers CSC / ECE 506 Summer 2006 Scalable Programming Models Lecture 11 6/19/2006 Dr Steve Hunter.
Security in ebXML Messaging
Enterprise Service Bus (ESB) (Chapter 9)
Securing the Internet of Things: Key Insights and Best Practices Across the Industry Theresa Bui Revon IoT Cloud Strategy.
E-Commerce for Developing Countries (EC-DC)
Vehicular Ad-hoc Network Survey
HIMSS National Conference New Orleans Convention Center
Presenter: Adrian Scrase ETSI Chief Technical Officer (CTO)
Presenter: Adrian Scrase ETSI Chief Technical Officer (CTO)
Install AD Certificate Services
Motion-Aware Routing in Vehicular Ad-hoc Networks
Car-2-Car - A survey on CAM statistics
Peer-to-peer networking
Developing Vehicular Data Cloud Services in the IoT Environment
WS Standards – WS-* Specifications
Fourth ITU Workshop on Network 2030
March 2019 doc.: IEEE /0319r1 July 2019 An Empirical Model for the Realistic Generation of CAM in Vehicular Networks Date: Authors:
Update on BRSKI-AE – Support for asynchronous enrollment
Presentation transcript:

Vehicular Public Key Infrastructure Scalability Pierpaolo Cincilla

New Threats Vehicles communicate and cooperate Context New Complexity New Applications Lane Keeping Adaptive Cruise Control Entertainment

Increasing needs for Security and Privacy Context Increasing needs for Security and Privacy Share of connected vehicles (Cisco) Security technologies in vehicles Estimated market for connected cars (McKinsey 2014)

ITS Security (ISE) Project Context Start : July 2014 3 Years ITS Security (ISE) Project Context Vehicles Broadcasts / Geocasts information to neighbor vehicle dynamics info (position, speed, heading …) perception of dynamic environment In EU, ETSI defines the PKI as the basis of trust Challenges Build security infrastructure (PKI) Ensure scalability Validation in large scale scenario llllll

Roadside ITS-S gateway Architecture ISE Architecture Overview ETSI TS 103 097, TS 102 940/941 Roadside ITS-S gateway RSU ITS Service Center EA RCA PKI AA Backbone Network 3G/4G G5 llllll

ISE PKI Architecture Architecture RCA EA AA Operator Autorization Ticket (AT) Enrollment Certificate (EC) ITS-S

Protocol EC and AT request protocol register EC AT

Centralized PKI Deployement Millions of ITSs, billions of (pseudonyms) identities We must ensure the system scalability A centralized system will saturate at some point llllll

Replicated PKI Deployement We need to distribute the system Group communication channel EA Operators AA AA WS AA WS WS ITS-S

Replicated PKI Deployement Distributed system performances Replication implications Authorization Tickets (reads) performance improve Enrollment Tickets (writes) performance worsen llllll

Replicated PKI Deployement To boost the writes…Trade consistency! Synchronous vs asynchronous updates propagation (Local vs Global) Database operation’s execution order (FIFO vs ABCAST) AA Communication channel EA Operator WS llllll

Replicated PKI Deployement Update Propagation Strong consistency: synchronous propagation Operator Register ITS EA WS ACK Communication channel

Replicated PKI Deployement Update Propagation Strong consistency: synchronous propagation Weak consistency: asynchronous propagation Operator Register ITS EA WS ACK Communication channel llllll

Replicated PKI Deployement Operation Execution Order Operators Strong consistency: Atomic Broadcast (ABCAST) Update brown ITS Register red ITS Set all SSP Register brown ITS EA WS x y z t y z x t y z x t ABCAST Communication channel y z x t llllll

Replicated PKI Deployement Operation Execution Order Operators Strong consistency: Atomic Broadcast (ABCAST) Weak consistency: First In First Out (FIFO) Update brown ITS Register red ITS Set all SSP Register brown ITS EA WS y z t x x y z t y z t x FIFO Communication channel y z x t llllll

Replicated PKI Deployement Weak consistency performances llllll

Geographic Replication EA AA IP Operator ITS-S Group Communication

Geographic Replication Big Latency IP Group Communication AA EA Operator ITS-S

10 100 IP Base case: 10 AA in US 10 AA and 10 EA in EU Group communication 10 AA in US and 10 EA in Europe Base case: 10 AA and 10 EA in EU IP Group Communication 10 100

Geographic Replication The idea: replicate EAs (and their storage) Small Latency EA EA Operator AA IP Big Latency Group Communication

Geographic Replication IP Group communication 10 AA in US and 10 EA in Europe IP Group Communication 10 AA and 10 EA in US 100 10

Geographic Replication Autorisation Ticket all settings 10 IP Group Communication 1 IP Group communication 2 IP Group Communication 3 llllll

Conclusion - Takeaway AT / EC Distributed Geographic Deployment Enrollment Cerificate weak consistency

AT Request format in SCMS EU

CAM Message Structure

DENM Message Structure

SAM Message Structure

Signed AT

US SCMS architecture

US SCMS architecture PCs provisioning steps

Certificates validity period in SCMS US.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.