Research On Some Key Technologies Of Vehicular Clouds Based On Trusted Computing

As the embedded devices moving towards intelligent, miniaturized and networked continuously, the development level of the intelligent and networked On-Board Unit(OBU) and Road-Side Unit(RSU) improve quickly. At the same time, with the development of network infrastructure and mobile self-organized network, the research on vehicular networking attracts the wide attention from industry to academia. And then the solution for Vehicular Cloud Computing(VCC) also arises at the historic moment. However, with the deepening of the research on VCC, the security and the credibility of the VCC platform architecture and its users become the main bottleneck on future industrialization. In order to fundamentally solve many hidden security trouble, we need to build up a set of "metrics- storage- reported" management mechanism to the management platform for the trusted Vehicular Cloud. Given the fine-grained and dynamic access requirements, it needs to build up a set of suitable for flexible, complex access strategy needs authentication scheme in VCC platform. As to the requirement from different user roles in VCC, it needs to set up a set of trusted support mechanism. At the same time, in order to ensure the safety of the VCC reliable, it must actively respond to malicious users to attack, so it is necessary to build up a set of remote attestation scheme, both need to remote user terminal identification, and need to verify the terminal platform of stationary state and to monitor the running status.This dissertation is based on the research project – 《The white paper for vehicular information security》. Fortunately, I take part in the project as a significant member of vehicular alliance in the national information security standards. All the work in this dissertation are proposed in the background of the application of information security. The thesis studies the corresponding theoretical model, puts forward the engineering scheme and breaks through several key technologies on building the trusted vehicular clouds platform. The main contributions of the paper are as follows:1. Based on the current research status of vehicular cloud platform, the paper analyzes the potential security trouble of the architecture synthetically. According to the actual needs, the security requirements are proposed. Following the thought of “universal trusted framework for Internet of things” proposed by academician, ie. Shen Changxiang, the method of the definition and description for behavior are given. Under the guidance, firstly, we build the trusted structure of infrastructure layer architecture based on trusted computing, and then we establish a reliable vehicular cloud, and realized authentication and trust evaluation mechanism for the composed node, at last we realize a Trusted Vehicular Cloud(TVC) architecture. And then, we provides a basical communication model for the trusted vehicular cloud.2. In the application scenarios of vehicular cloud, a signcryption based on fuzzy attributes is proposed. For the TVC architecture, the scheme settles down the authentication problem in vehicular cloud. In the processing of use, the whole system does not track users’ identity, and is only related with attributes which is directly decided by the access strategy. As long as the related attributes are qualified after judgying, the access permissions are assigned accordingly. On the one hand, the users’ anonymity can be realized; And on the other hand, the identity can be verified by the third authority party. The security analysis shows that this scheme provides confidentiality, authenticity, undeniability, identity authentication and collusion resistance.3. To put forward to a set of trusted chain mechanism for vehicular cloud. At the beginning, it shows how to build the trusted chain; And then, it expends to build up the entire VCC “ecosystem”; And at last, it proposes the trusted management framework for VCC. Based on this framework, several main case processes are designed, which include creating the virtual machine on TVC, making the trusted report on TVC environment, updating the software, and cancelling the user.4. Based on the current research, the user remote attestation scheme for the TVC structure is proposed. The scheme can be implemented efficiently and easily, and it is suitable for VCC. This scheme can improve the capability of the system to avoid the malicious attack effectively.