On Board unit based authentication for V2V communication in VANET

The recent developments in wireless communication technologies along with the plummeting costs of hardware allow both V2V and V2I communications for information exchange. Such a network is called Vehicular ad Hoc Network (VANET) which is very important for various road safety and non-safety related applications. However, Due to the wireless nature of communication in VANETs, it is also prone to various security attacks which are originally present in wireless networks. Hence to realize the highest potential of VANET, the network should be free from attackers, there by all the information exchanged in the network must be reliable i.e. should be originated from authenticated source. However, authentication of vehicles using a PKI based architecture which is mostly based on V2I communication and solely depends on Road side Units, might fail in case of absence of proper infrastructure. Moreover PKI based solutions incur more communication overhead due to repeated connections with the Trusted Authority every time you want to authenticate a vehicle. Hence, this thesis work gives an OBU based authentication mechanism which allows the vehicle to authenticate each other for V2V communication when there is lack of proper infrastructure. Here each vehicle is capable of generating a pair of self-certified public/private key pair which can be verified by any other vehicle using a predefined secret key given by Trusted Authority. The grouping concept used in order to lower the communication overheads. The Vehicle in close proximity of each other form a group. A vehicle can obtain the group key by authenticating itself to the group leader. Our proposed scheme also preserves the privacy of the vehicle but can reveal the identity in liability issues. The security analysis of the proposed scheme shows that it can indeed operate with limited support of infrastructure and can become a fully self-organized system

Regulation for E-payment Systems - Analytical Approaches Beyond Private Ordering

Technology-driven payment instruments and services are facilitating the development of e-commerce; however, security concerns beleaguer their implementation, particularly in developing countries. This article considers the limits of private ordering in the regulation of e-payment systems. It uses Nigeria to exemplify a developing country that is increasingly pushing for the adoption of a regulatory framework for e-payment systems based on private ordering. It argues that, although technical standards and self-regulation by the financial industry are important, law is an essential regulatory mechanism that is largely absent. The article proposes that law be used as a mechanism to set and compel compliance with technical and industry standards, thus building trust, catering to public interest concerns and legitimizing the regulatory process

Identity Management in Information Age Government: Exploring Concepts, Definitions, Approaches and Solutions

Our research question is the following: What could be a useful working definition of Identity Management in government at present? a) What are conceptualisations, definitions and approaches of IDM in government according to academic literature? b) Which e-authentication solutions have been developed in other jurisdictions

Summary

20090506_fidis_D3.12 final 1.0.od

Electronic Identity in Europe: Legal challenges and future perspectives (e-ID 2020)

This deliverable presents the work developed by the IPTS eID Team in 2012 on the large-encompassing topic of electronic identity. It is structured in four different parts: 1) eID: Relevance, Le-gal State-of-the-Art and Future Perspectives; 2) Digital Natives and the Analysis of the Emerging Be-havioral Trends Regarding Privacy, Identity and Their Legal Implications; 3) The "prospective" use of social networking services for government eID in Europe; and 4) Facial Recognition, Privacy and Iden-tity in Online Social Networks.JRC.J.3-Information Societ

Cryptographic Approaches To Security and Privacy Issues In Pervasive Computing

Technological innovation has enabled tiny devices to participate in pervasive com- puting. Such devices are particularly vulnerable to security and privacy threats, because of their limited computing resources and relatively weak physical security. We investigate possible cryptographic solutions to security and privacy problems arising in two kinds of emerging pervasive computing networks: Personal Area Net- works (PANs) and the EPCglobal Network. A number of key management schemes have been proposed for use in PANs, but these schemes only support key management within a PAN. However, as people are increasingly equipped with multiple wireless devices, PANs are likely to be intercon- nected to share information or services. We introduce a term, iPANs, to name such interconnected PANs. We define system models and design goals for key manage- ment in iPANs, and propose a novel security initialisation scheme for use in iPANs. The proposed scheme achieves desirable security and efficiency properties by making use of the unique characteristics of PANs. The EPCglobal Network is designed to give efficiency and cost savings in and beyond the supply chain using Radio Frequency Identification (RFID) technology; however, privacy threats affecting such networks are particularly serious. We construct a formal privacy model for RFID systems accurately reflecting adversarial threats and power. We then give brief privacy analysis for the existing privacy-enhanced RFID schemes which have received wide attention in the literature. We then construct a secure refresh-based RFID system based on re-encryption techniques, and prove its privacy using the defined privacy model. Finally, we show that the proposed scheme can greatly enhance the security and privacy of EPC tags, making the maximum use of given tag functionalities as specified in the standards

Multi-agent system security for mobile communication

This thesis investigates security in multi-agent systems for mobile communication. Mobile as well as non-mobile agent technology is addressed. A general security analysis based on properties of agents and multi-agent systems is presented along with an overview of security measures applicable to multi-agent systems, and in particular to mobile agent systems. A security architecture, designed for deployment of agent technology in a mobile communication environment, is presented. The security architecture allows modelling of interactions at all levels within a mobile communication system. This architecture is used as the basis for describing security services and mechanisms for a multi-agent system. It is shown how security mechanisms can be used in an agent system, with emphasis on secure agent communication. Mobile agents are vulnerable to attacks from the hosts on which they are executing. Two methods for dealing with threats posed by malicious hosts to a trading agent are presented. The rst approach uses a threshold scheme and multiple mobile agents to minimise the eect of malicious hosts. The second introduces trusted nodes into the infrastructure. Undetachable signatures have been proposed as a way to limit the damage a malicious host can do by misusing a signature key carried by a mobile agent. This thesis proposes an alternative scheme based on conventional signatures and public key certicates. Threshold signatures can be used in a mobile agent scenario to spread the risk between several agents and thereby overcome the threats posed by individual malicious hosts. An alternative to threshold signatures, based on conventional signatures, achieving comparable security guarantees with potential practical advantages compared to a threshold scheme is proposed in this thesis. Undetachable signatures and threshold signatures are both concepts applicable to mobile agents. This thesis proposes a technique combining the two schemes to achieve undetachable threshold signatures. This thesis denes the concept of certicate translation, which allows an agent to have one certicate translated into another format if so required, and thereby save storage space as well as being able to cope with a certicate format not foreseen at the time the agent was created