SCMS CV Pilots Documentation : Use Case 18: Provide and Enforce Technical Policies

Goals

  • Provide mechanisms to create an SCMS manager configuration policy
  • Provide mechanisms to create policy settings and then distribute those policy settings to all SCMS components and EEs
  • Provide mechanisms for individual SCMS operators to define and distribute local policies to EEs
  • Provide mechanisms to distribute IEEE 1609.2 certificates to SCMS components and EEs

Background and Strategic Fit

The SCMS manager needs to set up a list of SCMS manager, technical, configuration choices and, therefore, will design technical, global policy files that are signed by the policy generator. The policy generator is an inherently centralized component. 

There are local policy files affecting configurations for various SCMS components, as well as local policy files specifically for EEs. These local policy files may be signed by the appropriate SCMS component or secured through proprietary means approved by the SCMS manager. The global and local policy configuration options are displayed in Step 18.1: Policy Configuration Options.

Any changes in technical global policies will result in an updated global policy file. Global policies are categorized based on if they are relevant to EEs or non-relevant to EEs.  All EE relevant policies are compiled and signed by the Policy Generator (PG).  Non-EE relevant policies are then appended and the entire policy file is signed again.  This structure allows global limits (signed by the central PG) to be securely communicated to EEs while allowing individual RAs to assign customized values. This is described in Step 18.3: Generate Global Policy file.

The local policy file is constructed by combining the complete, signed EE relevant section of the global policy file and RA specific custom policy values and/or local policies.  Any of these changes in the technical policies, which directly affect the EEs operating under the jurisdiction of a particular RA, may also result in an updated local policy file.  Changes to customized global policies or locally defined policies may also result in an updated local policy file.  The local policy file is then signed by the RA.  The EEs being operated by that RA should then download that RA's specific, updated, local policy file whenever the EE next communicates with the SCMS.  This is described in Step 18.2: Generate Local Policies for EEs.

There are also global certificate chain files, each version of which contains a copy of all SCMS component certificates. When any of these certificate chains change due to additions, revocations, and other revisions, the PG generates a new version of this file and distributes it to other SCMS components. In addition, each RA will create a local certificate chain file that contains (at a minimum) all of the PCA certificate chains that are used to issue pseudonym certificates for the EEs under that RAs authority. These are described in Step 18.5: Generate Global and Local Chain File.

Assumptions

  • The SCMS manager develops and documents global policies
  • Technical global policies may include acceptable ranges within which technical local policy options may be set

Design

There are three types of policies:

  • Global policies
    • Are mandatory policies that are defined by the SCMS Manager and their values set by the SCMS Manager
    • The values can be a single value, a list or a range
    • Global policies are further categorized as EE relevant and non-EE (or component) relevant
    • Are signed by the PG
  • Custom policies
    • Are global polices where a specific RA has modified the values
    • Only global policies that are list or range types my have custom values
    • The custom values can be single values, a list or a range
    • All custom values must be within the limits defined by the global values
    • Are signed by an RA
  • Local policies
    • Are operator-specific and not defined by the SCMS manager
    • Local policies shall not override or be substituted for policies/limits defined by the SCMS manager
    • Are signed by an RA

There are two types of certificate chain files

  • Global certificate chain file
    • Contains IEEE 1609.2 certificates of all SCMS components
    • Contains elector endorsements
    • Contains root CA endorsements
  • Local certificate file
    • Contains all IEEE 1609.2 certificates that are required by a specific EE(s) to validate certificates issued to the EE
    • Contains elector endorsements
    • Contains root CA endorsements
    • Optionally, contains other SCMS component IEEE 1609.2 certificates that may be useful to the EE (to validate messages from other EEs)
  • There is a global PG which is operated by the SCMS manager
  • PG's certificate is signed by the top-level certificate (top-level ICA, if available, and root CA otherwise)
  • PG signs the technical global policy files using its complete security chain
  • The technical global policy files are mandatory sets of policies applicable to SCMS components and EEs
  • A repository includes technical global policies for all the different SCMS components and EEs
  • PG creates a technical global policy file containing global technical policies that are applicable to RAs and EEs and provides this file to all RAs
  • The respective RA conveys local policies, which are pertinent to EEs, and to the EEs through local policy files constructed by each RA
  • For the PoC, the technical global policy files can be transferred manually
  • PG creates a Global Certificate Chain File (GCCF) containing all certificate chains of the overall SCMS and provides this file to all RAs