šŸ”„šŸ”„ Donā€™t Miss Out on Our End of Autumn Sale. If you have any questions, feel free to click the bottom right corner to contact our customer service..

Concat us[email protected]
Shopping Cart

No products in the cart.

šŸ”
BS EN ISO 21177:2023

BS EN ISO 21177:2023

$215.11

Intelligent transport systems. ITS station security services for secure session establishment and authentication between trusted devices

Published By Publication Date Number of Pages
BSI 2023 116
PDF Format Searchable Printable Preview Now
Guaranteed Safe Checkout
Categories: ,

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. Weā€™re here to assist you 24/7.
Email:[email protected]

This document contains specifications for a set of ITS station security services required to ensure the authenticity of the source and integrity of information exchanged between trusted entities, i.e.: ā€”    between devices operated as bounded secured managed entities, i.e. “ITS Station Communication Units” (ITS-SCU) and “ITS station units” (ITS-SU) as specified in ISO 21217; and ā€”    between ITS-SUs (composed of one or several ITS-SCUs) and external trusted entities such as sensor and control networks. These services include the authentication and secure session establishment which are required to exchange information in a trusted and secure manner. These services are essential for many intelligent transport system (ITS) applications and services including time-critical safety applications, automated driving, remote management of ITS stations (ISO 24102-2), and roadside/infrastructure-related services.

PDF Catalog

PDF Pages PDF Title
2 undefined
4 European foreword
Endorsement notice
8 Foreword
9 Introduction
15 1 Scope
2 Normative references
3 Terms and definitions
16 4 Abbreviated terms
18 5 Overview
5.1 General description, relationship to transport layer security (TLS) and relationship to application specifications
19 5.2 Goals
5.3 Architecture and functional entities
24 5.4 Cryptomaterial handles
5.5 Session IDs and state
25 5.6 Access control and authorization state
5.7 Application level non-repudiation
5.8 Service primitive conventions
26 6 Process flows and sequence diagrams
6.1 General
6.2 Overview of process flows
27 6.3 Sequence diagram conventions
28 6.4 Configure
29 6.5 Start session
32 6.6 Send data
35 6.7 Send access control PDU
36 6.8 Receive PDU
41 6.9 Extend session
6.9.1 Goals
42 6.9.2 Processing
6.10 Secure connection brokering
6.10.1 Goals
6.10.2 Prerequisites
43 6.10.3 Overview
44 6.10.4 Detailed specification
52 6.11 Force end session
54 6.12 Session terminated at session layer
6.13 Deactivate
55 6.14 Secure session example
57 7 Security subsystem: interfaces and data types
7.1 General
58 7.2 Access control policy and state
59 7.3 Enhanced authentication
7.3.1 Definition and possible states
7.3.2 States for owner role enhanced authentication
61 7.3.3 State for accessor role enhanced authentication
7.3.4 Use by access control
7.3.5 Methods for providing enhanced authentication
7.3.6 Enhanced authentication using SPAKE2
62 7.4 Extended authentication
63 7.5 Security Management Information Request
7.5.1 Rationale
64 7.5.2 General
65 7.6 Data types
7.6.1 General
7.6.2 Imports
7.6.3 ā€œHelperā€ data types
66 7.6.4 Iso21177AccessControlPdu
7.6.5 AccessControlResult
7.6.6 ExtendedAuthPdu
67 7.6.7 ExtendedAuthRequest
7.6.8 InnerExtendedAuthRequest
7.6.9 AtomicExtendedAuthRequest
68 7.6.10 ExtendedAuthResponse
7.6.11 ExtendedAuthResponsePayload
7.6.12 EnhancedAuthPdu
69 7.6.13 SpakeRequest
7.6.14 SpakeResponse
7.6.15 SpakeRequesterResponse
7.6.16 SecurityMgmtInfoPdu
7.6.17 SecurityMgmtInfoRequest
70 7.6.18 EtsiCrlRequest
7.6.19 CertChainRequest
7.6.20 SecurityMgmtInfoResponse
71 7.6.21 SecurityMgmtInfoErrorResponse
7.6.22 EtsiCrlResponse
7.6.23 EtsiCtlResponse
7.6.24 IeeeCrlResponse
72 7.6.25 CertChainResponse
7.6.26 SessionExtensionPdu
74 7.7 App-Sec Interface
7.7.1 App-Sec-Configure.request
75 7.7.2 App-Sec-Configure.confirm
7.7.3 App-Sec-StartSession.indication
7.7.4 App-Sec-Data.request
76 7.7.5 App-Sec-Data.confirm
7.7.6 App-Sec-Incoming.request
77 7.7.7 App-Sec-Incoming.confirm
78 7.7.8 App-Sec-EndSession.request
7.7.9 App-Sec-EndSession.indication
79 7.7.10 App-Sec-Deactivate.request
7.7.11 App-Sec-Deactivate.confirm
7.7.12 App-Sec-Deactivate.indication
80 7.8 Security subsystem internal interface
7.8.1 General
7.8.2 Sec-AuthState.request
7.8.3 Sec-AuthState.confirm
81 8 Adaptor layer: interfaces and data types
8.1 General
82 8.2 Data types
8.2.1 General
8.2.2 Iso21177AdaptorLayerPDU
83 8.2.3 Apdu
8.2.4 AccessControl
8.2.5 TlsClientMsg1
8.2.6 TlsServerMsg1
8.3 App-AL Interface
8.3.1 App-AL-Data.request
84 8.3.2 App-AL-Data.confirm
8.3.3 App-AL-Data.indication
85 8.3.4 App-AL-EnableProxy.request
87 8.4 Sec-AL Interface
8.4.1 Sec-AL-AccessControl.request
8.4.2 Sec-AL-AccessControl.confirm
8.4.3 Sec-AL-AccessControl.indication
88 8.4.4 Sec-AL-EndSession.request
8.4.5 Sec-AL-EndSession.confirm
9 Secure session Services
9.1 General
9.2 App-Sess interfaces
9.2.1 App-Sess-EnableProxy.request
89 9.3 Sec-Sess interface
9.3.1 Sec-Sess-Configure.request
91 9.3.2 Sec-Sess-Configure.confirm
9.3.3 Sec-Sess-Start.indication
92 9.3.4 Sec-Sess-EndSession.indication
9.3.5 Sec-Sess-Deactivate.request
93 9.3.6 Sec-Sess-Deactivate.confirm
9.4 AL-Sess interface
9.4.1 AL-Sess-Data.request
9.4.2 AL-Sess-Data.confirm
94 9.4.3 AL-Sess-Data.indication
9.4.4 AL-Sess-EndSession.request
9.4.5 AL-Sess-EndSession.confirm
95 9.4.6 AL-Sess-ClientHelloProxy.request
9.4.7 AL-Sess-ClientHelloProxy.indication
96 9.4.8 AL-Sess-ServerHelloProxy.request
9.4.9 AL-Sess-ServerHelloProxy.indication
97 9.5 Permitted mechanisms
9.5.1 TLS 1.3
98 9.5.2 DTLS 1.3
99 Annex A (informative) Usage scenarios
107 Annex B (normative) ASN.1 module
108 Annex C (normative) Session extension PDU functional type
109 Annex D (normative) Owner authorization
113 Bibliography

Related products

BS EN ISO 21177:2023
$215.11