Presentation is loading. Please wait.

Presentation is loading. Please wait.

Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of."— Presentation transcript:

1 Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of Maryland, College Park, USA J-P. hubaux, EPFL, Lausanne, Switzerland Presentor: Guo Yu Lu

2 Outline  Introduction  Security Requirements  System Model  Communication Model  Adversary Model  Design Principles

3 What is VANET ?

4

5 What is VANET Vehicular Ad–Hoc Network, or VANET  a form of Mobile ad-hoc network  provide communication - among nearby vehicles - between vehicles - nearby fixed equipment

6 Introduction  How vehicular communications work - road-side infrastructure units (RSUs), named network nodes, are equipped with on-board processing and wireless communication modules

7 How vehicular communications work (Continue) - vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication will be possible

8

9 What can VANET provide ?

10 Warnings!!!

11

12 traffic and road conditions

13

14

15

16 What can VANET provide The VANET can provide  Safety  Efficiency  Traffic and road conditions  Road signal alarm  Local information

17 Related work Research have been worked  Outline challenges for VANET - availablility, mobility  Describe particular attacks -DoS, alteration attacks  Suggest solution towards attacks This paper provide a basis for the development of future vehicular security schemes

18 Security Requirements

19 SECURITY

20 Security Requirements 1. Message Authentication and Integrity 2. Message Non-Repudiation 3. Entity Authentication 4. Access Control Authorization 5. Message Confidentiality 6. Privacy and Anonymity 7. Availability 8. Liability Identification

21 Security Requirements  Message Authentication and Integrity - Message must be protected from any alteration  Message Non-Repudiation - The sender of a message cannot deny having sent a message  Entity Authentication - The receiver is ensured that the sender generated a message - The receiver has evidence of the liveness of the sender

22 Security Requirements  Access Control -determined locally by policies - authorization established what each node is allowed to do in the network  Message Confidentiality - the content of a message is kept secret from those nodes that are not authorized to access it

23 Security Requirements  Privacy and Anonymity - vehicular communication (VC) systems should not disclose any personal and private information of their users - any observers should not know any future actions of other nodes - anonymity may not be a reasonable requirement for all entities of the vehicular communications system

24 Security Requirements  Availability - protocols and services should remain operational even in the presence of faults, malicious or benign  Liability Identification - users of vehicles are liable for their deliberate or accidental actions that disrupt the operation of other nodes

25 System Model

26  Vehicular communications system - Users - Network nodes - Authorities

27 System Model Note. From “Securing Vehicular Communications – Assumptions, Requirements, and Principles,” by P. Papadimitratos, V. Gligor, J-P Hubaux, In Proceedings of the Workshop on Embedded Security in Cars (ESCAR) 2006, November 2006.

28

29 System Model  Users - user is the owner or the driver or a passenger of the vehicle  Network Nodes - processes running on computing platforms capable of wireless communication - Mounted on vehicles and road-side units (RSUs)

30 System Model  Authorities - public agencies or corporations with administrative powers - for example, city or state transportation authorities

31 System Model VC system operational assumptions 1. Authorities 2. Vehicle Identification and Credentials 3. Infrastructure Identification and Credentials 4. User Identification and Credentials 5. User and Vehicle Association 6. Trusted Components

32 System Model  Authorities - trusted entities or nodes - issuing and manage identities and credentials for vehicular network - establish two-way communication with nodes  Vehicle Identification and Credentials - unique identity V - a pair of private and public keys, k v and K V - certificate Cert X {K V, A V } issued by authority X - V denotes on-board central processing and communication module

33 System Model Note. From “Securing Vehicular Communications – Assumptions, Requirements, and Principles,” by P. Papadimitratos, V. Gligor, J-P Hubaux, In Proceedings of the Workshop on Embedded Security in Cars (ESCAR) 2006, November 2006.

34 System Model Infrastructure Identification and Credentials - unique identity I - a pair of private and public key k I and K I - certificate Cert Z {K I, A I } issued by authority Z - gateway to the authorities - gateway to the mobile vehicles - RSUs ’ locations are fixed - public vehicles -considered trustworthy -be used to assist security related operations

35 What are public vehicles ?

36

37 System Model  User identification and Credentials - Unique identity, U - a pair of private and public keys, k U and K U - Certificate Cert Y {K U, A U } issued by authority Y  User and Vehicle Association - user is the owner or the driver or a passenger of the vehicle - assume only one user can operate a vehicle - assume the user is the driver

38 System Model  Trusted Components (TCs) - nodes equipped with trusted components, i.e., built-in hardware and firmware - TCs enforce a policy on the interaction with the on-board software - Access to any information stored in the TCs and modification of their functionality can be done only by the interface provided by the TCs. - perform cryptographic operations with signature generations and verifications

39 Communication Model

40 Model the wireless communication in vehicular networks, whose connectivity can change frequently Focus mainly on the data link layer

41 Communication Model Data-link layer primitives and assumption  Send L (V,m) : transmits message m to node V within radius R of the transmitting node  Bcast L (m) : broadcasts message m to all nodes within radius R of the transmitting node  Receive L (m) : receives message m transmitted by a node within radius R of the receiver  A link (W,V) exists when two nodes W and V are able to communicate directly

42 Communication Model  Links are either up or down, and their state does not change faster than the transmission time of a single packet The network connectivity, at a particular instance in time. Modeled as the graph G the edges of which are all up links.  Transmissions from W are received by all nodes V such that (W, V i ) is up during the entire duration of the packet transmission Packets are delivered across an up link within a maximum link delay τ or they are not delivered at all.

43 Communication Model Communication across the network is dependent on  availability of sufficient resources  bandwidth - shared medium contend - bandwidth can fluctuate - unevenly distributed among neighbors - links may be congested

44 Communication Model Communication Radius, R  Vary over time  Different classes of nodes may operate with different R Multi-domain and Highly Volatile environment  Nodes are not bound to administrative and geographical boundaries  Any two or more nodes communicate independently

45 Communication Model Frequent Broadcast Communication  Most of the vehicular network traffic is Broadcasted at the network or application layers  Message are transmitted either periodically or triggered by network events  Transmission period is low Time-sensitive Communication  Message delivery can be constrained by deadlines - different messages have different delay requirements

46 Adversary Model

47 Network nodes - correct or benign - faulty or adversaries - external adversaries - Internal adversaries - active adversaries - passive adversaries

48 faulty is not always malicious!!!

49 Adversary Model Internal Active Adversaries  Multiple adversarial nodes - adversaries are independent - adversaries can collude - based on TCs, colluding adversaries are prevented from exchanging cryptographic material and credentials

50 Adversary Model Internal Active Adversaries (continue)  non-adaptive adversary  Adversarial nodes are fixed  adaptive adversary  Adversarial nodes change over time  Computationally bounded adversary  adversaries are computationally limited - limited resources and computational power - the knowledge of an adversary is limited - memory finite

51 Design Principles  Default Network Access  Locality and Timeliness as Privileges  Visibility of Events  Mandated (non-circumventable) Mediation  Accountability  Vehicle Autonomy  Separation of Privilege  Non-frameability  Stage Response to Faulty Behavior  Reconfigurability  Privacy Conservation  Usability

52 Questions / Comments

Download ppt "Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of."

Similar presentations

Chris Karlof and David Wagner

Chris Karlof and David Wagner
Operating System Security

Operating System Security
Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.

Security by Design A Prequel for COMPSCI 702. Perspective “Any fool can know. The point is to understand.” - Albert Einstein “Sometimes it's not enough.
Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.

Denial of Service in Sensor Networks Anthony D. Wood and John A. Stankovic.
Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.

Self-Organized Anonymous Authentication in Mobile Ad Hoc Networks Julien Freudiger, Maxim Raya and Jean-Pierre Hubaux SECURECOMM, 2009.
Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, 2010. ICWCSC 2010. International.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.
 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.

 Introduction  Benefits of VANET  Different types of attacks and threats  Requirements and challenges  Security Architecture  Vehicular PKI.
Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.

Securing Vehicular Communications Author : Maxim Raya, Panos Papadimitratos, and Jean-Pierre Hubaux From : IEEE Wireless Communications Magazine, Special.
Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.

Information Security 1 Information Security: Security Tools Jeffy Mwakalinga.
Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL 6788 11.

Security and Privacy Issues in Wireless Communication By: Michael Glus, MSEE EEL
Authentication in Mobile Ad-hoc Network (MANET) Student Ståle Jonny Berget Superviser Chik How Tan.

Authentication in Mobile Ad-hoc Network (MANET) Student Ståle Jonny Berget Superviser Chik How Tan.
Mini-Project 2007 On Location Privacy in Vehicular Mix-Networks Julien Freudiger IC-29 Self-Organised Wireless and Sensor Networks Tutors: Maxim Raya Márk.

Mini-Project 2007 On Location Privacy in Vehicular Mix-Networks Julien Freudiger IC-29 Self-Organised Wireless and Sensor Networks Tutors: Maxim Raya Márk.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
overview Motivation Ongoing research on VANETs Introduction Objectives Applications Possible attacks Conclusion.

overview Motivation Ongoing research on VANETs Introduction Objectives Applications Possible attacks Conclusion.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.

An Authentication Service Based on Trust and Clustering in Wireless Ad Hoc Networks: Description and Security Evaluation Edith C.H. Ngai and Michael R.
Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.

Dept. of Computer Science & Engineering, CUHK1 Trust- and Clustering-Based Authentication Services in Mobile Ad Hoc Networks Edith Ngai and Michael R.
Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.

Security & Efficiency in Ad- Hoc Routing Protocol with emphasis on Distance Vector and Link State. Ayo Fakolujo Wichita State University.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.

Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Safeguarding Wireless Service Access Panos Papadimitratos Electrical and Computer Engineering Virginia Tech.

Safeguarding Wireless Service Access Panos Papadimitratos Electrical and Computer Engineering Virginia Tech.

Similar presentations

Ads by Google