🔥🔥 Don’t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

🔍
BSI PD CEN ISO/TS 21177:2019:2020 Edition

BSI PD CEN ISO/TS 21177:2019:2020 Edition

$215.11

Intelligent transport systems. ITS station security services for secure session establishment and authentication between trusted devices

Published By Publication Date Number of Pages
BSI 2020 98
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Categories: ,

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

This document contains specifications for a set of ITS station security services required to ensure the authenticity of the source and integrity of information exchanged between trusted entities:

  • devices operated as bounded secured managed entities, i.e. “ITS Station Communication Units” (ITS-SCU) and “ITS station units” (ITS-SU) specified in ISO 21217 , and

  • between ITS-SUs (composed of one or several ITS-SCUs) and external trusted entities such as sensor and control networks.

These services include authentication and secure session establishment which are required to exchange information in a trusted and secure manner.

These services are essential for many ITS applications and services including time-critical safety applications, automated driving, remote management of ITS stations ( ISO 24102-2[ 5]), and roadside/infrastructure related services.

PDF Catalog

PDF Pages PDF Title
2 National foreword
4 European foreword
8 Foreword
9 Introduction
15 1 Scope
2 Normative references
3 Terms and definitions
16 4 Symbols and abbreviated terms
17 5 Overview
5.1 Goals
18 5.2 Architecture and functional entities
21 5.3 Cryptomaterial handles
5.4 Session IDs and state
22 5.5 Access control and authorisation state
5.6 Application level non-repudiation
5.7 Service primitive conventions
23 6 Process flows and sequence diagrams
6.1 General
6.2 Overview of process flows
24 6.3 Sequence diagram conventions
25 6.4 Configure
26 6.5 Start Session
28 6.6 Send data
31 6.7 Send access control PDU
32 6.8 Receive PDU
37 6.9 Secure connection brokering
6.9.1 Goals
38 6.9.2 Prerequisites
6.9.3 Overview
39 6.9.4 Detailed specification
47 6.10 Force end session
49 6.11 Session terminated at session layer
6.12 Deactivate
50 6.13 Secure session example
52 7 Security Subsystem: interfaces and data types
7.1 General
53 7.2 Access control policy and state
54 7.3 Enhanced authentication
7.3.1 Definition and possible states
7.3.2 States for owner role enhanced authentication
56 7.3.3 State for accessor role enhanced authentication
7.3.4 Use by Access Control
7.3.5 Methods for providing enhanced authentication
7.3.6 Enhanced authentication using SPAKE2
57 7.4 Extended authentication
58 7.5 Data types
7.5.1 General
7.5.2 Imports
7.5.3 Iso21177AccessControlPdu
7.5.4 AccessControlResult
59 7.5.5 ExtendedAuthPdu
7.5.6 ExtendedAuthRequest
7.5.7 InnerExtendedAuthRequest
60 7.5.8 AtomicExtendedAuthRequest
7.5.9 ExtendedAuthResponse
61 7.5.10 ExtendedAuthResponsePayload
7.5.11 EnhancedAuthPdu
7.5.12 SpakeRequest
7.5.13 SpakeResponse
62 7.5.14 SpakeRequesterResponse
7.6 App-Sec Interface
7.6.1 App-Sec-Configure.request
63 7.6.2 App-Sec-Configure.confirm
7.6.3 App-Sec-StartSession.indication
64 7.6.4 App-Sec-Data.request
7.6.5 App-Sec-Data.confirm
65 7.6.6 App-Sec-Incoming.request
66 7.6.7 App-Sec-Incoming.confirm
7.6.8 App-Sec-EndSession.request
7.6.9 App-Sec-EndSession.confirm
7.6.10 App-Sec-EndSession.indication
67 7.6.11 App-Sec-Deactivate.request
7.6.12 App-Sec-Deactivate.confirm
68 7.6.13 App-Sec-Deactivate.indication
7.7 Security Subsystem internal interface
7.7.1 General
7.7.2 Sec-AuthState.request
69 7.7.3 Sec-AuthState.confirm
70 8 Adaptor Layer: Interfaces and data types
8.1 General
71 8.2 Data types
8.2.1 General
8.2.2 Iso21177AdaptorLayerPDU
8.2.3 Apdu
72 8.2.4 Access Control
8.2.5 TlsClientMsg1
8.2.6 TlsServerMsg1
8.3 App-AL Interface
8.3.1 App-AL-Data.request
73 8.3.2 App-AL-Data.confirm
8.3.3 App-AL-Data.indication
8.3.4 App-AL-EnableProxy.request
75 8.4 Sec-AL Interface
8.4.1 Sec-AL-AccessControl.request
76 8.4.2 Sec-AL-AccessControl.confirm
8.4.3 Sec-AL-AccessControl.indication
8.4.4 Sec-AL-EndSession.request
77 8.4.5 Sec-AL-EndSession.confirm
9 Secure Session services
9.1 General
9.2 App-Sess interfaces
9.2.1 App-Sess-EnableProxy.request
78 9.3 Sec-Sess interface
9.3.1 Sec-Sess-Configure.request
80 9.3.2 Sec-Sess-Configure.confirm
9.3.3 Sec-Sess-Start.indication
81 9.3.4 Sec-Sess-EndSession.indication
9.3.5 Sec-Sess-Deactivate.request
82 9.3.6 Sec-Sess-Deactivate.confirm
9.4 AL-Sess interface
9.4.1 AL-Sess-Data.request
9.4.2 AL-Sess-Data.confirm
9.4.3 AL-Sess-Data.indication
83 9.4.4 AL-Sess-EndSession.request
9.4.5 AL-Sess-EndSession.confirm
9.4.6 AL-Sess-ClientHelloProxy.request
84 9.4.7 AL-Sess-ClientHelloProxy.indication
85 9.4.8 AL-Sess-ServerHelloProxy.request
9.4.9 AL-Sess-ServerHelloProxy.indication
86 9.4.10 AL-Sess-EndSession.request
87 9.4.11 AL-Sess-EndSession.confirm
9.5 Permitted mechanisms
9.5.1 TLS 1.3
88 9.5.2 DTLS 1.3
89 Annex A (informative) Usage scenarios
96 Annex B (normative) ASN.1 module
97 Bibliography

Related products

BSI PD CEN ISO/TS 21177:2019
$215.11