Cooperative ITS Credentials Management System --> ITS Object:
security policy and networking information
Definitions
security policy and networking information (Information Flow): Security policy information describing the CCMS' enrollment, authorization, misbehavior and revocation policies, and communications information related to CCMS components; including contact information and public credentials of those components.
Cooperative ITS Credentials Management System (Source Physical Object): The 'Cooperative ITS Credentials Management System' (CCMS) is a high-level aggregate representation of the interconnected systems that enable trusted communications between mobile devices and other mobile devices, roadside devices, and centers and protect data they handle from unauthorized access. Representing the different interconnected systems that make up a Public Key Infrastructure (PKI), this physical object represents an end user view of the credentials management system with focus on the exchanges between the CCMS and user devices that support the secure distribution, use, and revocation of trust credentials.
ITS Object (Destination Physical Object): The general 'ITS Object' includes core capabilities common to any class of object.
Included In
This Triple is in the following Service Packages:
This triple is associated with the following Functional Objects:
- CCMS Authorization
- CCMS Enrollment
- CCMS Provisioning
- CCMS Revocation
- ITS Management Support
- ITS Security Support
This Triple is described by the following Functional View Data Flows:
- security_policy_authorization_data
- security_policy_enrollment_data
- security_policy_provisioning_data
- security_policy_revocation_data
This Triple has the following triple relationships:
None |
Communication Solutions
- US: Security Credentials - Secure Internet (ITS) (0)
- (None-Security-Management) - Secure Internet (ITS) (32)
Selected Solution
Solution Description
ITS Application Entity
No Standard Needed |
Click gap icons for more info.
|
||
Mgmt
|
Facilities
|
Security
|
|
TransNet
|
|||
Access
Internet Subnet Alternatives |
Note that some layers might have alternatives, in which case all of the gap icons associated with every alternative may be shown on the diagram, but the solution severity calculations (and resulting ordering of solutions) includes only the issues associated with the default (i.e., best, least severe) alternative.
Characteristics
Characteristic | Value |
---|---|
Time Context | Recent |
Spatial Context | National |
Acknowledgement | True |
Cardinality | Unicast |
Initiator | Destination |
Authenticable | True |
Encrypt | False |
Interoperability | Description |
---|---|
National | This triple should be implemented consistently within the geopolitical region through which movement is essentially free (e.g., the United States, the European Union). |
Security
Information Flow Security | ||||
---|---|---|---|---|
Confidentiality | Integrity | Availability | ||
Rating | Low | High | High | |
Basis | Policy information is expected to be made generally available to all C-ITS devices. Likely no harm in observation by actors outside of ITS. Certificate policy for example is often openly published. | Policy information must be correct, or end entities may make decisions that lead to them becoming untrusted, which if occuring over a wide scale, would cripple the C-ITS environment. | Policy information distribution must occur prior to an end entity encountering a change in policy. For example, at border crossings. |
Security Characteristics | Value |
---|---|
Authenticable | True |
Encrypt | False |