Home Engineering Verifiable Privacy Protection for Vehicular Communication Systems
We consider several different types of attackers. They all have the same goal of subverting the privacy protection and learning the exact origin, destination, start, and end times of participants’ trips but have different capabilities.
A.1 The malicious back end provider can access all central databases deployed in our scheme but is unable to eavesdrop on local V2X communication. We argue that this a realistic attacker model because back end providers have full access to the data they store. Ubiquitous surveillance of V2X communication, in contrast, is very hard to achieve as it would require the attacker to be in transmission range whenever two vehicles exchange messages.
A.2 The active insider attacker possesses valid credentials for the V2X system and actively participates in our system in order to subvert other users’ privacy.
A.3 The passive insider attacker has valid credentials, too, but only eavesdrops on communication taking place in his vicinity without actively participating in our system.
A.4 The outsider attacker is equipped with a V2X communication device but does not posses valid credentials. This is a very weak attacker, merely listed for completeness.
|< Prev||CONTENTS||Next >|