ITS Object --> Cooperative ITS Credentials Management System:
device enrollment information
Definitions
device enrollment information (Information Flow): Information provided by an end entity to support enrollment and authorization for the Connected Vehicle environment. This includes device identification, requested permissions and restrictions, and security credentials used to establish the current level of trust and eligibility for enrollment and authorization.
ITS Object (Source Physical Object): The general 'ITS Object' includes core capabilities common to any class of object.
Cooperative ITS Credentials Management System (Destination Physical Object): The 'Cooperative ITS Credentials Management System' (CCMS) is a high-level aggregate representation of the interconnected systems that enable trusted communications between mobile devices and other mobile devices, roadside devices, and centers and protect data they handle from unauthorized access. Representing the different interconnected systems that make up a Public Key Infrastructure (PKI), this physical object represents an end user view of the credentials management system with focus on the exchanges between the CCMS and user devices that support the secure distribution, use, and revocation of trust credentials.
Included In
This Triple is in the following Service Packages:
This triple is associated with the following Functional Objects:
This Triple is described by the following Functional View Data Flows:
This Triple has the following triple relationships:
None |
Communication Solutions
- US: Device enrollment - Secure Internet (ITS) (3)
- EU: Device enrollment - Secure Internet (ITS) (6)
Selected Solution
Solution Description
ITS Application Entity
Application Specific |
Click gap icons for more info.
|
||
Mgmt
|
Facilities
|
Security
|
|
TransNet
|
|||
Access
Internet Subnet Alternatives |
Note that some layers might have alternatives, in which case all of the gap icons associated with every alternative may be shown on the diagram, but the solution severity calculations (and resulting ordering of solutions) includes only the issues associated with the default (i.e., best, least severe) alternative.
Characteristics
Characteristic | Value |
---|---|
Time Context | Recent |
Spatial Context | National |
Acknowledgement | True |
Cardinality | Unicast |
Initiator | Destination |
Authenticable | True |
Encrypt | True |
Interoperability | Description |
---|---|
National | This triple should be implemented consistently within the geopolitical region through which movement is essentially free (e.g., the United States, the European Union). |
Security
Information Flow Security | ||||
---|---|---|---|---|
Confidentiality | Integrity | Availability | ||
Rating | High | High | Moderate | |
Basis | This flow contains information that identifies the device and what it is allowed to do. If this information were compromised, an attacker may be able to impersonate the legitimate device. | Enrollment information needs to be correct so that revocation processes can be properly managed, or it may be impossible to de-authorize a compromised or malfunctioning device. | If this flow is not available, the source system cannot enroll in C-ITS. This would limit the growth of the overall system. There is no backup. However, the system in-place would not fail, which is why this is limited to MODERATE. |
Security Characteristics | Value |
---|---|
Authenticable | True |
Encrypt | True |