SU08: Security and Credentials Management
Need Area Description
This service package is used to ensure trusted communications between mobile devices and other mobile devices or roadside devices and protect data they handle from unauthorized access. The service package grants trust credentials to qualified mobile devices and infrastructure devices in the Connected Vehicle Environment so that those devices may be considered trusted by other devices that receive trust credentials from the SCM service package. The service package allows credentials to be requested and revoked and secures the exchange of trust credentials between parties, so that no other party can intercept and use those credentials illegitimately. The service package provides security to the transmissions between connected devices, ensuring authenticity and integrity of the transmissions. Additional security features include privacy protection, authorization and privilege class definition, as well as non–repudiation of origin.
Need Area Type
Support
Service Package
SU08: Security and Credentials ManagementIncludes Needs
Number | Need |
---|---|
01 | The CCMS Operator needs to grant trust credentials to qualified end entities including mobile devices so that those devices may be considered trusted by other devices that receive trust credentials from the CCMS. |
02 | The CCMS Operator needs to be able to revoke the credentials it distributes, so that a misbehaving or malfunctioning device can be recognized as such. |
03 | The CCMS Operator needs to secure the exchange of trust credentials between itself and its intended user, so that no other party can intercept and use those credentials illegitimately. |
04 | The CCMS Operator needs its systems to be constructed in such a way that the cooperation of at least two parties within the CCMS' structure are required to link the identity of a user with a set of trust credentials, to protect user privacy. |
05 | The CCMS Operator needs its systems to be constructed in such a way that the cooperation of at least two parties within the CCMS' structure are required to associate multiple credentials that were distributed to a user, to protect user privacy. |
06 | The CCMS Operator needs to accept misbehavior reports from users, so that malfunctioning and misbehaving users may be identified and their privileges within the CVE revoked if necessary. |
07 | ITS Object operators need to be able to authenticate messages received so that they can determine if the originator is a trusted source. |
08 | ITS Object operators need to be able to determine the privileges a message sender is entitled to so that they can determine if the originator's suggested action should be considered for action. |
09 | ITS Object operators need to be able to communicate with other users in such a way as to make it difficult to associate messages with one another, to help maintain user privacy. |
10 | ITS Object operators need to be able to exchange messages in a secure fashion, so that no other party can easily understand the contents of the message. |