CCMS Authorization Functional Area
Description
'CCMS Authorization' components provide authorization credentials (e.g., pseudonym certificates) to end entities. The end entity applies for and obtains authorization credentials, enabling the end entity to enter the "Operational" state. This function requires an interactive dialog, including at minimum a Certificate Request from the end entity desiring certificates. This request will be checked for validity, with the embedded enrollment certificate checked against an internal blacklist. If all checks are passed, this function will distribute a bundle of linked pseudonym certificates suitable for use by the requesting end entity, with the characteristics and usage rules of those certificates dependent on the operational policies of the CCMS. It also provides the secure provisioning of a given object's Decryption Key in response to an authorized request from that object. The retrieved Decryption Key will be used by the receiving object to decrypt the "next valid" batch within the set of previously retrieved Security Credential batches.
Included In
Functional Requirements
ID | Requirement |
---|
01 | The Center shall generate credential identifiers using facilities that are independently owned and operated from one another. |
---|
02 | The Center shall assign two or more non–unique identifiers, that when combined are unique, to each credential it distributes. |
---|
03 | The Center shall verify information received in pseudonym requests. |
---|
04 | The Center shall coordinate the distribution of credentials with other Centers. |
---|
05 | The Center shall store credential identifiers using facilities that are independently owned and operated from one another. |
---|
06 | The Center shall provide Vehicle pseudonymous credentials in response to valid Vehicle pseudonym requests. |
---|
07 | The Center shall provide Personal Device pseudonymous credentials in response to valid Personal Device pseudonym requests. |
---|
08 | The Center shall provide Center pseudonymous credentials in response to valid Center pseudonym requests. |
---|
09 | The Center shall provide Connected Vehicle Roadside Equipment pseudonymous credentials in response to valid Connected Vehicle Roadside Equipment pseudonym requests. |
---|
10 | The Center shall accept user permission information from Centers authorized to provide that information. |
---|
11 | The Center shall acquire identifiers relevant to ITS services from the relevant registry of such identifiers |
---|