— Presentation at IEEE ICVES 2008 & ITST 2008 —
November 18, 2008
The International Conference on Vehicular Electronics and Safety (ICVES 2008) took place in Columbus Ohio, USA, over three days from September 22nd to 24th, 2008. This conference is an annual meeting sponsored by the IEEE Intelligent Transportation Systems (ITS) Society. It is a forum for researchers from industry and universities to discuss research and applications in vehicle electronics, and vehicle safety-related intelligent systems. This year, there were 72 papers, which were accepted in a competitive review process.
The International Conference on ITS Telecommunication (ITST 2008) took place in Phuket, Thailand over three days from October 22nd to 24th, 2008. This conference aims to provide a leading edge forum for researchers and practitioners to present and discuss the most recent research findings, and to promote on-going novel research on ITS service and applications. This year, there were 96 papers, which were accepted in a competitive review process.
Hitachi, Ltd. Systems Development Laboratory introduced a presentation entitled "A Study on User Authentication Infrastructure for Next Generation Telematics" and "A Study on User Authentication Infrastructure between Terminal and ASP for Next Generation Telematics" concerning techniques of user authentication for next generation telematics service at two above-mentioned conferences. These techniques enable the center and the ASP to authenticate the individual who is driving a particular car. Therefore, it enables the provision of customized services according to the driver and the current situation.
Fig. 1 Future world of next generation
telematics services
Enlarge
In this presentation, we have considered how the telecommunication environment that surrounds a vehicle has changed, and will continue to change, and have determined the requirements for an authentication infrastructure. The telematics authentication infrastructure can meet these requirements.
As the communication environment that surrounds the car continues to become faster and more extensive, the car is increasingly likely to be connected to the network without interruption. Given this assumption, there are two requirements that must be met to enable the globalization of service and personal authentication. In addition, any proposed method should be a technology that is applicable worldwide rather than only in Japan. In Fig. 1, we show an image of a future user authentication system that surrounds the car based on these requirements.
The telematics authentication infrastructure can meet these requirements. We divided the user authentication into that (1)between a terminal and a center, (2)between a terminal and an ASP, and (3)between a person and a terminal, and proposed methods appropriate for three types of authentication.
(1) We proposed two kinds of ID/Password method and PKI method based on the public key cryptosystem technology as the authentication method between the terminal and the center.
(2) We proposed the method to enable single sign-on incorporates the following three methods. (i)Method of connecting directly with ASP ("Direct Model"), (ii)Method where the center mediates ("Center Mediation Model"), (iii) Method of communicating directly with ASP after center provides authentication ("Integrated Model")
(3) We proposed the one or more methods as candidates for the user side device for authentication method between a person and a terminal. More specifically, we proposed the method to use a cellular phone, a secure device, a contactless smart card, or a biometrics device as an authentication device.
Fig. 2 Proposal of a variety of user devices
Enlarge
Fig. 2(1) is an example of the method to use a cellular phone. A digital certificate is stored in the UIM (User Identify Module) chip in the cellular phone in this method, and the cellular phone connects to the car navigation system terminal by NFC (Near Field Communication), Bluetooth, or cable. The car navigation system does the signature generation in UIM in response to the authentication request (challenge) from the center. The center authenticates the user by confirming a digital certificate and the signature value.
Fig. 2(2) is an example of the method to use a secure device (KeyMobile). As well as with car navigation systems, the KeyMobile Card can be conveniently used as an authentication device with other terminals, with the advantage that the map data and so on can be carried as bridge media since memory card slots have already been installed in various information home appliances.
Fig. 3 Configuration of proposed system
Enlarge
Fig. 3 shows an outline of the proposed system. The center side system is composed of two hierarchies in which it is considered to authenticate the car user in not only Japan but also the world, and puts subordinate position certification authority (CA) of each region in the world on the subordinate of route CA. These CA issues a digital certificate to the user in each country. In addition, at run time, a certificate validation server (CVS) that has a fast verification algorithm does the verification processing of a digital certificate. The center also has a coordinated authentication (single sign-on) function with the service provider. The client side system is composed of two or more kind of user side device.
(By Katsuyuki Umezawa, Systems Development Laboratory)
Related Links
Researcher itself explains the research theme on information area in detail.
Technical terms related to research themes at SDL are explained.
