Due to the limited resources; therefore, there is still room for discussion about more considerations and the conditions in the real-practice further. Hence, the future researches and suggestions are described below:
z The transmission efficiencies of the ISP operations are not the objective for this research; therefore, we only consider the normal usage conditions and do not discuss with the delay of the internal operations of ISP; furthermore, we only consider the one ISP for the network and 3.5G mobile communications, and different ISP might cause different results in data transmission efficiencies and influence the DSM operations further;
z All of the experiments of this research use computers to simulate TMIC and TCIS;
the purposes are to make the test efficient. However, it might have some differences in the real conditions;
z The secret information managements in this research utilize the I/O methods of Java programming language, and store the secret information in the hard discs of the TMIC and TCIS devices. It possesses certain risks while the core systems are invaded by attackers. The better way is to manage the secret information via the third parts, but it would need addition payments;
z This research focuses on the ATMS data transmissions, and does not stress on the security for the hosts. One could invade the hosts by cracking the fire-walls;
therefore, the access control might the valuable research further;
z The final regression equation is set up on the certain computation-capability devices and communications media; although, this regression equation provides important and valuable information for the traffic control systems.
REFERENCE
1. NTCIP Joint Standards Committee, “National Transportation Communications for ITS Protocol (NTCIP) Guide” , Draft Version 03.02b, October 2002
2. Joint Standard of AASHTO, ITE and NEMA, “National Transportation Communications for ITS Protocol and Simple Transportation Management Framework”, Draft Version 01.12, December 2001.
3. Telecommunication Standardization Sector of ITU, “Data Networks and Open System Communications”, X.814, November 1995.
4. Land Transportation Authority, Singapore, http://www.lta.gov.sg.
5. Daemen, J., and Rijmen, V., “Rijndael: The Advanced Encryption Standard”, Dr.Dobb’s Journal, March 2001.
6. The Legion of the Bouncy Castle, http://www.bouncycastle.org/
7. ITS, America, http://www.itsa.org/
8. Lidl, R., and Niederreiter, H., “Introduction to Finite Fields and Their Applications”, Cambridge: Cambridge University Press, 1994.
9. Benjamin Arazi, Senior Member, IEEE “Vehicular Implementations of Public Key Cryptographic Techniques”, IEEE Transportations on Vehicular Technology, Vol.40, No.3, August 1991.
10. Tzong-Chen We and Chien-Lung Hsu, “Cryptanalysis of Digital Multisignature Schemes for Authenticating Delegates in Mobile Code Systems”, IEEE Transportations on Vehicular Technology, Vol.52,No.2, March 2003.
11. Xun Yi Kheong Siew and Chik How Tan, “A Secure and Efficient Conference Scheme for Mobile Communications”, IEEE Transportations on Vehicular Technology, Vol.52,No.4, July 2003.
12. Archana Khetan, “M-Commerce: A JAVA Approach”, Master Thesis, Nanyang Technological University, 2002.
13. Ng Churn Wai, “On the Security of DES, Blowfish and Rijnedael”, Master Thesis, Nanyang Technological University, 2003.
14. Choy Sok Sien, “Security in Mobile AD HOC Netowrk”, Master Thesis, Nanyang Technological University, March 2003.
15. Lee Chit Boon, “Security Monitor using Java Mobile Agent”, MSc Project, Nanyang Technological University, December 2000.
16. Mar Kai Liat, “Study of Wireless LAN Security Issues”, Master Thesis, Nanyang Technological University, 2004.
17. Zhou Gang, “Wireless Network Security Analysis”, Master Thesis, Nanyang Technological University, 2002.
18. Nol Premasathian, “Design and Analysis of Dynamic Key-driven crypto Engines”, Ph.D. Thesis, University of Louisiana, Spring 2002.
19. Whitfield Diffie and Martin E. Hellman, Member, IEEE, “New Directions in Cryptography”, Proceedings of the AFIPS National Computer Conference, June 1976.
20. Rivest. R., Shamir, A., and Adleman, L., “A Method for Obtaining Digital Signatures and Public Key Cryptosystems”, Communications of the ACM, February 1978.
21. Koblitz, N., “Elliptic Curve Cryptosystems”, Mathematics of Computation Vol. 48, Number 177, January 1987, pp 203-209.
22. Hevia, A., and Kiwi, M., “Strength of Two Data Encryption Standard Implementations Under Timing Attacks”, ACM Transactions on Information and System Security, November 1999.
23. Coppersmith, D., “The Data Encryption Standard (DES) and Its Strength against Attacks”, IBM Journal of Research and Development, May 1994
24. B.Scneier, “Description of a New Variable-Length Key, 64-Bit Block Cipher (Blowfish)”, Fast Software Encryption, Cambridge Workshop Proceedings (December 1993), Springer-Verlag, 1994, pp 191-201.
25. Murphy, S., “The Cryptanlysis of FEAL-4 with 20 Chosen Plaintexts”, Journal of Cryptography, No. 3, 1990.
26. William Stallings, “Cryptography and Network Security-Principles and Practices Third Edition”, May 2004.
27. Rich Helton and Johennie Helton, “JavaTM Security Solutions”, 2004.
28. Jonathan Knudsen, “Java Cryptography”, O’REILLY, March, 1999.
29. Scott Oaks, “Java Security” O’REILLY, February, 2002.
30. Boneh, D., “Twenty Years of Attacks on the RSA Cryptosystem”, Notices of the American Mathematical Society, February 1999.
31. Adams, C., “Simple and Effective Key Scheduling for Symmetric Ciphers”, Proceedings, Workshop in Selected Areas of Cryptography, SAC’94. 1994.
32. Doroty E. Denning and Giovanni Maria Sacco, “Timestamps in Key Distribution Protocols”, Communications of the ACM, August 1981
33. Alberto Partida and Diego Andina, “Applied Cryptography in Java”, 1999 IEEE 34. Enge, A., “Elliptic Curves and Their Applications to Cryptography”, Norwell, MA;
Kluwer Academic Publishers, 1999.
35. Davies, D., and Price, W., “Security for Computer Networks”, New York Wiley, 1989.
36. Jueneman, R., Matyas, S. and Meyer, C., “Message Authentication”, IEEE Communications Magazine, September 1988.
37. David Hook, “Beginning Cryptography with Java” ,Wiley Publishing, Inc., 2005.
38. Jason Weiss, “Java Cryptography Extensions”, Morgan Kaufmann Publishers, 2003.
39. Michael D.Meyer and Eric J.Miller, “Urban Transportation Planning” Mc Graw Hill, 2000.
40. Y. Daniel Liang, “Introduction to Java Programming”, Prentice Hall, 2003.
41. George A. Morgan, Nancy L. Leech, Gene W. Gloeckner and Karen C. Barrett,
“SPSS for Introductory Statistics”, Lawrence Erlbaum Associates, Publishers, 2004.
42. Julie Pallant, “SPSS Survival Manual”, Open University Press, 2005.
43. John Enter,William Wasserman and G.A. Whitmore, “Applied Statistics”, Allyn and Bacon, 1992.
47. 交通部,「都市交通控制通訊協定 3.0 版」,2004 年 11 月。
55. 阮韻芳譯。Jonathan Knudsen 原著,「JAVA 密碼學」,1999 年三月。
56. 王文中,「EXCEL 於資料分析與統計學上的應用」,博碩文化股份有限公司,1997
APPENDIX A SNMP AND STMP
A-1 Simple Network Management Protocol
The Internet environment is dispersive and heterogeneous, hence it is impossible to manage Internet network without a suitable management system that can make all kinds of devices to communicate and connect with each other. The SNMP performs the role of a making manager establishing contacts with agents. SNMP which is a communications protocol developed by the Internet Engineering Task Force (IETF), is used for the configuration and monitoring of network devices and it follows TCP/IP transmissions protocol using get/set message parading to provide the information about agents for manager to directly reach the goal of Internet network management.
Commonly, SNMP is used in Internet and computer industry applications, and it is composed of the following four requirements as illustrated in Figure A.1 which shows the components of SNMP.
Figure A.1 The components of SNMP z Manger
The entity sends commands to entities and processes their responses via the Internet management tool or software to monitor, control, and collect information with agents on Internet.
z Agent
The entity receives commands and transmits responses to the received commands.
It is a kind of node devices of Internet requirements, such as host server, workstations, hub, switch or bridge.
z MIB (Management Information Base)
The unit of management information is called a managed object and the managed object is the smallest entity that can be transmitted or exchanged between a device and a management application. A collection of related managed object is defined in a document termed as a Management Information Base (MIB) module.
Management applications running on the central control hosts can read this module, and other modules such as controller MIBs and manufactures’ specific MIBs. Figure A.2 shows the MIB integration with other vendor controllers.
Figure A.2 MIB integrations z RMON
Remote Network Monitoring (RMON) can compare with a remote MIB. In order to gain information about the capabilities of remote devices, the major functionality of RMON is to let many SMNP management applications to dynamically load and unload modules (MIBs) describing the information within remote networking devices.
Therefore, the MIB is the leading element of these components. This is because in SNMP management, manager utilizes the MIB modified to reach the aim of network management and monitoring. Upon the MIB establishment, SNMP defines three syntaxes to establish the MIB framework; they are Structure and Identification of Management Information (SMI), Abstract Syntax Notation One (ASN.1) and Basic
Encoding Rules (BER).
z SMI
A definition on how to create management objects and a hierarchical (tree-link) definition of nodes where management objects will be attached for
unique identification. The relationships are clearly as shown in Figure 2.8.
z BER
RER is one of the ISO standards which include the rules for encoding data for transmission used with ASN.1.
z ASN.1
ASN.1 is also one of the ISO standards and it is a formal language for describing information to be processed by computer.
Table A.1 shows the SNMP message form. The message form is distributed into two sections: Protocol Data Unit (PDU) header and PDU main body. The PUD is the packet data for specific communications layer or communications protocol.
Table A.1 SNMP Message form
PUD Header PUN main body
Index Sequence Identity Value
A-2 Simple Transportation Management Protocol
The STMP is the exclusive communications protocol which is established for transportation system and designed for considering the characters about data transmission in transportation field. Basically, the STMP is developed upon the SNMP and has the following differences:
z Difference in Message Type
NTCIP defines STMP dependent on SNMP; there are eight kinds of message types of STMP. Tables A.2 and A.3 respectively list the message content, purposes and the originators of SNMP and STMP.
Table A.2 SNMP Message Type, Purpose and Originator
Version Message Type Purpose Originator
V.1 V.2
Get Request Contains a list of data elements, the agent is to return the values
Management Application
○ ○
○ ○ Get Next Request Contains a list of elements, the agent is to return the values of the next sequential data element from these indicated.
Management Application
○ ○ Set Request Contains a list of data elements and values, the agent is to set the values in its MIB per this message.
Management Application
○ ○ Get Response Agent response to either a Get or a Set request Agent Application
○ ○ Trap An Agent initiated transmission to indicate that a defined event has occurred.
Agent Application
× ○ Get Bulk Utilize to read a lot of data objects. Management
Application
× ○ Inform Utilize to notify other management stations the related information actively.
Management Application
Table A.3 STMP Message Type, Purpose and Originator
Message Type Purpose Originator
Get Request Shall be sent from a manager to an agent to request the values of specified objects.
Management Application
Set Request Shall be sent from manger to an agent to request the values of specified objects be set to specified values.
Management Application
Set Request-No Reply Shall be sent from manage to an agent to request that specified objects be sent to specified values.
Management Application
Get next Request Shall be sent from a manager to an agent to request the value of the next object instance in lexicographic order
Agent Application
Get Response
Shall be used to send specified object data from an agent to manager.
This response contains the object values that correspond to the prior get require or get next require from the manager. Get response message shall not be sent unless the agent has received a get request packet from the manager
Agent Application
Set Response Shall be sent from an agent to manager to indicate that the set request for the specified objects was completed without error.
Agent Application
Error Response Shall be sent from an agent to the manager in response to a set require, get request, or get next request that contained an error.
Agent Application
Trap Response
Shall be used to send specified object data from an agent to a manger.
The trap is generated due to some event occurring within the agent, and is not a response to any manager request.
Agent Application
z Difference in Encoding Rule
SNMP uses the BER to be the encoding rule; by contrast, STMP selects the Octet Encoding Rule (OER) which is a variation of BER developed for use on low-bandwidth communications link.
z Difference in MIB
As shown in Figure A.3, NTCIP adds the transportation node of the NAME sub-tree under the original SMI to put the objects which are the special MIB established for transportation field called Transportation MIB (TMIB). Under the
branch, it co-operates the dynamic object groups to reduce the bandwidth requirements of communicating sets of objects between a management station and agents. The dynamic object management (dynObjMgmt) contains three groups:
Dynamic Object Definition Group, Dynamic Object Data Group and Dynamic Object Configuration Table Group.
Figure A.3 Internet authority hierarchy and TMIB structure
z Difference in Message Form
The STMP message form is aimed at the characters of data transmission in
transportation system. Accordingly, it omits many complicated procedures. There are only the PUD header and value as the two parts of the STMP message form (shows as Table A.4); it is quite different from SNMP. For this reason, STMP can also reach the goal of bandwidth saving.
Table A.4 STMP Message form
PUD Header Value
z The Dynamic Objects used
The main difference between STMP and SNMP is that STMP co-operates the dynamic objects which NTCIP defines. As in the preceding discussion about dynamic object, we know the dynamic objects can reduce the unnecessary header of data packet to improve the bandwidth efficiency.
APPENDIX B
OPERATIONS OF AES AND RSA
B-1 AES
[11] [27]Before discussing the content of each operation, we have to introduce the definitions of Lookup Table, S-box and GF(28) calculation given below.
z Lookup Table
In computer science, a lookup table is a data structure, usually an array or an associative array, and is often used to replace a runtime computation with a simpler array indexing operation.
z S-box
The substitution box (S-box) is a basic component of symmetric key algorithms which perform substitution in cryptography. In block ciphers, they are typically used to obscure the relationship between the Key and the ciphertext. In many cases, the S-boxes are carefully chosen to resist cryptanalysis.
The S-box takes some number of input bits, m, and transforms them into some number of output bits, n: an m×n S-box can be implemented as a lookup table with 2m words of n bits each. One good example is this 6×4-bit S-box from DES (S5) given below in Table B.1: