Vehicular Ad Hoc Networks Essay Example for Free

vehicular Ad Hoc Net work EssayABSTRACT.vehicular Ad Hoc Networks is a kind of special wireless ad hoc network, which has the characteristics of full(pre noneinal) node mobility and fast topology changes. The Vehicular Networks great deal provide wide variety of function, ranges from safety and split up avoidance to internet annoy and multimedia applications. Attacking and misusing such network could cause destructive consequences. It is accordingly necessary to integrate protection requirements into the design of VANETs and defend VANET musical arrangements against misbehaviour, in order to ensure correct and smooth-spoken operations of the network. In this paper, I propose a certificate musical arrangement for VANETs to achieve concealing craved by vehicles and traceability required by law enforcement administration, in addition to satisfying fundamental surety department requirements including hallmark, nonrepudiation, center integrity, and confidentiali ty. More everyplace, we propose a hiding-preserving defense proficiency for network authorities to handle misbehaviour in VANET access, considering the contend that silence provides avenue for misbehaviour. The proposed clay employs an individualitybased crypto schema where certificates are non needed for documentation. I show the fulfilment and feasibleness of our system with respect to the security goals and efficiency.1 INTRODUCTION VEHICULARad hoc networks (VANETs) are receiving increasing attentions from pedantic and deployment efforts from industry, collectible to the various applications and potential tremendous benefits they offer for future VANET users. Safety randomness exchange enables life-critical applications, such as the alerting functionality during intersection traversing and lane merging, and thus, plays a separate role in VANET applications. Valueadded services stinkpot enhance drivers traveling experience by providing convenient Internet access, navig ation, toll payment services, etc. new(prenominal) applications are likewise possible including different warning pass alongs for congestion avoidance, detour notification, road conditions (e.g., slippery), etc., and alarm signals disseminated by emergency vehicles (e.g., ambulance) for road clearance. The attractive frisks of VANETs inevitably incur higher risksif such networks do not relieve oneself security into account prior to deployment. For instance, if the safety messages are modified, discarded, or delayed either intentionally or repayable to hardware malfunctioning, serious consequences such as injuries and even deaths may occur. This necessitates and urges the development of a functional, reliable, and high-octanesecurity architecture before all other implementation aspects of VANETs.Fundamentally,VANET security design should guarantee stylemark, nonrepudiation, integrity, and in whatsoever specific application scenarios, confidentiality, to protect the network a gainst attackers.Besides the fundamental security requirements, sensitive randomness such as identity operator and location privacy should be reserved from the vehicle possessors perspective, against abominable tracing and user profiling, since otherwise it is difficult to attract vehicles to join the network. On the contrary, traceability is required where the identity information need be revealed by law enforcement authorities for liability issues, once accidents or crimes occur. In addition, privilege repeal is required by network authorities (e.g., network administrator) once misbehaviour is spy during network access. It is less difficult to prevent misbehavior of unauthorized users (i.e., outsiders)since legitimate users and roadside units (RSUs) can exclusively disregard communication requests from outsiders by style of authentication.Nevertheless, misbehaviour of legitimate users of VANETs (i.e., insiders) is more difficult and coordination compound to prevent, the precedent macrocosm that insiders possess credentials issued by the ascendancy to consummate authentication with peer vehicles or RSUs who canbe well tricked into trusting the insiders. Consequently, the insiders misbehaviour pull up stakes have much bangingr impact on the network and will be the focus of this paper. I proposed system in this paper and m either recent proposals on VANET security provide the option of using unknown credentials in authentication, rendering it even more complex to handle misbehaviour in VANETs, since the user identity is hidden and cannot be linked arbitrarily which curbs the punishment of misbehaving users. Contributions. Given the conflicting goals of privacy and traceability, and the challenges in designing a privacy-preserving defense scheme for VANETs,i motivated to propose a security system that can effectively and efficiently solve the conflicts and challenges.Specifically, my main contributions in this paper include 1. I propose a anon ym-based scheme to assure vehicle user privacy and traceability. 2. I design a threshold signature-based scheme to achieve nonframeability in tracing law violators. In this scheme, an bare vehicle cannot be framed by a corrupted law enforcement authority cod to rolesplitting mechanism.3. A novel privacy-preserving defense scheme is proposed leveraging threshold authentication. It guarantees that any additional authentication beyond the threshold will result in the abrogation of the misbehaving users. This defense scheme differs from others mainly in that it yields flexibility in the revocation (i.e., not all types of misbehaviour should be punished). Moreover, the dynamic accumulators in the threshold authentication technique facilitates each user to place further restrictions (besides the threshold) on other communicating users, which is an attractive feature to service providers. 4. My design incorporates mechanisms that guarantee authentication, nonrepudiation, message integ rity, and confidentiality.2 RELATED WORK There is a large body of research work related to the security and privacy in VANETs. The most related works are on the design of privacypreserving schemes. Raya and Hubaux 1investigated the privacy issue by proposing a pseudonym-based approach using anonymous public keys and the public key infrastructure (PKI), where the public key certificate is needed, giving rise to spare communication and storage overhead. Theauthors also proposed three credential revocation protocols tailored for VANETs, namely RTPD,RC2RL, and DRP 5, considering that the certificate revocation list (CRL) needs to be distributed across the entire network in a timely manner. exclusively the three protocols seem to work well under conventional public key infrastructure (PKI). However, the authors also proposed to use frequently updated anonymous public keys to fulfillusers requirement on identity and location privacy. If this privacy preserving technique is used in conju nction with RC2RL and DRP, the CRL produced by the trust authority will become huge in size, rendering the revocation protocols highly inefficient.A lightweight symmetric-key-based security scheme for balancingauditability and privacy in VANETs is proposed in 2. It bears the drawback that peer vehicles demonstrate each other via a base station, which is unsuitable for inter vehicle communications. Gamage et al. 6 adopted an identity-based (IDbased) ring signature scheme to achieve signer ambiguity and hence fulfill the privacy requirement in VANET applications. The disadvantage of the ring signature scheme in the context of VANET applications, is the unconditional privacy, resulting in the traceability requirement unattainable. Group signature-based schemes are proposed in 4 where signer privacy is conditional on the concourse manager. As a result, all these schemes have the problem of identity escrow, as a gathering manager who possesses the group master key can arbitrarily rev eal the identity of any group member. In addition, due to the limitation of group formation in VANETs (e.g., too few cars in the vicinity to establish the group), the group-based schemes 4may not be applied appropriately.The election of group leader will sometimes encounter difficulties since a trusted entity cannot be found amongst peer vehicles. There are also a number of defense techniques against misbehaviour in VANET literature besides those in 1. An indirect approach via the aid of infrastructure is used in 4.The TA distributes the CRL to the infrastructure points which then take over the TAs responsibility to execute the revocation protocol. The advantage of this approach is that vehicles never need to download the entire RL. Unfortunately, the conditional anonymity claimed in 4. only when applies to amongst peer vehicles, under the assumption that the infrastructure points are trusted.The infrastructure points can reveal the identity of any vehicle at any time even if the v ehicle is unsophisticated. Recently, Tsang et al. 7proposed a blacklistable anonymous credential system for blocking misbehavior without the trusted third party (TTP).The blacklisting technique can be applied to VANETs as if the vehicle fails to prove that it is not on the blacklist of the currentauthenticator, the authenticator will ignore the messages or requests sent by this vehicle. Although not proposed specifically for VANETs, the proposal in 7 has a similar claim as the capability of a TTP (network authority in this paper) to recover a users identity in any case is too strong a punishment and highly undesirable in some scenarios.The downside of thistechnique is the lack of options to trace misbehaving users, since any user in the system(misbehaving or not)will by no means be identified by any entity including the authorities. I proposed a privacy-preserving defense scheme against misbehavior in 8 leveraging threshold authentication technique. This scheme and the scheme in 3 both preserve user privacy, and simultaneously provide trace ability (i.e., tracing law violators by enforcement authorities in 3 and tracing misbehaving users by network authorities in 8). The major differences surrounded by these schemes are the different technical legitimateizations of the privacy and traceability schemes, due to the different application 3 SYSTEM MODEL We describe the functionalities of our security system and define security requirements in this section. 3.1 Overview Major entities in a VANET environment are depicted in A VANET system diagram.As mentioned before, traceability is needed by law enforcement authorities (LEAs) who require the identity of a violating vehicle to be disclosed for investigating the cause of accidents or crimes. Due to the seriousness of liability issues, if a single authority (e.g., the police) is fully capable of revealing the vehicle identity, this privilege may be abused. It is desirable if two or more authorities (e.g., the polic e, judge, special agents, and other possible law enforcement authorities) are give distributed control over the identity retrieval process. One benefit in doing so is that corrupted authorities (the number being less than the threshold) cannot arbitrarily trace vehicle users to compromise their privacy. Another benefit is that malicious authorities cannot wrong accuse (or frame) honest users. Such role-splitting is not required for network authorities since the threshold authentication technique in our defense scheme prevents a network authority from falsely accusing honest users.The proposed security system primarily consists of techniques addressing the privacy, traceability, nonframeability, and revocation (only by network authorities) issues. The system of logic diagram of the entities interactions is depicted in logic diagram, where the arrowed descents indicate the direction of packet flow or physical communications, the bracketed numbers near each line index the major even ts or processs between the connected entities. The vehicle users are split into access group owners and members, whereas the RSUs can only be accessgroup owners. The entities and events/procedures are described in what follows.3.2 Entities and Procedures The entities in this system are the regional transportation authorities (RTAs), law enforcement authorities (LEAs),network authorities, roadside infrastructure including border RSUs for pseudonym management and regular RSUs (simply RSUs) for Internet access, and vehicle users. Considering practical scenarios, the RSUs in this system are mainly responsible for providing infrastructure access and network services. The RSUs are assumed to be operated by third-party service providers (SPs) who have pedigree contracts with the RTA to build access infrastructure in the RTAs region. The RSUs are thus not owned by the RTA and have no preestablished trust relationship with the RTA. On the other hand, borders RSUs are owned and operated by the RTA, and can be considered as the agents who are delegated with the RTAs authority.These entities are involved in the following proceduremay be caused by malfunctioning hardware and thus is incidental. These types of misbehavior share a common feature, i.e., their fact or frequency is low, specifically, lower than a predetermined threshold. room access authentication-based defense further consists of six sub-procedures rank and file registration RSUs and vehicle users register with the RTA to use VANETs. Upon successful registration, a member public/private key pair (mpkmsk) is issued to each RSU and vehicles. The RTA associates the members credential with the issued public key and includes this pair of information into a credential list IDlist. Access group setup RSUs and vehicles setup their own access groups, the member of which is granted privilege to communicate with the access group owner. The group owner adds members to the group and updates related public information. each(prenominal) added member obtains an access key mak for the group. Access group revoking The access group owner turn overs the granted privilege when deciding to stop communications with a member, due to some decision criteria for misbehaviour. The access group owner removes the member from the access group and updates related public information. Threshold authentication This procedure is executed between an RSU and a vehicle, or between peer vehicles. We call the authenticator in this procedure Alice who announces the threshold k possibly different for each user being authenticated. Theauthentication succeeds if and only if the following conditions are met simultaneously the user Bob authenticating with Alice is a registered member of the VANET system, Bob is a legitimate member of Alices access group (if Alice is an access group owner) whose member privilege has not been revoked, and the authentication threshold has not been exceeded.Alice records the authentication transcri pts in AUTHlog Tracing This procedure is used by Alice to trace a misbehaving member Mn who attempts to authenticate more than k times. Alice relies on the AUTHlog and public information, and obtains Mns credential n as the procedure output which is reported to the RTA.Revocation/recovery Upon receiving the complaints from other entities in the system as the output of Tracing, the RTA decides if the misbehaving members credential needs to be revoked. The RTA then performs the identity recovery by looking up the equal pseudonym lookup table PLT (cf.System setup above) which also records the correspondence between the credential n and identity IDn. Note that for the ease of presentation, we assume the RTAs to act as network authorities for the defense scheme in this paper. In reality, when the roles of RTA and network authoritySystem setup This procedure is executed by the RTA for initial VANET system setup including domain parameter publication, public/private key assignment for en tities in the system to perform desired tasks, and database creation for storing necessary records (i.e., the pseudonym lookup table PLT). Pseudonym generation and authentication for privacy RTA and border RSUs execute this procedure to assign pseudonym/private key pairs to both vehicles traveling in their home domain and vehicles from other RTAs domains, so that these vehicles are able to authenticate with RSUs and other vehicles to obtain services and useful messages.Threshold signature for nonframeability This procedure is invoked by LEAs to share the secret information for recovering a guilty vehicles identity. Meanwhile, it prevents corrupted authorities from gathering full power to accuse an innocent vehicle. The functional component of this procedure is the threshold signature. Threshold-authentication-based defense Designed for the network authorities, this procedure is used to revoke a misbehaving vehicles credential, refraining the vehicle from further disrupting system op erations. As the core of this procedure, the threshold authenticationtechnique provides a mechanism to allow certain types of misbehavior that should not result in revocation. For instance, the misbehaviorare separate, the network authority can simply take charge as the RTA in the above sub procedures. Nonetheless, in the execution of Revocation/recovery, the network authority needs to establish trust with or be delegated by the RTA in order to access the PLT.When we mention network authorities in what follows, we implicitly refer to RTAs in the network authority role. 3.3 Security Requirements I define the security requirements for a VANET security system, and will show the fulfillment of these requirements after presenting the design details. 1. Privacy The privacy requirement states that private information such as vehicle owners identity and location privacy is preserved against unlawful tracing and user profiling. 2. Traceability It is required where the identity information of violators need be revealed by law enforcement authorities for liability purposes. The traceability requirement also indicates that a misbehaving user will be identified and the corresponding credential revoked, if necessary, by network authorities, to prevent this user from further disrupting system operations. Certain criteria have to be met for the traceability of a misbehaving user as explained in the next section.3. Nonframeability Nonframeability requires that no entity in the system can accuse an honest user for having violated the law or misbehaved. 4. Other requirements A secure VANET system should satisfy some(prenominal) fundamental requirements, namely, authentication, nonrepudiation, message integrity, and confidentiality where sensitive information is being exchanged, to protect the system against unauthorized-message injection, denial of message disseminations, message alteration, and eavesdropping, respectively. Nonrepudiation also requires that violators or misbeha ving users cannot deny the fact that they have violated the law or misbehaved. 4 CONCLUSIONS AND future WORK I have presented the VANET security system mainly achieving privacy, traceability, nonframeability, and privacy-preserving defense against misbehaviour and reducing business in the network. These functionalities are realized by thepseudonym-based technique, the threshold signature, and the threshold authentication based defense scheme. The ID-based cryptosystem facilitatesus to design communication and storage efficient schemes. Our future work consists of simulating the proposed security system and experimenting it in real VANET settings.REFERENCES1 M. Raya and J-P. Hubaux, Securing Vehicular Ad Hoc Networks, J. calculator Security, special issue on security of ad hoc and sensor networks, vol. 15, no. 1, pp. 39-68, 2007. 2 J.Y. Choi, M. Jakobsson, and S. Wetzel, Balancing Auditability and Privacy in Vehicular Networks, Proc. First ACM Intl WorkshopQoS and Security for Wir eless and Mobile Networks (Q2SWinet 05), pp. 79-87, Oct. 2005. 3 J. Sun, C. Zhang, and Y. Fang, An Id-Based model Achieving Privacy and Non-Repudiation in Vehicular Ad Hoc Networks, Proc. IEEE Military Comm. Conf., pp. 1-7, Oct. 2007. 4 X. Lin, X. Sun, P.-H. Ho, and X. Shen, GSIS A Secure and Privacy-Preserving Protocol for Vehicular Communications,IEEE Trans. Vehicular Technology, vol. 56, no. 6, pp. 3442-3456, Nov. 2007. 5 M. Raya, P. apadimitratos, I. Aad, D. Jungels, and J.-P. Hubaux,Eviction of Misbehaving and Faulty Nodes in Vehicular Networks, IEEE J. Selected Areas Comm., vol. 25, no. 8, pp. 15571568,Oct. 2007. 6 C. Gamage, B. Gras, B. Crispo, and A.S. Tanenbaum, An Identity Based Ring signature Scheme with Enhanced Privacy, Proc.Second Intl Conf. Security and Privacy in Comm. Networks (SecureComm 06), Aug. 2006. 7 P. Tsang, M.H. Au, A. Kapadia, and S.W. Smith, Blacklistable Anonymous Credentials Blocking Misbehaving Users without TTPs, Proc. ACM Conf. Computer and Comm. S ecurity (CCS),pp. 72-81, 2007. 8 J. Sun and Y. Fang, A Defense Technique against Misbehavior in VANETs Based on Threshold Authentication, Proc. IEEE Military Comm. Conf., Nov. 2008.