SECURITY CHALLENGES OF VEHICULAR CLOUD COMPUTING

e-ISSN: 2582-5208

International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:01/January-2022 Impact Factor- 6.752 www.irjmets.com

SECURITY CHALLENGES OF VEHICULAR CLOUD COMPUTING Mr. Gopala Krishna Sriram*1 *1Software

Architect, Edge Soft Corp, Mckinney, TX USA.

ABSTRACT Transportation technology has gained improvement drastically by leveraging the benefits of information technology. Vehicles are more intelligent than ever with the help of their connected capability and wireless networks. Modern vehicles can be connected to other vehicles, pedestrians, and roadside units to make a network. A novel concept of vehicular cloud computing came on the board to leverage computational facilities available on each vehicle and passenger. Vehicular cloud computing attempts to make a cloud of vehicles and roadside units. Vehicular cloud computing suffers from many challenges; security and privacy are some of these challenges. This research will reveal the core concepts of vehicular cloud computing and the security challenges it faces. Keywords: Security, Cloud Computing, Authentication, Authorization, Availability, Data Confidentiality, Data Integrity, Etc.

I.

INTRODUCTION

The massive increase in the human population brings a proportional rise in vehicles. Statistics claim that one billion vehicles travel on roads while increasing to twice by 2050[1]. Along with travel facilities, this rush of vehicles brings many challenges like road jamming, roadside accident, pollution and many more. Intelligent Transport System (ITS) is a fruitful effort to overcome these issues. These connected vehicles are equipped with embedded systems like onboard unit (OBU), electronic control unit, application unit, head unit to achieve a target of intelligent driving. In ITS, vehicles can communicate and share helpful information in the communication models as Vehicle to Vehicle (V2V) communication for communication among vehicles. Vehicle to Infrastructure (V2I) communication, vehicles can communicate with Road Side Unit (RSU) connected devices along the road. It is also sometimes referred to as (Vehicle to Network) V2N. Vehicle to Pedestrian (V2P) communication, vehicles communicate with pedestrian's on-road using computing devices such as mobile phones or laptops.

Fig 1: vehicle to the everything (V2X) communication model[2] A vehicular Ad-hoc Network (VANET) is formed to achieve the aforementioned connections. VANET is a wireless networking model for providing safety and other not safety services to vehicles. In VANET, vehicles and other connected devices can communicate using Dedicated Short Range Communication (DSRC), the most widely used communication technology in V2X communication. Furthermore, Long Term Evolution (LTE), also described as V2X-LTE, has gained massive interest in the V2X communication glob. 5G technologies are also making their room in the V2X communication paradigm[2] Vehicular Cloud Computing (VCC) is a new hybrid technology that attempts to leverage computing resources in www.irjmets.com

@International Research Journal of Modernization in Engineering, Technology and Science

[1172]

e-ISSN: 2582-5208

International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:01/January-2022 Impact Factor- 6.752 www.irjmets.com VANET devices and provide users with some valuable service for pay as you use fashion. VCC collaborates with VANET entities like RSU or vehicles in a specific range (almost 300 meters) to make a cloud of shared resources with ample computing facilities[3]. VCC aims to manage onboard computing, storage resources, sensing devices and communication facilities to overcome resource limitations and overwhelmed service requirements. VCC provides various applications; the most significant is traffic management, data outsourcing, outsource computation, access control, sharing data and other value-added services such as infotainments, road safety, traffic management and autonomous driving. Security of VCC is the biggest challenge in the VCC story because of its specific characteristics like the multi-tenancy nature of the cloud, rapid resources, high vehicle mobility, and short-range of shared devices. In the next section, we will provide security requirements and potential attacks.

II.

SECURITY ANALYSIS OF VCC

This section will present security requirements and a potential attack on VCC. Along with inhered cloud computing security requirements, VCC has other security challenges. The leading characteristic of VCC that makes it distinguish from cloud computing is dynamically changing the number of computing resources. Furthermore, VCC vehicles are not trustworthy because they come in a share resource pool for a short period and then leave that resource pool. No neighbor of one vehicle stays for an extended period, and each vehicle has a continuously changing neighbor that causes trust issues[4]. Moreover, VCC can allow potential malicious vehicles to use the resources that provide computing services to other resources. These features bring novel challenges added to cloud computing security challenges. We taxonomy types of attack as below mentioned attack model.

Fig 2: Attack model of VCC In the rest of this section, we will explain each type of attack. Internal vs External attack: Internal attackers have authorized VCC members to enter and use VCC resources with legal access. While external attackers are not authorized to enter VCC, they attack by maliciously entering the network. For example, they can cause physical damage to RSU or other static infrastructure. Active vs passive attack: An active attack can instantly attack messages, signals, and other sources, such as injecting a false message. Active attacker tempers the integrity of stored information on the cloud. This information can be important documents, stored data, more sensitive information, and executable code. In contrast to active attackers, passive attackers do not actively alter data while using information for future use. They can work as an eavesdropper in a wireless network. Malicious attacker vs non-malicious attacker: The malicious attacker has malicious intentions despite his benefit. This type of attacker can spread malware in the system and disrupt or even collapse the system. A non-malicious attacker can also be called a greedy attacker who has a personal intention to attack the system. For example, they can spread a message about the emergency system and slow down the traffic. www.irjmets.com

@International Research Journal of Modernization in Engineering, Technology and Science

[1173]

e-ISSN: 2582-5208

International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:01/January-2022 Impact Factor- 6.752 www.irjmets.com Local vs global attacker: Local and global attackers have a difference in their scope. The local attacker has effects on limited vehicles. For example, they can deploy eavesdropping stations for a limited number of VCC entities or nearby vehicles. In contrast, the global attacker has a broader domain and can control numerous VCC entities; hence can get a broader range of information in the vehicular cloud network. Based on the model mentioned above, either internal or external, Global Passive Attacker (GPA) can be most harmful by eavesdropping on the global broadcast information and breaking location privacy for their desired range of vehicles. GPA can create their eavesdropping station by use of existing infrastructures like RSU

III.

SECURITY REQUIREMENTS AND POTENTIAL ATTACKS

This section will present basic security requirements and list potential attacks on those security requirements. Authentication: Authentication is an essential requirement of VCC that distinguishes malicious entities from legitimate entities. VCC system should be able to recognize legitimate VCC entities. Authentication requirements can be further sub-divided into message authentication and user authentication. Authorization: It should be ensured that legitimated VCC entities have access to only the exemplary VCC service based on a pre-defined set of rules. There should be some Service Level Agreement (SLA) to define which VCC entity can access specific VCC services. Availability: Availability requirement deals with the process of messages between entities of VCC on time to avoid disruption of service. A low-cost cryptographic algorithm can achieve availability to ensure that messages reach at destination within the desired time without tempering. Data confidentiality: In its origin, data confidentiality is a requirement of reaching data to the destination entity confidentially. Data confidentiality is not a top priority since most messages are public in the VCC environment. It is mainly needed for some confidential messages between two entities. Data Integrity: Data transfer between two entities should be verified to detect manipulation, deletion, or modification of original data. Table 1: potential attacks on vehicular cloud computing No

Attack

Compromised security requirement

1

Denial of Service

Availability

2

Man in Middle attack

Integrity

3

Masquerading

Authentication

4

Impersonation

Authentication

5

Jamming

Availability

6

Location spoofing

Confidentiality

7

Location tracking

Privacy Authentication

8

Replay

Integrity Confidentiality

9

www.irjmets.com

Information forgery

Confidentiality Integrity

@International Research Journal of Modernization in Engineering, Technology and Science

[1174]

e-ISSN: 2582-5208

International Research Journal of Modernization in Engineering Technology and Science ( Peer-Reviewed, Open Access, Fully Refereed International Journal ) Volume:04/Issue:01/January-2022 Impact Factor- 6.752 www.irjmets.com 10

Deletion

Integrity

11

Sybil

Authentication

IV.

CONCLUSION

This paper presents a broad overview of vehicular cloud computing networks, their essential concepts and security issue. Vehicular cloud computing is an emerging hybrid technology that merges cloud computing with an intelligent transport system. Vehicular cloud computing needs intensive care in its security domain. In the future, we will expand our work by discussing the layered approach of vehicular cloud computing and security challenges on each layer.

V.

REFERENCE

[1]

P. Kohli, S. Sharma, and P. Matta, "Security of Cloud-Based Vehicular Ad-Hoc Communication Networks, Challenges and Solutions," in 2021 Sixth International Conference on Wireless Communications, Signal Processing and Networking (WiSPNET), 2021: IEEE, pp. 283-287.

[2]

M. Muhammad and G. A. Safdar, "Survey on existing authentication issues for cellular-assisted V2X communication," Vehicular Communications, vol. 12, pp. 50-65, 2018.

[3]

A. Masood, D. S. Lakew, and S. Cho, "Security and Privacy Challenges in Connected Vehicular Cloud Computing," IEEE Communications Surveys & Tutorials, vol. 22, no. 4, pp. 2725-2764, 2020.

[4]

B. Ahmed, A. W. Malik, T. Hafeez, and N. Ahmed, "Services and simulation frameworks for vehicular cloud computing: a contemporary survey," EURASIP Journal on Wireless Communications and Networking, vol. 2019, no. 1, pp. 1-21, 2019.

www.irjmets.com

@International Research Journal of Modernization in Engineering, Technology and Science

[1175]