ImageVerifierCode 换一换
格式:PDF , 页数:106 ,大小:3.32MB ,
资源ID:592685      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-592685.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(CEN TS 16702-1-2014 Electronic fee collection - Secure monitoring for autonomous toll systems - Part 1 Compliance checking《电子收费 自动收费系统的安全监控 第1部分 合规性检查》.pdf)为本站会员(proposalcash356)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

CEN TS 16702-1-2014 Electronic fee collection - Secure monitoring for autonomous toll systems - Part 1 Compliance checking《电子收费 自动收费系统的安全监控 第1部分 合规性检查》.pdf

1、BSI Standards PublicationPD CEN/TS 16702-1:2014Electronic fee collection Secure monitoring forautonomous toll systemsPart 1: Compliance checkingPD CEN/TS 16702-1:2014 PUBLISHED DOCUMENTNational forewordThis Published Document is the UK implementation of CEN/TS16702-1:2014.The UK participation in its

2、 preparation was entrusted to TechnicalCommittee EPL/278, Intelligent transport systems.A list of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport to include all the necessaryprovisions of a contract. Users are responsible for i

3、ts correctapplication. The British Standards Institution 2014. Published by BSI StandardsLimited 2014ISBN 978 0 580 84810 0ICS 35.240.60Compliance with a British Standard cannot confer immunity fromlegal obligations.This Published Document was published under the authority of theStandards Policy and

4、 Strategy Committee on 30 November 2014.Amendments issued since publicationDate Text affectedPD CEN/TS 16702-1:2014TECHNICAL SPECIFICATION SPCIFICATION TECHNIQUE TECHNISCHE SPEZIFIKATION CEN/TS 16702-1 November 2014 ICS 35.240.60 English Version Electronic fee collection - Secure monitoring for auto

5、nomous toll systems - Part 1: Compliance checking Perception du tlpage - Surveillance scurise pour systmes autonomes de page - Partie 1: Contrle de conformit Elektronische Gebhrenerhebung - Sichere berwachung von autonomen Mautsystemen - Einhaltungsprfung This Technical Specification (CEN/TS) was ap

6、proved by CEN on 14 June 2014 for provisional application. The period of validity of this CEN/TS is limited initially to three years. After two years the members of CEN will be requested to submit their comments, particularly on the question whether the CEN/TS can be converted into a European Standa

7、rd. CEN members are required to announce the existence of this CEN/TS in the same way as for an EN and to make the CEN/TS available promptly at national level in an appropriate form. It is permissible to keep conflicting national standards in force (in parallel to the CEN/TS) until the final decisio

8、n about the possible conversion of the CEN/TS into an EN is reached. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Ita

9、ly, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG CEN-CENELEC Management Centre: Ave

10、nue Marnix 17, B-1000 Brussels 2014 CEN All rights of exploitation in any form and by any means reserved worldwide for CEN national Members. Ref. No. CEN/TS 16702-1:2014 EPD CEN/TS 16702-1:2014CEN/TS 16702-1:2014 (E) 2 Contents Page Foreword 5 0 Introduction 6 0.1 Overview .6 0.2 Processes .6 0.3 Op

11、tions .8 0.4 Privacy aspects . 11 1 Scope . 12 1.1 General scope . 12 1.2 Relation to CEN/TS 16439 12 1.3 Relation to other standards . 14 2 Normative references . 14 3 Terms and definitions 15 4 Abbreviations 17 5 Processes 18 5.1 Introduction and overview . 18 5.2 Processes needed for different ty

12、pes of Secure Monitoring . 19 5.3 Itinerary Freezing 21 5.3.1 Introduction . 21 5.3.2 Generate Itinerary . 21 5.3.3 Real-time freezing . 23 5.3.4 Freezing per declaration 24 5.4 Checking of Itinerary Freezing 25 5.4.1 Introduction . 25 5.4.2 Observing a vehicle 25 5.4.3 Retrieving Proof of Itinerary

13、 Freezing (PIF) . 26 5.4.4 Checking PIF against Observation . 27 5.5 Checking of Toll Declaration . 27 5.5.1 Introduction . 27 5.5.2 Retrieve Itinerary Data 27 5.5.3 Check Itinerary Consistency . 28 5.5.4 Checking Toll Declaration against Itinerary . 28 5.6 Claiming incorrectness 29 5.7 Providing EF

14、C Context Data 29 5.8 Key Management 29 5.8.1 Introduction . 29 5.8.2 Requirements 29 6 Transactions 30 6.1 Introduction . 30 6.2 Description of Itinerary Data 32 6.2.1 Introduction . 32 6.2.2 Itinerary Batch . 34 6.2.3 Itinerary Record Data Elements 35 6.3 Retrieving PIF in real-time (DSRC Transact

15、ion) 37 6.3.1 Introduction . 37 6.3.2 Transactional Model . 38 6.3.3 Syntax and Semantics 38 6.3.4 Security 40 6.4 Toll Declaration . 40 PD CEN/TS 16702-1:2014CEN/TS 16702-1:2014 (E) 3 6.4.1 Introduction 40 6.4.2 Transactional Model 40 6.4.3 Syntax and semantics . 41 6.4.4 Itinerary Sequence 42 6.4.

16、5 Security 44 6.5 Back End Data Checking 44 6.5.1 Introduction 44 6.5.2 Transactional model 45 6.5.3 Checks of the Itinerary 46 6.5.4 Syntax and semantics . 47 6.5.5 Security 50 6.6 Claiming incorrectness . 50 6.6.1 Introduction 50 6.6.2 Transactional model 51 6.6.3 Syntax and semantics . 52 6.6.4 S

17、ecurity 52 6.7 Providing EFC Context Data 53 6.7.1 Introduction 53 6.7.2 Transactional Model 53 6.7.3 Syntax and semantics . 53 6.7.4 Security 55 7 Security 55 7.1 Security functions and elements . 55 7.1.1 Hash functions . 55 7.1.2 MAC. 55 7.1.3 Digital signatures 55 7.1.4 Public Keys, Certificates

18、 and CRL . 55 7.2 Key Management . 56 7.2.1 Key Exchange between Stakeholders . 56 7.2.2 Key generation and certification 56 7.3 Trusted Recorder and SM_CC Verification SAM characteristics . 57 7.3.1 Introduction 57 7.3.2 Trusted Recorder . 57 7.3.3 SM_CC Verification SAM 58 Annex A (normative) Data

19、 type specification . 59 Annex B (normative) Protocol Implementation Conformance Statement . 67 B.1 Guidance for completing the PICS proforma . 67 B.1.1 Purposes and structure 67 B.1.2 Abbreviations and conventions . 67 B.1.3 Instructions for completing the PICS proforma . 69 B.2 Identification of t

20、he implementation 69 B.2.1 General . 69 B.2.2 Date of the statement 69 B.2.3 Implementation Under Test (IUT) identification . 69 B.2.4 System Under Test (SUT) identification 69 B.2.5 Product supplier 70 B.2.6 Applicant (if different from product supplier). 70 B.2.7 PICS contact person . 70 B.3 Ident

21、ification of the protocol 71 B.4 Global statement of conformance . 71 B.5 Roles . 71 B.6 Types of Secure Monitoring . 71 B.7 Capabilities and conditions 72 B.8 Processes . 73 Annex C (informative) Example transactions . 74 PD CEN/TS 16702-1:2014CEN/TS 16702-1:2014 (E) 4 Annex D (informative) Address

22、ed threats (in CEN/TS 16439) 78 D.1 Introduction . 78 D.2 Threats where Secure Monitoring can provide Security Measures 78 D.3 Related Requirements 80 D.4 Related Security Measures 81 Annex E (informative) Essentials of the SM_CC concept 84 E.1 Introduction . 84 E.2 The SM_CC concept FAQs . 84 E.3 S

23、M_CC options . 86 E.3.1 SM_CC_1 . 86 E.3.2 SM_CC_2 . 90 E.3.3 SM_CC_3a . 93 E.3.4 SM_CC_3b . 95 E.4 Managing multiple toll domains 96 E.4.1 Overlapping toll domains . 96 E.4.2 The catch-all toll domain counter . 98 Annex F (informative) Use of this Technical Specification for the EETS . 99 F.1 Gener

24、al . 99 F.2 Overall relationship between European standardization and the EETS . 99 F.3 European standardization work supporting the EETS . 99 F.4 Correspondence between this technical specification and the EETS 100 Bibliography . 101 PD CEN/TS 16702-1:2014CEN/TS 16702-1:2014 (E) 5 Foreword This doc

25、ument (CEN/TS 16702-1:2014) has been prepared by Technical Committee CEN/TC 278 “Intelligent transport systems”, the secretariat of which is held by NEN. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not

26、 be held responsible for identifying any or all such patent rights. This document has been prepared under a mandate given to CEN by the European Commission and the European Free Trade Association. According to the CEN-CENELEC Internal Regulations, the national standards organizations of the followin

27、g countries are bound to announce this Technical Specification: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, Former Yugoslav Republic of Macedonia, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands,

28、 Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland, Turkey and the United Kingdom. PD CEN/TS 16702-1:2014CEN/TS 16702-1:2014 (E) 6 0 Introduction 0.1 Overview In autonomous toll systems a Toll Service Provider (TSP) sends toll declarations to the Toll Charger (TC), i.

29、e. statements that a vehicle was circulating within a toll domain. Compliance Check Communication (CCC) according to CEN ISO/TS 12813:2009 provides useful indications to a TC of whether the OBE is operating correctly or not. It assumes the OBE to be secure and the TSP to be trusted. It mainly focuss

30、es on the compliance of the Service User (SU) with the toll domains rules. This Technical Specification does not assume the OBE to be secure nor the TSP to be trusted and adds measures to deal with the associated risks. It specifies the requirements for Secure Monitoring Compliance Checking (SM_CC),

31、 a concept that allows the TC to check the trustworthiness of toll declarations produced by a TSP using an OBE operated by the SU, while respecting the privacy of the SU in accordance with the applicable regulations. Trustworthiness equals the confidence in the reliable operation of the Toll Service

32、 Providers EFC System and / or in case of errors gives technical indications about possible failures or manipulations which may be attributed to the SU and/or the TSP or an external party. An operational EFC System can use a combination of the CCC and SM_CC tools to keep misuse under control effecti

33、vely. This Technical Specification is the first part in a set of two that together specify Secure Monitoring for Autonomous Toll Systems: This technical specification, “Secure Monitoring - Compliance Checking”, specifies the transactions between RSE of the TC over DSRC as well as transactions betwee

34、n the Toll Chargers and the Toll Service Providers back end systems, for the purpose of Secure Monitoring. A second part, “Secure Monitoring Trusted Recorder”, specifies requirements on a tamper-proof entity called a Trusted Recorder (TR) which can be part of the OBE. It also specifies the interface

35、 between OBE and TR. Most but not all available options for secure monitoring require the use of a TR to provide for integrity, authenticity and non-repudiation services. The SM_CC method is suitable: a) for use by Toll Chargers and Toll Service Providers that do not have to trust each other and onl

36、y trust parts of each others equipment; b) for all types of toll regimes according to CEN ISO/TS 17575 (all parts); c) for providing evidence that can be used in court; d) for the application to local schemes as well as in interoperable sectors such as the European Electronic Toll Service (EETS). 0.

37、2 Processes SM_CC provides a TC operating an autonomous toll system with the tools to check whether or not the usage of a transport service by a vehicle in his toll domain is correctly recorded in what is called the itinerary. In the OBE, the registration of a vehicles road usage is represented by a

38、 so-called itinerary which is committed to in real-time or with a defined delay by a process called itinerary freezing. Itinerary freezing ensures that the integrity of the itinerary is undeniably committed to. After an itinerary is frozen, deletion or manipulation/replacement of itinerary data will

39、 invalidate the proof of integrity and can thus be detected. The freezing process comes in two variants: real-time freezing: In this case the presence of a tamper proof trust anchor in the OBE is assumed. This trust anchor is called the Trusted Recorder (TR) and takes care of digitally signing itine

40、rary records thereby committing to them in real-time. PD CEN/TS 16702-1:2014CEN/TS 16702-1:2014 (E) 7 freezing per declaration: In this case, the itineraries are signed by the TSP back end and committed to by sending the signature to the TC using the standard EN ISO 12855:2012 message Toll Declarati

41、on. The road usage itself can be detected via (automatic or manual) observations. In order to be fully effective, the concept requires either unexpected or undetected observations, depending on the type of secure monitoring applied. SM_CC provides the TSP with tools to check the consistency of the C

42、harge Reports obtained from his Front-end and/or the related Toll Declarations with the itinerary. SM_CC is based on a double principle and related processes which are loosely coupled but need to be executed both: Checking of Itinerary Freezing (CIF) and Checking of Toll Declaration (CTD). Figure 1

43、The sub-processes of Compliance Checking (UML use case diagram) For CIF the aim is to check the registered itinerary data against an observation of road usage. The concept ensures that such data cannot be corrected in case of an unexpected spot check observation or deleted/changed in case of an abse

44、nce of checks. CIF can be done in real-time at the roadside using an SM_CC transaction via DSRC and / or with delay in the back end using the CTD transaction. CIF gives the TC confidence in that all road usage is registered as an itinerary in the freezing process. The frozen itineraries in turn are

45、used as a reference for checking the plausibility of the Toll Declarations. It is mandatory that the TSP checks that the itinerary is plausible and that the Toll Declaration is consistent with the Itinerary. The Toll Chargers confidence that this process is carried out continuously can be establishe

46、d through the CTD Process, but it is also possible to achieve this through audits or other processes not described in this standard. CTD is a spot check operation in which the Toll Declaration is checked against the underlying detailed itinerary data (which is not necessarily part of the Toll Declar

47、ation) in order to verify that the aggregated fields that are reported (e.g. distance travelled in charging zone, aggregated fee etc.) have been computed correctly. CTD also aims to verify the integrity, the completeness and plausibility of the itinerary data. Since CTD requires the TC to analyse th

48、e detailed itineraries corresponding to the Toll Declaration of the SU it is desirable from a privacy perspective to limit the number of CTD transactions. PD CEN/TS 16702-1:2014CEN/TS 16702-1:2014 (E) 8 CIF and CTD can be executed independently, however to achieve the complete coverage of Secure Mon

49、itoring CIF needs to be complemented with CTD and vice-versa. 0.3 Options For a derivation of the different types of Secure Monitoring from the available options, see Table 1. Annex E provides further background information on the use of and the rationale for these options. Annex F how this TS can be used for the EETS. PD CEN/TS 16702-1:2014CEN/TS 16702-1:2014 (E) 9 Type of Secure Monitoring Description Capabilities needed Conditions for effective compliance checks Privacy impact TrustedRecorderTrustedTimeSourceHighcommunication availabilityCIFviaDS

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1