Hoppa till innehåll

  • Start
  • Nyheter
  • Om Programmet
    • Varför STS?
    • Fördjupning om programmet
    • Ämnesöversikt
    • Intervjuer
  • Arbetsmarknad
  • För studenter
    • Studieresurser
    • C-uppsatser
    • Utlandsstudier
  • Examensarbete
    • Att skriva examensarbete
    • Platsannonser
    • Registrera examensarbete
    • Boka tid för presentation
    • Listor över examensarbeten
    • Kommande Exjobbspresentationer
Sök

Digitaliserad nyckelhantering inom järnvägen

Information

Författare: Fredrik Fleron
Beräknat färdigt: 2024-06
Handledare: Karin Bucht
Handledares företag/institution: Trafikverket
Ämnesgranskare: Anders Arweström Jansson
Övrigt: -


Presentation

Presentatör: Fredrik Fleron
Presentationstid: 2024-05-24 09:15
Opponent: Joel Thyberg

Abstract

The key management system for ERTMS is for now governed by an archaic offline solution,

where people transport these keys between the entities and the key management center using

devices such as CD- or USB-drives. The proposed online solution can instead also provide

transport of keys using industrial standard Transport Layer Security (TLS) protocol. This thesis

aims to provide insight for the Swedish railway operators in the components that govern an

implementation of such a cryptographic key management system, in terms of the mandatory

technological parts and organizational roles in this socio-technical system. Since the railway

companies can be seen as the users of this system, the thesis highlights the complexity regarding

fulfilling these security requirements from a user perspective. The results show a conflict of

security and efficiency of the offline system, where the security requirements do not reflect the

needs of the users and as such lower the efficiency due to lowered usability. The results highlight

that a successful implementation of an online system is desired from a usability standpoint of the

user. Furthermore, a complete online key management system cannot be established yet until the

centralized European public key infrastructure has been developed. Ambiguity in an online

solution still exists, but is in continuous development and with higher security requirements to

come deriving from IEC 62443. For well-functioning ERTMS on a European level, this thesis

shows that a minimum security requirement for a cryptographic key management system should

be established to avoid ambiguity and autonomy in the security requirements of different

European countries. In conclusion, in the near future smaller operators are recommended to

aquire an online system as a service, from for example its current supplier, and for bigger

operators to evaluate whether to do the same or develop its own key management system and

provide it as service for other railway operators. This key management system should include

parts such as a Public Key Infrastructure (PKI), a Key Management Center (KMC), TLS, back-

up of the system, a logging system, utilize hardware security modules (HSM) to handle

cryptographic material and have staff covering the organizational requirements.

Ladda ner rapporten

Digitaliserad nyckelhantering inom järnvägen
  • Start
  • Nyheter
  • Om Programmet
    • Varför STS?
    • Fördjupning om programmet
    • Ämnesöversikt
    • Intervjuer
  • Arbetsmarknad
  • För studenter
    • Studieresurser
    • C-uppsatser
    • Utlandsstudier
  • Examensarbete
    • Att skriva examensarbete
    • Platsannonser
    • Registrera examensarbete
    • Boka tid för presentation
    • Listor över examensarbeten
    • Kommande Exjobbspresentationer

Inlogg

  • Logga in
  • Flöde för inlägg
  • Flöde för kommentarer
  • WordPress.org

Kontakt

Hemsideansvarig
Studievägledare
STS-sektionen

Andra webbplatser

Uppsala Universitet
Schema
Antagning.se
Antagningsstatistik
Hittatenta.se
STS-sektionens hemsida

 

Integritetspolicy | STS-programmet 2024