Securing Vehicular Commuinications - PowerPoint PPT Presentation

About This Presentation

Title:

Securing Vehicular Commuinications

Description:

Outline Introduction Security Requirements System Model Communication Model Adversary Model Design Principles What is VANET ? – PowerPoint PPT presentation

Number of Views:212

Avg rating:3.0/5.0

Slides: 53

Provided by: cseScEdu67

Learn more at: https://cse.sc.edu

Category:

more less

Transcript and Presenter's Notes

Title: Securing Vehicular Commuinications

1
Securing Vehicular Commuinications Assumptions,
Requirements, and Principles

P. Papadimitratos, EPFL, Lausanne, Switzerland
V. Gligor, University of Maryland, College Park,
USA
J-P. hubaux, EPFL, Lausanne, Switzerland
Presentor Guo Yu Lu

2
Outline

Introduction
Security Requirements
System Model
Communication Model
Adversary Model
Design Principles

3
What is VANET ?
4
(No Transcript)
5
What is VANET

Vehicular AdHoc Network, or VANET
a form of Mobile ad-hoc network
provide communication
- among nearby vehicles
- between vehicles
- nearby fixed equipment

6
Introduction

How vehicular communications work
- road-side infrastructure units (RSUs),
named network nodes, are equipped
with on-board processing and wireless
communication modules

7
How vehicular communications work (Continue)

- vehicle-to-vehicle (V2V) and
vehicle-to-infrastructure
(V2I) communication will be possible

8
(No Transcript)
9
What can VANET provide ?
10
Warnings!!!

11
Warnings!!!
12
traffic and road conditions
13
traffic and road conditions
14
(No Transcript)
15
(No Transcript)
16
What can VANET provide

The VANET can provide
Safety
Efficiency
Traffic and road conditions
Road signal alarm
Local information

17
Related work

Research have been worked
Outline challenges for VANET
- availablility, mobility
Describe particular attacks
-DoS, alteration attacks
Suggest solution towards attacks
This paper provide a basis for the development
of future vehicular security schemes

Security Requirements

19
SECURITY
20
Security Requirements

Message Authentication and Integrity
Message Non-Repudiation
Entity Authentication
Access Control Authorization
Message Confidentiality
Privacy and Anonymity
Availability
Liability Identification

21
Security Requirements

Message Authentication and Integrity
- Message must be protected from any
alteration
Message Non-Repudiation
- The sender of a message cannot deny
having sent a
message
Entity Authentication
- The receiver is ensured that the
sender generated a
message
- The receiver has evidence of the
liveness of the sender

22
Security Requirements

Access Control
-determined locally by policies
- authorization established what each
node is allowed to do in the network
Message Confidentiality
- the content of a message is kept
secret from those nodes that are not
authorized to access it

23
Security Requirements

Privacy and Anonymity
- vehicular communication (VC)
systems should not disclose
any personal and private
information of their users
- any observers should not know any future
actions of other nodes
- anonymity may not be a reasonable
requirement
for all entities of the vehicular
communications
system

24
Security Requirements

Availability
- protocols and services should remain
operational even in the presence of
faults, malicious or benign
Liability Identification
- users of vehicles are liable for their
deliberate or
accidental actions that disrupt the
operation of other
nodes

System Model

26
System Model

Vehicular communications system
- Users
- Network nodes
- Authorities

27
System Model
28
(No Transcript)
29
System Model

Users
- user is the owner or the
driver or a passenger
of the vehicle
Network Nodes
- processes running on computing
platforms
capable of wireless communication
- Mounted on vehicles and road-side units
(RSUs)

30
System Model

Authorities
- public agencies or
corporations with
administrative powers
- for example, city or state
transportation authorities

31
System Model

VC system operational assumptions
Authorities
Vehicle Identification and Credentials
Infrastructure Identification and Credentials
User Identification and Credentials
User and Vehicle Association
Trusted Components

32
System Model

Authorities
- trusted entities or nodes
- issuing and manage identities and
credentials for vehicular network
- establish two-way communication with
nodes
Vehicle Identification and Credentials
- unique identity V
- a pair of private and public keys, kv
and KV
- certificate CertXKV, AV issued by
authority X
- V denotes on-board central
processing and communication
module

33
System Model

Note. From Securing Vehicular Communications
Assumptions, Requirements, and Principles, by P.
Papadimitratos, V. Gligor, J-P Hubaux, In
Proceedings of the Workshop on Embedded Security
in Cars (ESCAR) 2006, November 2006.

34
System Model

Infrastructure Identification and Credentials
- unique identity I
- a pair of private and public key kI and
KI
- certificate CertZKI, AI issued by
authority Z
- gateway to the authorities
- gateway to the mobile vehicles
- RSUs locations are fixed
- public vehicles
-considered trustworthy
-be used to assist security
related operations

What are public vehicles ?

36
(No Transcript)
37
System Model

User identification and Credentials
- Unique identity, U
- a pair of private and public keys, kU
and KU
- Certificate CertYKU , AU issued by
authority Y
User and Vehicle Association
- user is the owner or the driver or a
passenger of the vehicle
- assume only one user can operate
a vehicle
- assume the user is the driver

38
System Model

Trusted Components (TCs)
- nodes equipped with trusted
components, i.e., built-in
hardware and firmware
- TCs enforce a policy on the
interaction with
the on-board software
- Access to any information stored in
the TCs and
modification of their functionality
can be done only
by the interface provided by the TCs.
- perform cryptographic operations with
signature
generations and verifications

Communication Model

40
Communication Model

Model the wireless communication in vehicular
networks, whose connectivity can change
frequently
Focus mainly on the data link layer

41
Communication Model

Data-link layer primitives and assumption
SendL(V,m) transmits message m to node V within
radius R of the
transmitting node
BcastL(m) broadcasts message m to all nodes
within radius R of the
transmitting node
ReceiveL(m) receives message m transmitted by a
node within radius R of
the receiver
A link (W,V) exists when
two nodes W and
V are able
to communicate directly

42
Communication Model

Links are either up or down, and their state does
not change faster than the transmission time of a
single packet
The network
connectivity, at a particular
instance in time.
Modeled as the graph G
the edges of which are
all up links.
Transmissions from W are received by all nodes V
such that (W, Vi) is up during the entire
duration of the packet transmission
Packets are delivered
across an up link
within a maximum link
delay t or they are
not delivered at all.

43
Communication Model

Communication across the network is dependent on
availability of sufficient resources
bandwidth
- shared medium contend
- bandwidth can fluctuate
- unevenly distributed
among neighbors
- links may be congested

44
Communication Model

Communication Radius, R
Vary over time
Different classes of nodes may operate with
different R
Multi-domain and Highly Volatile environment
Nodes are not bound to administrative and
geographical boundaries
Any two or more nodes communicate independently

45
Communication Model

Frequent Broadcast Communication
Most of the vehicular network traffic is
Broadcasted at the network or application layers
Message are transmitted either
periodically or triggered by network events
Transmission period is low
Time-sensitive Communication
Message delivery can be constrained by deadlines
- different messages have different
delay requirements