| Control ID: ISO FPR_PSE.2 Reversible Pseudonymity |
Family: Privacy |
Source: ISO 15408-2 |
| Control: Note that FPR_PSE.1 and FPR_PSE.2 are addressed together, as the requirements for FPR_PSE.2 are inclusive of what is required for FRP_PSE.1, and significantly impact reasonable mechanisms for satisfying FRP_PSE.1.
The information system and organization shall:
- Ensure that [Assignment: set of users and/or subjects] are unable to determine the real user name bound to [Assignment: list of subjects and/or operations and/or objects].
- Be able to provide [Assignment: number of aliases] aliases of the real user name to [Assignment: list of subjects].
- The information system and organization shall [Selection, choose one of: determine an alias for a user, accept the alias from the user] and verify that it conforms to the [Assignment: alias metric].
- The information system and organization shall provide [Selection: an authorized user, [Assignment: list of trusted subjects]] a capability to determine the user identity based on the provided alias only under the following [Assignment: list of conditions].
|
Supplemental Guidance:
This family does not apply to all devices, only to devices where the human operator has a reasonable expectation of privacy. This is based on the NHTSA-approved, CAMP-developed Security Credentials Management System design
For devices that have a reasonable expectation of privacy:
- Only users in a system management role shall be able to determine the real user name bound to the operations of that user's device.
- The information system shall provide reversible pseudonymity to enable multiple users in system management roles, working together, to determine the user identity (defined in this case as the user's enrolment certificate and the set of pseudonym certificates issued in response to requests signed by that enrolment certificate)
Related Controls:
IA-5
|
| Control Enhancements:
N/A
|
| References: N/A |
| Mechanisms:
- A device that supports reversible pseudonymity mechanisms:
- Shall allow applications on the device to request and use pseudonym certificates as specified in IEEE 1609.2, i.e. certificates that do not contain any identifying information and that have the property that a number of certificates are valid at the same time.
- Shall provide at least 50 certificates per privacy-preserving (i.e.cert tumbling) application per week
- Shall support at least 50 certificates per privacy-preserving application that are simultaneously valid
- Shall ensure that pseudonyms for one application are not used to sign messages generated by an unauthorized other application, per SC-39.
- Shall provide enough storage to support the required number of certificates per week for each of its privacy preserving applications.
NOTE: The recommended amount of storage at least 16MB of storage for certificates, where only the batch of certificates in rotating use are stored decrypted. This number is based on the device receiving encrypted certificates, decrypting them, and re-encrypting them using a storage master key. Certificates stored in this fashion take up roughly 160 bytes each. Assuming 50 certificates/application/week as above, and three year certificate refresh cycles, then each privacy preserving application will require 50 certs/week * 160 bytes/cert * 52 weeks/year * 3 years = 1.19 MB. Assuming multiple privacy preserving applications (6-8) and a reasonable expectation of growth (executable code typically requires 100% growth), we arrive at 16 MB. However, a device may voluntarily restrict itself to fewer applications, or may manage certificate storage by having no more than two weeks' worth of certificates at any one time and by downloading additional certificates in a "just-in-time" fashion. If this is the case, the amount of storage needed for a given application is about 160 bytes * 100 = about 16 Kb.
|
Protocol Implementation Conformance Statements:
| ID |
Statement |
Status |
Reference |
Notes |
| FPR_PSE.1/1
|
Support generation and storage of pseudonyms
|
M
|
IEEE 1609.2
|
|
| FPR_PSE.1/1.1
|
Provides 50 simultaneously valid certificates per application per week
|
M
|
|
|
| FPR_PSE.1/1.2
|
Restricts access to pseudonyms to the application for which the certificates are specified
|
M
|
SC-39
|
|
| FPR_PSE.1/2
|
Amount of certificate storage provided
|
16 Kb: M�> 16 Kb: O
|
|
|
|
