A Security Architecture Concept for Vehicular Network Nodes 69821063 蔡嘉翔 69821058 許閔傑.

Slides:

Advertisements

Similar presentations

Wenmao Liu Harbin Institute of Technology China. Outline ITS & VANETs Security Issues and Solutions An autonomous architecture Conclusion.

Advertisements

Internet Protocol Security (IP Sec)

Akshat Sharma Samarth Shah

Chapter 19: Network Management Business Data Communications, 5e.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography and Network Security

Secure Communication Architectures.

Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.

Symmetric Key Infrastructure Karel Masarik, Daniel Cvrcek Faculty of Information Technology Brno University of Technology

Chapter 19: Network Management Business Data Communications, 4e.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

Trust Establishment in Pervasive Grid Environments Syed Naqvi, Michel Riguidel TÉLÉCOM PARIS ÉNST É cole N ationale S upérieur des T élécommunications.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.

Rational Unified Process Workflows. The Rational Unified Process.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.

Trust Level Based Self-Organized Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi 12/3/2002.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

MJ10/07041 Session 10 Accounting, Security Management Adapted from Network Management: Principles and Practice © Mani Subramanian 2000 and solely used.

InVANET(Intelligent Vehicular Ad Hoc Network

Design of Efficient and Secure Multiple Wireless Mesh Network Speaker: Hsien-Pang Tsai Teacher: Kai-Wei Ke Date: 2005/06/28.

An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.

Abstraction and Control of Transport Networks (ACTN) BoF

Designing Security In Web Applications Andrew Tomkowiak 10/8/2013 UW-Platteville Software Engineering Department

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

Introduction to Vehicular Cloud Computing

Privacy Issues in Vehicular Ad Hoc Networks.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

SAT: Situation Aware Trust Architecture for Vehicular Networks Xiaoyan Hong, Univ of Alabama Dijiang Huang, Arizona State Univ Mario Gerla, UCLA Zhen Cao,

On P2P Collaboration Infrastructures Manfred Hauswirth, Ivana Podnar, Stefan Decker Infrastructure for Collaborative Enterprise, th IEEE International.

SAFESPOT – Local Dynamic Maps for Cooperative Systems April, 12th 2007, CRF – SP2 Infrasens meeting 1 Local dynamic maps in cooperative systems IP - “Smart.

PRIVACY PRESERVING SOCIAL NETWORKING THROUGH DECENTRALIZATION AUTHORS: L.A. CUTILLO, REFIK MOLVA, THORSTEN STRUFE INSTRUCTOR DR. MOHAMMAD ASHIQUR RAHMAN.

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.

Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.

Hao Wang Computer Sciences Department University of Wisconsin-Madison Authentication and Authorization.

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

Chapter 9 Networking & Distributed Security. csci5233 computer security & integrity (Chap. 9) 2 Outline Overview of Networking Threats Wiretapping, impersonation,

Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.

出處 :2010 2nd International Conference on Signal Processing Systems (ICSPS) 作者 :Zhidong Shen 、 Qiang Tong 演講者 : 碩研資管一甲吳俊逸.

An analysis of Skype protocol Presented by: Abdul Haleem.

ECE509 Cyber Security : Concept, Theory, and Practice Key Management Spring 2014.

Vehicular Cloud Networking: Architecture and Design Principles

O.C.E.A.N Open Computation Exchange and Auctioning Network.

Introduction to Grids By: Fetahi Z. Wuhib [CSD2004-Team19]

Black-Burst-Based Multihop Broadcast Protocols for Vehicular Networks Gökhan Korkmaz, Eylem Ekici, and Füsun Özgüner Member, IEEE IEEE TVT 2007.

CLOUD COMPUTING WHAT IS CLOUD COMPUTING?  Cloud Computing, also known as ‘on-demand computing’, is a kind of Internet-based computing,

Basic Security Cor Loef Philips Medical Systems Co-Chair IHE Radiology Technical Committee.

Eyal Hamo Berry Shnaider בס " ד 1.

Fast Transmission to Remote Cooperative Groups: A New Key Management Paradigm.

@Yuan Xue CS 285 Network Security Placement of Security Function and Security Service Yuan Xue Fall 2013.

Communication Protocol Engineering Lab. VANET-cloud : a generic cloud computing model for vehicular ad hoc networks IEEE Wireless Communications February.

Indian Institute Of Technology, Delhi Page 1 Enhancements in Security, Performance Modeling and Optimization in Vehicular Networks Ashwin Rao 2006SIY7513.

Key management issues in PGP

Presented by Edith Ngai MPhil Term 3 Presentation

Hybrid Cloud Architecture for Software-as-a-Service Provider to Achieve Higher Privacy and Decrease Securiity Concerns about Cloud Computing P. Reinhold.

Public Key Infrastructure

Install AD Certificate Services

Mathias Johanson, Jonas Jalminger Boel Nelson, Tomas Olovsson

Developing Vehicular Data Cloud Services in the IoT Environment

Presentation transcript:

A Security Architecture Concept for Vehicular Network Nodes 蔡嘉翔許閔傑

Outline INTRODUCTION SERVICES AND SECURITY REQUIREMENTS IN VEHICULAR NETWORKS A.Services and Applications Platform Services: VANET Services: B.Categories of Security Requirements Service Security: Communication Security: System Security: Privacy: SECURITY ARCHITECTURE SETUP A.In-Vehicle System Outline B.Security in the Communication Stack C.Integration of Security – Security API and Security Module D.Supporting Backend Security Functionalities CONCLUSION

INTRODUCTION(1/2) Vehicular Network - address the security requirements -how to set up and implement the security architecture in a node take into account -Fully decentralized services -centralized Telematics services relying on a server infrastructure privacy management has to be integrated into the node architecture to be effective

INTRODUCTION(2/2) A very importantrequirement for the success of future Vehicular Networks reliability security trustability Vehicular Networks used in this paper includes Vehicular Ad Hoc Networks (VANETs) from a vehicle using e.g cellular networks to a dedicatedserver Separation of centralized and distributed communication is reflected in the different security requirements for the related services and the communication itself

SERVICES AND SECURITY REQUIREMENTS IN VEHICULAR NETWORKS Platform Services Services provisioned by a dedicated server infrastructure VANET Services decentralized ad hoc services primarily using broadcast Based information dissemination

Platform Services - a dedicated service infrastructure with at least one content server inthe backend -need a subscription and has to be registered at the so called Control Center - access the services through Telematics Control Unit (TCU) - centralized management in the backend - The focus of these services is safety, infotainment services Example up-to-date traffic information, warning messages, parking information; any service making travelling more safe and enjoyable is imaginable

VANET Services ad hoc communication technology distribute safety messages like collision warnings, traffic status information,and danger warnings, not relying on, any infrastructure in relation to the content. supporting infrastructure like gateway nodes an additional commercial service portfolio is thinkable

Service Security Different services need different security mechanisms platform services & bill VANET services distributive nature of the services

Communication Security To set up an encrypted and authenticated communication relation a session management is needed to authenticate the peers, negotiate the secret keys, and exchange authenticated content.

System Security everything else is based on the system setup most TCUs will host both service categories, their respective requirements need to be fulfilled on the same system a single trust basis needs to be defined, all nodes will obtain credentials and certificates reflecting the trust

Privacy different messages sent by the same node can be linked with each other users are unlikely willing to participate in a system breaching their privacy The demand for privacy has implications for the whole system setup

SECURITY ARCHITECTURE SETUP A.In-Vehicle System Outline B.Security in the Communication Stack C.Integration of Security – Security API and Security Module D.Supporting Backend Security Functionalities

A.In-Vehicle System Outline Interfaces,communication, services, Human-Machine Interface(HMI) GPRS,UMTS,DAB,DVB,RD S,TMC the requirement for a secured overall system calls for a hardware security implementation

B.Security in the communication stack Specific for this security layer is the secure communications engine, which is managing the security sessions of the node.

B.Security in the communication stack To provide privacy effectively, the whole system architecture has to be evaluated and included in the privacy concept

C.Integration of Security – Security API and Security Module a security software API a hardware security module referred to as Security Module. This is the only way to sufficiently secure credentials,certificates, and key material on a platform being used in the field.

D.Supporting Backend Security Functionalities A PKI is used to install trust in the system. The PKI actors provide certificates and credentials to trusted network nodes and revoke compromised certificates.

CONCLUSION The security of the in-vehicle platform will be based on a hardware security module like a Trusted Platform Module (TPM). Security is one of the important factors for the success of future vehicular networks,hence, its integration into the system has to be done very carefully making it an integral part of the system.