Presentation is loading. Please wait.

Presentation is loading. Please wait.

A Security Architecture Concept for Vehicular Network Nodes 69821063 蔡嘉翔 69821058 許閔傑.

Published byCamron Mathews Modified over 9 years ago

Similar presentations

Presentation on theme: "A Security Architecture Concept for Vehicular Network Nodes 69821063 蔡嘉翔 69821058 許閔傑."— Presentation transcript:

1 A Security Architecture Concept for Vehicular Network Nodes 69821063 蔡嘉翔 69821058 許閔傑

2 Outline INTRODUCTION SERVICES AND SECURITY REQUIREMENTS IN VEHICULAR NETWORKS A.Services and Applications Platform Services: VANET Services: B.Categories of Security Requirements Service Security: Communication Security: System Security: Privacy: SECURITY ARCHITECTURE SETUP A.In-Vehicle System Outline B.Security in the Communication Stack C.Integration of Security – Security API and Security Module D.Supporting Backend Security Functionalities CONCLUSION

3 INTRODUCTION(1/2) Vehicular Network - address the security requirements -how to set up and implement the security architecture in a node take into account -Fully decentralized services -centralized Telematics services relying on a server infrastructure privacy management has to be integrated into the node architecture to be effective

4 INTRODUCTION(2/2) A very importantrequirement for the success of future Vehicular Networks reliability security trustability Vehicular Networks used in this paper includes Vehicular Ad Hoc Networks (VANETs) from a vehicle using e.g cellular networks to a dedicatedserver Separation of centralized and distributed communication is reflected in the different security requirements for the related services and the communication itself

5 SERVICES AND SECURITY REQUIREMENTS IN VEHICULAR NETWORKS Platform Services Services provisioned by a dedicated server infrastructure VANET Services decentralized ad hoc services primarily using broadcast Based information dissemination

6 Platform Services - a dedicated service infrastructure with at least one content server inthe backend -need a subscription and has to be registered at the so called Control Center - access the services through Telematics Control Unit (TCU) - centralized management in the backend - The focus of these services is safety, infotainment services Example up-to-date traffic information, warning messages, parking information; any service making travelling more safe and enjoyable is imaginable

7 VANET Services ad hoc communication technology distribute safety messages like collision warnings, traffic status information,and danger warnings, not relying on, any infrastructure in relation to the content. supporting infrastructure like gateway nodes an additional commercial service portfolio is thinkable

8 Service Security Different services need different security mechanisms platform services & bill VANET services distributive nature of the services

9 Communication Security To set up an encrypted and authenticated communication relation a session management is needed to authenticate the peers, negotiate the secret keys, and exchange authenticated content.

10 System Security everything else is based on the system setup most TCUs will host both service categories, their respective requirements need to be fulfilled on the same system a single trust basis needs to be defined, all nodes will obtain credentials and certificates reflecting the trust

11 Privacy different messages sent by the same node can be linked with each other users are unlikely willing to participate in a system breaching their privacy The demand for privacy has implications for the whole system setup

12 SECURITY ARCHITECTURE SETUP A.In-Vehicle System Outline B.Security in the Communication Stack C.Integration of Security – Security API and Security Module D.Supporting Backend Security Functionalities

13 A.In-Vehicle System Outline Interfaces,communication, services, Human-Machine Interface(HMI) GPRS,UMTS,DAB,DVB,RD S,TMC the requirement for a secured overall system calls for a hardware security implementation

14 B.Security in the communication stack Specific for this security layer is the secure communications engine, which is managing the security sessions of the node.

15 B.Security in the communication stack To provide privacy effectively, the whole system architecture has to be evaluated and included in the privacy concept

16 C.Integration of Security – Security API and Security Module a security software API a hardware security module referred to as Security Module. This is the only way to sufficiently secure credentials,certificates, and key material on a platform being used in the field.

17 D.Supporting Backend Security Functionalities A PKI is used to install trust in the system. The PKI actors provide certificates and credentials to trusted network nodes and revoke compromised certificates.

18 CONCLUSION The security of the in-vehicle platform will be based on a hardware security module like a Trusted Platform Module (TPM). Security is one of the important factors for the success of future vehicular networks,hence, its integration into the system has to be done very carefully making it an integral part of the system.

Download ppt "A Security Architecture Concept for Vehicular Network Nodes 69821063 蔡嘉翔 69821058 許閔傑."

Similar presentations

Wenmao Liu Harbin Institute of Technology China. Outline ITS & VANETs Security Issues and Solutions An autonomous architecture Conclusion.

Wenmao Liu Harbin Institute of Technology China. Outline ITS & VANETs Security Issues and Solutions An autonomous architecture Conclusion.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
3SKey 3SKey.

3SKey 3SKey.
Akshat Sharma Samarth Shah

Akshat Sharma Samarth Shah
Chapter 19: Network Management Business Data Communications, 5e.

Chapter 19: Network Management Business Data Communications, 5e.
Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.
Cryptography and Network Security

Cryptography and Network Security
Secure Communication Architectures.

Secure Communication Architectures.
Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center 2014 www.know-center.at Security.

Gefördert durch das Kompetenzzentrenprogramm DI Alfred Wertner 19. September 2014 Ubiquitous Personal Computing © Know-Center Security.
Symmetric Key Infrastructure Karel Masarik, Daniel Cvrcek Faculty of Information Technology Brno University of Technology

Symmetric Key Infrastructure Karel Masarik, Daniel Cvrcek Faculty of Information Technology Brno University of Technology
Chapter 19: Network Management Business Data Communications, 4e.

Chapter 19: Network Management Business Data Communications, 4e.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Trust Establishment in Pervasive Grid Environments Syed Naqvi, Michel Riguidel TÉLÉCOM PARIS ÉNST É cole N ationale S upérieur des T élécommunications.

Trust Establishment in Pervasive Grid Environments Syed Naqvi, Michel Riguidel TÉLÉCOM PARIS ÉNST É cole N ationale S upérieur des T élécommunications.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.

CSCE 715 Ankur Jain 11/16/2010. Introduction Design Goals Framework SDT Protocol Achievements of Goals Overhead of SDT Conclusion.
Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.

Securing Vehicular Commuinications – Assumptions, Requirements, and Principles P. Papadimitratos, EPFL, Lausanne, Switzerland V. Gligor, University of.
Rational Unified Process Workflows. The Rational Unified Process.

Rational Unified Process Workflows. The Rational Unified Process.
CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 21 Jonathan Katz.
Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.

Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.
Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

Similar presentations

Ads by Google