Type: Resource
CCMS Authorization
Overview
"CCMS Authorization" components provide authorization credentials (e.g., pseudonym certificates) to end entities. The end entity applies for and obtains authorization credentials, enabling the end entity to enter the "Operational" state. This function requires an interactive dialog, including at minimum a Certificate Request from the end entity desiring certificates. This request will be checked for validity, with the embedded enrollment certificate checked against an internal blacklist. If all checks are passed, this function will distribute a bundle of linked pseudonym certificates suitable for use by the requesting end entity, with the characteristics and usage rules of those certificates dependent on the operational policies of the CCMS. It also provides the secure provisioning of a given object's Decryption Key in response to an authorized request from that object. The retrieved Decryption Key will be used by the receiving object to decrypt the "next valid" batch within the set of previously retrieved Security Credential batches.
This resource is related to the "CCMS Authorization" application object.
This resource is included in the following applications:
Coordination
Source | Coordination | Destination |
---|---|---|
Cooperative ITS Credentials Management System | Includes | CCMS Authorization |
Security
Interfaces Diagram
Alternative Configurations
Four diagrams below illustrate four different implementations that may be represented by the Vehicle On-Board Equipment: 1) Vehicle Awareness Device, 2) Aftermarket Device, 3) Retrofit Device, or 4) Integrated System. Each diagram shows the subset of interfaces from CVRIA that are relevant to that particular implementation. Note that a V2V safety application is shown, but the four implementation options also provide varied support for other connected vehicle applications. Map provider shown as it is a likely interface for many safety applications, and the different points at which the map hooks in are illustrative of changes in necessary relationships. A fifth diagram covers a scenario where an aftermarket carry-in device is carried in to a vehicle that is already equipped with one of the Vehicle OBE implementations.
1. Vehicle Awareness Device – This is an aftermarket electronic device, installed in a vehicle without connection to vehicle systems, that is only capable of sending the basic safety message over short range communications. Vehicle awareness devices do not issue audible or visual warnings, alerts, or guidance to the driver of the vehicle.
2. Aftermarket Device – This is an aftermarket electronic device, installed in a vehicle, and capable of sending and receiving messages over a wireless communications link. The self-contained device includes GPS, runs connected vehicle applications, and includes an integrated driver interface that issues audible or visual warnings, alerts, and guidance to the driver of the vehicle. The aftermarket device may or may not have access to some vehicle system status.
3. Retrofit Device – This is an OEM authorized electronic device installed in vehicles by an OEM authorized service provider, at a service facility after the vehicle has been built. This type of device provides two-way communications and is connected to a vehicle databus. Depending on implementation, the device may include an integrated driver interface and GPS or integrate with modules on the vehicle databus that provide these services. Depending on implementation, it may only support some of the connected vehicle applications identified in CVRIA and potentially support additional applications that are not identified in CVRIA.
4. Integrated System – This is a system of one or more electronic devices integrated into vehicles during vehicle production. The Integrated System is connected to proprietary data busses to share information with other on-board systems. The Integrated System may be distributed across multiple subsystems and may be configured to support some of the connected vehicle applications identified in CVRIA and potentially support additional applications that are not identified in CVRIA.
In retrofit and integrated implementations, the Vehicle OBE interfaces to other on-board systems through a vehicle databus (e.g., CAN). Represented in CVRIA as the Vehicle Databus, this interface provides access to on-board sensors, monitoring and control systems, and information systems that support connected vehicle applications. The vehicle databus may also be the source for GPS location and time, map data that supports connected vehicle applications, and the access point for the vehicle's driver-vehicle interface.
5. A fifth diagram covers a scenario where an aftermarket carry-in device is carried in to a vehicle that is already equipped with one of the Vehicle OBE implementations. In this scenario, we have two different devices with possibly two different radios and two different user interfaces that must be coordinated to avoid interference or conflicts.