Physical Object: ITS Object
ITS Security Support
Overview
'ITS Security Support' provides communications and system security functions to the ITS Object, including privacy protection functions. It may include firewall, intrusion management, authentication, authorization, profile management, identity management, cryptographic key management. It may include a hardware security module and security management information base.
This functional object is included in the "ITS Object" physical object.
This functional object is included in the following service packages:
- SU02: Core Authorization
- SU07: ITS Communications
- SU08: Security and Credentials Management
- SU09: Device Certification and Enrollment
This functional object is mapped to the following Functional View PSpecs:
Requirements
# | Requirement |
---|---|
01 | The ITS Object shall obtain security policy information from the Cooperative Intelligent Transportation System Credentials Management System (CCMS). |
02 | The ITS Object shall request enrollment credentials from the CCMS. |
03 | The ITS Object shall obtain the CCMS' trust credentials. |
04 | The ITS Object shall provide a mechanism for on-board applications to digitally sign messages using keys secured by the CCMS' trust authority. |
05 | The ITS Object shall provide a mechanism for on-board applications to authenticate messages secured by the CCMS' trust authority. |
06 | The ITS Object shall provide a mechanism for on-board applications to encrypt messages using keys secured by the CCMS' trust authority. |
07 | The ITS Object shall provide a mechanism for on-board applications to decrypt messages using keys secured by the CCMS' trust authority. |
08 | The ITS Object shall obtain a list of revoked credentials from the CCMS. |
09 | The ITS Object shall make the list of revoked credentials available to on-board applications. |
10 | The ITS Object shall maintain cryptographic secret information so that those secrets are accessible only to ITS Security Support, and not to any other Functional Object. |
11 | The ITS Object shall request pseudonymous credentials from the CCMS. |
12 | The ITS Object shall provide messages (that it receives) that indicate potential misbehavior/malfunction to the CCMS. |
13 | The ITS Object shall request permissions from the Center that manages permissions requests. |
Information Flows
Standards
The following table lists the standards associated with the functional object itself (as opposed to standards associated with an interface).
Name | Title |
---|---|
FIPS 140-2 | Security Requirements for Cryptographic Modules |
ISO 21217 Architecture | Intelligent transport systems -- Communications access for land mobiles (CALM) -- Architecture |