e-ISSN: 2582-5208

International Research Journal of Modernization in Engineering Technology and

Science
Volume:01/Issue:01/ January-2022 Impact Factor- 6.752 www.irjmets.com

SECURITY CHALLENGES OF VEHICULAR CLOUD COMPUTING

Mr. Gopala Krishna Sriram*1
*1Software Architect, EdgeSoft Corp, McKinney, TX USA

ABSTRACT
Transportation technology has gained improvement drastically by leveraging the benefits of information
technology. Vehicles are more intelligent than ever with the help of their connected capability and wireless
networks. Modern vehicles can be connected to other vehicles, pedestrians, and roadside units to make a network.
A novel concept of vehicular cloud computing came on the board to leverage computational facilities available on
each vehicle and passenger. Vehicular cloud computing attempts to make a cloud of vehicles and roadside units.
Vehicular cloud computing suffers from many challenges; security and privacy are some of these challenges. This
research will reveal the core concepts of vehicular cloud computing and the security challenges it faces.

Keywords: Security, Cloud Computing, Authentication, Authorization, Availability, Data Confidentiality, Data
Integrity, Etc.
I. Introduction

The massive increase in the human population brings a proportional rise in vehicles. Statistics claim that one
billion vehicles travel on roads while increasing to twice by 2050[1]. Along with travel facilities, this rush of
vehicles brings many challenges like road jamming, roadside accident, pollution and many more. Intelligent
Transport System (ITS) is a fruitful effort to overcome these issues. These connected vehicles are equipped with
embedded systems like onboard unit (OBU), electronic control unit, application unit, head unit to achieve a target
of intelligent driving. In ITS, vehicles can communicate and share helpful information in the communication
models as Vehicle to Vehicle (V2V) communication for communication among vehicles. Vehicle to
Infrastructure (V2I) communication, vehicles can communicate with Road Side Unit (RSU) connected devices
along the road. It is also sometimes referred to as (Vehicle to Network) V2N. Vehicle to Pedestrian (V2P)
communication, vehicles communicate with pedestrian's on-road using computing devices such as mobile phones
or laptops.

Fig 1: vehicle to the everything (V2X) communication model[2]

A vehicular Ad-hoc Network (VANET) is formed to achieve the aforementioned connections. VANET is a wireless
networking model for providing safety and other not safety services to vehicles. In VANET, vehicles and other
connected devices can communicate using Dedicated Short Range Communication (DSRC), the most widely used
communication technology in V2X communication. Furthermore, Long Term Evolution (LTE), also described as
V2X-LTE, has gained massive interest in the V2X communication glob. 5G technologies are also making their room
in the V2X communication paradigm[2]
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science
[1]
 e-ISSN: 2582-5208
International Research Journal of Modernization in Engineering Technology and
Science
Volume:01/Issue:01/ January-2022 Impact Factor- 6.752 www.irjmets.com

Vehicular Cloud Computing (VCC) is a new hybrid technology that attempts to leverage computing resources in
VANET devices and provide users with some valuable service for pay as you use fashion. VCC collaborates with
VANET entities like RSU or vehicles in a specific range (almost 300 meters) to make a cloud of shared resources
with ample computing facilities[3]. VCC aims to manage onboard computing, storage resources, sensing devices
and communication facilities to overcome resource limitations and overwhelmed service requirements. VCC
provides various applications; the most significant is traffic management, data outsourcing, outsource
computation, access control, sharing data and other value-added services such as infotainments, road safety, traffic
management and autonomous driving. Security of VCC is the biggest challenge in the VCC story because of its
specific characteristics like the multi-tenancy nature of the cloud, rapid resources, high vehicle mobility, and short-
range of shared devices. In the next section, we will provide security requirements and potential attacks.

II. Security analysis of VCC:

This section will present security requirements and a potential attack on VCC. Along with inhered cloud computing
security requirements, VCC has other security challenges. The leading characteristic of VCC that makes it
distinguish from cloud computing is dynamically changing the number of computing resources. Furthermore, VCC
vehicles are not trustworthy because they come in a share resource pool for a short period and then leave that
resource pool. No neighbor of one vehicle stays for an extended period, and each vehicle has a continuously
changing neighbor that causes trust issues[4].

Moreover, VCC can allow potential malicious vehicles to use the resources that provide computing services to
other resources. These features bring novel challenges added to cloud computing security challenges. We
taxonomy types of attack as below mentioned attack model.

Fig2: Attack model of VCC

In the rest of this section, we will explain each type of attack.

Internal vs External attack:

Internal attackers have authorized VCC members to enter and use VCC resources with legal access. While external
attackers are not authorized to enter VCC, they attack by maliciously entering the network. For example, they can
cause physical damage to RSU or other static infrastructure.

Active vs passive attack:

An active attack can instantly attack messages, signals, and other sources, such as injecting a false message. Active
attacker tempers the integrity of stored information on the cloud. This information can be important documents,
stored data, more sensitive information, and executable code. In contrast to active attackers, passive attackers do
not actively alter data while using information for future use. They can work as an eavesdropper in a wireless
network.
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science
[2]
 e-ISSN: 2582-5208
International Research Journal of Modernization in Engineering Technology and
Science
Volume:01/Issue:01/ January-2022 Impact Factor- 6.752 www.irjmets.com

Malicious attacker vs non-malicious attacker:

The malicious attacker has malicious intentions despite his benefit. This type of attacker can spread malware in the
system and disrupt or even collapse the system. A non-malicious attacker can also be called a greedy attacker who
has a personal intention to attack the system. For example, they can spread a message about the emergency system
and slow down the traffic.

Local vs global attacker:

Local and global attackers have a difference in their scope. The local attacker has effects on limited vehicles. For
example, they can deploy eavesdropping stations for a limited number of VCC entities or nearby vehicles. In
contrast, the global attacker has a broader domain and can control numerous VCC entities; hence can get a broader
range of information in the vehicular cloud network.
Based on the model mentioned above, either internal or external, Global Passive Attacker (GPA) can be most
harmful by eavesdropping on the global broadcast information and breaking location privacy for their desired
range of vehicles. GPA can create their eavesdropping station by use of existing infrastructures like RSU

III. Security requirements and potential attacks

This section will present basic security requirements and list potential attacks on those security requirements.

Authentication:
Authentication is an essential requirement of VCC that distinguishes malicious entities from legitimate entities.
VCC system should be able to recognize legitimate VCC entities. Authentication requirements can be further sub-
divided into message authentication and user authentication.

Authorization:
It should be ensured that legitimated VCC entities have access to only the exemplary VCC service based on a pre-
defined set of rules. There should be some Service Level Agreement (SLA) to define which VCC entity can access
specific VCC services.

Availability:
Availability requirement deals with the process of messages between entities of VCC on time to avoid disruption of
service. A low-cost cryptographic algorithm can achieve availability to ensure that messages reach at destination
within the desired time without tempering.

Data confidentiality:
In its origin, data confidentiality is a requirement of reaching data to the destination entity confidentially. Data
confidentiality is not a top priority since most messages are public in the VCC environment. It is mainly needed for
some confidential messages between two entities.

Data Integrity:
Data transfer between two entities should be verified to detect manipulation, deletion, or modification of original
data.
No Attack Compromised security
requirement
1 Denial of Service Availability
2 Man in Middle attack Integrity
3 Masquerading Authentication
4 Impersonation Authentication
5 Jamming Availability
6 Location spoofing Confidentiality
7 Location tracking Privacy
8 Replay Authentication
Integrity
www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science
[3]
 e-ISSN: 2582-5208
International Research Journal of Modernization in Engineering Technology and
Science
Volume:01/Issue:01/ January-2022 Impact Factor- 6.752 www.irjmets.com
Confidentiality
9 Information forgery Confidentiality
Integrity
10 Deletion Integrity
11 Sybil Authentication
Table 1: potential attacks on vehicular cloud computing

IV. Conclusion and future work:

This paper presents a broad overview of vehicular cloud computing networks, their essential concepts and
security issue. Vehicular cloud computing is an emerging hybrid technology that merges cloud computing with an
intelligent transport system. Vehicular cloud computing needs intensive care in its security domain. In the future,
we will expand our work by discussing the layered approach of vehicular cloud computing and security challenges
on each layer.

Reference:
[1] P. Kohli, S. Sharma, and P. Matta, "Security of Cloud-Based Vehicular Ad-Hoc Communication Networks,
Challenges and Solutions," in 2021 Sixth International Conference on Wireless Communications, Signal
Processing and Networking (WiSPNET), 2021: IEEE, pp. 283-287.
[2] M. Muhammad and G. A. Safdar, "Survey on existing authentication issues for cellular-assisted V2X
communication," Vehicular Communications, vol. 12, pp. 50-65, 2018.
[3] A. Masood, D. S. Lakew, and S. Cho, "Security and Privacy Challenges in Connected Vehicular Cloud Computing,"
IEEE Communications Surveys & Tutorials, vol. 22, no. 4, pp. 2725-2764, 2020.
[4] B. Ahmed, A. W. Malik, T. Hafeez, and N. Ahmed, "Services and simulation frameworks for vehicular cloud
computing: a contemporary survey," EURASIP Journal on Wireless Communications and Networking, vol. 2019,
no. 1, pp. 1-21, 2019.

www.irjmets.com @International Research Journal of Modernization in Engineering, Technology and Science

[4]