Suppr超能文献

通过认证票据保护SOME/IP通信。

Protecting SOME/IP Communication via Authentication Ticket.

作者信息

Lee Seulhui, Choi Wonsuk, Lee Dong Hoon

机构信息

School of Cybersecurity, Korea University, Seoul 02841, Republic of Korea.

出版信息

Sensors (Basel). 2023 Jul 11;23(14):6293. doi: 10.3390/s23146293.

DOI:10.3390/s23146293
PMID:37514588
原文链接:https://pmc.ncbi.nlm.nih.gov/articles/PMC10384523/
Abstract

Designed using vehicle requirements, Scalable service-Oriented MiddlewarE over IP (SOME/IP) has been adopted and used as one of the Ethernet communication standard protocols in the AUTomotive Open System Architecture (AUTOSAR). However, SOME/IP was designed without considering security, and its vulnerabilities have been demonstrated through research. In this paper, we propose a SOME/IP communication protection method using an authentication server (AS) and tickets to mitigate the infamous SOME/IP man-in-the-middle (MITM) attack. Reliable communication between the service-providing node and the node using SOME/IP communication is possible through the ticket issued from the authentication server. This method is relatively light in operation at each node, has good scalability for changes such as node addition, guarantees freshness, and provides interoperability with the existing SOME/IP protocol.

摘要

基于车辆需求设计的基于IP的可扩展面向服务中间件(SOME/IP)已被采用并用作汽车开放系统架构(AUTOSAR)中的以太网通信标准协议之一。然而,SOME/IP在设计时未考虑安全性,并且其漏洞已通过研究得到证实。在本文中,我们提出了一种使用认证服务器(AS)和票据的SOME/IP通信保护方法,以减轻臭名昭著的SOME/IP中间人(MITM)攻击。通过认证服务器颁发的票据,可以实现使用SOME/IP通信的服务提供节点与节点之间的可靠通信。该方法在每个节点上的操作相对轻量级,对于诸如节点添加等变化具有良好的可扩展性,保证了时效性,并提供了与现有SOME/IP协议的互操作性。

https://cdn.ncbi.nlm.nih.gov/pmc/blobs/807b/10384523/12e25d493a45/sensors-23-06293-g001.jpg

相似文献

1
Protecting SOME/IP Communication via Authentication Ticket.
Sensors (Basel). 2023 Jul 11;23(14):6293. doi: 10.3390/s23146293.
2
An Authentication and Secure Communication Scheme for In-Vehicle Networks Based on SOME/IP.
Sensors (Basel). 2022 Jan 14;22(2):647. doi: 10.3390/s22020647.
3
Automotive IoT Ethernet-Based Communication Technologies Applied in a V2X Context via a Multi-Protocol Gateway.
Sensors (Basel). 2022 Aug 24;22(17):6382. doi: 10.3390/s22176382.
4
A Service-Oriented Real-Time Communication Scheme for AUTOSAR Adaptive Using OPC UA and Time-Sensitive Networking.
Sensors (Basel). 2021 Mar 27;21(7):2337. doi: 10.3390/s21072337.
5
Security Analysis and Improvement of Vehicle Ethernet SOME/IP Protocol.
Sensors (Basel). 2022 Sep 8;22(18):6792. doi: 10.3390/s22186792.
6
Design of a CANFD to SOME/IP Gateway Considering Security for In-Vehicle Networks.
Sensors (Basel). 2021 Nov 27;21(23):7917. doi: 10.3390/s21237917.
7
A Multi-Layer Intrusion Detection System for SOME/IP-Based In-Vehicle Network.
Sensors (Basel). 2023 Apr 28;23(9):4376. doi: 10.3390/s23094376.
8
An Authentication Protocol for Future Sensor Networks.
Sensors (Basel). 2017 Apr 28;17(5):979. doi: 10.3390/s17050979.
9
Design of a FlexRay/Ethernet Gateway and Security Mechanism for In-Vehicle Networks.
Sensors (Basel). 2020 Jan 23;20(3):641. doi: 10.3390/s20030641.
10
State-of-the-art survey of in-vehicle protocols and automotive Ethernet security and vulnerabilities.
Math Biosci Eng. 2023 Aug 29;20(9):17057-17095. doi: 10.3934/mbe.2023761.

引用本文的文献

1
A domain key-based secure SOME/IP protocol.
PLoS One. 2025 Sep 5;20(9):e0331069. doi: 10.1371/journal.pone.0331069. eCollection 2025.

本文引用的文献

1
Security Analysis and Improvement of Vehicle Ethernet SOME/IP Protocol.
Sensors (Basel). 2022 Sep 8;22(18):6792. doi: 10.3390/s22186792.
2
An Authentication and Secure Communication Scheme for In-Vehicle Networks Based on SOME/IP.
Sensors (Basel). 2022 Jan 14;22(2):647. doi: 10.3390/s22020647.

文献AI研究员

20分钟写一篇综述,助力文献阅读效率提升50倍。

立即体验

用中文搜PubMed

大模型驱动的PubMed中文搜索引擎

马上搜索

文档翻译

学术文献翻译模型,支持多种主流文档格式。

立即体验