Professional Documents
Culture Documents
Abstract—Metropolitan transportation is dynamic and non- more probability of occurrence of third party involvement for
linear complex system. In this system there are possibilities observing and analyzing the communication entities. These
of altering, monitoring, forging, and accessing private, public problems can be avoided and solved by using privacy tech-
and resource information of depot staffs and communicating
agents by unauthorized agencies in a metropolitan area. Existing nique, that is, anonymity. The technique anonymity hides real
solutions for protecting privacy of depot staff and communicating identity of communicating entities and interacts anonymously
agents do not adapt to the dynamic occurrence of real time with neighbors. The anonymous communicating entities be-
events information and hence they are not sufficient for the comes malicious whenever they compromise completely [4],
randomness and non-linear complex systems. In this paper, we [7], [8] which is a serious issue because it is impossible to
propose privacy preservation scheme for intelligent transport
system’s depot in a metropolitan area. The scheme provides identify and remove them from the network. To solve this kind
privacy during the exchange of information of vehicle allocation, of issue we need of a strong privacy preservation technique
dispatch, revocation, financial, and maintenance. The absence of for the communicating entities and removing their privacy i.e.,
proposed privacy preservation scheme leads to anomalies like making non-anonymous. It is achieved only when disclosing
impersonation of genuinity, malicious, and greedy staff. We use the real identification information of malicious entities and
Emergent Intelligence (EI) technique to collect, analyse, share,
and to take dynamic decisions to protect the privacy of depot’s making them no more anonymous.
staff. The EI technique brings autonomy, flexibility, adaptiveness, Most of the schemes proposed for anonymity use a public
robustness, self-organization and evolution to take into account key infrastructure (PKI). The commonly used PKI based in-
the randomness and non-linearity complex systems behavior of frastructures are RSA and elliptical curve cryptosystem (ECC).
transportation system in a metropolitan area. The proposed The ECC based schemes have less computational cost and
scheme is implemented in Crypto++ package and its results
indicate that the scheme efficiently preserves transport depots smaller key size compared to RSA-based anonymity schemes
privacy in a metropolitan area. for providing same level of privacy protection, hence ECC is
more suitable than the RSA [7]–[11], [14], [16], [19], [20] for
Index Terms—Agent; Elliptic Curve Cryptography; Emergent
Intelligence; Metropolitan area; Privacy; Pseudonyms. intelligent transportation.
Group signature based schemes [3]–[5], [9], [10] and the
pseudonyms authentication schemes [3], [6]–[8], [11]–[15],
I. I NTRODUCTION [27] are recorded as anonymous authentication schemes to
The metropolitan areas are highly congested with more than address the security and privacy issues in ad-hoc networks.
one urban areas, satellite cities, rural areas, etc. It is divided In ad-hoc network all these schemes have computational
into regions and each region is again subdivided into zones. power and bandwidth limitations. PP-CP-ABE scheme [21]
In each region a depot is built (especially metropolitan cities preserves the privacy of users using access policies. These
in India) to meet the required needs. A depot is a premise access policies are formed using user attributes. Furthermore,
where resources (e.g., vehicles, fuel and staffs) are stored, authors have proposed PP-AB-BE scheme here they used
managed and allocated by the manager (e.g., agent). Due to hidden access policy, either with or without specifying the
the heterogeneous behavior of commuters’ arrival rates, staff, receivers and showed that it reduces the storage and communi-
and vehicles in transport depots [1], [2], there may be the cation overhead. A broadcast group key management (BGKM)
possibilities of altering, monitoring and forging the public and scheme [22] formalized for managing the key and proposed
private information of transport depots and staff as well by an attribute based access control policies while preserving the
third parties during interaction [3]. These third parties can user’s identity attributes privacy for sharing the documents in
use the private and public data to create traffic congestion, an untrusted cloud storage service. The approach is to encrypt
under utilization of surplus resources, blocking the lanes, etc. and decrypt the documents, whenever the document satisfies
Hence, the intelligent public transport system faces privacy the policies and keys, and is supported by BGKM scheme.
and security challenges [30]–[32] in a metropolitan city. Due Most of the above mentioned privacy preservation scheme
to the advancement of various information and communication faces some drawbacks like, computation overhead, disclosing
technologies (ICTs) [4]–[6] and their deployments resulted in anonymity of communication entities, identification and revo-
cation of malicious communication entities, RSUs are easily
Suresh Chavhan is with the Automotive Research Centre, School
of Electronics Engineering, VIT University, Vellore, Tamil Nadu, India. compromisable and vulnerable to physical attacks, they take
Email:suresh.chavhan046@gmail.com more latency for pseudonymous key generation, they will not
preserve and disclose privacy depending upon circumstances, which issues initial security keys and parameters. 2. RoadSide
and they are not efficient for distributed environments. Units (RSUs): They are installed in an open environment at
In this paper, we propose a privacy preservation scheme for the road side, intersections, etc. They are more possibility
Intelligent Public Transport System’s depots using Emergent of occurrence of physical breaches, therefore RSUs are not
Intelligence Technique in a metropolitan area. The proposed fully trusted. We assume that RTA monitors continuously the
privacy preservation scheme is based on the policies of trans- functions of RSUs and detects their malicious behavior in a
port depot’s staff, Pseudonmous technique, Cryptographic tech- limited periods of time.
niques, Bilinear pairing and Emergent Intelligence technique. Communication Network Model:
In the intelligent public transport system’s depot, staffs are The proposed privacy preservation scheme’s communication
divide into three levels depending upon their grades and at network model at a region in a metropolitan area is shown
each level different percentage of privacy will be provided. in Figure 1. Communication network model consists of agent,
The level of privacy will be determined by using policy, RSUs, vehicles and RTA. The regional office, RTA, contin-
which is formed and given by the regional trusted authority uously monitors and manages RSUs. The presence of RTA
at a depot. These policies are formed using credentials of helps to revocate malicious behavior of agents by sending
depot staff which contains type of staff, working time, work- the revocation developed technology, especially for vehicle to
ing place, authentication information, signature of regional vehicle (V2V) and vehicle to roadside unit (V2R) communi-
trusted authority, and pseudonyms. The Emergent Intelligence cation, called dedicated short-range communication (DSRC).
technique is used for collection, analysis, sharing and taking Time synchronization among RSUs and agents is assumed for
dynamic decisions like degree of information need to be validating the pseudonyms time to live.
shared among depot staff and revocation of depot staff in
a metropolitan area. The policy based preservation scheme
provides the accurate and reliable information (like resource
available, resource allocated, traffic conditions, etc.) to the
transport depot’s agents for sharing with the neighbor depot’s
agents.
The rest of the paper is organized as follows. Section II
describe definitions, assumptions and concepts required for
the proposed scheme. In Section III presents principle of EI
technique. In Section IV and V describe the principles of
privacy preservation scheme and policy based transport depot
staff. Section VI includes performance analysis of proposed Fig. 1. Communication network model at a region in a metropolitan area
schemes and results; and conclusions are drawn in Section
VII. Policy based Privacy:
A policy specifies the constraints under which a specific action
II. D EFINITIONS AND A SSUMPTIONS USED IN WORK can be performed on a certain sensitive resource [25]. There
are two cryptographic primitives for enabling the ’privacy-
In this section, we briefly describe definitions, assumptions,
aware’ policy enforcement:
communication network model, attack model, and some math-
ematical concepts background necessary for proposed privacy 1) policy based encryption: It allows to encrypt data ac-
preservation scheme in a metropolitan area. cording to a policy so that only entities fulfilling the
Public Transport Depot: policy are able to successfully perform the decryption
In metropolitan area a public transport depot is transport and retrieve the plain text data.
system’s operating base [23]. The depot provides maintenance, 2) policy based signature: It allows to generate a digital
servicing, monitoring and parking accommodation for vehi- signature on data with respect to a policy so that only
cles; Allocating and dispatching vehicles; and it also provides entities satisfying the policy are able to generate a valid
facilities, administrative functions, engineering and managerial signature.
functions for staffs. At depot there are three major grades of These cryptographic primitives have many applications, such
staffs, i.e., Depot Manager (DM); Operations and Engineering as access control, privacy policies, trust establishment, and
Manager (OEM); and Administrative, Personnel and Accounts automated trust negotiation. In this paper, we use policy based
Staff (APAS). These staffs are called as Depot Staff (DS) in encryption cryptographic primitive for privacy preservation of
a metropolitan area. Each of these staffs do their respective transport depot staffs during the exchange and/or access of
functions. Whenever there is a request from the neighbor depot information about the vehicle allocation, dispatch, revocation,
about the scarcity of resources (vehicles, staffs, etc.), then financial, and maintenance. At the transport depot without
public transport depot provides the required amount and type the privacy preservation scheme leads to the occurrence of
of resources needed. anomalies, like impersonation of a genuinity, malicious and
Assumptions: greedy staffs in a metropolitan area.
1. Regional Trusted Authority (RTA): It is deployed in the de- Attack Model:
pot. We assume that it is trusted and can not be compromised, Attack model is developed over the designed privacy policies.
During communication among entities (like vehicles, RSUs III. E MERGENT I NTELLIGENCE T ECHNIQUE (EIT)
and agents) in the metropolitan area there is a possibility The EIT is an extension of Multi-Agent System (MAS)
of occurrence of attackers. These attackers can be easily where agents group activities and individual independent
monitor, forge and alter more sensitive information, such as decisions making are incorporated. The EIT is collective
surplus resource, deficit resource, depot’s history, allocated intelligence of a group of agents [24], [35]–[37]. These
resource, etc. The malicious tasks are done by attackers group of agents cooperatively (whenever agents are compatible
in the metropolitan area. Here, we classified attackers as towards completing tasks execution), coordinately (whenever
internal and external. The external attacker observes ongoing there is need of agents joint actions for executing tasks) and
communication and analyzes traffic related data, but they can collaboratively (whenever agent has insufficient ability to carry
not decipher messages. The malicious agents and staffs are out tasks) interacts among themselves to provide dynamic
internal attackers, and they have full rights to access both independent decisions for the given problems. The EIT can be
public and private information of transport depots and hence used for independent tasks and their sub-tasks, which could be
they are very powerful attackers. There are several possible parallelly executes and provides partial (or complete) solution.
types of attack scenarios in metropolitan areas, some of them
are listed as follows:
1. Impersonate a genuine agent: The attacker may pretend to
be staff to fool others.
2. Malicious staff: The malicious behavior of staff may results
into illegal access of information (for example personal and
public). This may dangerously affects during emergency situ-
ations. The attackers may act like malicious vehicles, RSUs
and staff to carry out their functions.
3. Greedy staffs: The greedy behavior of staffs try to use Fig. 2. Scenario of 3 nodes network with task and its sub-tasks.
resources just for their own goals. The serous problem may
results during peak periods and traffic jam. This is because To illustrate consider the task tA in 3-nodes network (See
prediction condition may become false and therefore genuine Figure 2). As per the objectives of the task, it is possible to
staffs may affect their services with significant delay. split the task tA into 3-sub-tasks (stA1 , stA2 and stA3 ) which
Our scheme handles all the above mentioned attacks and can be independently solved by the 3 agents. Since the task is
ensures that privacy of transport depot staff and anonymity initiated at node A and the EIT is deployed in it, which creates
of agents communication are preserved, which are discussed 3-agents A1, A2 and A3 and migrates them to all 3-nodes A,
in the subsequent sections. B and C, respectively. The task tA is independently solved by
Background of mathematical concepts required for privacy: all the agents by considering the relevant information available
The basic mathematical concepts required for the design of locally and globally. Finally, the decision is communicated to
our proposed scheme are presented in this subsection. the main task solving agent A1 as per the following equation
1) Bilinear Pairing: The bilinear mapping is a function
D(tA ) = D(stA1 ) + D(stA2 ) + D(stA3 ) (1)
used in our proposed scheme, which uses pairing be-
tween elements of two groups to another group element where D(stA1 ), D(stA2 ) and D(stA3 ) are the partial or full
with a mapping function. The definition of bilinear decisions taken at nodes A, B and C, respectively. The same
mapping provides following properties [26]. problem would have been solved by the MAS exclusively at
Definition- Let two groups g1 and g2 with same order p, node A by collecting the relevant information from nodes B
where p = q n , q is a prime and n ∈ Z+ , g1 and g2 are and C.
two additive and multiplicative groups respectively, the In the literature, we can observe that some of the attempts
bilinear mapping ê : g1 × g1 → g2 satisfies following 3 made to use the EI for solving problems [33], [34]. But it is not
properties. clear, how this technique can be used for the problem solving
a) Bilinearity: ∀X, Y ∈ g1 , ∀c, d ∈ Z∗p : ê(cX, dY ) = in the uncertainty domains (like metropolitan area, where
ê(X, Y )cd , where Z∗p = [1, 2, ..., p − 1] dynamic demands, requirements, etc., occurs frequently).
b) Non-degeneracy: If X is a generator of g1 , then In this paper, transport depot’s staff information, such as
ê(X, X) is a generator of g2 . private, public and resource information collection, analysis,
c) Computability: There is an efficient algorithm to sharing and taking dynamic decisions to preserve privacy of
compute bilinear map ê : g1 × g2 them are done using EIT in a metropolitan area.
2) Elliptic Curve Discrete Logarithm Problem (ECDLP):
Given points X and Y in the group, find a number k IV. P OLICY BASED PRIVACY PRESERVATION SCHEME FOR
such that Xk = Y . The ECDLP is a well known hard INTELLIGENT TRANSPORT SYSTEM ’ S DEPOT STAFF
problem described in [?], [10], [11]. As we know the metropolitan area is divided into regions,
3) Bilinear Diffie-Hellman Problem (BDHP): Given and in each region a depot is built. In this section, we present
(X, a.X, b.X, c.X) for a, b, c ∈ Zp and it computes: policy-based privacy preservation system setup, three levels
e(X, X)abc [26]. of depot staffs privacy preservation at depot and Emergent
Intelligence technique based privacy preservation among depot provided by RTA using signature procedure. An assertion is
staffs. Table I shows the notations and their description used denoted as A ∈ {0, 1}∗. These credentials are generated using
in proposed scheme. the CredGen algorithm by RTA whenever an assertion is valid.
CredGen: The credential generation (CredGen) algorithm
TABLE I takes input as valid assertion A and RTA’s master key β, and
N OTATIONS USED IN TRANSPORT DEPOT STAFFS PRIVACY POLICY it gives output ξ(RT AP K , A) = β.h0 (A).
Notation Description
Here, we define a policy using logical expressions, which
k Secret key consists of conjunctions (∧) and disjunctions (∨) with creden-
β RTA’s master key tials of users. All these credentials are defined by the regional
C Policy encryption trusted authority (RTA) and it certifies the validity of them.
P oli ith policy The proposed policy-based privacy preservation scheme in a
C̄ Policy decryption depot has three levels of staffs depending upon grades of
M Message
them. The hierarchy of staffs in depots are as follows: (1)
Certi Certificate of ith level staff
Administrative, Personnel, and Accounts staff, (2) Operation
CIDi Certificate id of ith level staff
MID Manager id
and Engineering Manager, and (3) Depot Manager as shown
SigAlg Algorithm used to create to signature
in Figure 3. The proposed policy-based privacy preservation
RID RTA’s id
Val Validity of certificate
P KM ID Public key of MID
RT AP K RTA’s public key
RT ASK RTA’s private key
MT ype Message type either request or response
A. System Setup
The policy based privacy aware cryptosystem (PAC) setup
procedure is specified by two randomized algorithms, that
Fig. 3. Hierarchy of staffs at depot
is, (1) PAC setup, and (2) Regional Trusted Authority (RTA)
setup.
scheme provides different levels of privacy to each hierarchy
PAC setup: Given a secret key k as input parameter and do
of staffs at depot depending upon the privacy parameters (as
the following:
shown in Figure 4). The privacy preservation at level 1, 2, and
1) The BDH algorithm generates (p, g1 , g2 , ê) parameters 3 are describe as follows:
2) Randomly choose a generator X ∈ g1
3) n is random number chosen from N∗ , let M = {0, 1}n.
4) Let C = g1 × ({0, 1}n)∗ × M and S = (g2 )∗ × g1 .
5) Hash functions: h0 : {0, 1}∗ → g1 , h3 : {0, 1}∗ →
Z∗p , h4 : {0, 1}∗ → {0, 1}n, h5 : {0, 1}n →
{0, 1}n, and h6 : {0, 1}∗ → Z∗p
6) P ubP aram = (p, g1 , g2 , ê, n, X, h0 , h3 , h4 , h5 , h6 )
The public parameters specify different groups and public
functions that will be used in procedures and by participants
in the system.
RTA setup: The regional trusted authority (RTA) chooses Fig. 4. Privacy levels at depot
randomly a master-key s ∈ Z∗p , and which is used to compute
the corresponding public key RT AP K = sX. All system
participants know the public key.
C. Privacy preservation at level 1
B. Transport Depot Staffs Privacy Preservation Model The administrative, personnel, and accounts staff (APAS)
at depot get registered to the RTA. During registration the
In this subsection, we discuss 3-different privacy policies
APAS provides their private information to RTA, and the RTA
for each level of depot staffs for preserving their privacy at
hides these private information and stores in its database. The
transport depots in a metropolitan area.
RTA provides authentication information (Auth-Info), such as
We define an assertion to be declaration of staff at depot.
username/password. The RTA at a depot forms policy using
An assertion provides information about the staff’s attributes,
credentials of APAS, and is given as:
properties, capabilities and so on, which is encoded as binary
strings and representations of them is out of scope of this paper. pol =< Depot , x : Staf f > ∧ < Depot , x : ID > ∧ < Depot , x : T ime >
1 i i i
Assertions are represented as credentials and their validity is ∧ < Depoti , x : Location > ∧ < RT Aj , x : Auth − Inf o >
TABLE II
N OTATIONS AND THEIR MEANING USED IN PRIVACY POLICY EXECUTION
Notation Meaning
staf f ↼ ξ(RT AP K , A) ’Staff’ has been issued credential
ξ(RT AP K , A)
staf f ⇋< RT AP K , A > ’Staff’ fulfills condition
< RT AP K , A >
staf f ⇋ pol1 ’Staff’ satisfies the policy ’pol1 ’
staf f ⇋ pol1 ⇔ staf f ↼ Set of credentials fulfills policy ’pol1 ’
ξ1,2,...,j (pol1 )
V. P ERFORMANCE A NALYSIS
In this section, we analyze performance of the system by
considering the performance measures, such as latency of
schemes, revocation latency, response time and execution time.
The proposed scheme has been scripted and implemented in
Fig. 7. Privacy model of depot staff
C++, we used the Pairing-Based Cryptography (PBC) Libraray
[29] for elliptical curve and pairing operations and we also
i,k used the Cryptopp package [28] for implementation of pro-
Pd respectively, and are given as
posed schemes. The implementation has been carried out on a
Pdi,j = P oli × P olj × Psi,j × αPpi,j and Pdi,k = P oli × P olk × Psi,k × ζPpi,k
(2) dual-CPU Intel Core i5-2400 at 3.10 GHz desktop computer
with 12-GB RAM running Fedora 25. The performance anal-
where Ps is public or shareable data and Pp is private data ysis results were averaged over 500 randomized simulation
of staff i. Similarly, probability of not disclosing private and
public data are given as follows: runs. We chose key sizes of ECC as 224 and RSA as 2048,
i,j
and ECC as 2048 and RSA as 3078 bits for providing same
Pnd = 1 − Pdi,j and Pnd
i,k
= 1 − Pdi,k (3)
level of security.
Proposed Scheme
10 RSA
Pdj,i = P olj × P oli × βPsj,i and Pdj,k = P olj × P olk × Psj,k × µPpj,k 8
(4)
6
200
Notation Description Execution
150
Time
Tmul Time for 1-point multiplication in g1 0.6 msec
100
Tpair Time for one pairing operation 4.5 msec
50 Txor Time for XOR operation 0.7 msec
0
Tcanct Time for concatenation operation 0.1 msec
0 2 4 6 8 10 12 14 16
Number of staff Tcred Time required for issuing credentials 3.5 msec
Tverf Time required to verify the policy with staff 6.5 msec
Fig. 9. Time taken to revocate the transport depot staff
TABLE V
RL E STIMATED EXECUTION TIME FOR DIFFERENT POLICIES FOR PRESERVING
time required to obtain the identity from RT A, TRT A is the PRIVACY OF STAFFS AT DEPOT
transmission time for the revocation list by RT A, T T T L is
the amount of remaining time of pseudonym to expire. The
Notation Description Execution
revocation time is denoted by T RL is given by Time
pol
Tpriv1 Execution time of preserving the privacy of the 52 msec
T RL = TSIM + TSM SR + TSE + TRSU
D ID
+ TRT RL
A + TRT A + T
TTL staff using policy 1
pol
Tpriv2 Execution time of preserving the privacy of the 62 msec
From literature, the ECPP scheme is the only scheme used to pol
staff using policy 2
revoke nodes and we compare our proposed scheme with it. In Tpriv3 Execution time of preserving the privacy of the 75 msec
staff using policy 3
our proposed scheme, searching and revoking the agent takes
very less time by the RTA and roadside units in the metropoli-
tan area compare to ECPP scheme (because it takes more
number of multiplications and pairing operations). Hence, our shows the execution time of different cryptographic operations.
pol1
proposed scheme is faster. Similarly, revocation of transport Let Tpriv is the execution time for verifying the privacy
pol1
depot staffs is done. preservation based on policy 1, Tcred is the time required to
pol1
issue credentials of staff, Tenc is the time required to encrypt
pol1
5000
the message based on policy 1, Tdec is the time required
pol1
4500
ECC 256
RSA 3072 to decrypt the message based on policy 1, Tver is the time
ECC 224
4000 RSA 2048 required to verify the policy 1. Table IV shows the different
Response Time (in milliseconds)
3500
cryptographic operations required during the policy execution.
3000
pol1
2500
The Tpriv is given as follows:
2000
pol pol pol pol pol
1500
Tpriv1 = Tcred1 + Tenc1 + Tdec 1 + Tver 1
1000
where,
500
pol1
0
0 10 20 30 40 50 60 70 80 90 100
Tenc = (TXOR + Tcant + Tmul + a(ai Tpair + 2TXOR + Tcant ))
Pseudonymity
pol1 2
Fig. 10. Response time with varying number of pseudonyms Tdec = Tcant + a(Tpair + TXOR + TXoR + Tcant + TXOR Tcant )
60 Level 1
0.8
0.1
0
Fig. 11. Execution time of preserving the privacy of the staffs using policy 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8
Percentage of private and public data disclosed
0.9 1
1,2. and 3.
2 0.04 0.8
3 0.01 0.4 5
0
12
10
25
8 20
6 15
4
proposed scheme preserves the privacy of the private data of 2
Percentage of Private and Public Data disclosed 0 0
5
10