Payment Administration Center --> Personal Information Device:
registered secureIDs

Definitions

registered secureIDs (Information Flow): Cryptographically protected identifier indicating that the user associated with the identifier is entitled to use a particular service.

Payment Administration Center (Source Physical Object): The 'Payment Administration Center' provides general payment administration capabilities and supports the electronic transfer of funds from the customer to the transportation system operator or other service provider. Charges can be recorded for tolls, vehicle-mileage charging, congestion charging, or other goods and services. It supports traveler enrollment and collection of both pre-payment and post-payment transportation fees in coordination with the financial infrastructure supporting electronic payment transactions. The system may establish and administer escrow accounts depending on the clearinghouse scheme and the type of payments involved. It may post a transaction to the customer account, generate a bill (for post-payment accounts), debit an escrow account, or interface to a financial infrastructure to debit a customer designated account. It supports communications with the ITS Roadway Payment Equipment to support fee collection operations. As an alternative, a wide-area wireless interface can be used to communicate directly with vehicle equipment. It also sets and administers the pricing structures and may implement road pricing policies in coordination with the Traffic Management Center.

Personal Information Device (Destination Physical Object): The 'Personal Information Device' provides the capability for travelers to receive formatted traveler information wherever they are. Capabilities include traveler information, trip planning, and route guidance. Frequently a smart phone, the Personal Information Device provides travelers with the capability to receive route planning and other personally focused transportation services from the infrastructure in the field, at home, at work, or while en-route. Personal Information Devices may operate independently or may be linked with vehicle on-board equipment. This subsystem also supports safety related services with the capability to broadcast safety messages and initiate a distress signal or request for help.

Included In

This Triple is in the following Service Packages:

This triple is associated with the following Functional Objects:

This Triple is described by the following Functional View Data Flows:

This Triple has the following triple relationships:

Communication Solutions

Solutions are sorted in ascending Gap Severity order. The Gap Severity is the parenthetical number at the end of the solution.

Selected Solution

(None-Data) - Secure Wireless Internet (EU)

Solution Description

This solution is used within Australia and the E.U.. It combines standards associated with (None-Data) with those for I-M: Secure Wireless Internet (EU). The (None-Data) standards include an unspecified set of standards at the upper layers. The I-M: Secure Wireless Internet (EU) standards include lower-layer standards that support secure communications between two entities, either or both of which may be mobile devices, but they must be stationary or only moving within wireless range of a single wireless access point (e.g., a parked car). Security is based on X.509 certificates. A non-mobile (if any) endpoint may connect to the service provider using any Internet connection method.

ITS Application Entity
Mind the gapMind the gapMind the gap

Development needed
Click gap icons for more info.

Mgmt
Facilities
Mind the gap

Development needed
Security
Mind the gapMind the gap
TransNet
Access
TransNet TransNet

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

Access Access

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

ITS Application ITS Application

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

Mgmt Mgmt

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

Facility Facility

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

Security Security

TempBCL2 TempSTDL2

TempBCL3 TempSTDL3

TempBCL4 TempSTDL4

TempBCL5 TempSTDL5

Note that some layers might have alternatives, in which case all of the gap icons associated with every alternative may be shown on the diagram, but the solution severity calculations (and resulting ordering of solutions) includes only the issues associated with the default (i.e., best, least severe) alternative.

Characteristics

Characteristic Value
Time Context Recent
Spatial Context Local
Acknowledgement True
Cardinality Unicast
Initiator Destination
Authenticable True
Encrypt True


Interoperability Description
National This triple should be implemented consistently within the geopolitical region through which movement is essentially free (e.g., the United States, the European Union).

Security

Information Flow Security
  Confidentiality Integrity Availability
Rating High High Moderate
Basis These IDs are used to secure individual user's rights to use transportation assets. Compromising one of these would be a significant inconvenience but only for the user of that secureID. However, compromise of the algorithm securing all IDs would be catastrophic to the system that uses this mechanism as a means to pay for transportation services. Individual tokens should be correct or the user will not be able to use this method to pay for transport. A systemic integrity flaw would compromise the system similar to how an encryption flaw would however, which justifies HIGH. Should be relatively infrequently used by any one user, but over the sum of all transport users sees significant use. If the flow is not available, new or re-applying users will not be able to use this method to pay for transport.


Security Characteristics Value
Authenticable True
Encrypt True