SU08: DPS Security and Credentials Management
Need Area Description
This service package is used to ensure trusted communications between mobile devices and other mobile devices or roadside devices and protect data they handle from unauthorized access. The service package grants trust credentials to qualified mobile devices and infrastructure devices in the Connected Vehicle Environment so that those devices may be considered trusted by other devices that receive trust credentials from the SCM service package. The service package allows credentials to be requested and revoked and secures the exchange of trust credentials between parties, so that no other party can intercept and use those credentials illegitimately. The service package provides security to the transmissions between connected devices, ensuring authenticity and integrity of the transmissions. Additional security features include privacy protection, authorization and privilege class definition, as well as non-repudiation of origin.
Need Area Type
Support
Service Package
SU08: DPS Security and Credentials ManagementIncludes Needs
Number | Need |
---|---|
01 | The CCMS Operator needs to grant trust credentials to qualified end entities including mobile devices so that those devices may be considered trusted by other devices that receive trust credentials from the CCMS. |
02 | The CCMS Operator needs to be able to revoke the credentials it distributes, so that a misbehaving or malfunctioning device can be recognized as such. |
04 | The CCMS Operator needs its systems to be constructed in such a way that the cooperation of at least two parties within the CCMS' structure are required to link the identity of a user with a set of trust credentials, to protect user privacy. |
05 | The CCMS Operator needs its systems to be constructed in such a way that the cooperation of at least two parties within the CCMS' structure are required to associate multiple credentials that were distributed to a user, to protect user privacy. |
07 | The CCMS Operator needs to provide a mechanism for a user without credentials to request credentials, so that the user may participate in the CVE. |
08 | Vehicle operators, field system operators, PID users, system operators and support system operators need to be able to authenticate messages received so that they can determine if the originator is a trusted source. |