Xumin Huang,Jiawen Kang,Rong Yu,Maoqiang Wu,Yan Zhang,Stein Gjessing

DOI: https://doi.org/10.1109/vtcspring.2016.7504071

2016-01-01

Abstract:Cloud-enabled vehicular network is an emerging paradigm which utilizes cloud computing to enhance the performance of vehicular network. But some issues still need to be addressed and we focus on the pseudonym resources management, which is crucial for vehicles to guarantee location privacy. A new three-plane hierarchical architecture with software defined network technology is proposed to manage the pseudonym resources. We use two-sided matching theory to solve the pseudonym resources allocation problem among pseudonym pools in different roadside unit clouds. Numerical results show that our proposed approach optimizes the pseudonym resources utilization and also improves the privacy entropy of vehicles.

Ping Chu,J. Andrew Zhang,Xiaoxiang Wang,Gengfa Fang,Dongyu Wang

DOI: https://doi.org/10.1109/tiv.2019.2955911

IF: 8.2

2020-01-01

IEEE Transactions on Intelligent Vehicles

Abstract:In cellular vehicular communications, high density and mobility of vehicles require frequent resource allocation, which can cause network congestion and large signalling and processing delay. To overcome this problem, we propose a novel semi-persistent resource allocation scheme based on a two-tier heterogeneous network architecture. The architecture includes a central macro base station (MBS) and multiple roadside units (RSU). In the proposed semi-persistent scheme, the MBS pre-allocates persistent resource to RSUs based on predicted traffic, and then allocates dynamic resource upon real-time requests from RSUs while vehicles simultaneously communicate using the pre-allocated resource. A simple Space-Time k-Nearest Neighbour (ST-kNN) method is developed for short-term traffic prediction, and a geometric water-filling algorithm is developed for minimizing the relative latency. Simulation results validate the effectiveness of the proposed semi-persistent scheme in comparison with two benchmark schemes.

Xiaoliang Wang,Xinhui She,Liang Bai,Yang Qing,Frank Jiang

DOI: https://doi.org/10.32604/cmc.2021.012454

2021-01-01

Abstract:The vehicular cloud computing is an emerging technology that changes vehicle communication and underlying traffic management applications. However, cloud computing has disadvantages such as high delay, low privacy and high communication cost, which can not meet the needs of realtime interactive information of Internet of vehicles. Ensuring security and privacy in Internet of Vehicles is also regarded as one of its most important challenges. Therefore, in order to ensure the user information security and improve the real-time of vehicle information interaction, this paper proposes an anonymous authentication scheme based on edge computing. In this scheme, the concept of edge computing is introduced into the Internet of vehicles, which makes full use of the redundant computing power and storage capacity of idle edge equipment. The edge vehicle nodes are determined by simple algorithm of defining distance and resources, and the improved RSA encryption algorithm is used to encrypt the user information. The improved RSA algorithm encrypts the user information by reencrypting the encryption parameters . Compared with the traditional RSA algorithm, it can resist more attacks, so it is used to ensure the security of user information. It can not only protect the privacy of vehicles, but also avoid anonymous abuse. Simulation results show that the proposed scheme has lower computational complexity and communication overhead than the traditional anonymous scheme.

Ji-ming Chen,Ting-ting Li,Liang-jun Wang

DOI: https://doi.org/10.1177/1550147719841494

IF: 1.938

2019-01-01

International Journal of Distributed Sensor Networks

Abstract:Location-based services has been widely applied in cloud-enabled Internet of vehicles. Within these services, location privacy issues have captured significant attention. Vehicles use the technology of anonymity to implement occultation, the location is not revealed. In this process, large-scale data transmissions can reduce the quality of services. In order to ensure location privacy and high-quality services, the cloud manager customizes virtual machines for vehicles to support location-based services according to the vehicles’ demands. To achieve better performance, this article presents a conditional anonymity method that does not use bilinear pairings to address the problem of privacy disclosure by using discrete logarithm problem and Diffie–Hellman problem. Moreover, asymmetric key algorithms are used in the Internet of vehicles environment to reduce the cost. To guarantee secure data transmission in Internet of vehicles, the batch validation technique is used to address data integrity. Our theoretical security analysis and experiments show that the proposed scheme is secure in compared attack models, such as impersonation attacks, replay attacks, the man-in-the-middle attacks, and so on. Our proposed scheme ensures the security requirements such as message authentication, location privacy protection, and traceability, while lowering transmission and computation cost.

Jiawen Kang,Rong Yu,Xumin Huang,Sabita Maharjan,Yan Zhang

DOI: https://doi.org/10.1109/cscloud.2016.31

2016-01-01

Abstract:Geo-distributed mobile cloud computing (GMCC) integrates location information into mobile cloud computing, that has high potential for a large variety of applications. In a vehicular environment, a GMCC provides a large number of resources to vehicles that are geographically close to them. However, there are few studies that focus on security and privacy issues in a GMCC scenario. Vehicles need sufficient pseudonyms to periodically change for privacy preservation. In this paper, we focus on pseudonym management in GMCC system for vehicular environment. We design a three-layer on-demand pseudonym system to manage the pseudonyms. Moreover, we propose a secure pseudonym distribution scheme for secure communication among vehicles. As the number of demanded pseudonyms varies with traffic loads in different clouds, we use a newsvendor model to address the optimal on-demand pseudonym distribution problem. Numerical results indicate our proposed schemes not only improve utility of the clouds, but also maximize utilization of the pseudonyms.

Imran Memon,Ling Chen,Qasim Ali Arain,Hina Memon,Gencai Chen

DOI: https://doi.org/10.1002/dac.3437

2017-01-01

International Journal of Communication Systems

Abstract:In road network, vehicles' location may be identified, and their transmissions may even tracked by eavesdrops (eg, safety messages) that contain sensitive personal information such as identity and location of the vehicle. This type of communication leads to breaking the users' trajectory privacy. Frequently changing pseudonyms are widely accepted as a solution that protects the trajectory privacy of users in road networks. However, this solution may become invalid if a vehicle changes its pseudonym at an improper occasion. To cope with this issue, we presented an efficient pseudonym change strategy with multiple mix zones scheme to provide trajectory privacy for road network. In addition, we protected vehicles against linkability attack by cheating mechanism. Henceforth, we constructed a cheating detection mechanism which allows the vehicles to verify whether the pseudonym change process is successful or not and also detect to malicious vehicles. In this way, users' trajectory privacy can be improved. Finally, by taking the anonymity set size (ASS) as the trajectory privacy metric, we exhibit by means of simulations that the proposed scheme is effective in multiple networks scenarios.

Jiawen Kang,Rong Yu,Xumin Huang,Yan Zhang

DOI: https://doi.org/10.1109/tits.2017.2764095

IF: 8.5

2018-01-01

IEEE Transactions on Intelligent Transportation Systems

Abstract:As a promising branch of Internet of Things, Internet of Vehicles (IoV) is envisioned to serve as an essential data sensing and processing platform for intelligent transportation systems. In this paper, we aim to address location privacy issues in IoV. In traditional pseudonym systems, the pseudonym management is carried out by a centralized way resulting in big latency and high cost. Therefore, we present a new paradigm named Fog computing supported IoV (F-IoV) to exploit resources at the network edge for effective pseudonym management. By utilizing abundant edge resources, a privacy-preserved pseudonym ( $P^{3}$ ) scheme is proposed in F-IoV. The pseudonym management in this scheme is shifted to specialized fogs at the network edge named pseudonym fogs, which are composed of roadside infrastructures and deployed in close proximity of vehicles. $P^{3}$ scheme has following advantages: 1) context-aware pseudonym changing; 2) timely pseudonym distribution; and 3) reduced pseudonym management overhead. Moreover, a hierarchical architecture for $P^{3}$ scheme is introduced in F-IoV. Enabled by the architecture, a context-aware pseudonym changing game and secure pseudonym management communication protocols are proposed. The security analysis shows that $P^{3}$ scheme provides secure communication and privacy preservation for vehicles. Numerical results indicate that $P^{3}$ scheme effectively enhances location privacy and reduces communication overhead for the vehicles.

Xiaofeng Luo,Jinbo Wen,Jiawen Kang,Jiangtian Nie,Zehui Xiong,Yang Zhang,Zhaohui Yang,Shengli Xie

DOI: https://doi.org/10.48550/arxiv.2309.00477

IF: 10.294

2023-01-01

IEEE Network

Abstract:The gradual fusion of intelligent transportation systems with metaverse technologies is giving rise to vehicular metaverses, which blend virtual spaces with physical space. As indispensable components for vehicular metaverses, Vehicular Twins (VTs) are digital replicas of Vehicular Metaverse Users (VMUs) and facilitate customized metaverse services to VMUs. VTs are established and maintained in RoadSide Units (RSUs) with sufficient computing and storage resources. Due to the limited communication coverage of RSUs and the high mobility of VMUs, VTs need to be migrated among RSUs to ensure real-time and seamless services for VMUs. However, during VT migrations, physical-virtual synchronization and massive communications among VTs may cause identity and location privacy disclosures of VMUs and VTs. In this article, we study privacy issues and the corresponding defenses for VT migrations in vehicular metaverses. We first present four kinds of specific privacy attacks during VT migrations. Then, we propose a VMU-VT dual pseudonym scheme and a synchronous pseudonym change framework to defend against these attacks. Additionally, we evaluate average privacy entropy for pseudonym changes and optimize the number of pseudonym distribution based on inventory theory. Numerical results show that the average utility of VMUs under our proposed schemes is 33.8% higher than that under the equal distribution scheme, demonstrating the superiority of our schemes.

Feng Zhenming

2012-01-01

Abstract:The security and privacy of vehicular Ad-hoc networks(VANET) is improved by allowing vehicles to exchange current valid pseudonyms.The transfer of pseudonyms and the security requirements are achieved by harmonizing the group signature.The scheme parameters settings are analyzed in simulations with the unlinkability measured by the entropy.Tests show that the scheme gives the same level of confusion to an adversary with less pseudonyms and smaller groups than previous schemes which means that the scheme provides better unlinkability and efficiency.

Jiawen Kang,Xiaofeng Luo,Jiangtian Nie,Tianhao Wu,Haibo Zhou,Yonghua Wang,Dusit Niyato,Shiwen Mao,Shengli Xie

2024-03-22

Abstract:Driven by the great advances in metaverse and edge computing technologies, vehicular edge metaverses are expected to disrupt the current paradigm of intelligent transportation systems. As highly computerized avatars of Vehicular Metaverse Users (VMUs), the Vehicle Twins (VTs) deployed in edge servers can provide valuable metaverse services to improve driving safety and on-board satisfaction for their VMUs throughout journeys. To maintain uninterrupted metaverse experiences, VTs must be migrated among edge servers following the movements of vehicles. This can raise concerns about privacy breaches during the dynamic communications among vehicular edge metaverses. To address these concerns and safeguard location privacy, pseudonyms as temporary identifiers can be leveraged by both VMUs and VTs to realize anonymous communications in the physical space and virtual spaces. However, existing pseudonym management methods fall short in meeting the extensive pseudonym demands in vehicular edge metaverses, thus dramatically diminishing the performance of privacy preservation. To this end, we present a cross-metaverse empowered dual pseudonym management framework. We utilize cross-chain technology to enhance management efficiency and data security for pseudonyms. Furthermore, we propose a metric to assess the privacy level and employ a Multi-Agent Deep Reinforcement Learning (MADRL) approach to obtain an optimal pseudonym generating strategy. Numerical results demonstrate that our proposed schemes are high-efficiency and cost-effective, showcasing their promising applications in vehicular edge metaverses.

Networking and Internet Architecture,Cryptography and Security,Human-Computer Interaction,Machine Learning

Nardine Basta,Ming Ding,Muhammad Ikram,Mohamed Ali Kaafar

DOI: https://doi.org/10.48550/arXiv.2203.10673

2022-03-21

Abstract:Cooperative Intelligent Transportation Systems (C-ITS) enable communications between vehicles, road-side infrastructures, and road-users to improve users' safety and to efficiently manage traffic. Most, if not all, of the intelligent vehicles-to-everything (V2X) applications, often rely on continuous collection and sharing of sensitive information such as detailed location information which raises privacy concerns. In this light, a common approach to concealing the long-term identity of C-ITS vehicles is using multiple temporary identifiers, called pseudonyms. However, the legacy pseudonyms management approach is prone to linking attacks. The introduction of 5G network to V2X offers enhanced location accuracy, better clock synchronisation, improved modular service-based architecture, and enhanced security and privacy preservation controls. Motivated by the above enhancements, we study 5G-enabled pseudonyms for protecting vehicle identity privacy in C-ITS. We highlight the gaps in the current standards of pseudonyms management. We further provide recommendations regarding the pseudonyms management life-cycle.

Networking and Internet Architecture,Cryptography and Security

Guanjie Cheng,Junqin Huang,Yewei Wang,Jun Zhao,Linghe Kong,Shuiguang Deng,Xueqiang Yan

DOI: https://doi.org/10.1109/tifs.2023.3314211

IF: 7.231

2023-01-01

IEEE Transactions on Information Forensics and Security

Abstract:With the emergence of the sixth-generation (6G) communication technologies, the Internet of Vehicles (IoV) is rapidly developing with the coordination between intelligent networked vehicles, road infrastructures, and the cloud. However, the openness and dynamic nature of the IoV raise significant security and privacy concerns, highlighting the need for efficient authentication schemes. Conventional authentication schemes are no longer suitable for 6G-enabled IoV due to high latency, single point of failure, and heavy management costs. Additionally, existing literature on multi-domain authentication mainly investigates vehicle mobility, ignoring the challenges posed by vehicle heterogeneity. To fill this gap, we propose a multi-domain authentication scheme with conditional privacy preservation (MACPP) that considers administrative domains ( AD ) and geographic domains ( GD ) in the IoV. In MACPP, we design a novel identity-based signature scheme without requiring bilinear pairing for efficient authentication. Additionally, we propose a blockchain-assisted pseudonym management scheme (BAPM) to further improve system security by designing a dynamical sparse Merkle tree structure (DSMT). We demonstrate that the proposed MACPP satisfies the security requirements through an in-depth security analysis. Moreover, the experimental results demonstrate the effectiveness and efficiency of both MACPP and BAPM.

Ming Yang,Rongwang Jiang,Shuang Wei,Caofang Long

DOI: https://doi.org/10.1016/j.compeleceng.2023.108735

IF: 4.152

2023-01-01

Computers & Electrical Engineering

Abstract:A replaceable multi-pseudonym scheme can effectively protect the location privacy of vehicles in intelligent transportation systems. The existing pseudonym management system, whether a preloading or on-demand scheme, is uniformly issued by the system server. To manage the vast collection of pseudonyms, the server has prominent scalability and transparency problems. This study proposes a scalable and auditable self-agent pseudonym management scheme in which the system issues a small number of long-term pseudonyms to a vehicle as an advance authorization under which the vehicle issues replaceable short-term pseudonyms of itself. This achieves nearly unlimited pseudonym issuance for large vehicle populations. An accumulator tree-based transparent log method is used to monitor various pseudonym operations while blocking their abuse and Sybil attacks. For pseudonym revocation, a whitelist method is applied without a traditional certificate revocation list. A security analysis and performance evaluation reveals that our scheme has good scalability and supports management transparency.

Longjiang Li,Yuming Mao,Yonggang Li,Yinxia Yuan

DOI: https://doi.org/10.1007/s11277-012-0941-7

IF: 2.017

2012-01-01

Wireless Personal Communications

Abstract:Vehicle ad-hoc network (VANET) technology is a basic component of the future intelligent transportation system. With the advances in modern information society, privacy issues have become important considerations. However, most routing proposals for VANETs lack privacy support, namely anonymity or pseudonymity and unlinkability aspects. This paper presents a novel privacy addressing-based anonymous communication approach for VANETs, which prevents eavesdroppers from identifying a particular vehicle by its address. The proposed scheme is a kind of end-to-end solution, so it can potentially be extended to work with many traditional routing protocols. Finally, the simulation results show that the proposed scheme outperforms previous approaches with privacy support in terms of protocol overhead and packet latency.

Yuhan Yang,Jing Wu,Chengnian Long,Qingquan Zou,Ji Gao

DOI: https://doi.org/10.1145/3460537.3460545

2021-01-01

Abstract:Vehicular Ad-Hoc Network enhances the driving safety and enables various intelligent transportation applications by adopting the revolutionary vehicular wireless communication technology, which attracts a lot of attention from academia and industry in recent years. Given the sophistication of vehicular manufacturing and the heterogeneity of intelligent transport terminals, performing vehicular authentication in the message exchange process is crucially important, while existing schemes fail to adapt to multi-domain scenario, and satisfy security, anonymity and conditional privacy protection simultaneously. To this end, we present a blockchain-based multi-domain vehicular authentication scheme, wherein a pseudonym-based authentication method is proposed to guarantee the anonymity and traceability. Specially, the pseudonym generation and distribution are supervised and executed by multiple entities, which improves the reliability and can adapt to the dynamic and unpredictable pseudonym requests. Furthermore, the security analysis and experiment results show the feasibility and low overhead of the proposed scheme.

Mohammad Khodaei,Hamid Noroozi,Panos Papadimitratos

DOI: https://doi.org/10.1145/3317549.3323410

2019-05-22

Abstract:The central building block of secure and privacy-preserving Vehicular Communication (VC) systems is a Vehicular Public-Key Infrastructure (VPKI), which provides vehicles with multiple anonymized credentials, termed pseudonyms. These pseudonyms are used to ensure message authenticity and integrity while preserving vehicle (thus passenger) privacy. In the light of emerging large-scale multi-domain VC environments, the efficiency of the VPKI and, more broadly, its scalability are paramount. By the same token, preventing misuse of the credentials, in particular, Sybil-based misbehavior, and managing "honest-but-curious" insiders are other facets of a challenging problem. In this paper, we leverage a state-of-the-art VPKI system and enhance its functionality towards a highly-available, dynamically-scalable, and resilient design; this ensures that the system remains operational in the presence of benign failures or resource depletion attacks, and that it dynamically scales out, or possibly scales in, according to request arrival rates. Our full-blown implementation on the Google Cloud Platform shows that deploying large-scale and efficient VPKI can be cost-effective.

Cryptography and Security

Ye Xu,Fengying Li,Bin Cao

DOI: https://doi.org/10.1109/ComComAp46287.2019.9018809

2019-01-01

Abstract:In this paper, we propose a conditional privacy-preserving authentication scheme based on pseudonyms and (t,n) threshold secret sharing, named CPPT, for vehicular communications. To achieve conditional privacy preservation, our scheme implements anonymous communications based on pseudonyms generated by hash chains. To prevent bad vehicles from conducting framed attacks on honest ones, CPPT introduces Shamir (t,n) threshold secret sharing technique. In addition, through two one-way hash chains, forward security and backward security are guaranteed, and it also optimize the revocation overhead. The size of certificate revocation list (CRL) is only proportional to the number of revoked vehicles and irrelated to how many pseudonymous certificates are held by the revoked vehicles. Extensive simulations demonstrate that CPPT outperforms ECPP, DCS, Hybrid and EMAP schemes in terms of revocation overhead, certificate updating overhead and authentication overhead.

Yuhan Yang,Lijun Wei,Jing Wu,Chengnian Long,Bo Li

DOI: https://doi.org/10.1109/jiot.2021.3107443

IF: 10.6

2022-01-01

IEEE Internet of Things Journal

Abstract:Vehicular ad-hoc network enhances driving safety and enables various intelligent transportation applications by adopting the revolutionary vehicular wireless communication technology. This has attracted a lot of attentions from both academia and industry in recent years. Given the sophistication of vehicular manufacturing and the heterogeneity of intelligent transport terminals, performing vehicular authentication is of great importance. The existing schemes have largely considered vehicle security and authentication within a single administrative domain, which lacks supervision of the authority and entity in the intelligent transportation system. In this article, we propose a multidomain vehicular authentication architecture by introducing blockchain technique to build distributed trust and share cross-domain information among multiple administrative domains. To guarantee the anonymity and traceability, a pseudonym-based privacy-preserving authentication method is proposed. Specifically, considering the supervision of authority and the resilience to key escrow, we design a two-phase pseudonym distribution mechanism with the assistance of a roadside unit (RSU) proxy. We conduct in-depth security analysis by comparing with existing works and deploy experiments to show the efficiency and feasibility of the proposed scheme in the multidomain scenario.

Ling Xiong,Qiang Li,LeLe Tang,Fagen Li,Xingchun Yang

DOI: https://doi.org/10.1016/j.future.2024.107530

2025-01-01

Abstract:Vehicular ad hoc networks (VANET) have been the key indispensable module of the future intelligent transportation system. Security and privacy are two essential attributes that protect the safe driving of vehicles. Over the last two decades, numerous conditional privacy-preserving authentication schemes have been presented for the VANET environment. However, existing schemes have various limitations, including security issues, high storage overhead, and frequent interactions. In order to bridge these difficulties, this work combines physically unclonable function and blockchain technology to construct a conditional privacy-preserving authentication scheme for the VANET environment. Specifically, we combine physical unclonable function and dynamic pseudonym techniques to generate unique pseudonym IDs dynamically and private keys using physical unclonable function to enhance privacy protection and resist physical attack. To reduce the number of communication rounds during the verification process, we deployed lightweight blockchain nodes to avoid direct communication between the receiver and the blockchain network. The proposed scheme demonstrates resilience against various potential attacks through comprehensive security analysis and proof. Furthermore, performance metrics indicate that our scheme outperforms similar schemes, making it suitable for resource-constrained VANET.

Yuhan Yang,Lijun Wei,Jing Wu,Chengnian Long,Bo Li

DOI: https://doi.org/10.1109/jiot.2021.3107443

IF: 10.6

2021-01-01

IEEE Internet of Things Journal

Abstract:Vehicular ad-hoc network enhances driving safety and enables various intelligent transportation applications by adopting the revolutionary vehicular wireless communication technology. This has attracted a lot of attentions from both academia and industry in recent years. Given the sophistication of vehicular manufacturing and the heterogeneity of intelligent transport terminals, performing vehicular authentication is of great importance. The existing schemes have largely considered vehicle security and authentication within a single administrative domain, which lacks supervision of the authority and entity in the intelligent transportation system. In this article, we propose a multidomain vehicular authentication architecture by introducing blockchain technique to build distributed trust and share cross-domain information among multiple administrative domains. To guarantee the anonymity and traceability, a pseudonym-based privacy-preserving authentication method is proposed. Specifically, considering the supervision of authority and the resilience to key escrow, we design a two-phase pseudonym distribution mechanism with the assistance of a roadside unit (RSU) proxy. We conduct in-depth security analysis by comparing with existing works and deploy experiments to show the efficiency and feasibility of the proposed scheme in the multidomain scenario.

computer science, information systems,telecommunications,engineering, electrical & electronic