VincentMahieu智能交通世界大会ITS智慧城市社区人工智能AI物联网IT报告课件教案.pdfVIP

Harmonization Task Group 6 Cooperative - ITS Security Policy HTG6 Team – October 2015 ITS World Congress 2015 Vincent Mahieu Gianmarco Baldini Trust model based on PKI Public Key Infrastructure for C-ITS Public Key Infrastructure (PKI) 3 C-ITS Security is based on Public Key Infrastructure (PKI) using asymmetric cryptography: • taking advantage of advanced crypto and other technical, organizational, and policy controls (as adopted by banks, telecom, new passports,…) • addressing: ‒ Communications (the medium, messages/data, certificates, etc); ‒ Devices; ‒ Structure (organizational, operational, and physical). • managing enrolment, security policies definition and maintenance, interoperability and mutual recognition in a defined context (in other word the PKI-root CA is the mutually recognized trust anchor) • issuing certificates for identification, recognition, encryption, authentication, or anonymization purposes… Main components • Certificate Authority (CA): Entity that issues digital certificates and provides information allowing certificates to be trusted. • Registration Authority (RA): Entity that approves certificate requests prior to the CA issuing the certificate. • Central directory or certificate repository: A secure location in which keys/certificates are stored and indexed. • Certificate Distribution System: The method by which certificates are distributed. • Security Policies: Policies regarding the management of a PKI system. – Certificate Policies put requirements on the end-entities – Certification Practice Statements put requirements on the CA operator • PKI enabled applications: Applications that use the PKI system. Services offered by a PKI • Certification Repository: Repository of keys and certificates. • Certificate Revocation: Alerting the users that it is no longer acceptable to use this