VPKIs: State-of-the-Art, Challenges and Extensions
|
|
- Melinda Wilson
- 6 years ago
- Views:
Transcription
1 VPKIs: State-of-the-Art, Challenges and Extensions VPKIs: State-of-the-Art, Challenges and Extensions Hongyu Jin, Mohammad Khodaei and Panos Papadimitratos Networked Systems Security Group Royal Institute of Technology (KTH) June 24, / 19
2 Vehicular Communication Systems (VCS) 2 / 19
3 State-of-the-Art Projects SEVECOM, EVITA, PRECIOSA, OVERSEE, DRIVE-C2X, PRESERVE, CAMP-VSC3 Standarization and Harmonization IEEE , ETSI and C2C-CC: Vehicular Communication (VC) related specifications for privacy-preserving architectures Vehicular Public-Key Infrastructure (VPKI) Do we indeed have a corner-stone to build upon secure and privacy-protecting VC systems? More precisely, do we have all answers needed to deploy an identity and credential management infrastructure for VC? 3 / 19
4 VCS Security and Privacy Architecture: Goals Resilience to honest-but-curious VPKI entities Eradication of Sybil-based misbehavior Standard-compliant implementation Scalability Multi-domain operation Efficiency 4 / 19
5 VCS Security and Privacy Architecture: Overview Vehicles registered with one Long Term Certification Authority (LTCA) (home domain) Pseudonym Certification Authority (PCA) servers in one or multiple domains Vehicles can obtain pseudonyms from any PCA (in home or foreign domains) Establish trust among entities with a Root Certification Authority (RCA) Resolve a pseudonym with the help of a Resolution Authority (RA) 5 / 19
6 VPKI Architecture M. Khodaei, et. al, Towards Deploying a Scalable & Robust Vehicular Identity and Credential Management Infrastructure, IEEE VNC / 19
7 Roaming User: Foreign Ticket Authentication 7 / 19
8 Ticket and Pseudonym Acquisition in Foreign Domain 8 / 19
9 Client and LTCA Performance Evaluation Entire Time [ms] Entire Ticket Operations Entire Operations on PCA Networking Delay Vehicle Pseudonym Verification Number of Pseudonyms in a Request Processing Time [ms] One ticket per request Time [sec] Client processing time Delay to obtain pseudonyms LTCA response time to issue a ticket LTCA performance 9 / 19
10 PCA Performance Evaluation psnyms per request Server failure Empirical CDF Processing Time [ms] Cumulative Probability psnyms per request 20 psnyms per request 50 psnyms per request 100 psnyms per request 200 psnyms per request Time [sec] Processing Time [msec] Issuing 100 pseudonyms per request PCA performance under different configuration PCA response time, including a crash failure Efficient provision for pseudonyms, with different configurations 10 / 19
11 Security Analysis Communication integrity, confidentiality, non-repudiation Certificates, TLS and digital signatures Authentication and authorization LTCA performs Authentication, Authorization and Accounting (AAA) PCA grants the service Security Association through Lightweight Directory Access Protocol (LDAP) Concealing pseudonym providers, foreign identity providers and actual pseudonym acquisition period Sending H(P CA id Rnd 256 ), t s, t e, LT C v to the home LTCA PCA verifies if [t s, t e] [t s, t e ] Thwarting Sybil-based misbehavior LTCA keeps the records of the issued tickets A ticket is bound to a specific PCA PCA keeps records of ticket usage 11 / 19
12 Privacy Challenges Stronger adversarial model [Gisdakis et al., 2013 and Khodaei et al., 2014.] User privacy protection against honest-but-curious entities Inference of service provider or time LTCA infers relevant information from the requests [Khodaei et al., 2014.] Direct (C2C-CC design) or indirect (ticket-based designs) approaches Actual pseudonym acquisition period Targeted PCA that the vehicle seeks to obtain credentials from Trivially linking pseudonyms issued by the PCA Fully-trusted proxy-based scheme (CAMP) [Whyte et al. 2013] that shuffles the requests Honest-but-curious proxy? M. Khodaei and P. Papadimitratos, Identity and Credential Management in Vehicular Communication Systems, IEEE VT Magazine, minor revision (to appear in Dec ) 12 / 19
13 Pseudonym Lifetime Policy Ideally one pseudonym for a single message authentication But costly, e.g. 10 beacons per sec. Safety applications necessitate partial linkability E.g. collision avoidance: inferring a collision hazard based on unlinkable CAMs is hard; requires precise location information Sybil-based misbehavior Non-overlapping lifetime Flexible access to PCA undermine unlinkability Timing information makes sets of pseudonyms linkable 5 No conclusive view or guideline for pseudonym lifetime policy Pseudonym Lifetime [sec] 13 / 19
14 Traffic Information Systems Traffic Information Systems S. Gisdakis, et. al, Secure and Privacy-Preserving Smartphone-based Traffic Information Systems, IEEE Trans. on ITS, Vol. 16, No. 3, pp , June 2015 V. Manolopoulos, et. al, Securing smartphone based ITS, ITST, Aug / 19
15 Location Based Services LBS Privacy {loc, interest} Adversary: Honest-but-curious LBS server 15 / 19
16 Location Based Services Centralized and Decentralized LBS Privacy LBS Server Anonymizer LBS Server Why do we trust the (possibly honest-but-curious) anonymizer? Mobile sharing leveraging P2P communication Adversaries Active: Masquerading, tampering, DoS... Passive: Eavesdrop queries and responses R. Shokri, et.al, Hiding in the Mobile Crowd: Location Privacy through Collaboration, IEEE TDSC, / 19
17 Location Based Services Decentralized LBS Privacy and Security LTCA (Long Term CA) PCA (Pseudonym CA) 1. Ticket Request 2. Ticket Response 3. Pseudonym Request using Ticket 4.Pseudonym Response 5. Queries Signed with Pseudonyms 6. Responses Signed by the LBS Server LBS (Location Based Service) Leverage a PKI solution as the earlier one Pseudonymous authentication of peer interactions Render the peer functionality resilient to misbehavior Run this scheme in parallel to the LBS, without shifting trust; motivation for privacy-cautious users 17 / 19
18 Relevant Publications Relevant Publications M. Khodaei and P. Papadimitratos, Identity and Credential Management in Vehicular Communication Systems, IEEE VT Magazine, minor revision (to appear in Dec ) S. Gisdakis, V. Manolopoulos, S. Tao, A. Rusu, and P. Papadimitratos, Secure and Privacy-Preserving Smartphone-based Traffic Information Systems, IEEE Trans. on ITS, Vol. 16, No. 3, pp , June 2015 M. Khodaei, H. Jin, and P. Papadimitratos, Towards Deploying a Scalable & Robust Vehicular Identity and Credential Management Infrastructure, IEEE VNC, Paderborn, Germany, Dec S. Gisdakis, T. Giannetsos and P. Papadimitratos, SPPEAR: Security & Privacy-Preserving Architecture for Mobile Crowd-Sensing Applications, ACM WiSec, Oxford, UK, July 2014 (best paper award) R. Shokri, G. Theodorakopoulos, P. Papadimitratos, E. Kazemi, and J.-P. Hubaux, Hiding in the Mobile Crowd: Location Privacy through Collaboration, IEEE TDSC, Vol. 11, No. 3, pp , May-June / 19
19 Relevant Publications Relevant Publications (cont d) S. Gisdakis, M. Lagan, T. Giannetsos, and P. Papadimitratos, SEROSA: Service Oriented Security Architecture for Vehicular Communications, IEEE VNC, Boston, MA, Dec W. Whyte, A. Weimerskirch, V. Kumar, and T. Hehn, A security credential management system for V2V communications, IEEE VNC, Boston, MA, Dec N. Alexiou, S. Gisdakis, M. Laganà, and P. Papadimitratos, Towards a Secure and Privacy-preserving Multi-service Vehicular Architecture, IEEE D-SPAN, Madrid, June 2013 N. Alexiou, M. Laganà, S. Gisdakis, and P. Papadimitratos, VeSPA: Vehicular Security and Privacy-preserving Architecture, ACM HotWiSec, Budapest, April 2013 V. Manolopoulos, P. Papadimitratos, S. Tao, and A. Rusu, Securing smartphone based ITS, ITST, Aug / 19
Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure
KTH ROYAL INSTITUTE OF TECHNOLOGY Secure and Privacy Preserving Vehicular Communication Systems: Identity and Credential Management Infrastructure Mohammad Khodaei and Panos Papadimitratos Networked Systems
More informationSECMACE: Scalable and Robust Identity and Credential Infrastructure in Vehicular Communication
1 / 54 SECMACE: Scalable and Robust Identity and Credential Infrastructure in Vehicular Communication IEEE Transactions on Intelligent Transportation Systems (IEEE ITS), vol. 19, no. 5, May 2018 Mohammad
More informationPrivacy in Vehicular Ad-hoc Networks. Nikolaos Alexiou, LCN, EE KTH
Privacy in Vehicular Ad-hoc Networks Nikolaos Alexiou, LCN, EE KTH alexiou@kth.se 2/10/2012 Outline Introduction VANETs: an overview VANET privacy - Anonymity - Location Privacy - VPKI Privacy Attacks
More informationarxiv: v3 [cs.cr] 4 Jan 2017
The Key to Intelligent Transportation: Identity and Credential Management in Vehicular Communication Systems arxiv:1601.00796v3 [cs.cr] 4 Jan 2017 Abstract - Vehicular Communication (VC) systems will greatly
More informationDr. Panos Papadimitratos
Dr. Panos Papadimitratos Ecole Polytechnique Fédéral de Lausanne (EPFL) 2 Security in Vehicle-to-Vehicle (V2V) and Vehicle-to- Infrastructure (V2I) Communications Security and Privacy Why? 3 o Safety (?)
More informationVehicular Communications (VC) Security on Wheels. Vehicular Communications (VC) (cont d) Vehicles equipped with. Efficiency. Safety.
IEEE VNC 2011 Keynote Security on Wheels Vehicular Communications (VC) Vehicles equipped with Computers Sensors Including positioning systems (GPS, Galileo) Wireless transceivers Panos Papadimitratos www.ee.kth.se/~papadim
More informationCAMP. Intelligent Transportation Systems. A Security Credential Management System for Vehicle-to-Vehicle Communications
CAMP Vehicle Safety Communications 3 Intelligent Transportation Systems A Security Credential Management System for Vehicle-to-Vehicle Communications William Whyte (Security Innovation); André Weimerskirch
More informationCooperative ITS Corridor Joint Deployment
Cooperative ITS Corridor Joint Deployment Secure V2X Communication Glasgow, June 8th 2016 Markus Ullmann Federal Office for Information Security (BSI) Outline Cooperative Intelligent Transport System (C-ITS)
More informationSecurity and Privacy in Car2Car Adhoc Networks
Security and Privacy in Car2Car Adhoc Networks Antonio Kung Trialog www.trialog.com 15/06/2016 1 Introduction French SME Involved since 2002 in security and privacy for connected vehicles 15/06/2016 2
More informationCar2Car Communication Consortium C2C-CC
Car2Car Communication Consortium C2C-CC Secure Vehicular Communication: Results and Challenges Ahead February 20th/21st 2008, Lausanne Benjamin Weyl BMW Group Research and Technology Chair C2C-CC Security
More informationLESSONS LEARNED: SECURITY AND PRIVACY IN SAFETY PILOT MODEL DEPLOYMENT
LESSONS LEARNED: SECURITY AND PRIVACY IN SAFETY PILOT MODEL DEPLOYMENT André Weimerskirch, Scott Bogard, Debby Bezzina University of Michigan Transportation Research Institute 2901 Baxter Road Ann Arbor,
More informationSecurity of vehicular communications. Vehicular communication (VC) systems
Security of vehicular communications vehicular safety communications design constraints attacker classes desired security services a security architecture Vehicular communication (VC) systems motivations:
More informationSybil Attack Detection with Reduced Bandwidth overhead in Urban Vehicular Networks
Sybil Attack Detection with Reduced Bandwidth overhead in Urban Vehicular Networks D.Balamahalakshmi Department of Computer Science and Engineering, V.S.B Engineering College, Karur, Tamilnadu, India 1
More informationCISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security. A Brief Overview of Security & Privacy Issues
CISC859: Topics in Advanced Networks & Distributed Computing: Network & Distributed System Security A Brief Overview of Security & Privacy Issues 1 Topics to Be Covered Cloud computing RFID systems Bitcoin
More informationCOOPERATIVE ITS SECURITY STANDARDIZATION AND ACTIVITIES ON EUROPEAN C ITS TRUST MODEL AND POLICY
COOPERATIVE ITS SECURITY STANDARDIZATION AND ACTIVITIES ON EUROPEAN C ITS TRUST MODEL AND POLICY ETSI IoT Security WORKSHOP, 13 15 June 2016 Brigitte LONC, RENAULT ETSI TC ITS WG 5 Chairman ETSI 2016.
More informationIntroduction to VANET
VANET Introduction to VANET -Vehicles connected to each others through an ad hoc formation form a wireless network called Vehicular Ad Hoc Network. -Vehicular ad hoc networks (VANETs) are a subgroup of
More informationPseudonym Based Security Architecture for Wireless Mesh Network
IOSR Journal of Computer Engineering (IOSR-JCE) e-issn: 2278-0661,p-ISSN: 2278-8727, Volume 16, Issue 4, Ver. VII (Jul Aug. 2014), PP 01-05 Pseudonym Based Security Architecture for Wireless Mesh Network
More informationA SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationVEHICLE-to-Vehicle (V2V) communications between
3850 IEEE TRANSACTIONS ON INTELLIGENT TRANSPORTATION SYSTEMS, VOL. 19, NO. 12, DECEMBER 2018 A Security Credential Management System for V2X Communications Benedikt Brecht, Dean Therriault, André Weimerskirch,
More informationSafety and Privacy in Vehicular Communications
Safety and Privacy in Vehicular Communications Josep Domingo-Ferrer and Qianhong Wu Universitat Rovira i Virgili, UNESCO Chair in Data Privacy, Dept. of Computer Engineering and Mathematics, Av. Països
More informationarxiv: v1 [cs.cr] 14 Feb 2018
1 A Security Credential Management System for V2X Communications Benedikt Brecht, Dean Therriault, André Weimerskirch, William Whyte, Virendra Kumar, Thorsten Hehn, Roy Goudy Benedikt.Brecht@vw.com dean.therriault@gm.com
More informationPublic Key Infrastructure and Crypto Agility Concept for Intelligent Transportation Systems
Public Key Infrastructure and Crypto Agility Concept for Intelligent Transportation Systems Markus Ullmann, Christian Wieschebrink and Dennis Kügler Federal Office for Information Security D-53133 Bonn,
More informationAd-hoc Trusted Information Exchange Scheme for Location Privacy in VANET
Available Online at www.ijcsmc.com International Journal of Computer Science and Mobile Computing A Monthly Journal of Computer Science and Information Technology IJCSMC, Vol. 4, Issue. 1, January 2015,
More informationShort-term Linkable Group Signatures with Categorized Batch Verification
Short-term Linkable Group Signatures with Categorized Batch Verification Lukas Malina 1, Jordi Castella-Rocà 2, Arnau Vives-Guasch 2, Jan Hajny 1 1 Department of Telecommunications Faculty of Electrical
More information0x1A Great Papers in Computer Security
CS 380S 0x1A Great Papers in Computer Security Vitaly Shmatikov http://www.cs.utexas.edu/~shmat/courses/cs380s/ Privacy on Public Networks Internet is designed as a public network Wi-Fi access points,
More informationA privacy-preserving authentication service using mobile devices
A privacy-preserving authentication service using mobile devices Mihai Togan Security Software Architect certsign Context Mobile devices Present everywhere What to consider High performance Computing power
More informationBlockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric
Blockchain for Enterprise: A Security & Privacy Perspective through Hyperledger/fabric Elli Androulaki Staff member, IBM Research, Zurich Workshop on cryptocurrencies Athens, 06.03.2016 Blockchain systems
More informationA Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems
DEGREE PROJECT IN COMPUTER SCIENCE AND ENGINEERING, SECOND CYCLE, 30 CREDITS STOCKHOLM, SWEDEN 2018 A Privacy-preserving Pseudonym Acquisition Scheme for Vehicular Communication Systems ANDREAS MESSING
More informationA GENERIC PUBLIC KEY INFRASTRUCTURE FOR SECURING CAR-TO-X COMMUNICATION
A GENERIC PUBLIC KEY INFRASTRUCTURE FOR SECURING CAR-TO-X COMMUNICATION Norbert Bißmeyer 1, Hagen Stübing 2, Elmar Schoch 3, Stefan Götz 4, Jan Peter Stotz 1, Brigitte Lonc 5 1 Fraunhofer SIT, Secure Mobile
More informationSecuring V2X communications with Infineon HSM
Infineon Security Partner Network Securing V2X communications with Infineon HSM Savari and Infineon The Sign of Trust for V2X Products SLI 97 www.infineon.com/ispn Use case Application context and security
More informationCertificate revocation in vehicular ad hoc networks techniques and protocols: a survey
. REVIEW. Special Focus on Machine-Type Communications SCIENCE CHINA Information Sciences October 2017, Vol. 60 100301:1 100301:18 doi: 10.1007/s11432-017-9203-x Certificate revocation in vehicular ad
More informationConfiguring EAP-FAST CHAPTER
CHAPTER 3 This chapter explains how to configure EAP-FAST module settings, such as connection settings, user credentials, and authentication methods. The following topics are covered in this chapter: Accessing
More informationEnhanced Management of Certificate Caching and Revocation Lists in VANET
Enhanced Management of Certificate Caching and Revocation Lists in VANET Sadiq H. Abdulhussain Computer Engineering Department College of Engineering University of Baghdad ABSTRACT Vehicular network security
More informationSURVEY: Reputation and Trust Management in VANETs
, pp. 301-306 http://dx.doi.org/10.14257/ijgdc.2015.8.4.29 SURVEY: Reputation and Trust Management in VANETs Jitendra Singh Sengar BVM College of Technology & Management, Gwalior, MP, India jitendrasinghsengar@gmail.com
More informationThe Identity Web An Overview of XNS and the OASIS XRI TC
The Identity Web An Overview of XNS and the OASIS XRI TC XML WG December 17, 2002 Marc LeMaitre VP Technology Strategy OneName Corporation Goals of this presentation Introduce the idea of the Identity
More informationEXPEDITE MESSAGE AUTHENTICATION PROTOCOL FOR VANETs USING DATA AGGREGATION
EXPEDITE MESSAGE AUTHENTICATION PROTOCOL FOR VANETs USING DATA AGGREGATION Shaiba Wahab Dept. Of Computer Science and Engineering M.E.A. Engineering College Perinthalmanna, Kerala Jemsheer Ahmed P Dept.
More informationAuthentication with Privacy for Connected Cars - A research perspective -
Authentication with Privacy for Connected Cars - A research perspective - Mark Manulis Surrey Centre for Cyber Security, Deputy-Director Department of Computer Science University of Surrey sccs.surrey.ac.uk
More informationIEEE INTERNET OF THINGS JOURNAL, VOL. 3, NO. 5, OCTOBER Security, Privacy, and Incentive Provision for Mobile Crowd Sensing Systems
IEEE INTERNET OF THINGS JOURNAL, VOL. 3, NO. 5, OCTOBER 2016 839 Security, Privacy, and Incentive Provision for Mobile Crowd Sensing Systems Stylianos Gisdakis, Thanassis Giannetsos, and Panagiotis Papadimitratos
More informationOpen Mobile API The enabler of Mobile ID solutions. Alexander Summerer, Giesecke & Devrient 30th Oct. 2014
The enabler of solutions Alexander Summerer, Giesecke & Devrient 30th Oct. 2014 SIMalliance Allows usage of Secure Elements in Mobile Devices Designed for Open Handset OS platforms Common API for Apps
More informationUsing TPMs to Secure Vehicular Ad-Hoc Networks (VANETs)
Using TPMs to Secure Vehicular Ad-Hoc Networks (VANETs) Gilles Guette 1 and Ciarán Bryce 2 IRISA Campus de Beaulieu, 35042 Rennes CEDEX, France gilles.guette@univ-rennes1.fr, Ciaran.Bryce@inria.fr Abstract.
More informationPKI AND ROAMING IN ITS
PKI AND ROAMING IN ITS 7th ETSI Security Workshop Sophia Antipolis, France, on 18th 19th January 2012 Prepared by STF423: Scott Cadzow, H.Cruickshank@surrey.ac.uk, Benjamin Glas, Siv-Hilde Houmb, Steve
More informationSecure automotive on-board networks
Secure automotive on-board networks Basis for secure vehicle-to-x communication Dr.-Ing. Olaf Henniger Fraunhofer SIT / Darmstadt 2 December 2010 Presentation overview EVITA project overview Security challenges
More informationPublic-key Infrastructure Options and choices
Public-key Infrastructure Options and choices Tim Moses Director, Advanced Security Technology April 98 1997 Entrust Technologies Overview General-purpose and Dedicated PKIs Trust models Two-key architecture
More informationPROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL
Q&A PROTECTED EXTENSIBLE AUTHENTICATION PROTOCOL This document answers questions about Protected Extensible Authentication Protocol. OVERVIEW Q. What is Protected Extensible Authentication Protocol? A.
More informationArchitecture of the Car2X Systems Network
Architecture of the Car2X Systems Network Overview Governance Definition of major rules all participants of the system have to oblige to Inspection and enforcement rules Top level security entities. Backend
More informationConnected driving is the future. However, data exchange between vehicles. and roadside equipment will only become genuinely beneficial when it is
Press release High-performance IT security solutions protect V2X communication against cyberattacks ESCRYPT GmbH Am Hain 5, 44789 Bochum, Germany Phone: +49 234 43870-200 Press and Public Relations: Martin
More informationSecure Vehicle Communication. SEVECOM (SE-cure VE-hicle COM-munication) General Introduction SEVECOM General Introduction
Secure Vehicle Communication SEVECOM (SE-cure VE-hicle COM-munication) General Introduction 1 Outline Vehicle Communication Security and Privacy Threats Research topics Preliminary results 2 Vehicle Communication
More informationBoston University College of Engineering Department of Electrical and Computer Engineering. Secure Cooperative Accident Avoidance for Vehicles
Boston University College of Engineering Department of Electrical and Computer Engineering Secure Cooperative Accident Avoidance for Vehicles MS Project Jimmy C. Chau Advisor: Thomas Little May 7, 2011
More informationOptimized Certificate Revocation List Distribution for Secure V2X Communications
Optimized Certificate Revocation List Distribution for Secure V2X Communications Giovanni Rigazzi, Andrea Tassi, Robert J. Piechocki, Theo Tryfonas, Andrew Nix Department of Electric and Electronic Engineering,
More informationDirect Anonymous Attestation
Direct Anonymous Attestation Revisited Jan Camenisch IBM Research Zurich Joint work with Ernie Brickell, Liqun Chen, Manu Drivers, Anja Lehmann. jca@zurich.ibm.com, @JanCamenisch, ibm.biz/jancamenisch
More informationPMAP: Precipitate Message Authentication Protocol for Vehicular Ad Hoc Networks
PMAP: Precipitate Message Authentication Protocol for Vehicular Ad Hoc Networks J.Sahana, PG Scholar Department of Computer Science and Engineering Sree Sowdambika College of Engineering Aruppukottai,
More informationA DNSSEC-based Trust Infrastructure
A DNSSEC-based Trust Infrastructure Bud P. Bruegger, Eray Özmü Fraunhofer IAO, Universität Stuttgart Nobelstr. 12, Allmandring 35 70569 Stuttgart bud.bruegger@iao.fraunhofer.de eray.oezmue@iat.uni-stuttgart.de
More informationD.David Neels Ponkumar 1, Janeshwari.S 2, Gomathi Sankari.A 3
Fast and Secure Countermand Verification Process Using MAP in VANET D.David Neels Ponkumar 1, Janeshwari.S 2, Gomathi Sankari.A 3 1 Profeesor, Einstein College of Engineering, david26571@gmail.com 2 PG
More informationThis article presents a condensed
Securing IT EDITORS: Rick Kuhn, US National Institute of Standards and Technology, kuhn@nist.gov Tim Weil, Scram Systems, tweil.ieee@gmail.com VPKI Hits the Highway Secure Communication for the Connected
More informationMitigating the Effects of Position-Based Routing Attacks in Vehicular Ad Hoc Networks
Mitigating the Effects of Position-Based Routing Attacks in Vehicular Ad Hoc Networks Nizar Alsharif, Albert Wasef, and Xuemin (Sherman) Shen Department of Electrical and Computer Engineering, University
More informationPKI Services. Text PKI Definition. PKI Definition #1. Public Key Infrastructure. What Does A PKI Do? Public Key Infrastructures
Public Key Infrastructures Public Key Infrastructure Definition and Description Functions Components Certificates 1 2 PKI Services Security Between Strangers Encryption Integrity Non-repudiation Key establishment
More informationAll rights reserved. ITS at ETSI. Presented by Luis Jorge Romero on behalf of ETSI TC ITS
http://eustandards.in/ ITS at ETSI Presented by Luis Jorge Romero on behalf of ETSI TC ITS 2 All rights reserved ITS: a definition ITS means applying Information and Communications Technologies (ICT) to
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 2 SAML SSO Web Browsers, page 3 Cisco Unified Communications Applications that Support SAML SSO,
More informationFPKIPA CPWG Antecedent, In-Person Task Group
FBCA Supplementary Antecedent, In-Person Definition This supplement provides clarification on the trust relationship between the Trusted Agent and the applicant, which is based on an in-person antecedent
More informationPRIVACY BY DESIGN FOR DELAY TOLERANT NETWORKS
PRIVACY BY DESIGN FOR DELAY TOLERANT NETWORKS 9th ETSI Security Workshop Sophia Antipolis, France, on 15th 16th January 2014 Dr. Haitham Cruickshank H.Cruickshank@surrey.ac.uk, Naveed Ahmad n.ahmad@surrey.ac.uk
More informationSecuring MQTT. #javaland
Securing MQTT #javaland 2017 www.bestppt.com INTRODUCTION Dominik Obermaier @dobermai Disclaimer Obligatory Disclaimer: All security suggestions and guidelines in this talk are collected from real-world
More informationAn Effective Strategy for Trusted Information Scheme for Location Privacy in VANETs
An Effective Strategy for Trusted Information Scheme for Location Privacy in VANETs Rakesh Kumar ER Asst. Prof. & Head (CSE), SAMS College of Engineering and Technology, Chennai rakeshkumarer@gmail.com,
More informationFuture Expansion for emrtd PKI Mark Joynes, Entrust
Future Expansion for emrtd PKI Mark Joynes, Entrust 2013 MRTD Symposium 1 What are we trying to achieve Prevent: Production of credible false documents Tampering with legitimate documents Breach of sovereignty
More informationSecuring Vehicular Communications
Securing Vehicular Communications Maxim Raya, Panos Papadimitratos, Jean-Pierre Hubaux Laboratory for computer Communications and Applications (LCA) School of Computer and Communication Sciences EPFL,
More informationSAML-Based SSO Solution
About SAML SSO Solution, page 1 Single Sign on Single Service Provider Agreement, page 2 SAML-Based SSO Features, page 2 Basic Elements of a SAML SSO Solution, page 3 Cisco Unified Communications Applications
More informationBlocking of Mischievous Users in Anonymizing Networks using Nymble System Srikanth Chintala, I.L. Narsimha Rao
International Journal of Scientific & Engineering Research Volume 3, Issue 9, September-2012 1 Blocking of Mischievous Users in Anonymizing Networks using Nymble System Srikanth Chintala, I.L. Narsimha
More informationAutomotive Cyber Security
Automotive Cyber Security Rajeev Shorey (Ph.D.) Principal Scientist TCS Innovation Labs Cincinnati, USA & Bangalore, India Copyright 2013 Tata Consultancy Services Limited Connected Vehicles Chennai, 18
More informationSECURITY AND PRIVACY IN SMARTPHONE BASED INTELLIGENT TRANSPORTATION SYSTEMS VASILEIOS MANOLOPOULOS
SECURITY AND PRIVACY IN SMARTPHONE BASED INTELLIGENT TRANSPORTATION SYSTEMS VASILEIOS MANOLOPOULOS Licentiate Thesis KTH Royal Institute of Technology Stockholm, Sweden, 2012 TRITA-ICT/MAP AVH Report 2012:03
More informationPublic Key Infrastructure
Public Key Infrastructure Ed Crowley Summer 11 1 Topics Public Key Infrastructure Defined PKI Overview PKI Architecture Trust Models Components X.509 Certificates X.500 LDAP 2 Public Key Infrastructure
More informationC2X Security. Introduction and overview (focus to European standard only) Cryptovision s Mindshare V
C2X Security Introduction and overview (focus to European standard only) Cryptovision s Mindshare 2015-06-24 V1.00 2015-06-24 Agenda What is Car2x Communication? Standards Security concepts C2X-PKI 2/30
More informationEfficient Authentication and Congestion Control for Vehicular Ad Hoc Network
Efficient Authentication and Congestion Control for Vehicular Ad Hoc Network Deivanai.P 1, K.Sudha 2, K.Radha 3 Department of CSE, Muthayammal Engineering College, Rasipuram, India 1 Assistant Professor,
More informationSecure Communications on VoIP Networks
Mediatrix Multi-service Gateways v. 2.0.41.762 2017-12-21 Table of Contents Table of Contents Internet Telephony Network Security 4 Authentication 4 X-509 Certificates 4 Transport Layer Security (TLS)
More informationPrivacy-Enhancing Technologies: Anonymous Credentials and Pseudonym Systems. Anja Lehmann IBM Research Zurich
Privacy-Enhancing Technologies: Anonymous Credentials and Pseudonym Systems Anja Lehmann IBM Research Zurich ROADMAP Anonymous Credentials privacy-preserving (user) authentication Pseudonym Systems privacy-preserving
More informationEnhancing Security on Vehicular Adhoc Networks using EMAP-HMAC
www.ijemr.net ISSN (ONLINE): 2250-0758, ISSN (PRINT): 2394-6962 Page No.: 704-711 Volume-5, Issue-2, April-2015 International Journal of Engineering and Management Research Enhancing Security on Vehicular
More informationOverview of Challenges in VANET
Overview of Challenges in VANET Er.Gurpreet Singh Department of Computer Science, Baba Farid College, Bathinda(Punjab), India ABSTRACT VANET are becoming active area of research and development because
More informationThird public workshop of the Amsterdam Group and CODECS C-ITS Deployment in Europe: Common Security and Certificate Policy
Third public workshop of the Amsterdam Group and CODECS C-ITS Deployment in Europe: Common Security and Certificate Policy 14 February 2017 Amsterdam Gerhard Menzel European Commission - DG MOVE Scope:
More informationSecuring Wireless LANs with Certificate Services
1 Securing Wireless LANs with Certificate Services PHILIP HUYNH University of Colorado at Colorado Springs Abstract Wireless Local Access Network (WLAN) is used popularly in almost everywhere from the
More informationSecure Vehicular Communication Systems: Design and Architecture
Secure Vehicular Communication Systems: Design and Architecture P. Papadimitratos, L. Buttyan, T. Holczer, E. Schoch, J. Freudiger, M. Raya Z. Ma, F. Kargl, A. Kung, J.-P. Hubaux Abstract Significant developments
More informationSecurity for V2X Communications
Security for V2X Communications ITS Canada Annual General Meeting May 1-4, 2016 Brian Romansky VP Strategic Technology Your Connected Car Your Connected Car Security Security Partner Partner TrustPoint
More informationChapter 13 Location Privacy
Chapter 13 Location Privacy Security aspects of mobile communication Implicit addressing Pseudonyms Communication mixes [NetSec], WS 2007/2008 13.1 Security Aspects of Mobile Communication Mobile communication
More informationA Peer-to-Peer Approach to Digital Key Sharing for Vehicle Access & Control. Tony Rosati Director of IOT Security, ESCRYPT
A Peer-to-Peer Approach to Digital Key Sharing for Vehicle Access & Control Tony Rosati Director of IOT Security, ESCRYPT Agenda Motivation for Digital Key Sharing Architecture Security Model Security
More informationKeyOne. Certification Authority
Certification Description KeyOne public key infrastructure (PKI) solution component that provides certification authority (CA) functions. KeyOne CA provides: Public key infrastructure deployment for governments,
More informationMobile Security Fall 2011
Mobile Security 14-829 Fall 2011 Patrick Tague Class #17 Location Security and Privacy HW #3 is due today Announcements Exam is in-class on Nov 9 Agenda Location security Location privacy Location, Location,
More informationSecure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks
Secure Path-Key Revocation for Symmetric Key Pre-distribution Schemes in Sensor Networks University of Cambridge Computer Laboratory 22nd IFIP TC-11 International Information Security Conference Sandton,
More informationBLACKLISTING MISBEHAVING USERS WHILE MAINTAINING ANONYMITY AND BACKWARD UNLIKABILITY.
BLACKLISTING MISBEHAVING USERS WHILE MAINTAINING ANONYMITY AND BACKWARD UNLIKABILITY. V.Spurthi 1, S. Vani Kumari 2 1 Computer Science and Engineering Department, GMRIT, Rajam, Srikakulam Dst., India 2
More informationBlacklisting User In Mobile Crowd Sensing
Blacklisting User In Mobile Crowd Sensing Kad Pradnya Dinkar 1, Prof. S A Jain 2 1 ME Student Computer Engineering, MIT Academy Of Engineering, Maharashtra, India 2 Professor,Dept. of Computer Engineering,
More informationDesign and development of a distributed, secure and resilient vault management system
Design and development of a distributed, secure and resilient vault management system Mathonet G. University of Liège, Belgium June 2017 Mathonet G. (University of Liège, Belgium) Design and development
More informationTRUST IDENTITY. Trusted Relationships for Access Management: AND. The InCommon Model
TRUST. assured reliance on the character, ability, strength, or truth of someone or something - Merriam-Webster TRUST AND IDENTITY July 2017 Trusted Relationships for Access Management: The InCommon Model
More informationIntroduction and Overview. Why CSCI 454/554?
Introduction and Overview CSCI 454/554 Why CSCI 454/554? Get Credits and Graduate Security is important More job opportunities More research funds 1 Workload Five homework assignments Two exams (open book
More informationHigher Education PKI Initiatives
Higher Education PKI Initiatives (Scott Rea) Securing the ecampus - Hanover NH July 28, 2009 Overview What are the drivers for PKI in Higher Education? Stronger authentication to resources and services
More informationGrid Security Policy
CERN-EDMS-428008 Version 5.7a Page 1 of 9 Joint Security Policy Group Grid Security Policy Date: 10 October 2007 Version: 5.7a Identifier: https://edms.cern.ch/document/428008 Status: Released Author:
More informationArcGIS Server and Portal for ArcGIS An Introduction to Security
ArcGIS Server and Portal for ArcGIS An Introduction to Security Jeff Smith & Derek Law July 21, 2015 Agenda Strongly Recommend: Knowledge of ArcGIS Server and Portal for ArcGIS Security in the context
More informationJXTA TM Technology for XML Messaging
JXTA TM Technology for XML Messaging OASIS Symposium New Orleans, LA 27-April-2004 Richard Manning Senior Software Architect Advanced Technology & Edge Computing Center Sun Microsystems Inc. www.jxta.org
More informationIdentity Provider for SAP Single Sign-On and SAP Identity Management
Implementation Guide Document Version: 1.0 2017-05-15 PUBLIC Identity Provider for SAP Single Sign-On and SAP Identity Management Content 1....4 1.1 What is SAML 2.0.... 5 SSO with SAML 2.0.... 6 SLO with
More informationSmart Meter Security. Martin Klimke, Principle of Technical Marketing Infineon Chip Card and Security
Smart Meter Security Martin Klimke, Principle of Technical Marketing Infineon Chip Card and Security Smart Grids: Advanced power control, intelligence and communications New Business models and Services
More informationHMEP: Hasten Message Endorsement Protocol for Vehicular Ad hoc Networks
HMEP: Hasten Message Endorsement Protocol for Vehicular Ad hoc Networks D.Thriveni 1, G.T.Prasanna Kumari 2 1 M.Tech Student, S.V.Engineering College for Women, Tirupati, India 2 Associate Professor, Dept.
More informationENEE 459-C Computer Security. Security protocols
ENEE 459-C Computer Security Security protocols Key Agreement: Diffie-Hellman Protocol Key agreement protocol, both A and B contribute to the key Setup: p prime and g generator of Z p *, p and g public.
More informationComputer Based Image Algorithm For Wireless Sensor Networks To Prevent Hotspot Locating Attack
Computer Based Image Algorithm For Wireless Sensor Networks To Prevent Hotspot Locating Attack J.Anbu selvan 1, P.Bharat 2, S.Mathiyalagan 3 J.Anand 4 1, 2, 3, 4 PG Scholar, BIT, Sathyamangalam ABSTRACT:
More informationProtocols for Anonymous Communication
18734: Foundations of Privacy Protocols for Anonymous Communication Anupam Datta CMU Fall 2016 Privacy on Public Networks } Internet is designed as a public network } Machines on your LAN may see your
More informationConfiguring PKI CHAPTER
CHAPTER 9 This chapter provides information about configuring PKI-related features using the VSPA on the Catalyst 6500 Series switch. It includes the following sections: Overview of PKI, page 9-2 Understanding
More information