how iso 21217 works - unece · (security & translation ) manageme nt. network & transport....
TRANSCRIPT
![Page 1: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/1.jpg)
How ISO 21217 worksPlease view as a “Slide Show”
CEN PT1605
![Page 2: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/2.jpg)
The basic situation
• Two devices cooperate in a trusted way, i.e. exchange information in secure application sessions.
September 2018 SSTD - Budapest 2
![Page 3: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/3.jpg)
Example: Multiple after-market servicesusing OEM installed SVI
Proprietary Network
Node
Proprietary Network
Node
Proprietary Network
Node
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Interface can be wireless (DSRC, WiFI, 4G/5G, OBD, etc)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Exte
rnal
dom
ain
In-v
ehic
le d
omai
n
Diagnostic Insurance Fleet Mngt
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
ManufacturerServices
CV /C-ITS
SVI
![Page 4: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/4.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITS
Policy
Security: Authentication / Authorization
![Page 5: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/5.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITS Proof: valid C-ITS ApplicationSecurity: Authentication / Authorization
![Page 6: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/6.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITS
Certificate
Security: Authentication / Authorization
![Page 7: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/7.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITSSecurity: Authentication / Authorization
I have a C-ITS
certificate
![Page 8: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/8.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITSSecurity: Authentication / Authorization
I have a C-ITS
certificate
You can do C-ITS activities
![Page 9: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/9.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITSSecurity: Authentication / Authorization
I have a Fleet Management
certificate I’m owned by the right fleet owner
![Page 10: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/10.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITSSecurity: Authentication / Authorization
You can do Fleet
Management activities
I have a Fleet Management
certificate I’m owned by the right fleet owner
![Page 11: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/11.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITSSecurity: Authentication / Authorization
I have a Diagnostics certificate
![Page 12: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/12.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITSSecurity: Authentication / Authorization
I have a Diagnostics certificate
I’m owned by the right repair shop
![Page 13: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/13.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITSSecurity: Authentication / Authorization
I have a Diagnostics certificate
I’m owned by the right repair shop
… and I’m right next to
you
![Page 14: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/14.jpg)
Prop
rieta
ry st
ack
(sec
urity
& tr
ansla
tion
)
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
Diagnostic
Insurance
Fleet MngtM
anag
emen
t
Network & Transport
Access
FacilitiesSe
curit
y
Applications
Man
agem
ent
Network & Transport
Access
Facilities
Secu
rity
Applications
CV/C-ITSSecurity: Authentication / Authorization
You can do Diagnostic activities
I have a Diagnostics certificate
I’m owned by the right repair shop
… and I’m right next to
you
![Page 15: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/15.jpg)
ISO 21177
• Uses internet-standard secure communications protocol, Transport Layer Security (TLS) 1.3
• Enables use of C-ITS (IEEE 1609.2) certificates to directly state permissions
• More appropriate than identity-based permissions in Mobile Ad Hoc Network (MANET) setting
• Allows each party to present a series of certificates to establish a detailed “authorization state” with the other party
• Becoming adopted by application standards
• SAE J2945/3 – authenticate / authorize weather reporting applications
Access Control Policy
Responder Application
Resource(s) ISO 21177 Security Adaptor Layer
Initiator Application
ISO 21177 Security Adaptor Layer
Secure Session (TLS Server)
Secure Session (TLS Client)
Security Subsystem
Access Control Policy
Security Subsystem
Resource(s)
ITS-SU
![Page 16: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/16.jpg)
Requirements
• Secure sessions – confidentiality, integrity, authorization, anti-replay
• Each party can establish the permissions of the other
• Each party can present multiple authorization statements and maintain “authorization state” with respect to the other party
• A secure session can be bootstrapped within another secure session so eavesdroppers learn nothing, not even what application is acting
TLS handshake proxy
Application
TLS
SAPDUin
Security Subsystem
Access Control
out
APDU out
APDU in
SAPDUout
AccessControlin
Access Control Policy
Pre-send security processing
Post-receive security processing
ISO 21177 Security Adaptor Layer
![Page 17: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/17.jpg)
Requirements
• Secure sessions – confidentiality, integrity, authorization, anti-replay
• Each party can establish the permissions of the other
• Each party can present multiple authorization statements and maintain “authorization state” with respect to the other party
• A secure session can be bootstrapped within another secure session so eavesdroppers learn nothing, not even what application is acting
TLS handshake proxy
Application
TLS
SAPDUin
Security Subsystem
Access Control
out
APDU out
APDU in
SAPDUout
AccessControlin
Access Control Policy
Pre-send security processing
Post-receive security processing
ISO 21177 Security Adaptor Layer
![Page 18: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/18.jpg)
Requirements
• Secure sessions – confidentiality, integrity, authorization, anti-replay
• Each party can establish the permissions of the other
• Each party can present multiple authorization statements and maintain “authorization state” with respect to the other party
• A secure session can be bootstrapped within another secure session so eavesdroppers learn nothing, not even what application is acting
TLS handshake proxy
Application
TLS
SAPDUin
Security Subsystem
Access Control
out
APDU out
APDU in
SAPDUout
AccessControlin
Access Control Policy
Pre-send security processing
Post-receive security processing
ISO 21177 Security Adaptor Layer
![Page 19: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/19.jpg)
Requirements
• Secure sessions – confidentiality, integrity, authorization, anti-replay
• Each party can establish the permissions of the other
• Each party can present multiple authorization statements and maintain “authorization state” with respect to the other party
• A secure session can be bootstrapped within another secure session so eavesdroppers learn nothing, not even what application is acting
TLS handshake proxy
Application
TLS
SAPDUin
Security Subsystem
Access Control
out
APDU out
APDU in
SAPDUout
AccessControlin
Access Control Policy
Pre-send security processing
Post-receive security processing
ISO 21177 Security Adaptor Layer
![Page 20: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/20.jpg)
TLS handshake proxy
Application
TLS
SAPDUin
Security Subsystem
Access Control
out
APDU out
APDU in
SAPDUout
AccessControlin
Access Control Policy
Pre-send security processing
Post-receive security processing
ISO 21177 Security Adaptor Layer
Requirements
• Secure sessions – confidentiality, integrity, authorization, anti-replay
• Each party can establish the permissions of the other
• Each party can present multiple authorization statements and maintain “authorization state” with respect to the other party
• A secure session can be bootstrapped within another secure session so eavesdroppers learn nothing, not even what application is acting
![Page 21: How ISO 21217 works - UNECE · (security & translation ) Manageme nt. Network & Transport. Access. Facilities. Security. Applications. Manageme nt. Network & Transport. Access. Facilities](https://reader033.vdocuments.net/reader033/viewer/2022050513/5f9d71644aba450d225d36ba/html5/thumbnails/21.jpg)
Security: Authentication / Authorization
• Policy authorities and certificate authorities are already being established to support C-ITS
• This organizational structure can also support authentication and authorization for SVI
• OEMs can enforce reasonable security policies on certificate issuance and freshness
• OEM security concerns are real and must be taken into account
• However, in this model OEMs are not real-time gatekeepers of access to the information
• Nevertheless, their security requirements are met