Se ha denunciado esta presentación.
Se está descargando tu SlideShare. ×
Próximo SlideShare
Cargando en…3

Eche un vistazo a continuación

1 de 49 Anuncio

Más Contenido Relacionado

Más reciente (20)



  1. 1. VANET Presented by: Ramu G
  2. 2. Outline  Introduction  Security Requirements  System Model  Communication Model  Adversary Model  Design Principles
  3. 3. What is VANET Vehicular Ad–Hoc Network, or VANET  a form of Mobile ad-hoc network  provide communication - among nearby vehicles - between vehicles - nearby fixed equipment
  4. 4. Introduction  How vehicular communications work - road-side infrastructure units (RSUs), named network nodes, are equipped with on-board processing and wireless communication modules
  5. 5. How vehicular communications work (Continue) - vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) communication will be possible
  6. 6. What can VANET provide ?
  7. 7. Warnings!!!
  8. 8. Warnings!!!
  9. 9. traffic and road conditions
  10. 10. traffic and road conditions
  11. 11. What can VANET provide The VANET can provide  Safety  Efficiency  Traffic and road conditions  Road signal alarm  Local information
  12. 12. Related work Research have been worked  Outline challenges for VANET - availablility, mobility  Describe particular attacks -DoS, alteration attacks  Suggest solution towards attacks This paper provide a basis for the development of future vehicular security schemes
  13. 13. Security Requirements
  14. 14. SECURITY
  15. 15. Security Requirements 1. Message Authentication and Integrity 2. Message Non-Repudiation 3. Entity Authentication 4. Access Control Authorization 5. Message Confidentiality 6. Privacy and Anonymity 7. Availability 8. Liability Identification
  16. 16. Security Requirements  Message Authentication and Integrity - Message must be protected from any alteration  Message Non-Repudiation - The sender of a message cannot deny having sent a message  Entity Authentication - The receiver is ensured that the sender generated a message - The receiver has evidence of the liveness of the sender
  17. 17. Security Requirements  Access Control -determined locally by policies - authorization established what each node is allowed to do in the network  Message Confidentiality - the content of a message is kept secret from those nodes that are not authorized to access it
  18. 18. Security Requirements Privacy and Anonymity - vehicular communication (VC) systems should not disclose any personal and private information of their users - any observers should not know any future actions of other nodes - anonymity may not be a reasonable requirement for all entities of the vehicular communications system
  19. 19. Security Requirements  Availability - protocols and services should remain operational even in the presence of faults, malicious or benign  Liability Identification - users of vehicles are liable for their deliberate or accidental actions that disrupt the operation of other nodes
  20. 20. System Model
  21. 21. System Model  Vehicular communications system - Users - Network nodes - Authorities
  22. 22. System Model Note. From “Securing Vehicular Communications – Assumptions, Requirements, and Principles,” by P. Papadimitratos, V. Gligor, J-P Hubaux, In Proceedings of the Workshop on Embedded Security in Cars (ESCAR) 2006, November 2006.
  23. 23. System Model  Users - user is the owner or the driver or a passenger of the vehicle  Network Nodes - processes running on computing platforms capable of wireless communication - Mounted on vehicles and road-side units (RSUs)
  24. 24. System Model  Authorities - public agencies or corporations with administrative powers - for example, city or state transportation authorities
  25. 25. System Model  VC system operational assumptions 1. Authorities 2. Vehicle Identification and Credentials 3. Infrastructure Identification and Credentials 4. User Identification and Credentials 5. User and Vehicle Association 6. Trusted Components
  26. 26. System Model  Authorities - trusted entities or nodes - issuing and manage identities and credentials for vehicular network - establish two-way communication with nodes  Vehicle Identification and Credentials - unique identity V - a pair of private and public keys, kv and KV - certificate CertX{KV, AV} issued by authority X - V denotes on-board central processing and communication module
  27. 27. System Model Note. From “Securing Vehicular Communications – Assumptions, Requirements, and Principles,” by P. Papadimitratos, V. Gligor, J-P Hubaux, In Proceedings of the Workshop on Embedded Security in Cars (ESCAR) 2006, November 2006.
  28. 28. System Model Infrastructure Identification and Credentials - unique identity I - a pair of private and public key kI and KI - certificate CertZ{KI, AI} issued by authority Z - gateway to the authorities - gateway to the mobile vehicles - RSUs’ locations are fixed - public vehicles -considered trustworthy -be used to assist security related operations
  29. 29. What are public vehicles ?
  30. 30. System Model  User identification and Credentials - Unique identity, U - a pair of private and public keys, kU and KU - Certificate CertY{KU , AU } issued by authority Y  User and Vehicle Association - user is the owner or the driver or a passenger of the vehicle - assume only one user can operate a vehicle - assume the user is the driver
  31. 31. System Model  Trusted Components (TCs) - nodes equipped with trusted components, i.e., built-in hardware and firmware - TCs enforce a policy on the interaction with the on-board software - Access to any information stored in the TCs and modification of their functionality can be done only by the interface provided by the TCs. - perform cryptographic operations with signature generations and verifications
  32. 32. Communication Model
  33. 33. Communication Model  Model the wireless communication in vehicular networks, whose connectivity can change frequently  Focus mainly on the data link layer
  34. 34. Communication Model  Data-link layer primitives and assumption  SendL(V,m) : transmits message m to node V within radius R of the transmitting node  BcastL(m) : broadcasts message m to all nodes within radius R of the transmitting node  ReceiveL(m) : receives message m transmitted by a node within radius R of the receiver  A link (W,V) exists when two nodes W and V are able to communicate directly
  35. 35. Communication Model  Links are either up or down, and their state does not change faster than the transmission time of a single packet The network connectivity, at a particular instance in time. Modeled as the graph G the edges of which are all up links.  Transmissions from W are received by all nodes V such that (W, Vi) is up during the entire duration of the packet transmission Packets are delivered across an up link within a maximum link delay τ or they are not delivered at all.
  36. 36. Communication Model  Communication across the network is dependent on  availability of sufficient resources  bandwidth - shared medium contend - bandwidth can fluctuate - unevenly distributed among neighbors - links may be congested
  37. 37. Communication Model  Communication Radius, R  Vary over time  Different classes of nodes may operate with different R  Multi-domain and Highly Volatile environment  Nodes are not bound to administrative and geographical boundaries  Any two or more nodes communicate independently
  38. 38. Communication Model  Frequent Broadcast Communication  Most of the vehicular network traffic is Broadcasted at the network or application layers  Message are transmitted either periodically or triggered by network events  Transmission period is low  Time-sensitive Communication  Message delivery can be constrained by deadlines - different messages have different delay requirements
  39. 39. Adversary Model
  40. 40. Adversary Model  Network nodes - correct or benign - faulty or adversaries - external adversaries - Internal adversaries - active adversaries - passive adversaries
  41. 41. faulty is not always malicious!!!
  42. 42. Adversary Model Internal Active Adversaries  Multiple adversarial nodes - adversaries are independent - adversaries can collude - based on TCs, colluding adversaries are prevented from exchanging cryptographic material and credentials
  43. 43. Adversary Model  Internal Active Adversaries (continue)  non-adaptive adversary  Adversarial nodes are fixed  adaptive adversary  Adversarial nodes change over time  Computationally bounded adversary  adversaries are computationally limited - limited resources and computational power - the knowledge of an adversary is limited - memory finite