Ohio Cooperative ITS Credentials Management System

Status: Future

Description

The 'Cooperative ITS Credentials Management System' (CCMS) is a high–level aggregate representation of the interconnected systems that enable trusted communications between mobile devices and other mobile devices, roadside devices, and centers and protect data they handle from unauthorized access. Representing the different interconnected systems that make up a Public Key Infrastructure (PKI), this physical object represents an end user view of the credentials management system with focus on the exchanges between the CCMS and user devices that support the secure distribution, use, and revocation of trust credentials.

Stakeholders

StakeholderRoleRole Status
DriveOhioOwnsPlanned

Physical Objects

Cooperative ITS Credentials Management System

Functional Objects

Functional ObjectDescriptionUser Defined
CCMS Authorization'CCMS Authorization' components provide authorization credentials (e.g., pseudonym certificates) to end entities. The end entity applies for and obtains authorization credentials, enabling the end entity to enter the "Operational" state. This function requires an interactive dialog, including at minimum a Certificate Request from the end entity desiring certificates. This request will be checked for validity, with the embedded enrollment certificate checked against an internal blacklist. If all checks are passed, this function will distribute a bundle of linked pseudonym certificates suitable for use by the requesting end entity, with the characteristics and usage rules of those certificates dependent on the operational policies of the CCMS. It also provides the secure provisioning of a given object's Decryption Key in response to an authorized request from that object. The retrieved Decryption Key will be used by the receiving object to decrypt the "next valid" batch within the set of previously retrieved Security Credential batches.False
CCMS Enrollment'CCMS Enrollment' components provide enrollment credentials to end entities. The end entity applies for and obtains enrollment credentials that can be used to communicate with other CCMS components, entering the "Unauthorized" state. CCMS Enrollment components also participate in de–registration processes through interaction with CCMS Revocation components.False
CCMS Misbehavior Reporting and Action'CCMS Misbehavior Reporting and Action' components process misbehavior reports from end entities. Misbehavior reports are analyzed and investigated if warranted. Investigated misbehavior reports are correlated with end entities and systemic issues are identified. If revocation is warranted, this component provides information to Authorization or Revocation components to initiate revocation and/or blacklisting, as appropriate.False
CCMS Provisioning'CCMS Provisioning' components provide the end entity with material that allows it to enter the 'Unenrolled' state. This consists of root certificates and the crypto material that allows it to communicate securely with the Enrollment components. This function ensures the requesting entity meets requirements for provisioning and provides the certificates and relevant policy information to entities that meet the requirements.False
CCMS Revocation'CCMS Revocation' components generate the internal blacklist and Certificate Revocation List (CRL) and distribute them to other CCMS components and end entities. Once placed on the CRL, an end entity is in the Unauthorized state. Once placed on the blacklist, an end entity is in the Unenrolled state.False
ITS Communications Support'ITS Communications Support' provides means to send and receive messages to and from other ITS Objects. It provides mechanisms for scheduling and prioritizing communications traffic. It may also provide relay functions.False
ITS Management Support'ITS Management Support' provides management of the ITS Object. This includes management of regulatory information and policies, management of application processes, management of communication system configuration and update management, communications interfaces, protocol–specific techniques to ensure interoperability such as service advertisements, communications congestion management and interference management, local device states and communications information, billing management, fault management, service level and performance monitoring.False
ITS Security Support'ITS Security Support' provides communications and system security functions to the ITS Object, including privacy protection functions. It may include firewall, intrusion management, authentication, authorization, profile management, identity management, cryptographic key management. It may include a hardware security module and security management information base.False

Physical Standards

Document NumberTitleDescription
ISO 21217Intelligent transport systems –– Communications access for land mobiles (CALM) –– ArchitectureISO 21217 describes the communications reference architecture of nodes called "ITS station units" designed for deployment in ITS communication networks. While it describes a number of ITS station elements, whether or not a particular element is implemented in an ITS station unit depends on the specific communication requirements of the implementation. It also describes the various communication modes for peer–to–peer communications over various networks between ITS communication nodes. These nodes may be ITS station units as described in the document or any other reachable nodes. ISO 21217 specifies the minimum set of normative requirements for a physical instantiation of the ITS station based on the principles of a bounded secured managed domain.
NIST FIPS PUB 140–2Security Requirements for Cryptographic ModulesThis Federal Information Processing Standard (140–2) specifies the security requirements that will be satisfied by a cryptographic module, providing four increasing, qualitative levels intended to cover a wide range of potential applications and environments. The areas covered, related to the secure design and implementation of a cryptographic module, include specification; ports and interfaces; roles, services, and authentication; finite state model; physical security; operational environment; cryptographic key management; electromagnetic interference/electromagnetic compatibility (EMI/EMC); self–tests; design assurance; and mitigation of other attacks.

Interfaces To

(View Context Diagram)

Akron–Canton Airport
Akron–Canton Airport Connected Vehicle Roadside Equipment
Akron–Canton Airport CV Authorizing Center
City of Akron Emergency Vehicles
City of Akron Maintenance Dispatch
City of Akron Maintenance Vehicles
City of Akron Traffic Operations Center
City of Barberton Emergency Vehicles
City of Barberton Maintenance Dispatch
City of Barberton Maintenance Vehicles
City of Barberton Traffic Operations Center
City of Cuyahoga Falls Emergency Vehicles
City of Cuyahoga Falls Maintenance Dispatch
City of Cuyahoga Falls Maintenance Vehicles
City of Cuyahoga Falls Traffic Operations Center
City of Green Emergency Vehicles
City of Green Maintenance Dispatch
City of Green Maintenance Vehicles
City of Green Traffic Operations Center
City of Hudson Emergency Vehicles
City of Hudson Maintenance Dispatch
City of Hudson Maintenance Vehicles
City of Hudson Traffic Operations Center
City of Kent Emergency Vehicles
City of Kent Maintenance Dispatch
City of Kent Maintenance Vehicles
City of Kent Traffic Operations Center
City of Stow Emergency Vehicles
City of Stow Maintenance Dispatch
City of Stow Maintenance Vehicles
City of Stow Traffic Operations Center
City of Twinsburg Emergency Vehicles
City of Twinsburg Maintenance Dispatch
City of Twinsburg Maintenance Vehicles
City of Twinsburg Traffic Operations Center
Commercial Vehicles
Connected/Automated Vehicles
County and City Connected Vehicles Roadside Equipment
County and City CV Authorizing Center
METRO RTA Fixed–Route Vehicles
METRO RTA Paratransit Vehicles
ODOT ATMS
ODOT Connected Vehicles Roadside Equipment
ODOT District 4 Maintenance Garages
ODOT District 4 Maintenance Vehicles
ODOT District 4 Office
ODOT Freeway Safety Patrol Vehicles
ODOT Traffic Signal Control System
Ohio Certification System
Ohio CV Authorizing Center
OSHP Vehicles
Other Municipalities Emergency Vehicles
Other Municipalities Maintenance Dispatch
Other Municipalities Maintenance Vehicles
Other Municipalities Traffic Operations Centers
OTIC Central Dispatch
OTIC Connected Vehicles Roadside Equipment
OTIC CV Authorizing Center
OTIC Maintenance and Construction Vehicles
OTIC Maintenance Dispatch Offices
OTIC Public Service Vehicles
PARTA Fixed–Route Vehicles
PARTA Paratransit Vehicles
Personal Information Device
Portage County Emergency Vehicles
Portage County Maintenance Dispatch
Portage County Maintenance Vehicles
Portage County Traffic Operations Center
Summit County Emergency Vehicles
Summit County Maintenance Dispatch
Summit County Maintenance Vehicles
Summit County Traffic Operations Center
University of Akron Roo Express Shuttle Service Vehicles