CCMS Manager System --> Root CA:
signed CTL

Definitions

signed CTL (Information Flow): A list of electors and the root certificate authorities that are trusted by a particular CCMS Manager, signed by the eligible electors.

CCMS Manager System (Source Physical Object): 'CCMS Manager System' refers to the component of the CCMS whose role is to govern the entire CCMS, including defining and enforcing the certificate and security policies applied to electors and root Cas.

Root CA (Destination Physical Object): A 'root certificate authority' (RCA) is a certificate authority that issues certificates for other entities and whose certificate was issued by itself.

Included In

This Triple is in the following Service Packages:

  • None

This triple is associated with the following Functional Objects:

  • None

This Triple is described by the following Functional View Data Flows:

  • None

This Triple has the following triple relationships:

None

Communication Solutions

  • US: Security Credentials - Guaranteed Secure Internet (ITS) (0)
Solutions are sorted in ascending Gap Severity order. The Gap Severity is the parenthetical number at the end of the solution.

Selected Solution

US: Security Credentials - Guaranteed Secure Internet (ITS)

Solution Description

This solution is used within the U.S.. It combines standards associated with US: Security Credentials with those for I-I: Guaranteed Secure Internet (ITS). The US: Security Credentials standards include upper-layer standards required to provide and revoke security credentials, define security policy, and handle enrollment coordination. The I-I: Guaranteed Secure Internet (ITS) standards include lower-layer standards that support secure communications with guaranteed delivery between ITS equipment using X.509 or IEEE 1609.2 security certificates.

ITS Application Entity

No Standard Needed
Click gap icons for more info.
Mgmt
Facilities
Security
Mind the gapMind the gap
TransNet

IP Alternatives
IETF RFC 9293
Access

Internet Subnet Alternatives
TransNet TransNet

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

Access Access

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

ITS Application ITS Application

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

Mgmt Mgmt

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

Facility Facility

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

Security Security

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

Note that some layers might have alternatives, in which case all of the gap icons associated with every alternative may be shown on the diagram, but the solution severity calculations (and resulting ordering of solutions) includes only the issues associated with the default (i.e., best, least severe) alternative.

Characteristics

Characteristic Value
Time Context Recent
Spatial Context Regional
Acknowledgement True
Cardinality Unicast
Initiator Source
Authenticable True
Encrypt False


Interoperability Description
Regional Interoperability throughout the geopolitical region is highly desirable, but if implemented differently in different transportation management jurisdictions, significant benefits will still accrue in each jurisdiction. Regardless, this Information Flow Triple should be implemented consistently within a transportation jurisdiction (i.e., the scope of a regional architecture).

Security

Information Flow Security
  Confidentiality Integrity Availability
Rating Not Applicable High High
Basis


Security Characteristics Value
Authenticable True
Encrypt False