SAT: Situation Aware Trust Architecture for Vehicular Networks Xiaoyan Hong, Univ of Alabama Dijiang Huang, Arizona State Univ Mario Gerla, UCLA Zhen Cao,

Slides:

Advertisements

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.

Advertisements

V2V applications: End to end or broadcast-based? Panel VANET 2007, Sept 10, 2007 Mario Gerla Computer Science Dept, UCLA

Thomas S. Messerges, Ezzat A. Dabbish Motorola Labs Shin Seung Uk.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Driver Behavior Models NSF DriveSense Workshop Norfolk, VA Oct Mario Gerla UCLA, Computer Science Dept.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

PKE PP Mike Henry Jean Petty Entrust CygnaCom Santosh Chokhani.

Secure Socket Layer.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

Grid Security. Typical Grid Scenario Users Resources.

HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.

Encryption and Firewalls Chapter 7. Learning Objectives Understand the role encryption plays in firewall architecture Know how digital certificates work.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

Principles of Information Security, 2nd edition1 Cryptography.

Mobility of agents and its impact on data harvesting in VANET Kang-Won Lee IBM T. J. Watson Research 7/31/20071 NSF Workshop – Mobility in Wireless Networks.

Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.

May 22, 2002 Joint Operations Group Discussion Overview Describe the UC Davis Security Architecture Describe Authentication Efforts at UC Davis Current.

Certificateless encryption and its infrastructures Dr. Alexander W. Dent Information Security Group Royal Holloway, University of London.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Cryptographic Technologies

Information Resources and Communications University of California, Office of the President UCTrust Implementation Experiences David Walker, UCOP Albert.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

TEMPLATE DESIGN © Privacy Issues of Vehicular Ad-hoc Networks (VANETs) Hang Dok and Ruben Echevarria Advisor: Dr. Huirong.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

National VII Architecture – Data Perspective Michael Schagrin ITS Joint Program Office US Department of Transportation TRB 2008 Annual Meeting Session.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Cryptography, Authentication and Digital Signatures

SAFESPOT – Local Dynamic Maps for Cooperative Systems April, 12th 2007, CRF – SP2 Infrasens meeting 1 Local dynamic maps in cooperative systems IP - “Smart.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Privacy Communication Privacy Confidentiality Access Policies Systems Crypto Enforced Computing on Encrypted Data Searching and Reporting Fully Homomorphic.

A Security Architecture Concept for Vehicular Network Nodes 蔡嘉翔許閔傑.

New Cryptographic Techniques for Active Networks Sandra Murphy Trusted Information Systems March 16, 1999.

PORSCHA PORSCHA : POLICY ORIENTED SECURE CONTENT HANDLING IN ANDROID Machigar Ongtang, Kevin Butler, Patrick McDaniel Dhurakij Pundit University, University.

SAFESPOT Project Kick off Meeting February 16 th and 17 th 2006 Rome 1 Integrated Project Co-operative Systems for Road Safety “Smart Vehicles on Smart.

1. 2 Overview In Exchange security is managed by assigning permissions in Active Directory Exchange objects are secured with DACL and ACEs Permissions.

Encryption No. 1  Seattle Pacific University Encryption: Protecting Your Data While in Transit Kevin Bolding Electrical Engineering Seattle Pacific University.

A Data Intensive Reputation Management Scheme for Vehicular Ad Hoc Networks Anand Patwardhan, Anupam Joshi, Tim Finin, and Yelena Yesha Anand Patwardhan.

Security Many secure IT systems are like a house with a locked front door but with a side window open -somebody.

DIGITAL SIGNATURE.

Group-based Source Authentication in VANETs You Lu, Biao Zhou, Fei Jia, Mario Gerla UCLA {youlu, zhb, feijia,

Timothy Putprush Baltimore, MD September 30, 2009 Federal Emergency Management Agency (FEMA) Integrated Public Alert and Warning System Presentation to.

Fall, Privacy&Security - Virginia Tech – Computer Science Click to edit Master title style Cryptographic Security Identity-Based Encryption.

1 Kerberos n Part of project Athena (MIT). n Trusted 3rd party authentication scheme. n Assumes that hosts are not trustworthy. n Requires that each client.

M2M Service Layer – DM Server Security Group Name: OMA-BBF-oneM2M Adhoc Source: Timothy Carey, Meeting Date:

VANETs. Agenda System Model → What is VANETs? → Why VANETs? Threats Proposed Protocol → AOSA → SPCP → PARROTS Evaluation → Entropy → Anonymity Set → Tracking.

SAT: Situation Aware Trust Architecture for Vehicular Networks Xiaoyan Hong, Univ of Alabama Dijiang Huang, Arizona State Univ Mario Gerla, UCLA Zhen Cao,

Online/Offline Attribute-Based Encryption Brent WatersSusan Hohenberger Presented by Shai Halevi.

VEHICULAR AD HOC NETWORKS GAURAV KORDE KAPIL SHARMA.

6.033 Quiz3 Review Spring How can we achieve security? Authenticate agent’s identity Verify the integrity of the request Check the agent’s authorization.

 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.

Security Outline Encryption Algorithms Authentication Protocols

Connected Vehicle Deployment – DfT perspective

ASSET - Automotive Software cyber SEcuriTy

Adaptable safety and security in v2x systems

You Lu, Zhiyang Wang, Yu-Ting Yu, Mario Gerla

Technical Approach Chris Louden Enspier

Module 2 OBJECTIVE 14: Compare various security mechanisms.

Developing Vehicular Data Cloud Services in the IoT Environment

Security Mechanisms Network Security.

Presentation transcript:

SAT: Situation Aware Trust Architecture for Vehicular Networks Xiaoyan Hong, Univ of Alabama Dijiang Huang, Arizona State Univ Mario Gerla, UCLA Zhen Cao, UCLA

Vehicular Networking Apps Safe navigation: ◦ Forward collision warning ◦ Advisories to other vehicles: ice on bridge, congestion ahead, etc Potholes Forward Collision Warning Non safety applications ◦ Traffic monitoring (with navigator) ◦ Pollution probing ◦ Pavement conditions (e.g., potholes) ◦ Content distribution ◦ Urban surveillance Primary security goals: ◦ Message integrity and authentication ◦ Detect misuse by naïve or malicious drivers. ◦ Guarantee message sender privacy

Existing Trust in Vehicle Nets Hey buddy, traffic ahead Entity Trust Are you serious? -origin integrity -data integrity Hey buddy, traffic ahead Are you serious? -data evaluation -decision on event Data Trust Not adaptive to situation changes. Mostly a reactive approach Can we be more proactive ??

Situation Aware Trust for VANETs Are you kidding? I am on a country road Hey buddy, traffic ahead Key properties: protective and predictive building of cryptographic foundation for trustworthy exchange  Proactive approach: set trust/security parameters ahead of time (secure key, unique waveform, etc)  Reduce on-line security/trust verification time  Enable security/trust in exceptional situations

How to become Situation Aware? timeplace affiliation Attribute based Trust Situation elements are encode into attributes Static attributes (affiliation) Dynamic attributes (time and place) …… Dynamic attributes can be predicted Proactive Trust establish trust in advance predict based on mobility and location service Attributes bootstrapped by social networks Social Trust Bootstrap initial trust Transitive trust relations Situation ? An attribute based situation example: Yellow Cab AND Taxi AND Seattle Street AND 10-11pm 8/22/08

Security on attribute and policy group burden is on receiver - must update private key every hour/street?? A driver wants to alert taxi of companyA on Washington Street between 10-11am that there was an accident somewhere nearby Extension of Attribute based Encryption (ABE) scheme [IEEE S&P 07] to incorporate dynamic access tree Attribute (companyA AND taxi AND Washington St. AND 10-11am) Extended ABE Module Ciphertext Signature plaintext Receivers who satisfy those encoded attributes (have the corresponding private key) can decrypt the message

Attribute based encryption Zheng, can you please use a graphic vignette to show operation of ABE Say KSP function (KSP?) ABE like PKI, but no need for central authority, etc

8 Attributed-Based Encryption(ABE)  Encrypt Data with descriptive “Attributes”  Users Private Keys reflect Decryption Policies  Based on Identity based Encryption and Secret Sharing, not need for credentials as long as the attributed based policy is known master-key CA/PKG Authority is offline Encrypt w/attributes

9 Access Control via Situation-aware Policy Tree PK=Public Key MSK= Master Secret Key SK Sarah : “companyA” “10:30am” “Washtington St.” SK Kevin : “companyA” “10: 20 am” “Westwood” AND companyA AND amWashington St.    Sandra the sender Authority

SAT Architecture: supporting situation awareness SAT Architecture: supporting situation awareness SAT layer Perception: communicate & sense environments Comprehension: extract & aggregate situations Projection: predict & create action profiles Assessment: evaluate and adjust trust situations Supporting and trust layer (STL) Security primitive Comm. primitive Portal manage

Social Trust Model How are you? People like to socialize Social trust is amplifier In case of infrastructure failure, e.g., messenger is blocked by traffic Social network help maintain trust ◦ People gang up into communities ◦ Elected Leader is M A STER and constructs policy group (ie, Attribute Tree associated to group) ◦ Mobile users are situation aware ◦ ABE based Authenticate and encrypt Future work: ◦ How to establish social networks securely (eg authentication of social graph update information) ◦ How to incoporate social relations to SAT: social network provides dynamic attributes in the policy tree.

Summary Situation Aware Trust Architecture ◦ Handles dynamic attribute tree based on situation assessment SAT architecture components ◦ Attribute based trust ◦ Proactive trust ◦ Social trust ◦ Architecture enabling the model. Contribution to VANET: mobile proactive security for trustworthy communication! Future work: Performance Evaluation of the proposed scheme via simulation and testbed experiments

Thanks for your attention Do NOT rent a cab without SAT