1、 ETSI TS 102 941 V1.1.1 (2012-06) Intelligent Transport Systems (ITS); Security; Trust and Privacy Management Technical Specification ETSI ETSI TS 102 941 V1.1.1 (2012-06)2Reference DTS/ITS-0050015 Keywords interoperability, ITS, management, security ETSI 650 Route des Lucioles F-06921 Sophia Antipo
2、lis Cedex - FRANCE Tel.: +33 4 92 94 42 00 Fax: +33 4 93 65 47 16 Siret N 348 623 562 00017 - NAF 742 C Association but non lucratif enregistre la Sous-Prfecture de Grasse (06) N 7803/88 Important notice Individual copies of the present document can be downloaded from: http:/www.etsi.org The present
3、 document may be made available in more than one electronic version or in print. In any case of existing or perceived difference in contents between such versions, the reference version is the Portable Document Format (PDF). In case of dispute, the reference shall be the printing on ETSI printers of
4、 the PDF version kept on a specific network drive within ETSI Secretariat. Users of the present document should be aware that the document may be subject to revision or change of status. Information on the current status of this and other ETSI documents is available at http:/portal.etsi.org/tb/statu
5、s/status.asp If you find errors in the present document, please send your comment to one of the following services: http:/portal.etsi.org/chaircor/ETSI_support.asp Copyright Notification No part may be reproduced except as authorized by written permission. The copyright and the foregoing restriction
6、 extend to reproduction in all media. European Telecommunications Standards Institute 2012. All rights reserved. DECTTM, PLUGTESTSTM, UMTSTMand the ETSI logo are Trade Marks of ETSI registered for the benefit of its Members. 3GPPTM and LTETMare Trade Marks of ETSI registered for the benefit of its M
7、embers and of the 3GPP Organizational Partners. GSM and the GSM logo are Trade Marks registered and owned by the GSM Association. ETSI ETSI TS 102 941 V1.1.1 (2012-06)3Contents Intellectual Property Rights 4g3Foreword . 4g31 Scope 5g32 References 5g32.1 Normative references . 5g32.2 Informative refe
8、rences 6g33 Definitions and abbreviations . 6g33.1 Definitions 6g33.2 Abbreviations . 6g34 ITS authority hierarchy 7g34.1 Overview 7g34.2 ITS authorities 7g34.2.1 Enrolment Authority . 7g34.2.2 Authorization Authority 8g34.2.3 Root CA 8g35 Privacy in ITS . 8g36 Trust and privacy management 9g36.1 IT
9、S-S Security Lifecycle 9g36.1.1 Manufacture 9g36.1.2 Enrolment . 10g36.1.3 Authorization 10g36.1.4 Maintenance 10g36.2 Public Key Infrastructure . 10g36.2.1 Assumption and requirements. 10g36.2.2 Message Sequences. 10g36.2.2.1 Introduction . 10g36.2.2.2 Enrolment Request 11g36.2.2.3 Authorization Re
10、quest. 13g37 Security association and key management between ITS Stations 16g37.1 Broadcast SAs 16g37.2 Multicast SAs . 16g37.3 Unicast SAs 17g3Annex A (informative): ITS security messages specified in ASN.1 18g3A.1 ITS trust and privacy messages specified in ASN.1 . 18g3A.2 Enrolment and authorizat
11、ion message structures . 18g3Annex B (informative): Secret-key use cases and application categories 26g3Annex C (informative): Extensions to IEEE 1609.2 to support additional security functions 27g3C.1 Rationale . 27g3C.2 Use of a cryptographic digest of the signer identifier 27g3C.3 Encryption of t
12、he signer identifier in an authorization certificate request . 27g3C.4 Request and transmission of multiple authorization certificates 28g3Annex D (informative): Bibliography . 29g3History 30 ETSI ETSI TS 102 941 V1.1.1 (2012-06)4Intellectual Property Rights IPRs essential or potentially essential t
13、o the present document may have been declared to ETSI. The information pertaining to these essential IPRs, if any, is publicly available for ETSI members and non-members, and can be found in ETSI SR 000 314: “Intellectual Property Rights (IPRs); Essential, or potentially Essential, IPRs notified to
14、ETSI in respect of ETSI standards“, which is available from the ETSI Secretariat. Latest updates are available on the ETSI Web server (http:/ipr.etsi.org). Pursuant to the ETSI IPR Policy, no investigation, including IPR searches, has been carried out by ETSI. No guarantee can be given as to the exi
15、stence of other IPRs not referenced in ETSI SR 000 314 (or the updates on the ETSI Web server) which are, or may be, or may become, essential to the present document. Foreword This Technical Specification (TS) has been produced by ETSI Technical Committee Intelligent Transport System (ITS). ETSI ETS
16、I TS 102 941 V1.1.1 (2012-06)51 Scope The present document specifies the trust and privacy management for Intelligent Transport System (ITS) communications. Based upon the security services defined in TS 102 731 1 and the security architecture define in TS 102 940 5, it identifies the trust establis
17、hment and privacy management required to support security in an ITS environment and the relationships that exist between the entities themselves and the elements of the ITS reference architecture defined in EN 302 665 2. The present document identifies and specifies security services for the establi
18、shment and maintenance of identities and cryptographic keys in an Intelligent Transport System (ITS). Its purpose is to provide the functions upon which systems of trust and privacy can be built within an ITS. 2 References References are either specific (identified by date of publication and/or edit
19、ion number or version number) or non-specific. For specific references, only the cited version applies. For non-specific references, the latest version of the referenced document (including any amendments) applies. Referenced documents which are not found to be publicly available in the expected loc
20、ation might be found at http:/docbox.etsi.org/Reference. NOTE: While any hyperlinks included in this clause were valid at the time of publication ETSI cannot guarantee their long term validity. 2.1 Normative references The following referenced documents are necessary for the application of the prese
21、nt document. 1 ETSI TS 102 731: “Intelligent Transport Systems (ITS); Security; Security Services and Architecture“. 2 ETSI EN 302 665: “Intelligent Transport Systems (ITS); Communications Architecture“. 3 ETSI TS 102 867: “Intelligent Transport Systems (ITS); Security; Stage 3 mapping for IEEE 1609
22、.2“. 4 ETSI TS 102 942: “Intelligent Transport Systems (ITS); Security; Access control“. 5 ETSI TS 102 940: “Intelligent Transport Systems (ITS); Security; ITS communications security architecture and security management“. 6 ISO/IEC 8824-1:2008: “Information technology - Abstract Syntax Notation One
23、 (ASN.1): Specification of basic notation“. 7 ISO/IEC 8825-2:2008: “Information technology - ASN.1 encoding rules: Specification of Packed Encoding Rules (PER)“. 8 IEEE P1609.2/D12 (January 2012): “IEEE Draft Standard for Wireless Access in Vehicular Environments - Security Services for Applications
24、 and Management Messages“. NOTE: Available from http:/ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?reload=true Security; Confidentiality services“. ETSI ETSI TS 102 941 V1.1.1 (2012-06)62.2 Informative references The following referenced documents are not necessary for the application of the present
25、document but they assist the user with regard to a particular subject area. i.1 ISO/IEC 15408-2: “Information technology - Security techniques - Evaluation criteria for IT security; Part 2: Security functional components“. i.2 ETSI TR 102 638: “Intelligent Transport Systems (ITS); Vehicular Communic
26、ations; Basic Set of Applications; Definitions“. i.3 IETF RFC 4046: “Multicast Security (MSEC) Group Key Management Architecture“. i.4 IETF RFC 4301: “Security Architecture for the Internet Protocol“. i.5 IETF RFC 4302: “IP Authentication Header“. i.6 IETF RFC 4303: “IP Encapsulating Security Payloa
27、d (ESP)“. i.7 IETF RFC 5246: “The Transport Layer Security (TLS) Protocol Version 1.2“. i.8 IETF RFC 3547: “The Group Domain of Interpretation“. i.9 IETF RFC 3830: “MIKEY: Multimedia Internet KEYing“. i.10 IETF RFC 4535: “GSAKMP: Group Secure Association Key Management Protocol“. 3 Definitions and a
28、bbreviations 3.1 Definitions For the purposes of the present document, the following terms and definitions apply: anonymity: ability of a user to use a resource or service without disclosing the users identity authorization authority: authority that provides an ITS-S with permission to invoke ITS ap
29、plications and services canonical identifier: structured identifier that is globally unique enrolment authority: authority that validates that an ITS-S can be trusted to function correctly pseudonymity: ability of a user to use a resource or service without disclosing its user identity while still b
30、eing accountable for that use unlinkability: ability of a user to make multiple uses of resources or services without others being able to link these uses together unobservability: ability of a user to use a resource or service without others, especially third parties, being able to observe that the
31、 resource or service is being used 3.2 Abbreviations For the purposes of the present document, the following abbreviations apply: AA Authorization Authority CA Certification AuthorityCAM Cooperative Awareness Message CRL Certificate Revocation List CSR Certificate Signing Request DENM Decentralized
32、Environmental Notification Message EA Enrolment Authority ETSI ETSI TS 102 941 V1.1.1 (2012-06)7ITS Intelligent Transport System ITS-AID ITS Application ID ITS-S ITS Station MSEC Multicast Security PKI Public Key Infrastructure PSID Provider Service Identifier SA Security Association SSP Service Spe
33、cific Permissions TLS Transport Layer Security 4 ITS authority hierarchy 4.1 Overview Trust and privacy management requires secure distribution and maintenance (including revocation when applicable) of trust relationships, which may be enabled by specific security parameters that include 3rdparty ce
34、rtificates of proof of identity or other attributes such as pseudonym certificates. Public key certificates and Public Key Infrastructure (PKI) are used to establish and maintain trust between the ITS-S and other ITS stations and authorities. TS 102 731 1 defines the security management roles taken
35、by: manufacturers: - insert an ITS authoritative identity (canonical identifier) into each ITS-S; Enrolment Authorities (EA): - verify an ITS Station (ITS-S) as a whole; and Authorization Authorities (AA): - authorize an ITS-S to use a particular application, service, or privilege. Separation of enr
36、olment (identification and authentication) and authorization has been shown in TS 102 731 1 as an essential component of privacy management and provides protection against attacks on a users privacy. However, it is possible for the EA role to be delegated to the manufacturer and for the EA and AA ro
37、les to be assumed by a single authority. NOTE: EN 302 665 2 defines an ITS registration authority role to protect against the distribution of malicious ITS applications. Registration authorities are responsible for registering and managing ITS applications exclusively and are not involved in operati
38、onal security management. 4.2 ITS authorities 4.2.1 Enrolment Authority The EA issues a proof of identity authenticating the canonical identifier issued to the ITS-S. The proof of identity does not reveal the canonical identifier to a 3rdparty and may be used by the ITS-S to request authorization of
39、 services from an AA. The functions provided by the EA are as follows: the authentication of the canonical identifier of an ITS-S; the provision of proof of authentication of the ITS-S. ETSI ETSI TS 102 941 V1.1.1 (2012-06)84.2.2 Authorization Authority An ITS-S that has enrolled with, and been auth
40、enticated by, an EA may apply to an AA for specific permissions within the enrolment authoritys domain and the AAs authorization context. These privileges are denoted by means of authorization credentials in the form of IEEE 1609.2 8 authorisation certificates. Each authorization certificate specifi
41、es a particular authorization context which comprises a set of permissions. EXAMPLE 1: An authorization certificate might grant permission to an ITS-S to broadcast messages from a particular message set. Alternatively, it might grant permission to claim certain privileges. The authorization context
42、is specified either by explicitly encoding the permissions granted or by including a reference to a known policy that specifies the context. NOTE: An AA will normally be responsible for a particular set of contexts which may be specified by one or more of the following: square4 application (for exam
43、ple, cooperative awareness applications for personal user vehicles, emergency service vehicles or tolling); square4 time period; square4 geographic region (nation, state, locality); or square4 any other criteria that can be encoded. The authorization system may comprise a hierarchy of authorization
44、authorities with lower-layer authorities authorizing ITS stations and higher-layer authorities authorizing lower-level authorities. EXAMPLE 2: The following three layer structure might be appropriate for official use vehicles: a) ITS global (National) authorization authority; b) ITS regional authori
45、zation authority; and c) ITS local authorization authority. EXAMPLE 3: For personal user vehicles, it might be appropriate to have a single authorization authority (either national or system-wide) for CAMs and DENMs, because short certificate chains reduce the packet size associated with authorizati
46、on data. An AA should be unable to link the proof of authentication to the canonical identifier of an ITS-S without the collusion of the EA that performed the verification of the canonical identifier of the ITS-S. 4.2.3 Root CA Each CA hierarchy (for EA or AA) has at its summit a Root Certificate, w
47、hich is the ultimate root of trust for all certificates within that hierarchy. In order to trust an incoming message, an ITS-S must have access at least to the root certificate at the summit of the hierarchy for the authorization certificate attached to the message. The ITS-S may obtain root certifi
48、cates during the manufacture or maintenance lifecycle stages described in clauses 6.1.1 to 6.1.4 respectively. In principle root certificate information may be distributed over the air through a cross-certification process, but the present document does not specify messages to support this use case.
49、 5 Privacy in ITS ISO/IEC 15408-2 i.1 identifies 4 key attributes that relate to privacy: anonymity; pseudonymity; unlinkability; and unobservability. ETSI ETSI TS 102 941 V1.1.1 (2012-06)9Anonymity alone is insufficient for protection of an ITS users privacy and unsuitable as a solution for ITS, as one of the main requirements of ITS is that the ITS-S should be observable in order to provide improved safety. Consequently, pseudonymity and unlinkability offer the appropriate protection of the priva
