This chapter presents the emerging security issues in Vehicular Ad hoc Networks (VANETs) for e-business along with some of the solutions provided by the research community. The VANET will facilitate new applications for e-business that will revolutionize the driving experience, providing everything from instant, localized traffic updates to warning signals when the vehicle ahead abruptly brakes. In the emerging global economy, e-business has increasingly become a necessary component of business strategy and a strong catalyst for economic development. In near future, vehicles may be equipped with short-range radios capable of communicating with other vehicles and highway infrastructure using a VANET. However, providing security in VANETs for e-business raises privacy concerns that must be considered. The deployment of VANETs for e-business is rapidly approaching, and their success and safety will depend on viable security solutions acceptable to consumers, manufacturers and governments.
VANET is a form of Mobile Ad-hoc NETwork (MANET) that provides communications between vehicles and external network infrastructure. VANETs are expected to have great potential to improve both traffic safety and comfort in the future (Murat, 2005; Holgar, 2005; Sascha, 2006). E-business can be conducted over VANET to facilitate business activities among users traveling in the vehicles. It is a process that relies on an automated information system. E-business methods enable companies to link their internal and external data processing systems more efficiently and flexibly, to work more closely with suppliers and partners, and to better satisfy the needs and expectations of their customers.
VANET has become a promising field of research since the world is advancing towards the vision of Intelligent Transportation Systems (Sascha, 2004; Manvi, 2006; Manvi 2007).
Vehicles (or nodes) in VANET are assumed to be equipped with the following.
GPS (Global Positioning System) receiver enabling the vehicle to track its own location.
Onboard computing devices allowing the vehicle to perform simple calculations including encryption and other vehicle’s positions.
Communication devices (Direct Short Range Communication compliant) to propagate/receive information.
Equipment enabling to verify neighbor’s position and identify obstacles.
A set of sensors reporting crashes, engine statistics, weather conditions, etc.
Pre-stored digital maps.
Dedicated and secured memory.
Its own clock to obtain an accurate timestamp.
VANET enables communications between nearby vehicles (V2V communications) and the roadside infrastructure (V2I communications). While using mostly V2V communications, VANET does not entirely rely on a fixed infrastructure, but can harness it for improved performance and functionality when it is available. A typical VANET scenario is as shown in figure 1. Vehicle to vehicle and vehicle to roadside base station/gateway communication is required for providing safety and other information services to vehicle users. Group of vehicles together may form a cluster to disseminate information among themselves as well as to other clusters and base stations.
Key Terms in this Chapter
Eavesdropping: Is a passive attack. An attacker listens to the communication and gets information about the content of the message.
Trust: Is based on a combination of judgment or opinion based on face-to-face meetings, or recommendations of colleagues, friends and business partners.
Confidentiality: Is the prevention of unauthorized disclosure of information concerns the content of a message. Only the sender and the receiver are supposed to know the content. Attacks include message interception (man-in-the-middle attacks), content release to other parties, etc.
Vehicular Ad hoc Network (VANET): Is a form of ad-hoc network that enables communications between nearby vehicles (V2V communications) and road-side infrastructure (V2I communications).
Integrity: Ensures that only authorized parties modify system assets and transmitted information. Modification includes writing, changing, changing status, deleting, creating, and the delaying or replaying of transmitted messages.
PKI (Public Key Infrastructure): Is the typical security architecture used for networks where the presence of online authorities is not always guaranteed.
Non-Repudiation: Ensures that a transferred information has been sent and received by the parties claiming to have sent and received the information.
Node Misbehavior: Is the intentional non-cooperative behavior of a node and is caused by two types of misbehavior: selfish behavior, e.g., nodes that want to save power, CPU cycles, and memory, and malicious behavior which is not primarily concerned with power or any other savings but interested in attacking and damaging the network.
E-Business: Is defined as the transformation of an organization’s processes to deliver additional customer value through the application of technologies, philosophies and computing paradigm of the new economy.
Authentication: Is needed in order to be sure about the identity of the sender or receiver of a message. The attack is called masquerading, that is pretending to be somebody else.