Towards secure vehicular clouds
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Towards secure vehicular clouds

  • 779 views
Uploaded on

We propose to develop and implement a cloud computing system for Vehicular Ad-hoc Networks (VANETs)

We propose to develop and implement a cloud computing system for Vehicular Ad-hoc Networks (VANETs)

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
779
On Slideshare
771
From Embeds
8
Number of Embeds
1

Actions

Shares
Downloads
48
Comments
0
Likes
0

Embeds 8

http://www.slashdocs.com 8

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Towards Secure Vehicular Clouds Submitted in Partial Fulfillment of The Degree of M.Tech(Software Engineering) for Colloquium Project Report October, 2012 Submitted By Durgesh Kumar Shukla Reg.No. - (2010PTSW24) M.Tech( Software Engineering -Part Time ) - V Sem Department of Computer Science and EngineeringMotilal Nehru National Institute of Technology Allahabad
  • 2. Contents1 Introduction 12 Motivation 23 Cloud Computing 34 Overview Of VCC 45 Application Of VCC 56 Security Requirements For VCC 57 Candidate Solution to Secure VCC 68 Limitation/Challenges 89 Conclusion and Statement of Associated Future Work 9References 10
  • 3. 1 IntroductionWith an immense improvement in technological innovations, the Vehicular Communication(VC) is very good solution to many problems of our modern day communication system onroads. Today the Vehicular Ad Hoc Networks (VANET) grows very rapidly so the researcherstry to find more advancement in vehicular network and its application. Instead of installingall types of sensors and devices on each vehicle, individual drivers can subscribe to the cloud-provided infrastructure, platform and applications as services on-demand. The VehicularCloud Computing (VCC) can be thought as, vehicles and road-side infrastructure with idlesophisticated on-board devices for long periods of time can be use to form a computing cloud.Olariu and his co-workers [2], [3], [4] have given the vision of VCC, which is a non-trivialextension of conventional cloud computing, intended to use the excess capabilities in ourvehicles. A vehicular cloud can be formed on the fly by dynamically integrating resourcesand collecting information. Vehicles can access the cloud and obtain, at the right time and theright place, all the needed resources and applications the need or want. Vehicles, especiallycheaper ones, can receive tremendous benefits from the VCC. So the VCC concept has asignificant societal impact, security and privacy issues. VCC has great potential securityand privacy challenges that are different from the conventional wireless networks or VANETor cloud computing. In VCC there are few security and privacy issues are fundamental. Butthere are many security and privacy challenges are unique.This report focuses on providing the overview of VCC and its security issues. Firstly, theoverview of VCC discussed; it will be followed by the security challenges associated in VCCsecurity and provide effective solutions to those challenges and later ending the paper bycovering future research directions and conclusion. 1
  • 4. 2 MotivationIn our roadways, airways, and waterways, the number of vehicles regularly increasing andmost of them are with a permanent Internet presence, substantial on-board computational,storage, and sensing capabilities. So this can be thought as a big collection of computerson the move. These attributes make vehicles ideal candidates for nodes in a cloud. Inthis, the owner of a vehicle may decide to rent out their in-vehicle capabilities on demand,or per instance, or a per-day, per-week or per-month basis. Since most of the vehicle onour roadways, streets and parking lots will be recognized as an abundant and underutilizedcomputational resource that can be merged together for the purpose of providing third-partyor community services[5]. Since, large numbers of vehicles spend most of time on the roadand may be involved in dynamically changing situations so in this situations, the vehiclesmust be able to deal with the problems that require a centralized system. Vehicles willbe pooled autonomously to create a cloud that can provide services to authorized users.This cloud can provide real-time services such as intelligent transportation systems, smartcities, smart electric power grids, etc. Vehicles will share the capability of computing power,Internet access and storage to form conventional clouds. Since cloud security becomes one ofthe major barriers of a widespread adoption of conventional cloud services. So it is obviousthat the same problems will be present in VCC. 2
  • 5. 3 Cloud ComputingCloud Computing (CC) can be stated as hosted services over the Internet. The NISTdefines CC as a model for enabling convenient, on-demand network access to a shared pool ofconfigurable computing resources (e.g. networks, servers, storage, applications, and services)that can be rapidly provisioned and released with minimal management effort or serviceprovider interaction.The emergence of cloud computing started from the realization of the fact that instead ofinvesting in infrastructure, it useful to rent the infrastructure and sometimes the neededsoftware to run their applications. This powerful idea has been suggested, at least in part,by ubiquitous and relatively low-cost highspeed Internet, virtualization and advances inparallel and distributed computing and distributed databases. One of the key benefits ofcloud computing is that it provides scalable access to computing resources and informationtechnology (IT) services.Following are the few properties of Cloud Computing: • It provides the illusion of having infinite computing resources available on demand. • It decreses the up-front investment, thus it allows companies to start small and increase hardware resources only when there is an increase in their needs because of their applications getting more popular. • It gives the users the ability to pay for computing resources on a short-term basis as needed (e.g., processors by the hour and storage by the day) and release them as needed, thereby rewarding conservation by releasing resources (e.g. machines and storage) when they are no longer useful.There are three different types of cloud computing defined in [8] as: • Infrastructure as a Service (IaaS): It offers computing, network and storage resources. Example of this category is Amazon Web Services (AWS). • Platform as a Service (PaaS) : It offers development platforms for which the develop- ment tool itself is hosted in the cloud and accessed through a browser. With PaaS, developers can build web applications without installing any tools on their comput- ers and then deploy those applications without any specialized systems administration skills. Example of this category is Google AppEngine and Microsoft Azure. • Software as a Service (SaaS): This allow customers to use expensive software as much as their application require and no need to pay ahead much money or even hire more operators to install and maintain that software. With SaaS a provider licenses an application to customers as a service on demand, through a subscription, in a pay-as- you-go model. Example of this category is IBM. 3
  • 6. 4 Overview Of VCCVCC provide services through vehicular networks. The VCC can be distinguished from theconventional cloud on the basis of characteristics mobility, agility and autonomy. Thereare two types of VCC. The first type of VC is similar to the traditional cloud computing,just like a service provider that will provide services to all vehicles. Drivers will be ableto access these services by network communications which involve roadside infrastructure.Therefore, this type of VCC is called infrastructure-based vehicular cloud (IVC).For example,obtaining GPS navigation services is just like accessing Google Map by Internet. Anotherexample, Vehicles, especially the ones with cheaper and fewer devices, only need a fewdevices installed, such as transceiver and GPS sensor. The VC, on the other hand, collectsinformation from vehicles with appropriate sensor devices and the roadside infrastructurewith needed sensor devices. The second type of VCC called autonomous vehicular cloud(AVC), which is slightly different from IVC. It can be seen that many devices (computing,sensing and storing devices) on vehicles are idle for a long time. Olariu and his colleagues[2], [3], [4] proposed to share these devices as the computational engine of the cloud. InAVC, vehicles can be organized on demand to form autonomous vehicular cloud to handleemergencies like hurricane and earthquake which can damage the roadside infrastructurescan be relieved by automated vehicular cloud because infrastructure may not be available.InVCC the underutilized computing, networking and storage facilities of VANET can be usedeffectively to be shared between drivers or rented out to other customers over the Internet.There are following types of cloud computing services possible in the VCC: • Network as a Service (NaaS): The vehicles with Internet access will offer their excess capacity to the other vehicles that may need to access the Internet because they have no Internet connection. Since many vehicles have persistent connectivity to the Internet through cellular networks and other fixed access points on the road while moving. It can be observed that network resource are underutilize by many drivers while driving, so these important resource can then be shared between drivers on the road providing Internet to those drivers who are interested to rent it. The expectation is that each driver with Internet connectivity, who is willing to share this resource, will advertise such information to all vehicles around them on the road. • Storage as a Service (STaaS): Some vehicles have huge on-board storage capabilities, and some other vehicles may need extra storage for their applications. So it is natural, the vehicles with excess capacity can provide storage as a service. Thus putting that huge persistent storage setting idle is a waste of resources, so this available storage can then be used in many applications in the cloud. This available storage can be rented out by the VC for customers over the Internet. • Cooperation as a Service (CaaS): The information like driver safety, traffic information and warnings regarding traffic jams and accidents, weather or road condition, park- ing availability and advertisements can be obtained by cooperation among vehicles 4
  • 7. on move. CaaS uses a hybrid publish/subscribe mechanism where the driver (or sub- scriber) expresses his/her interests regarding a service (or a set of services) and where cars having subscribed to the same service will cooperate to provide the subscriber with the necessary information regarding the service subscribed to, by publishing this information in the network.5 Application Of VCCTraffic management. Drivers can access vehicular clouds to learn about traffic conditions,including congestion. Drivers will receive optional routes to help mitigate congestion in anautonomous way.Road condition sharing. Road conditions such as flooding areas, black ice on roadway, etc.,can be shared in vehicular clouds. Drivers will be alerted if there are serious road conditions.Accident alerts at intersections. This will be a service to drivers. In some demanding trafficsituations such as fog, heavy storm, and the like, drivers can order this service to alert themof possible accidents at intersections.Another example is that black ice on a bridge can bemonitored and alerted by VC. Infrastructure, for example a tall building, can include highprecision radar to detect car accidents. This infrastructure will cover the whole intersectionand frequently scan the intersection. An intelligent algorithm will be applied to each scanresult and predict the possibility of accidents of cars.Safety critical applications. Applications related to lifecritical scenarios such as collisionavoidance, adaptive cruise control, etc., requires strong security protection even surroundingenvironmental security threats. These applications also are time-sensitive. Therefore, over-head of security routines will be seriously considered.Intelligent parking management. Vehicles will be able to book a parking spot in vehicularcloud. All the parking spot information will be available on clouds without central control.Requests from different physical places can be transferred to the most desired parking lots.Managed disaster evacuation. In some disaster such as hurricane drivers can be well orga-nized to evacuate the disaster area.6 Security Requirements For VCCSecurity and privacy are the two main point of concerns when we allowing multiple usersto share same set of resources. When we are sharing computing resources between differentusers, two constraints have to be met. First, the privacy and security of the vehicle’s ownershould be preserved. Second, the security and privacy for customers who rent these resourcesmust also be preserved. The answer for both concerns lays in the use of virtualizationtechniques In the VCC environment the main targets of an attack are: • Confidentiality, such as identities of other users, valuable data and documents stored on VCC, and the location of the virtual machines (VMs) where the targets services are executing 5
  • 8. • Integrity, such as valuable data and documents stored on VCC, executable code and result on VCC • Availability, such as physical machines and resources, services, and applications. The possible forms of attacks includes: Narrow down the possible areas where the targetusers services are executing by mapping the topology of VC, launch multiple experimentalaccesses to the cloud and find out if the target user is currently on the same VM, requestthe services on the same VM where the target user is on and using the system leakage toobtain higher privilege to collect the assetsRather than these possible attackes in VCC there are certain security threats like Spoofingof user identity, Tampering of data, Repudiation (data manipulation in the name of otherusers), Information disclosure (privacy breach or data leak), Denial of Service, Elevation ofprivilege etc.7 Candidate Solution to Secure VCCThe main motivation of VANETs is safety applications thus safety-related messages aremajor information in the network. Based on the emergency level, there are three types ofsafety messages:(1) Public traffic condition information. Vehicles switch traffic information(e.g. traffic jam) that indirectly affect other vehicles safety as traffic jam will increase thelikelihood of accidents. This type of message is not sensitive to communication delay butprivacy needs to be protected. (2) Cooperative safety messages. Vehicles exchange messagesin cooperative accident avoidance applications. These messages are bounded by a certaintime range (normally people think it is real-time communication) and privacy needs to beprotected. (3) Liability messages. After accidents happen, there will be liability messagesgenerated by law enforcement or authorities. These messages are important evidence forliability claim and are bonded by a certain time range. Privacy information is naturallyprotected. The safety messages can include the following details: time-stamp, geographicposition, speed, percentage of speed change since last message, direction, acceleration, andpercentage of acceleration change since last message. The safety message will append infor-mation such as public traffic condition and accidents etc. The appended message can helpto determine liability. Driver identity information is not necessary to be part of the safetymessage. Pseudonyms can be applied to protect the drivers identities.The signature of safetymessage can be calculated by applying ElGamal signature scheme [8],To preserve the confidentiality of sensitive message, the message must be both signed andencrypted. Since each vehicle has its own set of PKI public/private key pairs. The proposedsolution uses symmetric encryption algorithm. But here the technique still uses the PKIsupport for exchange of the secret key.Data is shared by vehicles in the VCC. Traffic congestion information is reported to the VCCand redistributed by all vehicles in the VCC. Traffic accident data is also reported by vehiclesor polices in the VC. Therefore, data must be stored and accessed securely. Sensitive dataneeds to be isolated from the publicly accessible data and to be stored in encrypted mode 6
  • 9. and at physically separated devices and locations. Access to sensitive data will be strictlyauthenticated and identity-based. Sensitive data must be secured in storage, transit and use.Encryption to sensitive data will be utilized in almost all transmission protocol. Sanitizationof sensitive data is also important in VC. The devices that store, transit, and use sensitivedata need to be specially processed to removal sensitive data from these devices.Applications that do not contain sensitive messages but require integrity can apply digitalsignature. Confidentiality is not required because of no sensitive messages included. There-fore, the messages will be authenticated but not encrypted. For example, accident alertapplication will not include sensitive message but require the integrity of the message.Messages in VC can include sensitive information. To protect confidentiality of sensitiveinformation, messages can be encrypted. There are multiple ways to encrypt messages. Thesimple ones include XOR, Caesar cipher, etc.For location validation in VCC there are two approach: active and passive. Vehicles orinfrastructure with radar (or camera, etc.) can perform active location validation. The lo-cation measurement of radar can validate the claimed location. Vehicles or infrastructurewithout radar, or in a situation that radar detection is not within line of sight, can validatelocation information by applying statistical methods.Other techniques that are proposed for different secuirty solutions are validation of useridentity by validating physical location which can detected and validated by using wirlesssignal strength, the puzzle can also be used to validate users. 7
  • 10. 8 Limitation/ChallengesVehicular clouds are complex entities that must be designed and engineered to withstandstructural stresses induced by the inherent instability in the operating environment. A VCis defined by its aggregated cyber-physical resources; their aggregation, coordination andcontrol are facing challenges, as outlined below. • Key management: Securing keys are extremely important in a VCC environment. Since most security and privacy solutions rely on secret keys or PKI. and a VCC is decentralized with large population of vehicles which have high mobility. • Trust management: In clouds, trust management can be used to aid the automated verification of actions. If a cloud request includes sufficient credentials which is defined by a cloud service, the cloud service will accept the request without authorization of those who actually launched the request. Therefore, clouds or the third party will monitor the behavior of activities and respond accordingly by increasing or decreasing trust value of the clouds. • Location security: Locations of vehicles are very valuable and unique. Many applica- tions and security validations rely on location information. But the security of locations is an open problem. Although GPS receiver can provide location information of ve- hicles installed the device, the location of other vehicles cannot be validated by GPS receiver. • DoS prevention: For wireless media, DoS is extremely hard to prevent. There is no valid solution of DoS for vehicular cloud computing networks. One of the reasons is that all the vehicles are equal. There is no higher level of control to shut down the DoS attacker when the DoS is detected. • Message aggregation and validation: Users with different perspective are interested in different layers of information. Efficient algorithms will aggregate and validate message to represent as much as possible information and consume as few resources as possible. • Message Delivery Deadlines: As the major VCC applications are used for collision avoidance, hazard warning and accident warning information, so applications require strict deadlines for message delivery. 8
  • 11. 9 Conclusion and Statement of Associated Future WorkShifting VANETs to clouds there are many security and privacy challenges. Few of themare addressed with the existing security techniques, but most of them are unique challenges.Since VCC will become a complex so it need a systematic and synthetic way of implementa-tion to get intelligent transportation system. So only with joint efforts and close cooperationamong different organizations such as law enforcement, government, auto-industry and aca-demic can provide solid and feasible security and privacy solutions for the vehicular cloudcomputing. 9
  • 12. References[1] Gongjun Yan Indiana Univ., Kokomo, IN, USA Rawat, D.B. ; Bista, B.B. Towards Secure Vehicular Clouds. 2012 Sixth International Conference on Complex, Intelligent and Software Intensive Systems (CISIS)[2] M. Abuelela and S. Olariu, Taking vanet to the clouds, Proceedings of The 8th Interna- tional Conference on Advances in Mobile Computing and Multimedia MoMM 2010, pp. 810, 2010.[3] M. Eltoweissy, S. Olariu, and M. Younis, Towards autonomous vehicular clouds, in Pro- ceedings of AdHocNets2010, Victoria, BC, Canada, August 2010.[4] S. Olariu, I. Khalil, and M. Abuelela, Taking vanet to the clouds, International Journal of Pervasive Computing and Communication, vol. 7, no. 1, pp. 721, 2011.[5] M. Eltoweissy, S. Olariu and M. Younis, Towards Vehicular Clouds, Proc. AdHocNets, 2010, Victoria, BC, August 2010.[6] Fay Hui: A survey on the characterization of Vehicular Ad Hoc Networks routing solu- tions ECS 257 Winter 2005[7] T. ElGamal, A public key cryptosystem and a signature scheme based on discrete loga- rithms, IEEE Transactions on Information Theory, vol. 31, no. 4, pp. 469472, 1985.[8] Hodgson S., What Is Cloud Computing? http://www.winextra.com/2008/ 05/02/what- is-cloud-computing.pdf, May 2, 2008. 10