Physical Object: ITS Object

ITS Security Support

Overview
Requirements
Information Flows
Standards

Overview

'ITS Security Support' provides communications and system security functions to the ITS Object, including privacy protection functions. It may include firewall, intrusion management, authentication, authorization, profile management, identity management, cryptographic key management. It may include a hardware security module and security management information base.

This functional object is included in the "ITS Object" physical object.

This functional object is included in the following service packages:

This functional object is mapped to the following Functional View PSpecs:

Requirements

#	Requirement
01	The ITS Object shall obtain security policy information from the Cooperative Intelligent Transportation System Credentials Management System (CCMS).
02	The ITS Object shall request enrollment credentials from the CCMS.
03	The ITS Object shall obtain the CCMS' trust credentials.
04	The ITS Object shall provide a mechanism for on-board applications to digitally sign messages using keys secured by the CCMS' trust authority.
05	The ITS Object shall provide a mechanism for on-board applications to authenticate messages secured by the CCMS' trust authority.
06	The ITS Object shall provide a mechanism for on-board applications to encrypt messages using keys secured by the CCMS' trust authority.
07	The ITS Object shall provide a mechanism for on-board applications to decrypt messages using keys secured by the CCMS' trust authority.
08	The ITS Object shall obtain a list of revoked credentials from the CCMS.
09	The ITS Object shall make the list of revoked credentials available to on-board applications.
10	The ITS Object shall maintain cryptographic secret information so that those secrets are accessible only to ITS Security Support, and not to any other Functional Object.
11	The ITS Object shall request pseudonymous credentials from the CCMS.
12	The ITS Object shall provide messages (that it receives) that indicate potential misbehavior/malfunction to the CCMS.
13	The ITS Object shall request permissions from the Center that manages permissions requests.

Information Flows

Source	Flow	Destination
Center	permission application receipt	ITS Object
Cooperative ITS Credentials Management System	enrollment credentials	ITS Object
Cooperative ITS Credentials Management System	security credential revocations	ITS Object
Cooperative ITS Credentials Management System	security credentials	ITS Object
Cooperative ITS Credentials Management System	security policy and networking information	ITS Object
ITS Communications Equipment	ITS information	ITS Object
ITS Object	device enrollment information	Cooperative ITS Credentials Management System
ITS Object	device identification	Center
ITS Object	ITS information	ITS Communications Equipment
ITS Object	ITS information	Other ITS Objects
ITS Object	ITS information	Roadside Communications Unit
ITS Object	ITS information	Wide Area Information Disseminator System
ITS Object	misbehavior report	Cooperative ITS Credentials Management System
ITS Object	misbehavior report	Location Obscurer Proxy
ITS Object	permission application	Center
Other ITS Objects	ITS information	ITS Object
Roadside Communications Unit	ITS information	ITS Object

Standards

The following table lists the standards associated with the functional object itself (as opposed to standards associated with an interface).

Name	Title
FIPS 140-2	Security Requirements for Cryptographic Modules
ISO 21217 Architecture	Intelligent transport systems -- Communications access for land mobiles (CALM) -- Architecture