iTeh StandardsiTeh Standards
EURUSD
Your shopping cart is empty.
ISO

ISO 20078-3:2021

(Main)

Road vehicles — Extended vehicle (ExVe) web services — Part 3: Security

Road vehicles — Extended vehicle (ExVe) web services — Part 3: Security

This document defines how to authenticate users and accessing parties on a web-services interface. It also defines how a resource owner can delegate access to its resources to an accessing party. Within this context, this document also defines the necessary roles and required separation of duties between these in order to fulfil requirements stated on security, data privacy and data protection. All conditions and dependencies of the roles are defined towards a reference implementation using OAuth 2.0 compatible framework and OpenID Connect 1.0 compatible framework.

Véhicules routiers — Web services du véhicule étendu (ExVe) — Partie 3: Sécurité

General Information

Status
Published
Publication Date
29-Nov-2021
ICS
43.040.15 - Car informatics. On board computer systems
Technical Committee
ISO/TC 22/SC 31 - Data communication
Drafting Committee
ISO/TC 22/SC 31/WG 6 - Extended vehicle/Remote diagnostics
Current Stage
6060 - International Standard published
Start Date
30-Nov-2021
Due Date
06-Dec-2021
Completion Date
30-Nov-2021
Ref Project

Relations

Consolidated By
ISO/PRF 11909 - Binders for paints and varnishes — Polyisocyanate resins — General methods of test
Effective Date
06-Jul-2024
Revises
ISO 20078-3:2019 - Road vehicles — Extended vehicle (ExVe) web services — Part 3: Security
Effective Date
23-Apr-2020
ISO 20078-3:2021 - Road vehicles -- Extended vehicle (ExVe) web servicesISO 20078-3:2021 - Road vehicles -- Extended vehicle (ExVe) web services
PreviousNext
Standard
ISO 20078-3:2021 - Road vehicles -- Extended vehicle (ExVe) web services
English language
24 pages
sale 15% off
Preview
sale 15% off
Preview

Standards Content (Sample)


INTERNATIONAL ISO
STANDARD 20078-3
Second edition
2021-11
Road vehicles — Extended vehicle
(ExVe) web services —
Part 3:
Security
Véhicules routiers — Web services du véhicule étendu (ExVe) —
Partie 3: Sécurité
Reference number
© ISO 2021
All rights reserved. Unless otherwise specified, or required in the context of its implementation, no part of this publication may
be reproduced or utilized otherwise in any form or by any means, electronic or mechanical, including photocopying, or posting on
the internet or an intranet, without prior written permission. Permission can be requested from either ISO at the address below
or ISO’s member body in the country of the requester.
ISO copyright office
CP 401 • Ch. de Blandonnet 8
CH-1214 Vernier, Geneva
Phone: +41 22 749 01 11
Email: copyright@iso.org
Website: www.iso.org
Published in Switzerland
ii
Contents Page
Foreword .iv
1 Scope . 1
2 Normative references . 1
3 Terms and definitions . 1
4 General . 2
4.1 Processes . 2
4.2 Conditions . 2
5 Basic communication flow. 3
5.1 Offering party authorization domain . 3
5.1.1 General . 3
5.1.2 Authentication . 3
5.1.3 Authorization . 4
5.1.4 Resource access . 6
5.1.5 Separation of duties . 7
5.1.6 Implementation related considerations . 9
5.2 Accessing party authorization domain . 11
5.2.1 General . 11
5.2.2 Authorization . 11
5.2.3 Pushing resources .12
Annex A (informative) Reference implementation using OAuth 2.0 and OpenID Connect 1.0 .13
Annex B (informative) Reference implementation for push .21
Bibliography .24
iii
Foreword
ISO (the International Organization for Standardization) is a worldwide federation of national standards
bodies (ISO member bodies). The work of preparing International Standards is normally carried out
through ISO technical committees. Each member body interested in a subject for which a technical
committee has been established has the right to be represented on that committee. International
organizations, governmental and non-governmental, in liaison with ISO, also take part in the work.
ISO collaborates closely with the International Electrotechnical Commission (IEC) on all matters of
electrotechnical standardization.
The procedures used to develop this document and those intended for its further maintenance are
described in the ISO/IEC Directives, Part 1. In particular, the different approval criteria needed for the
different types of ISO documents should be noted. This document was drafted in accordance with the
editorial rules of the ISO/IEC Directives, Part 2 (see www.iso.org/directives).
Attention is drawn to the possibility that some of the elements of this document may be the subject of
patent rights. ISO shall not be held responsible for identifying any or all such patent rights. Details of
any patent rights identified during the development of the document will be in the Introduction and/or
on the ISO list of patent declarations received (see www.iso.org/patents).
Any trade name used in this document is information given for the convenience of users and does not
constitute an endorsement.
For an explanation of the voluntary nature of standards, the meaning of ISO specific terms and
expressions related to conformity assessment, as well as information about ISO's adherence to
the World Trade Organization (WTO) principles in the Technical Barriers to Trade (TBT) see
www.iso.org/iso/foreword.html.
This document was prepared by Technical Committee ISO/TC 22, Road vehicles, Subcommittee SC 31,
Data communication.
This second edition cancels and replaces the first edition (ISO 20078-3:2019), which has been
technically revised.
The main changes are as follows:
— defined authorization domains for the offering party and the accessing party;
— added new requirements and description related to push method to make the offering party
authorized to push resources to the accessing party;
— added Annex B containing description of reference implementation for push.
A list of all parts in the ISO 20078 series can be found on the ISO website.
Any feedback or questions on this document should be directed to the user’s national standards body. A
complete listing of these bodies can be found at www.iso.org/members.html.
iv
INTERNATIONAL STANDARD ISO 20078-3:2021(E)
Road vehicles — Extended vehicle (ExVe) web services —
Part 3:
Security
1 Scope
This document defines how to authenticate users and accessing parties on a web-services interface. It
also defines how a resource owner can delegate access to its resources to an accessing party. Within
this context, this document also defines the necessary roles and required separation of duties between
these in order to fulfil requirements stated on security, data privacy and data protection.
All conditions and dependencies of the roles are defined towards a reference implementation using
[1] [2]
OAuth 2.0 compatible framework and OpenID Connect 1.0 compatible framework.
2 Normative references
The following documents are referred to in the text in such a way that some or all of their content
constitutes requirements of this document. For dated references, only the edition cited applies. For
undated references, the latest edition of the referenced document (including any amendments) applies.
ISO 20078-1, Road vehicles — Extended vehicle (ExVe) web services — Content and definitions
3 Terms and definitions
For the purposes of this document, the convention, terms and definitions given in ISO 20078-1 and the
following apply.
ISO and IEC maintain terminological databases for use in standardization at the following addresses:
— ISO Online browsing platform: available at https:// www .iso .org/ obp
— IEC Electropedia: available at https:// www .electropedia .org/
3.1
identity token
ID token
digitally signed JWT and contains claims (3.3) about the authenticated resource owner
3.2
authorization code
intermediate result of a successful resource-owner authorization process and that is used by authorized
clients to obtain access tokens and optionally refresh tokens
3.3
claim
asserted information about a certain entity
EXAMPLE ROID, resource owner’s first name, last name, address, connected vehicle’s capability and/or
other attributes.
3.4
token issuer
entity that generates and provides identity tokens (3.1), access tokens, and refresh tokens
3.5
authorization domain
domain of activity where an entity controls the authorization
Note 1 to entry: The offering party controls the authorization in the offering-party authorization domain and the
accessing party controls the authorization in the accessing-party authorization domain.
Note 2 to entry: Due to the description of push communication in 5.2 there exists two different authorization
providers. One at the side of the accessing party and one at the side of the offering party.
4 General
4.1 Processes
The following processes are specific to each offering party. The definition of these processes is not part
of this document but shall be in place in order to apply this specification.
REQ_04_01_01 The process to register a resource owner at the identity provider shall be the re-
sponsibility of the offering party.

REQ_04_01_02 The process to register an accessing party at the authorization provider shall be the
responsibility of the offering party.

REQ_04_01_03 The process to confirm the technical eligibility of connected vehicles and provision
of their associated ExVe resources shall be the responsibility of the offering party.

REQ_04_01_04 The process to verify a resource owner’s current and valid ownership of the con-
cerned resource shall be the responsibility of the offering party.

REQ_04_01_05 The process to register the offering party in the accessing party authorization domain
shall be the responsibility of the accessing party. This is only needed if resources
shall be pushed.
4.2 Conditions
REQ_04_02_05 The offering party shall be able to restrict or deny the accessing party and/or the
resource owner access to the offering party’s web services and portals.
NOTE 1 This can be done, for example, to fulfil security and legislation requirements.
REQ_04_02_06 If the offering party revokes a granted registration of an accessing party, the offering
party may delete all containers created by the accessing party, if containers are used.
NOTE 2 Revocation of the registration can be due to access violation or other misuse of the web services.
REQ_04_02_07 The accessing party shall be able to restrict or deny the offering party’s ability to
push resources.
NOTE 3 This can be done, for example, to fulfil security and legislation requirements.
5 Basic communication flow
5.1 Offering party authorization domain
5.1.1 General
This document separates the activities necessary for authentication, authorization and resource access
into three distinct communication flows with separate duties (see Figure 1).

a
Step 1: the resource owner is authenticated by the identity provider.
b
Step 2: the resource owner is granting access to the accessing party. The granting is handled by the authorization
provider.
c
Step 3: the accessing party is accessing resources from the resource provider.
Figure 1 — The roles and the three distinct communication flows
5.1.2 Authentication
The identity provider is responsible for authenticating the resource owner and managing the resource
owner profile, based on the resource owner registration. The resource owner credentials are revealed
only to the identity provider, and the identity provider confirms a successful authentication to
concerned parties. If the resource owner has given consent, the accessing party will be authorized to
access the resource owner's profile (Figure 2).
Figure 2 — Resource owner authentication and access to resource owner’s profile
REQ_05_01_01 The identity provider shall offer a suitable authentication method and shall perform
the authentication process. After a successful authentication, the identity provider
shall confirm the identity of the authenticated resource owner.

REQ_05_01_02 The resource owner’s credentials shall only need to be known by the resource owner
and be possible to be verified by the identity provider.

REQ_05_01_03 The resource owner’s registration and authentication (at the identity provider), shall
be separated from the authorization process to grant access to resources (via the
authorization provider).
REQ_05_01_04 If the identity provider is able to expose the resource owner’s profile to the accessing
party, it is only the resource owner that shall be able to grant or deny access.
...

Questions, Comments and Discussion

Ask us and Technical Secretary will try to provide an answer. You can facilitate discussion about the standard in here.

This May Also Interest You

ISO
ISO 17987-3:2025(Main)
Road vehicles — Local Interconnect Network (LIN) — Part 3: Protocol specification

This document specifies the LIN protocol including the signal management, frame transfer, schedule table handling, task behaviour, status management, and commander and responder node. It contains also OSI layer 5 properties according to ISO 14229-7 UDSonLIN-based node configuration and identification services (SID: B016 to B816) belonging to the core protocol specification. A node (normally a commander node) that is connected to more than one LIN network is handled by higher layers (i.e. the application) not within the scope of this document.

  • Standard
    74 pages
    English language
    sale 15% off
  • Draft
    74 pages
    English language
    sale 15% off
  • Draft
    74 pages
    English language
    sale 15% off
ISO
ISO 17987-2:2025(Main)
Road vehicles — Local Interconnect Network (LIN) — Part 2: Transport protocol and network layer services

This document specifies a transport protocol and network layer services tailored to meet the requirements of LIN‑based vehicle network systems on local interconnect networks. The protocol specifies an unconfirmed communication. The LIN protocol supports the standardized service primitive interface as specified in ISO 14229-2. This document provides the transport protocol and network layer services to support different application layer implementations such as: — normal communication messages, and — diagnostic communication messages. The transport layer defines transportation of data that is contained in one or more frames. The transport layer messages are transported by diagnostic frames. A standardized API is specified for the transport layer. Use of the transport layer is targeting systems where diagnostics are performed on the backbone bus (e.g. CAN) and where the system builder wants to use the same diagnostic capabilities on the LIN sub-bus clusters. The messages are in fact identical to ones in ISO 15765-2 and the PDUs carrying the messages are very similar. The goals of the transport layer are: — to have low load on commander node, — to provide full (or a subset thereof) diagnostics directly on the responder nodes, and — to target clusters built with powerful LIN nodes (not the mainstream low cost).

  • Standard
    75 pages
    English language
    sale 15% off
ISO
ISO 17987-4:2025(Main)
Road vehicles — Local Interconnect Network (LIN) — Part 4: Electrical physical layer (EPL) specification 12 V/24 V

This document specifies the 12 V and 24 V electrical physical layers (EPL) of the LIN communications system. The electrical physical layer for LIN is designed for low-cost networks with bit rates up to 20 kbit/s to connect automotive electronic control units (ECUs). The medium that is used is a single wire for each receiver and transmitter with reference to ground. Annex A provides recommendations on the LIN physical layer peripheral interface design of type UART and frame controller for commander and responder nodes. This document includes the definition of electrical characteristics of the transmission itself and also the documentation of basic functionality for bus driver devices. This document also provides the physical layer definitions for nodes with LIN AA capabilities according to one of the procedures C, D and E. All parameters in this document are defined for the ambient temperature range from −40 °C to 125 °C.

  • Standard
    43 pages
    English language
    sale 15% off
ISO
ISO 17987-7:2025(Main)
Road vehicles — Local Interconnect Network (LIN) — Part 7: Electrical physical layer (EPL) conformance test specification

This document specifies the conformance test for the electrical physical layer (EPL) of the LIN communications system. The purpose of this document is to provide a standardised way to verify whether a LIN bus driver conforms to ISO 17987-4. The primary motivation is to ensure a level of interoperability of LIN bus drivers from different sources in a system environment. This document provides all the necessary technical information to ensure that test results are consistent even on different test systems, provided that the particular test suite and the test system are conformant to the content of this document.

  • Standard
    195 pages
    English language
    sale 15% off
ISO
ISO 17987-1:2025(Main)
Road vehicles — Local Interconnect Network (LIN) — Part 1: General information and use case definition

This document gives an overview of the structure and the partitioning of the ISO 17987 series. In addition, it outlines the use cases where the ISO 17987 series is used. The terminology defined in this document is common for all LIN communication systems and is used throughout the ISO 17987 series. This document has been established to define the use cases for LIN.

  • Standard
    8 pages
    English language
    sale 15% off
ISO
ISO 17987-6:2025(Main)
Road vehicles — Local Interconnect Network (LIN) — Part 6: Protocol conformance test specification

This document specifies the LIN protocol conformance test. This test verifies the conformance of LIN communication controllers with respect to ISO 17987-2 and ISO 17987-3. This document provides all necessary technical information to ensure that test results are identical even on different test systems, provided that the particular test suite and the test system are compliant to the content of this document. Annex A, Annex B and Annex C specify the protocol conformance test plans for responder nodes supporting auto addressing procedures according procedure C, procedure D or procedure E, see ISO 17987-3:2025, Annex C.

  • Standard
    104 pages
    English language
    sale 15% off
ISO
ISO 13209-4:2024(Main)
Road vehicles — Open Test sequence eXchange format (OTX) — Part 4: Expanded extensions interface definition

This document defines the Open Test sequence eXchange (OTX) additional extension requirements and data model specifications. The requirements are derived from the use cases described in ISO 13209-1. They are listed in Clause 4. The data model specification aims at an exhaustive definition of all features of the OTX extensions which have been implemented to satisfy the requirements. This document establishes rules for the syntactical entities of each extension. Each of these syntactical entities is accompanied by semantic rules which determine how OTX documents containing extension features are interpreted. The syntax rules are provided by UML[2] class diagrams and XML schemas, whereas the semantics are given by UML activity diagrams and prose definitions.

  • Standard
    457 pages
    English language
    sale 15% off
ISO
ISO 11898-1:2024(Main)
Road vehicles — Controller area network (CAN) — Part 1: Data link layer and physical coding sublayer

This document specifies the controller area network (CAN) data link layer (DLL) and the physical coding sub-layer (PCS). The CAN DLL features data fields of up to 2048 byte when the CAN extended data field length (XL) frame format is used. This document divides the CAN DLL into the logical link control (LLC) and the medium access control (MAC) sub-layers. The DLL’s service data unit (SDU), which interfaces the LLC and the MAC, is implemented by means of the LLC frame. The LLC frame also features the service data unit type (SDT) and the virtual CAN channel identifier (VCID), which provide higher-layer protocol configuration and identification information. How the higher-layer functions are handled is not specified in this document. There are five implementation options: 1) support of the CAN classic frame format only, not tolerating the CAN flexible data rate (FD) frame format; 2) support of the CAN classic frame format and tolerating the CAN FD frame format; 3) support of the CAN classic frame format and the CAN FD frame format; 4) support of the CAN classic frame format, the CAN FD frame format and the CAN XL frame format; 5) support of the CAN FD frame format for CAN FD light responders (Annex A). NOTE Nodes of the first option can communicate with nodes of the third and fourth option when only the CAN classic frame format is used. Nodes of the first option cannot communicate with nodes of the fifth option: any attempt at communication generates error frames. Therefore, new designs implementing the fourth option can communicate with all other nodes.

  • Standard
    82 pages
    English language
    sale 15% off
ISO
ISO 15765-2:2024(Main)
Road vehicles — Diagnostic communication over Controller Area Network (DoCAN) — Part 2: Transport protocol and network layer services

This document specifies a transport and network layer protocol with transport and network layer services tailored to meet the requirements of CAN-based vehicle network systems on controller area networks as specified in ISO 11898-1. The diagnostic communication over controller area network (DoCAN) protocol supports the standardized abstract service primitive interface as specified in ISO 14229-2 (UDS). This document supports different application layer protocols such as: — enhanced vehicle diagnostics (emissions-related system diagnostics beyond legislated functionality, non-emissions-related system diagnostics); — emissions-related on-board diagnostics (OBD) as specified in the ISO 15031 series and SAE J1979 series; — world-wide harmonized on-board diagnostics (WWH-OBD) as specified in the ISO 27145 series; and — end of life activation of on-board pyrotechnic devices (the ISO 26021 series). The transport protocol specifies an unconfirmed communication. NOTE This document does not determine whether CAN CC, CAN FD or both are recommended or required to be implemented by other standards referencing this document.

  • Standard
    47 pages
    English language
    sale 15% off
ISO
ISO 11898-2:2024(Main)
Road vehicles — Controller area network (CAN) — Part 2: High-speed physical medium attachment (PMA) sublayer

This document specifies physical medium attachment (PMA) sublayers for the controller area network (CAN). This includes the high-speed (HS) PMA without and with low-power mode capability, without and with selective wake-up functionality. Additionally, this document specifies PMAs supporting the signal improvement capability (SIC) mode and the FAST mode in Annex A. The physical medium dependent (PMD) sublayer is not in the scope of this document.

  • Standard
    64 pages
    English language
    sale 15% off