Elaboration d'un modèle d'identité numérique adapté à la convergence

L évolution des réseaux informatiques, et notamment d Internet, s ancre dans l émergence de paradigmes prépondérants tels que la mobilité et les réseaux sociaux. Cette évolution amène à considérer une réorganisation de la gestion des données circulant au cœur des réseaux. L accès à des services offrant de la vidéo ou de la voix à la demande depuis des appareils aussi bien fixes que mobiles, tels que les Smartphones, ou encore la perméabilité des informations fournies à des réseaux sociaux conduisent à s interroger sur la notion d identité numérique et, de manière sous-jacente, à reconsidérer les concepts de sécurité et de confiance. La contribution réalisée dans ce travail de thèse consiste, dans une première partie, à analyser les différents modèles d identité numérique existants ainsi que les architectures de fédération d identité, mais également les protocoles déployés pour l authentification et les problèmes de confiance engendrés par l absence d élément sécurisé tel qu une carte à puce. Dans une deuxième partie, nous proposons, en réponse aux éléments dégagés dans la partie précédente, un modèle d identité fortement attaché au protocole d authentification TLS embarqué dans un composant sécurisé, permettant ainsi de fournir les avantages sécuritaires exigibles au cœur des réseaux actuels tout en s insérant naturellement dans les différents terminaux, qu ils soient fixes ou mobiles. Enfin, dans une dernière partie, nous expliciterons plusieurs applications concrètes, testées et validées, de ce modèle d identité, afin d en souligner la pertinence dans des cadres d utilisation pratique extrêmement variés.IT networks evolution, chiefly Internet, roots within the emergence of preeminent paradigms such as mobility and social networks. This development naturally triggers the impulse to reorganize the control of data spreading throughout the whole network. Taking into account access to services such as video or voice on demand coming from terminals which can be fixed or mobile such as smartphones, or also permeability of sensitive information provided to social networks, these factors compel a necessary interrogation about digital identity as a concept. It also intrinsically raises a full-fledged reconsideration of security and trust concepts. The contribution of this thesis project is in line, in a first part, with the analysis of the existing manifold digital identity frameworks as well as the study of current authentication protocols and trust issues raised by the lack of trusted environment such as smartcards. In a second part, as an answer to the concerns suggested in the first part, we will advocate an identity framework strongly bounded to the TLS authentication protocol which needs to be embedded in a secure component, thus providing the mandatory security assets for today s networks while naturally fitting with a varied scope of terminals, be it fixed or mobile. In a last part, we will finally exhibit a few practical applications of this identity framework, which have been thoroughly tested and validated, this, in order to emphasize its relevance throughout multifarious use cases.PARIS-Télécom ParisTech (751132302) / SudocSudocFranceF

Etude de Faisabilité des Mécanismes de Détection de Mauvais Comportement dans les systèmes de transport intelligents coopératifs (C-ITS)

International audience—Cooperative Intelligent Transport Systems (C–ITS) is an emerging technology that aims at improving road safety, traffic efficiency and drivers experience. To this end, vehicles cooperate with each others and the infrastructure by exchanging Vehicle–to–X communication (V2X) messages. In such communicating systems message authentication and privacy are of paramount importance. The commonly adopted solution to cope with these issues relies on the use of a Public Key Infrastructure (PKI) that provides digital certificates to entities of the system. Even if the use of pseudonym certificates mitigate the privacy issues, the PKI cannot address all cyber threats. That is why we need a mechanism that enable each entity of the system to detect and report misbehaving neighbors. In this paper, we provide a state-of-the-art of misbehavior detection methods. We then discuss their feasibility with respect to current standards and law compliance as well as hardware/software requirements

Towards a Reliable Machine Learning Based Global Misbehavior Detection in C-ITS: Model Evaluation Approach

International audienceGlobal misbehavior detection in Cooperative Intelligent Transport Systems (C-ITS) is carried out by a central entity named Misbe-havior Authority (MA). The detection is based on local misbehavior detection information sent by Vehicle's On-Board Units (OBUs) and by RoadSide Units (RSUs) called Misbehavior Reports (MBRs) to the MA. By analyzing these Misbehavior Reports (MBRs), the MA is able to compute various misbehavior detection information. In this work, we propose and evaluate different Machine Learning (ML) based solutions for the internal detection process of the MA. We show through extensive simulation and several detection metrics the ability of solutions to precisely identify different misbehavior types

A Misbehavior Authority System for Sybil Attack Detection in C-ITS

International audienceGlobal misbehavior detection is an important back-end mechanism in Cooperative Intelligent Transport Systems (C-ITS). It is based on the local misbehavior detection information sent by Vehicle's On-Board Units (OBUs) and by RoadSide Units (RSUs) called Misbehavior Reports (MBRs) to the Mis-behavior Authority (MA). By analyzing these reports, the MA provides more accurate and robust misbehavior detection results. Sybil attacks pose a significant threat to the C-ITS systems. Their detection and identification may be inaccurate and confusing. In this work, we propose a Machine Learning (ML) based solution for the internal detection process of the MA. We show through extensive simulation that our solution is able to precisely identify the type of the Sybil attack and provide promising detection accuracy results

Integrity Probe: Using Programmer as Root of Trust for Bare Metal Blockchain Crypto Terminal. Invited Paper

International audienc

Designing Attacks Against Automotive Control Area Network Bus and Electronic Control Units

International audienc

Integrity Issues for IoT: From Experiment to Classification Introducing Integrity Probes

International audienc

Introducing Innovative Bare Metal Crypto Terminal for Blockchains and BigBang Paradigm

International audienc

Crypto Terminal Based On Secure Element For Consumer Trusted Blockchain Transactions

International audienc