1、raising standards worldwideNO COPYING WITHOUT BSI PERMISSION EXCEPT AS PERMITTED BY COPYRIGHT LAWBSI Standards PublicationBS EN ISO 24534-4:2010Automatic vehicle andequipment identification Electronic RegistrationIdentification (ERI) for vehiclesPart 4: Secure communicationsusing asymmetrical techni
2、ques (ISO24534-4:2010)BS EN ISO 24534-4:2010 BRITISH STANDARDNational forewordThis British Standard is the UK implementation of EN ISO24534-4:2010. It supersedes DD CEN ISO/TS 24534-4:2008 which iswithdrawn.The UK participation in its preparation was entrusted to TechnicalCommittee EPL/278, Road tra
3、nsport informatics.A list of organizations represented on this committee can beobtained on request to its secretary.This publication does not purport to include all the necessaryprovisions of a contract. Users are responsible for its correctapplication. BSI 2010ISBN 978 0 580 65836 5ICS 03.220.20; 3
4、5.240.60Compliance with a British Standard cannot confer immunity fromlegal obligations.This British Standard was published under the authority of theStandards Policy and Strategy Committee on 31 August 2010Amendments issued since publicationDate Text affectedEUROPEAN STANDARD NORME EUROPENNE EUROPI
5、SCHE NORM EN ISO 24534-4 July 2010 ICS 35.240.60; 03.220.20 Supersedes CEN ISO/TS 24534-4:2008English Version Automatic vehicle and equipment identification - Electronic Registration Identification (ERI) for vehicles - Part 4: Secure communications using asymmetrical techniques (ISO 24534-4:2010) Id
6、entification automatique des vhicules et des quipements - Identification denregistrement lectronique (ERI) pour les vhicules - Partie 4: Communications sres utilisant des techniques asymtriques (ISO 24534-4:2010)This European Standard was approved by CEN on 16 June 2010. CEN members are bound to com
7、ply with the CEN/CENELEC Internal Regulations which stipulate the conditions for giving this European Standard the status of a national standard without any alteration. Up-to-date lists and bibliographical references concerning such national standards may be obtained on application to the CEN Manage
8、ment Centre or to any CEN member. This European Standard exists in three official versions (English, French, German). A version in any other language made by translation under the responsibility of a CEN member into its own language and notified to the CEN Management Centre has the same status as th
9、e official versions. CEN members are the national standards bodies of Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romani
10、a, Slovakia, Slovenia, Spain, Sweden, Switzerland and United Kingdom. EUROPEAN COMMITTEE FOR STANDARDIZATION COMIT EUROPEN DE NORMALISATION EUROPISCHES KOMITEE FR NORMUNG Management Centre: Avenue Marnix 17, B-1000 Brussels 2010 CEN All rights of exploitation in any form and by any means reserved wo
11、rldwide for CEN national Members. Ref. No. EN ISO 24534-4:2010: EBS EN ISO 24534-4:2010EN ISO 24534-4:2010 (E) 3 Foreword This document (EN ISO 24534-4:2010) has been prepared by Technical Committee CEN/TC 278 “Road transport and traffic telematics”, the secretariat of which is held by NEN, in colla
12、boration with Technical Committee ISO/TC 204 “Intelligent transport systems“. This European Standard shall be given the status of a national standard, either by publication of an identical text or by endorsement, at the latest by January 2011, and conflicting national standards shall be withdrawn at
13、 the latest by January 2011. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. CEN and/or CENELEC shall not be held responsible for identifying any or all such patent rights. This document supersedes CEN ISO/TS 24534-4:2008. Accordi
14、ng to the CEN/CENELEC Internal Regulations, the national standards organizations of the following countries are bound to implement this European Standard: Austria, Belgium, Bulgaria, Croatia, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Iceland, Ireland, Italy
15、, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Norway, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, Switzerland and the United Kingdom. Endorsement notice The text of ISO 24534-4:2010 has been approved by CEN as a EN ISO 24534-4:2010 without any modification. BS EN ISO 24534-4
16、:2010ISO 24534-4:2010(E) ISO 2010 All rights reserved iiiContents Page Foreword iv Introduction.v 1 Scope1 2 Normative references2 3 Terms and definitions .2 4 Abbreviations.10 5 System communications concept .11 5.1 Introduction11 5.2 Overview.11 5.3 Security services .18 5.4 Communication architec
17、ture description .23 5.5 Interfaces25 6 Interface requirements26 6.1 Overview.26 6.2 Abstract transaction definitions 27 6.3 The ERT interfaces 63 Annex A (normative) ASN.1 modules .66 Annex B (normative) PICS pro forma .77 Annex C (informative) Operational scenarios81 Bibliography93 BS EN ISO 24534
18、-4:2010ISO 24534-4:2010(E) iv ISO 2010 All rights reservedForeword ISO (the International Organization for Standardization) is a worldwide federation of national standards bodies (ISO member bodies). The work of preparing International Standards is normally carried out through ISO technical committe
19、es. Each member body interested in a subject for which a technical committee has been established has the right to be represented on that committee. International organizations, governmental and non-governmental, in liaison with ISO, also take part in the work. ISO collaborates closely with the Inte
20、rnational Electrotechnical Commission (IEC) on all matters of electrotechnical standardization. International Standards are drafted in accordance with the rules given in the ISO/IEC Directives, Part 2. The main task of technical committees is to prepare International Standards. Draft International S
21、tandards adopted by the technical committees are circulated to the member bodies for voting. Publication as an International Standard requires approval by at least 75 % of the member bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the su
22、bject of patent rights. ISO shall not be held responsible for identifying any or all such patent rights. ISO 24534-4 was prepared by the European Committee for Standardization (CEN) Technical Committee CEN/TC 278, Road transport and traffic telematics, in collaboration with Technical Committee ISO/T
23、C 204, Intelligent transport systems, in accordance with the Agreement on technical cooperation between ISO and CEN (Vienna Agreement). This first edition of ISO 24534-4 cancels and replaces ISO/TS 24534-4:2008, which has been technically revised. ISO 24534 consists of the following parts, under the
24、 general title Automatic vehicle and equipment identification Electronic registration identification (ERI) for vehicles: Part 1: Architecture Part 2: Operational requirements Part 3: Vehicle data Part 4: Secure communications using asymmetrical techniques Part 5: Secure communications using symmetri
25、cal techniques BS EN ISO 24534-4:2010ISO 24534-4:2010(E) ISO 2010 All rights reserved vIntroduction A quickly emerging need has been identified with administrations to improve the unique identification of vehicles for a variety of services. Situations are already occurring where manufacturers intend
26、 to fit lifetime tags to vehicles. Various governments are considering the needs and benefits of electronic registration identification (ERI) as a legal proof of vehicle identity with potential mandatory uses. There is commercial and economic justification in respect of both tags and infrastructure
27、that a standard enables an interoperable solution. ERI is a means of uniquely identifying road vehicles. The application of ERI will offer significant benefits over existing techniques for vehicle identification. It will be a suitable tool for the future management and administration of traffic and
28、transport, including applications in free-flow, multi-lane traffic conditions with the capability to support mobile transactions. ERI addresses the need of authorities and other road users for a trusted electronic identification, including roaming vehicles. This part of ISO 24534 specifies the appli
29、cation layer interfaces for the exchange of data between an onboard component containing the ERI data and a reader or writer inside or outside the vehicle. The exchanged identification data consists of a unique vehicle identifier and may also include data typically found in the vehicles registration
30、 certificate. The authenticity of the exchanged vehicle data can be further enhanced by ensuring data has been obtained by request from a commissioned device, with the data electronically signed by the registration authority. In order to facilitate (international) resales of vehicles, the ERI interf
31、ace includes provisions for another accredited registration authority to take over the registration of a vehicle. The ERI interface supports confidentiality measures to adhere to (inter)national privacy regulation and to prevent other misuse of electronic identification of vehicles. A registration a
32、uthority may authorize other authorities to access the vehicles data. A holder of a registration certificate may authorize an additional service provider to identify the vehicle when he/she wants commercial service. However, it is perceived that different users may have different requirements for au
33、thentication and confidentiality. This International Standard therefore supports different levels of security with maximum compatibility. Much attention is given to the interoperability of the component containing the ERI data and readers of various levels of capability, e.g. the identification of a
34、 vehicle with a less capable ERI data component by a more sophisticated reader equipment and vice versa. The supported complexity of the device containing the ERI data may range from a very simple read-only device that only contains the vehicles identifier, to a sophisticated device that includes bo
35、th authentication and confidentiality measures and maintains a historic list of the vehicle data written by the manufacturer and by vehicle registration authorities. Following the events of 11 September 2001, and subsequent reviews of anti-terrorism measures, the need for ERI has been identified as
36、a possible anti-terrorism measure. The need for international or pan-European harmonization of such ERI is therefore important. It is also important to ensure that any ERI measures contain protection against misuse by terrorists. This part of ISO 24534 makes use of the basic automatic vehicle identi
37、fication (AVI) provisions already defined in ISO 14814 and ISO 14816. BS EN ISO 24534-4:2010BS EN ISO 24534-4:2010INTERNATIONAL STANDARD ISO 24534-4:2010(E) ISO 2010 All rights reserved 1Automatic vehicle and equipment identification Electronic registration identification (ERI) for vehicles Part 4:
38、Secure communications using asymmetrical techniques 1 Scope This part of ISO 24534 provides requirements for electronic registration identification (ERI) that are based on an identifier assigned to a vehicle (e.g. for recognition by national authorities) suitable to be used for: electronic identific
39、ation of local and foreign vehicles by national authorities; vehicle manufacturing, in-life maintenance and end-of-life identification (vehicle life cycle management); adaptation of vehicle data (e.g. for international resales); safety-related purposes; crime reduction; commercial services. It adher
40、es to privacy and data protection regulations. This part of ISO 24534 specifies the interfaces for a secure exchange of data between an ERT and an ERI reader or ERI writer in or outside the vehicle using asymmetric encryption techniques. NOTE 1 The onboard device containing the ERI data is called th
41、e electronic registration tag (ERT). This part of ISO 24534 includes: the application layer interface between an ERT and an onboard ERI reader or writer; the application layer interface between the onboard ERI equipment and external ERI readers and writers; security issues related to the communicati
42、on with the ERT. NOTE 2 The vehicle identifiers and possible additional vehicle data (as typically contained in vehicle registration certificates) are defined in ISO 24534-3. NOTE 3 The secure application layer interfaces for the exchange of ERI data with an ERI reader or writer are specified in bot
43、h this part of ISO 24534 and ISO 24534-5. BS EN ISO 24534-4:2010ISO 24534-4:2010(E) 2 ISO 2010 All rights reserved2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated refere
44、nces, the latest edition of the referenced document (including any amendments) applies. ISO/IEC 8824 (all parts), Information technology Abstract Syntax Notation One (ASN.1) ISO/IEC 8825-2, Information technology ASN.1 encoding rules: Specification of Packed Encoding Rules (PER) Part 2 ISO/IEC 14443
45、 (all parts), Identification cards Contactless integrated circuit cards Proximity cards ISO 15628:2007, Road transport and traffic telematics Dedicated short range communication (DSRC) DSRC application layer 3 Terms and definitions For the purposes of this document, the following terms and definitio
46、ns apply. 3.1 access control prevention of unauthorized use of a resource, including the prevention of use of a resource in an unauthorized manner ISO 7498-2:1989, definition 3.3.1 3.2 access control list list of entities, together with their access rights, which are authorized to have access to a r
47、esource ISO 7498-2:1989, definition 3.3.2 3.3 active threat threat of a deliberate unauthorized change to the state of the system ISO 7498-2:1989, definition 3.3.4 EXAMPLE Examples of security-relevant active threats may include modification of messages, replay of messages, and insertion of spurious
48、 messages, masquerading as an authorized entity and denial of service. 3.4 additional vehicle data ERI data in addition to the vehicle identifier ISO 24534-3:2008, definition 3.1 3.5 air interface conductor-free medium between onboard equipment (OBE) and the reader/interrogator through which the lin
49、king of the OBE to the reader/interrogator is achieved by means of electromagnetic signals ISO 14814:2006, definition 3.2 3.6 authority organization that is allowed by public law to identify a vehicle using ERI BS EN ISO 24534-4:2010ISO 24534-4:2010(E) ISO 2010 All rights reserved 33.7 authorization granting of rights, which includes the granting of access based on access rights ISO 7498-2:1989, definition 3.3.10 3.8 certification authority natural or legal person trusted to create publi