Key distribution technique for IPTV services with support for admission control and user defined groups

Tese de doutoramento. Engenharia Electrotécnica e de Computadores. Faculdade de Engenharia. Universidade do Porto. 200

INTELLIGENTE TRANSPORT SYSTEMEN ITS EN VERKEERSVEILIGHEID

This report discusses Intelligent Transport Systems (ITS). This generic term is used for a broad range of information-, control- and electronic technology that can be integrated in the road infrastructure and the vehicles themselves, saving lives, time and money bymonitoring and managing traffic flows, reducing conges-tion, avoiding accidents, etc. Because this report was written in the scope of the Policy Research Centre Mobility & Public Works, track Traffic Safety, it focuses on ITS systems from the traffic safety point of view. Within the whole range of ITS systems, two categories can be distinguished: autonomous and cooperative systems. Autonomous systems are all forms of ITS which operate by itself, and do not depend on the cooperation with other vehicles or supporting infrastructure. Example applications are blind spot detection using radar, electronic stability control, dynamic traffic management using variable road signs, emergency call, etc. Cooperative systems are ITS systems based on communication and cooperation, both between vehicles as between vehicles and infrastructure. Example applications are alerting vehicles approaching a traffic jam, exchanging data regarding hazardous road conditions, extended electronic brake light, etc. In some cases, autonomous systems can evolve to autonomous cooperative systems. ISA (Intelligent Speed Adaptation) is an example of this: the dynamic aspect as well as communication with infrastructure (eg Traffic lights, Variable Message Sign (VMS)...) can provide additional road safety. This is the clear link between the two parts of this report. The many ITS applications are an indicator of the high expectations from the government, the academic world and the industry regarding the possibilities made possible by both categories of ITS systems. Therefore, the comprehensive discussion of both of them is the core of this report. The first part of the report covering the autonomous systems treats two aspects: 1. Overview of European projects related to mobility and in particular to road safety 2. Overview for guidelines for the evaluation of ITS projects. Out of the wide range of diverse (autonomous) ITS applications a selection is made; this selection is focused on E Safety Forum and PreVENT. Especially the PreVent research project is interesting because ITS-applications have led to a number of concrete demonstration vehicles that showed - in protected and unprotected surroundings- that these ITS-applications are already technically useful or could be developed into useful products. The component “guidelines for the evaluation of ITS projects” outlines that the government has to have specific evaluation tools if the government has the ambition of using ITS-applications for road safety. Two projects -guidelines for the evaluation of ITS projects- are examined; a third evaluation method is only mentioned because this description shows that a specific targeting of the government can be desirable : 1. TRACE describes the guidelines for the evaluation of ITS projects which are useful for the evaluation of specific ITS-applications. 2. FITS contains Finnish guidelines for the evaluation of ITS project; FIS is an adaptation of methods used for evaluation of transport projects. 3. The third evaluation method for the evaluation of ITS projects is developed in an ongoing European research project, eImpact. eImpact is important because, a specific consultation of stake holders shows that the social importance of some techniques is underestimated. These preliminary results show that an appropriate guiding role for the government could be important. In the second part of this document the cooperative systems are discussed in depth. These systems enable a large number of applications with an important social relevance, both on the level of the environment, mobility and traffic safety. Cooperative systems make it possible to warn drivers in time to avoid collisions (e.g. when approaching the tail of a traffic jam, or when a ghost driver is detected). Hazardous road conditions can be automatically communicated to other drivers (e.g. after the detection of black ice or an oil trail by the ESP). Navigation systems can receive detailed real-time up-dates about the current traffic situation and can take this into account when calculating their routes. When a traffic distortion occurs, traffic centers can immediately take action and can actively influence the way that the traffic will be diverted. Drivers can be notified well in advance about approaching emergency vehicles, and can be directed to yield way in a uniform manner. This is just a small selection from the large number of applications that are made possible because of cooperative ITS systems, but it is very obvious that these systems can make a significant positive contribution to traffic safety. In literature it is estimated that the decrease of accidents with injuries of fatalities will be between 20% and 50% . It is not suprising that ITS systems receive a lot of attention for the moment. On an international level, a number of standards are being established regarding this topic. The International Telecommunications Uniont (ITU), Institute for Electrical and Electronics Engineers (IEEE), International Organization for Standardization (ISO), Association of Radio Industries and Business (ARIB) and European committee for standardization (CEN) are currently defining standards that describe different aspects of ITS systems. One of the names that is mostly mentioned in literature is the ISO TC204/WG16 Communications Architecture for Land Mobile environment (CALM) standard. It describes a framework that enables transparent (both for the application and the user) continuous communication through different communication media. Besides the innumerable standardization activities, there is a great number of active research projects. On European level, the most important are the i2010 Intelligent Car Initiative, the eSafety Forum, and the COMeSafety, the CVIS, the SAFESPOT, the COOPERS and the SEVECOM project. The i2010 Intelligent Car Initiative is an European initiative with the goal to halve the number of traffic casualties by 2010. The eSafety Forum is an initiative of the European Commission, industry and other stakeholders and targets the acceleration of development and deployment of safety-related ITS systems. The COMeSafety project supports the eSafety Forum on the field of vehicle-to-vehicle and vehicle-to-infrastructure communication. In the CVIS project, attention is given to both technical and non-technical issues, with the main goal to develop the first free and open reference implementation of the CALM architecture. The SAFEST project investigates which data is important for safety applications, and with which algorithmsthis data can be extracted from vehicles and infrastructure. The COOPERS project mainly targets communication between vehicles and dedicated roadside infrastructure. Finally, the SEVECOM project researches security and privacy issues. Besides the European projects, research is also conducted in the United States of America (CICAS and VII projects) and in Japan (AHSRA, VICS, Smartway, internetITS). Besides standardization bodies and governmental organizations, also the industry has a considerable interest in ITS systems. In the scope of their ITS activities, a number of companies are united in national and international organizations. On an international level, the best known names are the Car 2 Car Communication Consortium, and Ertico. The C2C CC unites the large European car manufacturers, and focuses on the development of an open standard for vehicle-to-vehicle and vehicle-to-infrastructure communications based on the already well established IEEE 802.11 WLAN standard. Ertico is an European multi-sector, public/private partnership with the intended purpose of the development and introduction of ITS systems. On a national level, FlandersDrive and The Telematics Cluster / ITS Belgium are the best known organizations. Despite the worldwide activities regarding (cooperative) ITS systems, there still is no consensus about the wireless technology to be used in such systems. This can be put down to the fact that a large number of suitable technologies exist or are under development. Each technology has its specific advantages and disadvantages, but no single technology is the ideal solution for every ITS application. However, the different candidates can be classified in three distinct categories. The first group contains solutions for Dedicated Short Range Communication (DSRC), such as the WAVE technology. The second group is made up of several cellular communication networks providing coverage over wide areas. Examples are GPRS (data communication using the GSM network), UMTS (faster then GPRS), WiMAX (even faster then UMTS) and MBWA (similar to WiMAX). The third group consists of digital data broadcast technologies such as RDS (via the current FM radio transmissions, slow), DAB and DMB (via current digital radio transmissions, quicker) and DVB-H (via future digital television transmissions for mobiledevices, quickest). The previous makes it clear that ITS systems are a hot topic right now, and they receive a lot of attention from the academic world, the standardization bodies and the industry. Therefore, it seems like that it is just a matter of time before ITS systems will find their way into the daily live. Due to the large number of suitable technologies for the implementation of cooperative ITS systems, it is very hard to define which role the government has to play in these developments, and which are the next steps to take. These issues were addressed in reports produced by the i2010 Intelligent Car Initiative and the CVIS project. Their state of the art overview revealed that until now, no country has successfully deployed a fully operational ITS system yet. Seven EU countries are the furthest and are already in the deployment phase: Sweden, Germany, the Netherlands, the United Kingdom, Finland, Spain and France. These countries are trailed by eight countries which are in the promotion phase: Denmark, Greece, Italy, Austria, Belgium,Norway, the Czech Republic and Poland. Finally, the last ten countries find themselves in the start-up phase: Estonia, Lithuania, Latvia, Slovenia, Slovakia, Hungary, Portugal, Switzerland, Ireland and Luxembourg. These European reports produced by the i2010 Intelligent Car Initiative and the CVIS project have defined a few policy recommendations which are very relevant for the Belgian and Flemish government. The most important recommendations for the Flemish government are: • Support awareness: research revealed that civilians consider ITS applications useful, but they are not really willing to pay for this technology. Therefore, it is important to convince the general public of the usefulness and the importance of ITS systems. • Fill the gaps: Belgium is situated in the promotion phase. This means that it should focus at identifying the missing stakeholders, and coordinating national and regional ITS activities. Here it is important that the research activities are coordinated in a national and international context to allow transfer of knowledge from one study to the next, as well as the results to be comparable. • Develop a vision: in the scope of ITS systems policies have to be defined regarding a large number of issues. For instance there is the question if ITS users should be educated, meaning that the use of ITS systems should be the subject of the drivers license exam. How will the regulations be for the technical inspection of vehicles equipped with ITS technology? Will ITS systems be deployed on a voluntary base, or will they e.g. be obliged in every new car? Will the services be offered by private companies, by the public authorities, or by a combination of them? Which technology will be used to implement ITS systems? These are just a few of the many questions where the government will have to develop a point of view for. • Policy coordination: ITS systems are a policy subject on an international, national and regional level. It is very important that these policy organizations can collaborate in a coordinated manner. • Iterative approach to policy development: developing policies for this complex matter is not a simple task. This asks for an iterative approach, where policy decisions are continuously refined and adjusted

IoT oriented SIEM tools

openNowadays, most devices can connect and communicate data. One example is IoT devices, technological devices that can communicate information gathered from the environment with a high degree of automation, communicating the data through networks. New IoT devices and increasingly reliable and fast wireless networks make it easy to collect large amounts of data with high accuracy. The introduction of these new technologies has created new vulnerabilities in complex systems, allowing an attacker to breach them more easily. Attackers use these devices, which generally lack important protections because they are composed of minimal hardware. Generally, the attackers' goal is to capture data, create malfunctions, steal sensitive and personal information and more. In order to protect and limit the actions of possible attackers, new software has been developed to neutralise or reduce vulnerabilities in a complex system. An example of software that belongs to this category is SIEM which is analysed in this thesis. They make it possible to analyse real-time data and logs to understand the system situation. They give the possibility of creating a history of the information collected by the system, indexing the data allowing efficient and fast analysis. In addition, they make it possible to visualise the collected data in a user-friendly way. The introduction of artificial intelligence has made these tools more precise, allowing the automatic creation of thresholds that generate alerts in critical situations if exceeded. These tools may also be able to autonomously analyse the environment, identify any vulnerability in the system, and respond to certain situations autonomously. In this thesis, SIEM and IoT are combined. The purpose is to evaluate the effectiveness of the tool in protecting a complex system that also consists of IoT devices. Greenhouse sensors are simulated communicating data using the MQTT protocol. DoS attacks are performed in the system and the network status is collected using SIEM. With the use of the SIEM, user-friendly visualisations are made available to the security teams to easily analyse and evaluate the status of the system. In conclusion, the combination of IoT devices and SIEM is effective and easy to implement, thanks in part to the use of the MQTT data protocol. This provides end-users with a tool that allows them to easily detect and resolve vulnerabilities that may be present within a complex system, relating to security, authentication and authorisation. They can also evaluate the information collected by the sensors. Thanks to the low cost of implementation, and ease and intuitiveness of deployment, this combination can also be easily used by end-users without high economic means and in any field, becoming a tool accessible to anyone.Nowadays, most devices can connect and communicate data. One example is IoT devices, technological devices that can communicate information gathered from the environment with a high degree of automation, communicating the data through networks. New IoT devices and increasingly reliable and fast wireless networks make it easy to collect large amounts of data with high accuracy. The introduction of these new technologies has created new vulnerabilities in complex systems, allowing an attacker to breach them more easily. Attackers use these devices, which generally lack important protections because they are composed of minimal hardware. Generally, the attackers' goal is to capture data, create malfunctions, steal sensitive and personal information and more. In order to protect and limit the actions of possible attackers, new software has been developed to neutralise or reduce vulnerabilities in a complex system. An example of software that belongs to this category is SIEM which is analysed in this thesis. They make it possible to analyse real-time data and logs to understand the system situation. They give the possibility of creating a history of the information collected by the system, indexing the data allowing efficient and fast analysis. In addition, they make it possible to visualise the collected data in a user-friendly way. The introduction of artificial intelligence has made these tools more precise, allowing the automatic creation of thresholds that generate alerts in critical situations if exceeded. These tools may also be able to autonomously analyse the environment, identify any vulnerability in the system, and respond to certain situations autonomously. In this thesis, SIEM and IoT are combined. The purpose is to evaluate the effectiveness of the tool in protecting a complex system that also consists of IoT devices. Greenhouse sensors are simulated communicating data using the MQTT protocol. DoS attacks are performed in the system and the network status is collected using SIEM. With the use of the SIEM, user-friendly visualisations are made available to the security teams to easily analyse and evaluate the status of the system. In conclusion, the combination of IoT devices and SIEM is effective and easy to implement, thanks in part to the use of the MQTT data protocol. This provides end-users with a tool that allows them to easily detect and resolve vulnerabilities that may be present within a complex system, relating to security, authentication and authorisation. They can also evaluate the information collected by the sensors. Thanks to the low cost of implementation, and ease and intuitiveness of deployment, this combination can also be easily used by end-users without high economic means and in any field, becoming a tool accessible to anyone

Heterogeneous Tree Based Authenticated Group Key Transfer Protocol

Message passing from one source to another has become a key for many upcoming technologies. This is already achieved by introduction of topics of KEYS, AUTHENTICATIONS etc. Secret key transfer is being done presently by using mutually trusted key generation centre (KGS). By this selection of session key by which encryption is done for information passing is selected. This paper discusses about the advancement of this technology by extending this service to group instead of a single key. The whole group with authenticated users can access the information. The proposed protocol considers the heterogeneity of the peer resources as QOS factor in key generation phase and shared key mechanism as primary process to achieve security in group key sharing

Key distribution and distributed intrusion detection system in wireless sensor network

This thesis proposes a security solution in key management and Intrusion Detection System (IDS) for wireless sensor networks. It addresses challenges of designing in energy and security requirement. Since wireless communication consumes the most energy in sensor network, transmissions must be used efficiently. We propose Hint Key Distribution (HKD) for key management and Adaptive IDS for distributing activated IDS nodes and cooperative operation of these two protocols. HKD protocol focuses on the challenges of energy, computation and security. It uses a hint message and key chain to consume less energy while self-generating key can secure the secret key. It is a proposed solution to key distribution in sensor networks. Adaptive IDS uses threshold and voting algorithm to distribute IDS through the network. An elected node is activated IDS to monitor its network and neighbors. A threshold is used as a solution to reduce number of repeated activations of the same node. We attempt to distribute the energy use equally across the network. In a cooperative protocol, HKD and Adaptive IDS exchange information in order to adjust to the current situation. The level of alert controls the nature of the interaction between the two protocols