Skip to main content
SpringerLink
Log in

Effective and Efficient Security Policy Engines for Automotive On-Board Networks

  • Conference paper
Communication Technologies for Vehicles (Nets4Cars/Nets4Trains 2012)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 7266))

Included in the following conference series:

Abstract

The configuration of security mechanisms in automotive on-board networks makes it necessary to define and deploy adapted security policies. This paper discusses how to design policy engines that implement an effective enforcement in such architectures despite the complexity of the protocol stacks of on-board electronic control units. It also evaluates how policies expressed in XACML can be adapted to the automotive environment efficiency requirements despite the limited computational power of those units and network bandwidth limitations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Arabica XML and HTML Processing Toolkit, http://www.jezuk.co.uk/cgi-bin/view/arabica

  2. Asm-Xml Benchmark, http://tibleiz.net/asm-xml/benchmark.html

  3. Pugixml Benchmark, http://pugixml.org/benchmark/

  4. The XML C Parser and toolkit of Gnome libxml, http://www.xmlsoft.org

  5. Bar-El, H.: Intra-Vehicle Information Security Framework (September 2009)

    Google Scholar 

  6. BMW. EMVY: The Embedded Vehicular IT Security Construction Kit, Basic Concept (June 2009)

    Google Scholar 

  7. C2C-CC. Car2Car Communication Consortium, http://www.car-to-car.org/

  8. Chilingaryan, S.: The XMLBench Project: Comparison of Fast, Multi-platform XML Libraries, pp. 21–34. Springer, Heidelberg (2009)

    Google Scholar 

  9. Chutorash, R.J.: Firewall for vehicle communication bus. In: International Patent Classification 7, WO/2000/009363, PCT/US1999/017852. European Patent Office (February 2000)

    Google Scholar 

  10. EASSIS. Security and firewall concepts for gateways. Technical Report Deliverable D1.2-12, EASIS-Project (2006)

    Google Scholar 

  11. Freescale. Mpc565 reference manual. Technical report, Freescale Semiconductor (2005)

    Google Scholar 

  12. Gerlach, M.,Leinmüller, T., Goldacker, G., Festag, A., Harsch, C.: Security architecture for vehicular communication. In: WIT 2005 (2005)

    Google Scholar 

  13. Cheng Haw, S., Krishna Rao, G.S.V.R.: A comparative study and benchmarking on xml parsers. In: The 9th International Conference on Advanced Communication Technology, vol. 1, pp. 321–325 (February 2007)

    Google Scholar 

  14. Hoppe, T., Kiltz, S., Dittmann, J.: Automotive IT-Security as a Challenge: Basic Attacks from the Black Box Perspective on the Example of Privacy Threats. In: Buth, B., Rabe, G., Seyfarth, T. (eds.) SAFECOMP 2009. LNCS, vol. 5775, pp. 145–158. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  15. Kelling, E., Friedewald, M., Leimbach, T., Menzel, M., Säger, P., Seudié, H., Weyl, B.: Specification and evaluation of e-security relevant use cases. Technical Report Deliverable D2.1, EVITA Project (2009)

    Google Scholar 

  16. Koscher, K., Czeskis, A., Roesner, F., Patel, S., Kohno, T., Checkoway, S., McCoy, D., Kantor, B., Anderson, D., Shacham, H., Savage, S.: Experimental security analysis of a modern automobile. In: 2010 IEEE Symposium on Security and Privacy (SP), pp. 447–462 (May 2010)

    Google Scholar 

  17. Moses, T.: eXtensible access control markup language TC v2.0 (XACML) (February 2005)

    Google Scholar 

  18. Navet, N.: Automotive communication systems: from dependability to security. In: 1st Seminar on Vehicular Communications and Applications (VCA 2011), Luxembourg (May 2011)

    Google Scholar 

  19. Papadimitratos, P.: Securing vehicular communications - assumptions, requirements, and principles. In: Workshop on Embedded Security in Cars, ESCAR (2006)

    Google Scholar 

  20. CVIS Project, Cooperative vehicle infrastructure systems, http://www.cvisproject.org/

  21. EVITA Project. E-safety vehicle intrusion protected applications, http://www.evita-project.org

  22. OVESEE Project. Open vehicular secure platform, https://www.oversee-project.com/

  23. Raya, M., Papadimitratos, P., Hubaux, J.-P.: Securing vehicular communications. IEEE Wireless Communications Magazine 13, 8–15 (2006)

    Article  Google Scholar 

  24. Raya, M., Jungels, D., Papadimitratos, P., Aad, I., Hubaux, J.-P.: Certificate revocation in vehicular networks. Technical report (2006)

    Google Scholar 

  25. Rouf, I., Miller, R., Mustafa, H., Taylor, T., Oh, S., Xu, W., Gruteser, M., Trappe, W., Seskar, I.: Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study. In: Proceedings of the 19th USENIX Security Symposium, Washington, DC (August 2010)

    Google Scholar 

  26. Schmidt, A., Waas, F., Kersten, M., Carey, M.J., Manolescu, I., Busse, R.: Xmark: A benchmark for xml data management. In: VLDB, pp. 974–985 (2002)

    Google Scholar 

  27. Schweppe, H., Weyl, B., Roudier, Y., Sabir Idrees, M., Gendrullis, T., Wolf, M.: Securing car2X applications with effective hardware software codesign for vehicular on-board networks. In: VDI Automotive Security 27. VW-Gemeinschaftstagung Automotive Security, VDI Bericht 2131, Berlin, Germany (October 2011)

    Google Scholar 

  28. Schweppe, H., Roudier, Y., Weyl, B., Apvrille, L., Scheuermann, D.: Car2x communication: securing the last meter - a cost-effective approach for ensuring trust in car2x applications using in-vehicle symmetric cryptography. In: 4th IEEE International Symposium on Wireless Vehicular Communications, WIVEC 2011, San Francisco, CA, United States (September 2011)

    Google Scholar 

  29. International Telecommunication Union. Information Technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER), ITU-T Recommendation X.690. Technical report, ITU-T (2002)

    Google Scholar 

  30. International Telecommunication Union. Information Technology - ASN.1 encoding rules: Mapping W3C XML schema definitions into ASN.1, ITU-T Recommendation X.694. Technical report, ITU-T (2004)

    Google Scholar 

  31. International Telecommunication Union. Information Technology - ASN.1 encoding rules: Abstract Syntax Notation one (ASN.1): Specification of basic notation, ITU-T Recommendation X.680. Technical report, ITU-T (2008)

    Google Scholar 

  32. Weyl, B., Wolf, M., Zweers, F., Gendrullis, T., Sabir Idrees, M., Roudier, Y., Schweppe, H., Platzdasch, H., Khayari, R.E., Henniger, O., Scheuermann, D., Fuchsa, A., Apvrille, L., Pedroza, G., Seudie, H., Shokrollahi, J., Keil, A.: Secure On-board Architecture Specification. Technical Report Deliverable D3.2, EVITA Project (2010)

    Google Scholar 

  33. Wolf, M., Weimerskirch, A., Paar, C., Bluetooth, M.: Security in automotive bus systems. In: Proceedings of the Workshop on Embedded Security in Cars, ESCAR 2004 (2004)

    Google Scholar 

  34. Wu, Y., Zhang, Q., Yu, Z., Li, J.: A hybrid parallel processing for xml parsing and schema validation. In: Proceedings of Balisage: The Markup Conference 2008, Montréal, Canada, August 12-15. Balisage Series on Markup Technologies, vol. 1 (2008)

    Google Scholar 

  35. Zrelli, S., Miyaji, A., Shinoda, Y., Ernst, T.: Security and access control for vehicular communications. In: Proceedings of the 2008 IEEE International Conference on Wireless & Mobile Computing, Networking & Communication, pp. 561–566. IEEE Computer Society, Washington, DC (2008)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. EURECOM, France

    Muhammad Sabir Idrees & Yves Roudier

Authors
  1. Muhammad Sabir Idrees
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yves Roudier
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Tampere University of Technology, P.O. Box 527, FI-33101, Tampere, Finland

    Alexey Vinel

  2. School of Engineering, 8 Whitethorn Place, SA2 8HR, Swansea, UK

    Rashid Mehmood

  3. LEOST, IFSTTAR, 59650, Villeneuve d’Ascq, France

    Marion Berbineau

  4. German Aerospace Center (DLR), Oberpfaffenhofen-Wessling, 82234, Germany

    Cristina Rico Garcia

  5. National Cheng Kung University, Tainan, Taiwan, R.O.C

    Chung-Ming Huang

  6. La Trobe University, Bundoora, 3086, Melbourne, VIC, Australia

    Naveen Chilamkurti

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Idrees, M.S., Roudier, Y. (2012). Effective and Efficient Security Policy Engines for Automotive On-Board Networks. In: Vinel, A., Mehmood, R., Berbineau, M., Garcia, C.R., Huang, CM., Chilamkurti, N. (eds) Communication Technologies for Vehicles. Nets4Cars/Nets4Trains 2012. Lecture Notes in Computer Science, vol 7266. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29667-3_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29667-3_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29666-6

  • Online ISBN: 978-3-642-29667-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation