10.1.5.8: Provide Mobile Misbehavior Detection

This process shall support the security of connected vehicle applications running in or on personal, portable or other type of mobile devices. This process shall periodically receive a list of known misbehaving devices, applications, or system users; typically in the form of certificate revocation list (CRL). This process shall receive reports of suspicious behavior from other processes internal to the same device in which this process is running. This process shall compare the credentials used on the suspicious incoming message with the list of known bad credentials. If the suspicious sender is on the list this process shall inform the other process that it should ignore or treat as suspect any incoming data from that sender. If the suspicious sender is not on the list the information this process shall then send the information concerning the new misbehaving application, device, or user onto the security and credential management system for further processing. (there may need to be a decision on what to do locally even if the suspected id isn't on the CRL - you may still want to ignore it).

This process is associated with the Personal Information Device physical object.

This process is associated with the following application objects:

Personal Trust Management

This process is associated with the following data flows:

personal_misbehavior_action - Out
personal_misbehavior_report_characteristics - Out
personal_misbehavior_reporter_identity - Out
personal_misbehavior_suspect - In
personal_misbehavior_suspicious_message - Out
personal_misbehavior_suspicious_sender_identity - Out
personal_security_certificate_revocation_list - In
personal_security_device_enrollment_data - Out
personal_security_policy_revocation_data - In

OST-R's privacy policies and procedures do not necessarily apply to external web sites.
We suggest contacting these sites directly for information on their data collection and distribution policies.

Last Updated 6/7/2016