A Cloud-native Vehicular Public Key Infrastructure : Towards a Highly-available and Dynamically- scalable VPKIaaS / En cloud-native public key infrastruktur för fordon : För ett VPKI med hög tillgänglihhet och dynamisk skalbarhet

Noroozi, Hamid

January 2021

Efforts towards standardization of Vehicular Communication Systems (VCSs) have been conclusive on the use of Vehicular Public-Key Infrastructure (VPKI) for the establishment of trust among network participants. Employing VPKI in Vehicular Communication (VC) guarantees the integrity and authenticity of Cooperative Awareness Messages (CAMs) and Decentralized Environmental Notification Messages (DENMs). It also offers a level of privacy for vehicles as VPKI provides them with a set of non-linkable short-lived certificates, called pseudonyms, which are used to sign outgoing messages by vehicles while they communicate with other vehicles referred to as Vehicle-to-Vehicle (V2V) or Roadside Units (RSUs) referred to as Vehicle-to-Infrastructure (V2I). Each vehicle uses a pseudonym for its lifetime and by switching to a not- previously- used pseudonym, it continues to communicate without risking its privacy. There have been two approaches suggested by the literature on how to provide vehicles with pseudonyms. One is the so-called pre-loading mode, suggesting to pre-load vehicles with all pseudonyms they need, which increases the cost of revocation in case they are compromised. The other one is the on-demand mode, suggesting a real-time offering of pseudonyms by VPKI at vehicles request e.g., on starting each trip. Choosing the on-demand approach imposes a considerable burden of availability and resilience on VPKI services. In this work, we are confronting the problems regarding a large-scale deployment of an on-demand VPKI that is resilient, highly available, and dynamically scalable. In order to achieve that, by leveraging state-of-the-art tools and design paradigms, we have enhanced a VPKI system to ensure that it is capable of meeting enterprise-grade Service Level Agreement (SLA) in terms of availability, and it can also be cost-efficient as services can dynamically scale-out in the presence of high load, or possibly scale-in when facing less demand. That has been made possible by re-architecting and refactoring an existing VPKI into a cloud-native solution deployed as microservices. Towards having a reliable architecture based on distributed microservices, one of the key challenges to deal with is Sybil-based misbehavior. By exploiting Sybil-based attacks in VPKI, malicious vehicles can gain influential advantage in the system, e.g., one can affect the traffic to serve its own will. Therefore, preventing the occurrence of Sybil attacks is paramount. On the other hand, traditional approaches to stop them, often come with a performance penalty as they verify requests against a relational database which is a bottleneck of the operations. We propose a solution to address Sybil-based attacks, utilizing Redis, an in-memory data store, without compromising the system efficiency and performance considerably. Running our VPKI services on Google Cloud Platform (GCP) shows that a large-scale deployment of VPKI as a Service (VPKIaaS) can be done efficiently. Conducting various stress tests against the services indicates that the VPKIaaS is capable of serving real world traffic. We have tested VPKIaaS under synthetically generated normal traffic flow and flash crowd scenarios. It has been shown that VPKIaaS managed to issue 100 pseudonyms per request, submitted by 1000 vehicles where vehicles kept asking for a new set of pseudonyms every 1 to 5 seconds. Each vehicle has been served in less than 77 milliseconds. We also demonstrate that, under a flash crowd situation, with 50000 vehicles, VPKIaaS dynamically scales out, and takes ≈192 milliseconds to serve 100 pseudonyms per request submitted by vehicles. / Ansträngningar för standardisering av Vehicular Communication Systems har varit avgörande för användandet av Vehicular Public-Key Infrastructure (VPKI) för att etablera förtroende mellan nätverksdeltagare. Användande av VPKI i Vehicular Communication (VC) garanterar integritet och autenticitet av meddelanden. Det erbjuder ett lager av säkerhet för fordon då VPKI ger dem en mängd av icke länkbara certifikat, kallade pseudonym, som används medan de kommunicerar med andra fordon, kallat Vehicle-to-Vehicle (V2V) eller Roadside Units (RSUs) kallat Vehicle-to-Infrastructure (V2I). Varje fordon använder ett pseudonym under en begränsad tid och genom att byta till ett icke tidigare använt pseudonym kan det fortsätta kommunicera utan att riskera sin integritet. I litteratur har två metoder föreslagits för hur man ska ladda fordon med pseudonym de behöver. Den ena metoden det så kallade offline-läget, som proponerar att man för-laddar fordonen med alla pseudonym som det behöver vilket ökar kostnaden för revokering i fall de blir komprometterat. Den andra metoden föreslår ett on-demand tillvägagångssätt som erbjuder pseudonym via VPKI på fordonets begäran vid början av varje färd. Valet av på begäran metoden sätter en stor börda på tillgänglighet och motståndskraft av VPKI tjänster. I det här arbetet, möter vi problem med storskaliga driftsättningar av en på begäran VPKI som är motståndskraftig, har hög tillgänglighet och dynamiskt skalbarhet i syfte att uppnå dessa attribut genom att nyttja toppmoderna verktyg och designparadigmer. Vi har förbättrat ett VPKI system för att säkerställa att det är kapabelt att möta SLA:er av företagsklass gällande tillgänglighet och att det även kan vara kostnadseffektivt eftersom tjänster dynamiskt kan skala ut vid högre last eller skala ner vid lägre last. Detta har möjliggjorts genom att arkitekta om en existerande VPKI till en cloud-native lösning driftsatt som mikrotjänster. En av nyckelutmaningarna till att ha en pålitlig arkitektur baserad på distribuerade mikrotjänster är sybil-baserad missuppförande. Genom att utnyttja Sybil baserade attacker på VPKI, kan illvilliga fordon påverka trafik att tjäna dess egna syften. Därför är det av största vikt att förhindra Sybil attacker. Å andra sidan så dras traditionella metoder att stoppa dem med prestandakostnader. Vi föreslår en lösning för att adressera Sybilbaserade attacker genom att nyttja Redis, en in-memory data-store utan att märkbart kompromissa på systemets effektivitet och prestanda. Att köra våra VPKI tjänster på Google Cloud Platform (GCP) och genomföra diverse stresstester mot dessa har visat att storskaliga driftsättningar av VPKI as a Service (VPKIaaS) kan göras effektivt samtidigt som riktigt trafik hanteras. Vi har testat VPKIaaS under syntetisk genererat normalt trafikflöde samt flow och flash mängd scenarier. Det har visat sig att VPKIaaS klarar att utfärda 100 pseudonym per förfråga utsänt av 1000 fordon (där fordonen bad om en ny uppsättning pseudonym varje 1 till 5 sekunder), och varje fordon fått svar inom 77 millisekunder. Vi demonstrerar även att under en flashcrowd situation, där antalet fordon höjs till 50000 med en kläckningsgrad på 100. VPKIaaS dynamiskt skalar ut och tar ≈192 millisekunder att betjäna 100 pseudonymer per förfrågan gjord av fordon.

Security

Privacy

Vehicular PKI

VPKI

Identity and Credential Management

Vehicular Communications

VANETs

Availability

Scalability

Resilient

Efficiency

Microservice

Container Orchestration

Cloud

Pseudonym Transition

Pseudonym Unlinkability.

Säkerhet

personlig integritet

identitet- och behörighetsuppgifter

tillgänglighet

skalbarhet

motståndskraftig

effektivitet

moln

pseudonymitet

anonymitet

ospårbarhet.

Computer Sciences

Datavetenskap (datalogi)

The Banteng and the Eagle: Indonesian Foreign Policy and the United States During the Era of Sukarno 1945-1967

Sulaiman, Yohanes

18 March 2008

No description available.

Biographies

History

International Relations

Political Science

Sukarno

Indonesia

Old Order

Soetan Sjahrir

Amir Sjarifuddin

Mohammad Hatta

Mohammad Natsir

Sukiman

Wilopo

Ali Sastroamijoyo

Burhanuddin Harahap

Djuanda

Nasution

Dipa Nusantara Aidit

the PKI

the Army

the PNI

United States

PRRI/Permesta

Vers des communications de confiance et sécurisées dans un environnement véhiculaire / Towards trusted and secure communications in a vehicular environment

Tan, Heng Chuan

13 September 2017

Le routage et la gestion des clés sont les plus grands défis dans les réseaux de véhicules. Un comportement de routage inapproprié peut affecter l’efficacité des communications et affecter la livraison des applications liées à la sécurité. D’autre part, la gestion des clés, en particulier en raison de l’utilisation de la gestion des certificats PKI, peut entraîner une latence élevée, ce qui peut ne pas convenir à de nombreuses applications critiques. Pour cette raison, nous proposons deux modèles de confiance pour aider le protocole de routage à sélectionner un chemin de bout en bout sécurisé pour le transfert. Le premier modèle se concentre sur la détection de noeuds égoïstes, y compris les attaques basées sur la réputation, conçues pour compromettre la «vraie» réputation d’un noeud. Le second modèle est destiné à détecter les redirecteurs qui modifient le contenu d’un paquet avant la retransmission. Dans la gestion des clés, nous avons développé un système de gestion des clés d’authentification et de sécurité (SA-KMP) qui utilise une cryptographie symétrique pour protéger la communication, y compris l’élimination des certificats pendant la communication pour réduire les retards liés à l’infrastructure PKI. / Routing and key management are the biggest challenges in vehicular networks. Inappropriate routing behaviour may affect the effectiveness of communications and affect the delivery of safety-related applications. On the other hand, key management, especially due to the use of PKI certificate management, can lead to high latency, which may not be suitable for many time-critical applications. For this reason, we propose two trust models to assist the routing protocol in selecting a secure end-to-end path for forwarding. The first model focusses on detecting selfish nodes, including reputation-based attacks, designed to compromise the “true” reputation of a node. The second model is intended to detect forwarders that modify the contents of a packet before retransmission. In key management, we have developed a Secure and Authentication Key Management Protocol (SA-KMP) scheme that uses symmetric cryptography to protect communication, including eliminating certificates during communication to reduce PKI-related delays.

Règle de combinaison de Dempster

Fusion d’informations

Attaques par paquets

Attaques basées sur la réputation

Attaques à transmission limitée

VANET

WMN

PKI sans certificat

Cryptosystèmes hybrides

Proverif

Accord de clé 3D basé sur un réseau

Dempster’s rule of combination

Information fusion

Packet dropping attacks

Recommendation-based trust model

Reputation-based attacks

Limited transmission power attacks

Merkle tree authentication mechanism

VANET

WMN

Certificate-less PKI

Hybrid cryptosystems

Proverif

3D grid-based key agreement

電子發票未來發展之研究

葉慧容

Unknown Date

財政部自2000年11月29日頒布「網際網路傳輸統一發票(簡稱電子發票)試辦作業要點」以來，僅有三千多家申請試辦，且應用面仍侷限在B2B 的發票和折讓單e 化，且買方和賣方都必須加入同一加值服務中心，和實務應用面仍有一段距離。 隨著電子商務快速發展，不論是B2B、B2C、或是C2C，均已具一定規模且持續蓬勃發展中，並在資訊流、物流和金流上都已先後導入e 化應用。但統一發票為整個供應鏈流程中的一段，却尚未導入e 化，導入電子發票有助於整個供應鏈的ｅ化，並可以降低整體作業的運作成本。然而，電子發票之應用涉及財稅政策、會計師簽證、電子簽章、認證機制、個人隱私權、公司e化及公司稽核管控等等核心問題，這種種相關因素如何相互配合，才能發揮電子發票之最大綜效，值得進一步探討。 本研究係參考金財通導入捷盟公司的電子發票個案分析，及國內外電子發票之現況，研討電子發票對企業作業流程、加值服務中心之運作、網路安控機制、政府法令規章、稅務行政、會計師查核等等的挑戰，據以提出可能的作業模式與建議，以供相關單位未來推動統一發票全面電子化的參考。 / The e-invoice trial operations are only adopted by 3,000+ enterprises ever since the Ministry of Finance announced the trial operation law of e-invoice communication through Internet on 29 Nov 2000. The application scope is only within the B2B communication of invoice and allowance note between the enterprises and the value added service center. This is a big gap to implement in a multi-to-multi business environment. Transactions of B2B, B2C or C2C have been on-going grew to an economic scale along with the rapid growth of e-commerce development. Electronic techniques have been applied to the information flow, goods delivery flow and cash flow in the supply chain management. However, invoice is part of the supply chain but not yet integrated into the supply chain e-cycle. Implement e-invoice will integrate the electronic system for supply chain and will help to reduce the total operation costs. E-invoice application involves the core issues of such as government’s financial policy, accounting auditing, public key infrastructure, certificate authority, personal privacy, enterprise EAI system and internal auditing. How these factors incorporate with each other to maximize the most e-invoice benefit deserves further study. This study references the BankPro’s e-invoice implementation case and current e-invoice development situation in Taiwan, America and Europe. On such basis, we further discuss the challenges of e-invoice that will be brought to the enterprise operation flow, service value added center, Internet security control, government legal law, taxing administration and accounting auditing etc, so as to provide possible operation model and recommendations to the related units as the reference to implement e-invoice globally in the future.

發票

統一發票

電子發票

電子商務

憑證

加值服務中心

整合服務平台

Invoice

Uniform Invoice

E-invoice

Electronic Invoice

PKI

Value Added Service Center

Integrated Service Center

Návrh bezpečnostní infrastruktury elektronického archivu / Design of security infrastructure for electronic archive

Doležel, Radek

January 2009

This master's thesis deals with design of security infrastructure for electronic archive. In theoretical part is disscus about technical resources which are based on security services and protocols and methods which are used for protection. On basics of theoretical part is designed model of security infrastructure and it is built in laboratory. Model of security infrastructure is based on Open Source Software and as safety storages for private user authentication data are used cryptographic USB tokens. This master's thesis includes design and construction of real infrastructure of secured electronic archive. In each part of master's thesis is put main emphases on security and clear explanation from the beginning of desing of model of security infrastructure for electronic archive to finish of construction.

政府採購入口網站功能架構與關鍵成功因素之研究 / A Study of the functional architecture and Key Success Factors for the Government Electronic Procurement Portal Website

陳冠竹

Unknown Date

政府入口網站含蓋了眾多提供公共服務的網站，讓民眾或企業進行相關業務的辦理、資訊的查詢以及進行交易等行為。全國或是全球需要使用到政府服務，例如政府採購等之使用者皆是政府入口網站之服務對象。因此政府網站在資料流量含量方面較之於一般商業網站更為可觀，亦包含了電子商務性質。在此狀況下，政府角色亦已逐漸從管制調適為服務。就政府體策略或執行計畫而言，實施知識管理除可使行政單位的工作效率提昇，行政流程時間縮短，更可避免重覆錯誤及誤判訊息之可能。 　　本研究主要以行政院公共工程委員會目前所推行之『政府採購電子化』計畫為研究對象，冀於對未來五年能達到政府採購作業全面電子化提出建議。本研究之目標係分析研擬「政府電子採購入口網站」之關鍵成功因素，從而由「政府採購電子化」計畫現行系統歸納出具綜效之整合型「政府電子採購入口網站」功能架構，其工作內容如下： 　　1. 歸納、分析現行各系統及政府採購法推動之問題。 　　2. 瞭解國內政府入口網站之推動情形，分析企業資訊入口網站解決方案現況。 　　3. 利用分析層級程序法（Analytic Hierarchy Process，簡稱ＡＨＰ）歸納出三分類專家，包括工程會內部專家、公部門專家、產業界及學界專家所認為的「政府電子採購入口網站」之關鍵成功因素，同時也分析資訊職務與非資訊職務專家觀點之相異點。 　　4. 根據歸納出來之關鍵成功因素與內部需求，提出具建設性之「政府電子採購入口網站」功能架構雛形，建議工程會推動「政府採購入口網站」提供之功能依據。 　　本研究AHP法研究結果如下： 　　1. 本研究中之各類專家一般認為內在因素比外在環境因素之權重大。 　　2. 第三層關鍵成功因素包括知識管理機制之健全化、政策及法制配合度、使用者服務機制、資訊系統與營運。整體而言，工程會內部專家與產業界及學界專家兩類專家較重視政策及法制配合度構面因素，而公部門專家比較重視資訊系統與營運構面因素。資訊職務專家較重視政策及法制配合度構面因素，非資訊職務專家比較重視資訊系統與營運構面因素。 　　3. 整體最底層關鍵成功因素排名前七項分別為高階長官的參與和支持並訂定明確的目標、即時配合實際狀況，修正、鬆綁法規、充裕的資源配合、提昇法令約束力之效力、提供快速回應問題之機制、介面具親和力、操作流程循序簡單、提供高度的可靠性與穩定性。 　　本研究最後逐一對專家深入訪談、工程會需求訪談、企業資訊入口網站解決方案及關鍵成功因素AHP之分析等結果提出結論與建議。 / An e-Government Portal should integrates numerous websites that offer public service, and provides individuals or enterprises with a platform for trafficking, searching information, and conducting transactions. Thus, all the users, that need to access government service and government procurement information, are potential customers of the e-Government Portal website. Hence, the e-Government Portal website, with e-Commerce quality, has more enormous data flow and database contents in comparison with simple e-Commerce sites. Last but not least, the role of e-Government Portal website is turned gradually into a service provider from its simple transition role of inspection. 　　From government's strategic aspect, actions regarding knowledge management can not only improve the efficiency and streamline the administrative procedures, but also avoid the crisis of repeating failures and misleadings of messages. 　　The object of this research is the Electronic Procurement Plan, which was established and promoted by the Public Construction Commission (PCC) of The Executive Yuan, R.O.C. The goal of the Electronic Procurement Plan is to accomplish the electronic commerce of the government procurement entirely in five years. This study aims to find out the critical success factors (CSF) for the Government Electronic Procurement Portal Website, and to carry out a functional architecture for the synergic Government Electronic Procurement Portal Website via the following working packages : 　　1. to analyze and formulate the problems of promoting the electronic government procurement system and the government procurement law. 　　2. to discuss the ongoing domestic promotion programs of the e-Government Portal websites and analyze the status quo cases of the Enterprise Information Portal (EIP) solution. 　　3. to analyze and compare the critical success factors of the Government Electronic Procurement Portal Website of various expert viewpoints through Analytic Hierarchy Process (AHP) method. The experts come from the PCC internal public servants, public servants from other government agencies as well as industrialists and scholars. On the other hand, the different viewpoints between the IT background experts and non-IT background experts are also compared. 　　4. to summarize constitutive functional architecture for the Government Electronic Procurement Portal Website according to the resulted CSF and the PCC internal requirements. 　　The results of AHP analysis can be stated as following: 　　1. The internal factors outweigh external factors. 　　2. The third-level of factors of AHP architecture includes the solidity of knowledge management, the compatibility of policies and laws, the user service mechanism and the information systems and operations. Generally, the PCC internal public servants, industrialists and scholars pay more attention to the compatibility of policies and laws than the other public servants that put a lot of emphasis on the information systems and operations. The IT background experts value the compatibility of policies and laws, whereas the non-IT background experts emphasize the information systems and operations. 　　3. The top seven priority factors of the rock-bottom level factors include the involvements and endorsements of the top executives and establish the clear goals, the instantaneous emendation and relaxation of the laws, the compatibility of abundant resource, the effectiveness of promoting the law's constraint force, friendly interface and easily sequential operation flow and high reliability and stability. 　　At last, this research leads to the conclusions and suggestions in regard to in-depth experts interviews，PCC internal requirement investigations, EIP solutions and the AHP CSF analysis.

企業資訊入口網

知識管理

『政府採購電子化』計畫

分析層級程序法

最佳實踐法

關鍵成功因素

知識管理獲利指數

公開金鑰基礎建設

Enterprise Information Portal (EIP)

Knowledge Management (KM)

the Electronic Procurement Plan

Analytic Hierarchy Process (AHP)

Best Practice

Critical Successful Factors (CSF)

Knowledge Profit Index (KPI)