Article Preview
Top1. Introduction
Vehicular Ad hoc NETworks (VANET) are the basis of the Intelligent Transportation Systems (ITS) and a relevant form of mobile ad-hoc networks. Their successful deployment promises extraordinary benefits by improving road safety and offering a wide range of location-based applications. A VANET system (Figure 1) generally consists of vehicles (a set of highly dynamic communication nodes) and Road Side Units RSUs (fixed communication nodes positioned along the roads and considered as part of the infrastructure). Typically a vehicle in a VANET will be equipped with processing, recording and communication features, and according to the Dedicated Short Range Communications - DSRC standard (Armstrong, n. d.; Guo & Balon, 2006) the vehicle-to-vehicle (v2v) and vehicle-to-infrastructure (v2i) communications will allow data rates from 6-27Mbps at a maximum transmission range of 1000m; Thus, enabling nodes to exchange all kinds of application-related information e.g., warning, traffic, infotainment, etc. Despite the benefits that a VANET system can provide it is also vulnerable to several security attacks that may compromise the system and even cause life-threatening situations (i.e., false warnings that could cause road accidents). Since in a VANET access is granted by default, exchanged messages are “available” to all nodes in transmission range, the communication will be across multiple hops. One of the most important challenges is just finding the proper techniques and architectural solutions to enforce security and authentication, even in the presence of nodes (vehicles) belonging to unknown domains.
However the unique features that are inherent to the VANET system and are decisive in the design of the communication must be considered by any proposed architecture. For example the dynamic nature of a VANET, from the communications point of view, could be an important constraint since this includes dynamic topology, mobility and speed of nodes that might affect communications. On the other hand features such as the “infinite” energy supply, from the security point of view could be considered as an important advantage in the implementation of rigorous cryptographic solutions. Therefore the trade-off among VANET’s dynamic nature and its security should be carefully considered.
In this paper we present a set of security protocols aimed at providing authentication among vehicles from untrusted domains even when no infrastructure is available, taking into account the advantages and constraints present in a VANET system. Note that, the basics from these protocols have been previously introduced in Casola et al. (2010), and this paper is an extension of such research that presents a performance analysis in order to prove the feasibility of the proposed application-level security protocols. The performance analysis presented in this paper was validated trough the evaluation of different cryptographic systems and the simulation of an urban scenario.
The reminder of this paper is organized as follows: Section 2 presents a high-level view of the proposed security model for mutual authentication in VANETs’ untrusted domains; the main components of the proposed architecture are described in Section 3. Section 4 analyses the adoption of the proposed security protocols in the v2v and v2i scenarios. In Section 5 a qualitative evaluation of proposed protocols’ implementation in vehicular communications is presented. Section 6 reviews state of the art approaches in VANET’s security and authentication, and finally Section 7 highlights the concluding remarks and points out future research directions.
Top2. Security Model For Vanets
At the state of the art to implement a secure service access in vehicular networks, it is assumed that vehicles are able to run cryptographic protocols and the authentication process is able of validating X.509v3 (Housley, Polk, Ford, & Solo, 2002) digital certificates issued by valid Public Key Infrastructures (PKI). Up to now, research proposals (Plossl, Nowey, & Mletzko, 2006; Raya & Hubaux, 2007; Liu, Fang, & Shi, 2007), have envisioned a wide range of certification authorities (CAs) acting as trusted third parties within regional scopes, just as shown in Figure 2.