Method for a public-key infrastructure for vehicular networks with limited number of infrastructure servers
First Claim
1. A method for providing vehicular communications network security, comprising:
- providing a plurality of vehicles in a specified geographic area, each of the plurality of vehicles having a communications component;
providing a plurality of communications infrastructure nodes, one or more of the communication infrastructure nodes being static, the plurality of communications infrastructure nodes being unable to provide a data connection to each of the plurality of vehicles such that a number of the vehicles having the data connection is greater than one and less than a number of total vehicles in the specified geographic area;
communicating between the vehicles using the plurality of communication infrastructure nodes;
communicating vehicle to vehicle (V2V) using the communication components;
providing security for the communications between the plurality of vehicles;
assigning and installing in the plurality of vehicles at least one security key, a certificate of operation, and a recent certificate revocation list; and
securing communications between the plurality of vehicles using the at least one security key, the certificate of operation and the recent certificate revocation list.
1 Assignment
0 Petitions
Accused Products
Abstract
A system, and method related thereto, for providing a vehicular communications network public-key infrastructure. The system comprises a plurality of communications infrastructure nodes and a plurality of vehicles each having a communications component. The communications component provides vehicle to vehicle (V2V) communications, and communications via infrastructure nodes. A communications security component in each of the plurality of vehicles provides security for the communications between the plurality of vehicles using a plurality of security modules. The security modules include a certificate management module. A public key interface module may include a public key, a private key, an anonymous key and a management key. The system further includes a detection and response module for attack detection and attack mitigation. The communications security component assigns and installs at least one security key, a certificate of operation, and a current certificate revocation list. The communications component provides secure communications between the plurality of vehicles.
29 Citations
24 Claims
-
1. A method for providing vehicular communications network security, comprising:
-
providing a plurality of vehicles in a specified geographic area, each of the plurality of vehicles having a communications component; providing a plurality of communications infrastructure nodes, one or more of the communication infrastructure nodes being static, the plurality of communications infrastructure nodes being unable to provide a data connection to each of the plurality of vehicles such that a number of the vehicles having the data connection is greater than one and less than a number of total vehicles in the specified geographic area; communicating between the vehicles using the plurality of communication infrastructure nodes; communicating vehicle to vehicle (V2V) using the communication components; providing security for the communications between the plurality of vehicles; assigning and installing in the plurality of vehicles at least one security key, a certificate of operation, and a recent certificate revocation list; and securing communications between the plurality of vehicles using the at least one security key, the certificate of operation and the recent certificate revocation list. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system for providing vehicular communications network security, comprising:
-
a plurality of vehicles in a specified geographic area, each of the plurality of vehicles having a communications component, the communications component providing vehicle to vehicle (V2V) communications; a plurality of communications infrastructure nodes, one or more of the communication infrastructure nodes being static, the vehicles communicating with each other using the plurality of communications infrastructure nodes, the plurality of communications infrastructure nodes being unable to provide a data connection to each of the plurality of vehicles during any specified time period, such that a number of the vehicles having the data connection is greater than one and less than a number of total vehicles in the specified geographic area during any specified time period; a communications security component in each of the plurality of vehicles providing security for the communications between the plurality of vehicles, the communications security component including a plurality of security modules, the security modules including; a certificate management module including certificates, and a certificate revocation list; a public key interface module including at least one of;
a public key, a private key, an anonymous key and a management key;a detection and response module for attack detection and attack mitigation; the communications security component having assigned and installed at least one security key, a certificate of operation, and a current certificate revocation list, the communications component providing secure communications between the plurality of vehicles including vehicle to vehicle communications, and vehicle communication using the nodes. - View Dependent Claims (16, 17, 18, 19)
-
-
20. A method for providing security for a vehicular communications network, comprising:
-
providing a plurality of vehicles in a specified geographic area, each of the plurality of vehicles having a communications component; providing a plurality of communications infrastructure nodes, one or more of the communication infrastructure nodes being static, the plurality of communications infrastructure nodes being unable to provide a data connection to each of the plurality of vehicles during any specified time period, such that a number of the vehicles having the data connection is greater than one and less than a number of total vehicles in the specified geographic area during any specified time period; providing security for communications between the plurality of vehicles; assigning and installing in the plurality of vehicles at least one security key, a certificate of operation, and a current certificate revocation list; selectively communicating between the plurality of vehicles including vehicle to vehicle communications and the nodes; securing communications between the plurality of vehicles using the at least one security key, the certificate of operation and the current revocation list; detecting malicious activity in communications between the vehicles; and mitigating the malicious activity including the technique of; users voting as a group, including;
a majority voting technique; and
a self sacrifice voting technique;
or a combination of the majority voting technique and the self sacrifice voting technique. - View Dependent Claims (21, 22, 23)
-
-
24. A computer program product comprising a computer readable storage device having recorded thereon a computer program, a computer system including a memory device and the computer system including a processor for executing the steps of the computer program for providing vehicular communications network security, wherein a plurality of communications infrastructure nodes are provided, and a plurality of vehicles each having a communications component are provided, and the plurality of vehicles being in a specified geographic area;
- the program steps comprising;
communicating between the vehicles using the plurality of communication infrastructure nodes, one or more of the communication infrastructure nodes being static, the plurality of communications infrastructure nodes being unable to provide a data connection to each of the plurality of vehicles such that a number of the vehicles having the data connection is greater than one and less than a number of total vehicles in the specified geographic area; communicating vehicle to vehicle (V2V) using the communication components; providing security for the communications between the plurality of vehicles; assigning and installing in the plurality of vehicles at least one security key, a certificate of operation, and a recent certificate revocation list; and securing communications between the plurality of vehicles using the at least one security key, the certificate of operation and the recent certificate revocation list.
- the program steps comprising;
Specification