Abstract'Vehicular networks and cloud computing have gained much
popularity in recent years. The significance of Vehicular Ad-hoc Net-
works(VANET) lies in its advance features and commercial applications
like road-safety and traffic management. Vehicles are expected to be
equipped with powerful computing, networking and storage devices
on board such that an Intelligent Transportation System(ITS) can be
promoted. Most of the times, the on board resources get underutilized.
Vehicular Cloud Computing(VCC) provides a feasible and efficient
solution to utilize the on board resources to the maximum. VCC is a
hybrid technology that makes an extensive use of computing, networking
and storage resources in order to provide safety related applications and
mobile infotainment on demand and payment basis. Through a detailed
review of literature, this paper meticulously presents the state-of-the-
art survey of vehicular cloud computing. The architecture of VCC is
described, security and privacy challenges are addressed and discussion
on open issues is provided with future research directions.
Index Terms'VANET, cloud computing, vehicular cloud, security and
privacy challenges, open issues.
I. I NTRODUCTION
Advancements in vehicular networking and communication tech-
nology  have given birth to the concept of an Intelligent Trans-
portation System(ITS)  which is very much desirable in today's
world. VANET have received a lot of attention due to its specific fea-
tures and applications. VANET provides attractive solutions towards
road-safety and traffic management. Technological innovations have
transformed our vehicles into powerful and intelligent computing
machines which are capable enough to help in decision making.
Vehicular technology have provided vehicles with better computing
power, fixed storage devices, wireless sensing nodes and networking
capability. Vehicles can use their resources to improve both driving
safety and traffic efficiency so that the driving experience can become
more friendly and entertaining. But, VANET pose certain limitations
in terms of cost of service provided as vehicular communication is
not that cost-effective due to high mobility of vehicular nodes. It have
been observed that most of the times, the resources in VANET get
underutilized. There is a need to develop new technologies which can
make proper utilization of VANET resources.
Cloud Computing(CC) , on the other hand, is a new paradigm
shift in the field of distributed computing. Cloud computing allows
users to utilize scalable, distributed computing environments within
the bounds of the Internet with a guaranteed quality of service. Within
this system, users have a gamut of on demand virtual resources for
their computing needs, without knowing the abstruse infrastructure
behind it. Mobile Cloud Computing(MCC)  is a new version of
CC that vehicle drivers can use for getting on demand services by
a pay as you go model. The vehicle drivers can use their mobile
devices to connect to the cloud servers via the Internet. Vehicle
drivers can efficiently utilize the services for monitoring road-safety
by using various mobile cloud architectures. The major limitation
is the processing power, battery backup and memory of the mobile
devices, which makes real-time processing very costly.
Vehicular Cloud Computing(VCC) is a new design paradigm which
can offer much better solutions in terms of service provided to vehicle
drivers with pay as you proceed model. Creating an ad-hoc network
of on road moving vehicles such that some of the smart vehicles
equipped with powerful computing, network and storage devices,
can on-the-fly form a Vehicular Cloud by dynamically integrating
resources and collecting information from each other and road-side
infrastructure, forms the basis of Vehicular Cloud Computing. The
main objectives of VCC are to provide real-time, on-demand com-
putational services at a reasonable cost; minimizing traffic overhead;
ensuring real time cloud-based services of infrastructure, platform
and software with quality-of-service(QoS) to vehicle drivers. The
motivation derives from the fact that VCC can well utilize the
resources present in the vehicles for providing applications related
to safety and mobile infotainment.
In this paper, the technological shifting from vehicular network and
cloud computing to Vehicular Clouds(VC) have been highlighted.
The paper is intended to guide readers and researchers about all
the recent happenings in the area of VCC, which thyself is a new
field of research. A comparative study between CC and VCC have
been done to provide a new insight into this area. One can better
understand the fundamentals of vehicular cloud computing and its
specific features, can visualize its potential applications and can
provide relevant inputs for further research directions in this field.
The rest of the paper is organized as follows: Section II describes
the VANET and Section III gives an overview of cloud computing.
Section IV elucidates vehicular cloud computing and its architecture.
Section V discusses some potential applications of VCC with Section
VI and VII addressing several security and privacy attributes and
challenges in VCC. Section VIII proposes certain open issues and
research challenges and Section IX provides conclusion with future
research prospects for VCC.
II. V EHICULAR A D -H OC N ETWORK (VANET)
Vehicular ad-hoc network is a highly dynamic mobile ad-hoc
network in which on road vehicles form network nodes moving
at varying speed. VANET are highly significant, as they are likely
to be amongst the first commercial application of ad-hoc network
technology. A majority of all the nodes will be vehicles, which
are capable of forming self organizing networks on-the-fly with
no prior knowledge of each other. The vehicles are equipped with
computing and communication devices known as on-board units
(OBUs). An infrastructure is provided along road-sides to assist vehi-
cles in forming an infrastructure-based VANET, again comprising of
powerful computing and communication devices known as road-side
units(RSUs). Road-side units act as an intermediary node between
the Central Transportation Authority(CTA) and Vehicular Node(VN).
VANET involves the use of short range radios in each vehicle, which
allow various vehicles to communicate with each other (V-V com-
munication) and with road-side infrastructure(V-I communication)
through a dedicated short-range communication(DSRC)  system.
III. C LOUD C OMPUTING
During 1990s, when service providers began using virtual private
network (VPN) services for data communication, the term cloud
got its inception. VPNs main advantage was that they maintained
the same bandwidth as fixed networks with considerably less cost:
dynamic routing was bolstered by VPNs, which allowed for a poised
utilization across the network and an increase in bandwidth efficiency,
and then the term telecom cloud originated from there. Cloud
Computing's concept is very similar in that it provides a virtual
computing environment that is dynamically allocated to meet user
needs on demand.
Cloud Computing can be well defined as an economically feasible
business model in which on-demand broad network access can be
provided to a shared pool of computing resources with minimum
service overhead and management effort. Cloud computing offers on-
demand, elastic and scalable computing services over the Internet to
various users. According to the National Institute of Standards and
Technology(NIST), Cloud Computing have five essential character-
Fig. 1. Communication types in VANET 
Various organizations like IEEE and industry consortium's are
developing standards for VANET technology. The IEEE is involved
in developing standards related to the physical layer, medium access
layer and security issues as well as in defining higher layer services
and interfaces for intelligent transportation system. Presently, coun-
tries like US, EU and Japan are working on VANET technology and
are deploying and testing VANET so that they can commercialize its
applications. Major applications of VANET include providing safety
information, collision avoidance, cooperative driving, traffic manage-
ment, traffic optimization, toll services, location based services and
A lot of work have been done in the routing  and security
domains of VANET. Various routing protocols have been proposed
for VANET like Position-Based Routing(PBR), Greedy Perimeter
Stateless Routing(GPSR), Geographic Source Routing(GSR)  and
CAN DELIVER routing protocol . Each of these routing protocols
have several advantages and disadvantages over the other. Packet
forwarding and delivery is a very obscure task in a dynamic vehicular
environment. Moreover, various security and privacy issues also arise
in vehicular networks. Authentication is a major requirement in
VANET as it ensures that the messages are sent by the legitimate
nodes. Message integrity, message confidentiality and message non-
repudiation are other security requirements. Privacy is another issue
which is generated as the side-effect of authentication. Several
security and privacy preserving protocols have been proposed for
VANET that are efficient in some or the other way.
A framework for secure and efficient data acquisition in VANET
 have been proposed. Another framework for secure co-operative
data downloading in VANET  have been described. A keen
observation reveals that most of the resources in VANET never get
properly utilized. These resources need to be maximum utilized. A
tremendous amount of work is going on to improve the efficiency
and reliability of VANET. Vehicular networks can surely transform
our driving experience into fun and entertainment by building a safe,
secure and ubiquitous computing environment. VANET technology
is going to have a huge societal impact in near future.
Broad network access.
Coud Computing makes it possible for content providers to quickly
deploy and scale services and benefit from low-cost, pay-by-use
models, while service users enjoy the flexibility that Internet based
computing provides. Cloud computing generally provides three types
of service models. Cloud services generally take the form of software
as a service (SaaS), platform as a service (PaaS), or infrastructure
as a service (IaaS). The success and popularity of cloud computing
lies in its high benefit providing features. But at the same time, all
these features may also give rise to severe cloud-specific security
issues. Most of the customers, who don't trust cloud security, hesitate
in using cloud-services.The key feature of cloud computing is the
utility pricing model which governs the cost of computer resources
consumed. But consuming the resources in a safe and secure manner
is a main concern. Five most vital security and privacy attributes have
been identified in cloud computing domain: integrity, confidentiality,
availability, accountability and privacy-preservability.
There are certain vulnerabilities that are common to a cloud system
. The first vulnerability is the co-existence of multiple users on
the same physical infrastructure. Several virtual machines may co-
reside in one physical machine which may lead to breaching of data
and access privileges. Second, transferring the business model to a
cloud may create insecurity among users as they will lose physical
control over their assets. The documents may get modified or even
deleted by the attacker. Third, the cloud always have paramount hosts,
but the bandwidth of network is limited, thus creating a vulnerability
to cloud infrastructure. Fourth, the cloud services are based on a
pricing model which means you pay for the services you utilize and
the attacker can always exploit the billing process.
Wide adoption of cloud based services is only possible if the
security challenges are well addressed. Due to public and distributed
nature of cloud architectures, security and privacy  becomes the
biggest concerns. Transferring the whole business logic and data to
the untrusted cloud servers creates insecurity among cloud customers.
Creating secure cloud architectures require better understanding of
cloud vulnerabilities and threats to cloud services. Two types of
cloud architectures have been there till date. One is called public
cloud where cloud services are offered by third-party cloud service
providers. Other is called private cloud where the customer has the
cloud system located in his own premises and has total control over
it. Another form of cloud architecture, hybrid cloud can be thought
as the combination of public and private cloud architecture. Multi-
cloud architectures  have also been proposed in order to enhance
the security features of cloud computing. Monitoring of Cloud is
also done, which is a task of paramount importance for both cloud-
providers and service-consumers. In one context, it is a vital tool for
controlling and managing hardware and software resources; on the
other side, it provides information and Key Performance Indicators
(KPIs) for both platforms and applications.
IV. V EHICULAR C LOUD C OMPUTING
Vehicular Cloud Computing(VCC) is a brand new area of research
which can be thought of as the combination of VANET and Cloud
Computing technologies. VANET and Cloud Computing have their
own specific features and application domains, but merging the
concepts of these two advanced technologies gives birth to a more
advanced emerging technology with a lot of practical real-world
applications, known as Vehicular Cloud Computing . VANETs
provides connectivity among moving vehicles and RSUs to form
an intelligent transportation system. RSUs are fixed on road-sides
and are equipped with powerful computing devices. Moving vehicles
are connected to RSUs via wireless communications whereas RSUs
are generally connected together via wired networks. The users can
expect that in near future, their vehicles would be intelligent machines
with powerful computing resources and storage devices on board. It
means that vehicles could provide their resources and services to
other vehicles on demand, on some payment basis. The basic idea
is that the user can utilize the resources of these vehicles in a cloud
computing environment such that some smart vehicles would act as
mobile cloud servers. The vehicles can be thus utilized for providing
public services on demand.
Most of the times, the vehicles are seen to be standing in parking
lots, sometimes in road-traffic congestion. One can visualise the
unexploited resources of these vehicles, which simply get wasted.
If some person goes to a metro station, he parks his car in the
parking area which stay there for a significant amount of time. The car
having immense computational resources is being used for nothing
fruitful. These are some remarkable features which makes vehicles
vital resource-sharing nodes in a cloud computing environment. These
vehicles can help in resolving traffic incidents, road-safety monitoring
and quick decision making, which alone cannot be controlled by
municipal traffic management centers due to inadequate computa-
tional resources. Since, the vehicles will communicate in a distributed
computing environment, this system will provide more efficiency and
reliability as compared to a centralized system used for the same
A. Vehicular Cloud Models
There are generally two types of Vehicular Clouds models namely,
infrastructure-based and ad-hoc-based.
1) Infrastructure-based VC model'the users will be able to access
cloud services involving road-side units in communication.
There RSUs can help users to find out better clouds for
themselves which can serve their requests with more ease. In
infrastructure-based VC, security issues may be well addressed
and many security schemes and strategies can be proposed.
2) Ad-hoc-based VC model'which is also called Autonomous
VC(or AVC), the vehicles can participate among themselves to
Fig. 2. Vehicular Cloud Computing Scenario.
form a VC on-the-fly in emergency situations. AVC shows more
security concerns in terms of authentication, confidentiality and
quality of service.
B. VCC Architecture
The basic architecture of VCC can be depicted from Fig.2. The on-
road moving vehicles create an ad-hoc network on-the-fly by integrat-
ing their resources and collecting information regarding each other to
form a vehicular cloud which can now provide on-demand services
to cloud users. Each vehicle is having an application unit(AU) and
an on board unit(OBU). The application unit provides applications
and services available on vehicles and the on board unit contains
the hardware computing, networking and storage devices. The OBUs
can transfer data through 3G/4G wireless communication  devices
at a very fast rate. There is a fixed infrastructure along road sides
which also have high computing machinery and are known as road-
side units(RSUs). The RSUs acts as intermediary nodes that provide
an interaction among vehicles and the trusted authorities.
The vehicles form an in-vehicle domain and an ad-hoc domain.
The in-vehicle domain is like a bottom layer which consists of body
sensor, environmental sensor, driver behavior recognition system,
inertial navigation sensors, smart-phone sensors, global position-
ing system(GPS), storage unit, camera, computational unit, geo-
information system(GIS), smart apps and radar. The ad-hoc domain
is like a communication layer on the top of bottom layer which con-
sists of vehicular-to-vehicular communication(V2V) and vehicular-
to-infrastructure communication(V2I) through dedicated short-range
wireless communication links. Based on recent advancements, these
wireless links can use broadband or 3G/4G technologies. Both these
communications together form a cloud infrastructure which consists
of the following two domains :
1) Cloud Storage'consisting of driver behavior information, traf-
fic information, road-condition information, storage services
and geo-information system(GIS).
2) Cloud Computation'consisting of various cloud computa-
tional algorithms and operations in order to provide secure,
efficient and reliable cloud services.
The cloud infrastructure creates a cloud platform which offer
various types of services which are broadly classified below :
1) Cloud Primary Application Services'which include network-
as-a-service (NaaS), software-as-a-service (SaaS), platform-as-
a-service (PaaS), storage-as-a-service (STaaS), entertainment-
as-a-service (EaaS), co-operation-as-a-service (CaaS).
2) Real-time Application Services'which include environmental
recognition, health recognition, activity recognition and fuel
1) The concept of STAR and CROWN framework: The paper
 proposes design of a system in which the RSUs acts as cloud
directories where all the mobile cloud servers register themselves.
The mobile cloud server is given the name STAR(or Transportation
Server). The STAR will have its own resources to offer and every
resource will have its own set of attributes. Customer vehicles can
send their requests to the RSUs which in turn will search for the best
possible STARs which can satisfy customers request according to the
criteria given by the customers. There is also an option for users to
manually select their STARs they prefer based on their own criteria.
The whole system is called as disCoveRing and cOnsuming services
WithiN Vehicular Clouds or CROWN.
The CROWN system is implemented using Network Simulator
(ns-2) software and used the SUMO(simulation tool for VANET)
to generate the node movement file that served as an input to ns-2.
In order to assess the performance of CROWN, it was compared with
another cloud service discovery protocol, called B-CROWN, in which
the various operations of CROWN were replaced by broadcasting
operations. The following metrics were used for evaluating the two
protocols : Service Discovery Delay; Service Consuming Delay;
Queuing Delay; Percentage of Hits; Percentage of NACKs and
Vehicle Traffic. The results show that an important factor that affects
CROWN and B-CROWN is the distance between the user and its
serving STAR. CROWN gives a stable performance as compared to
B-CROWN based on various parameters for different metrics.
2) Cloud-Based VANET with Efficient Resource Management:
One new architecture have been recently proposed in which is termed
as cloud-based vehicular networks architecture . This architecture
provides a hierarchy which consists of three main layers interacting
with each other which are described below:
1) Vehicular Cloud Layer'It is like a local vehicular cloud
created by nearby vehicles co-operating with each other in
forming an ad-hoc network on the move. The communication
is inter-vehicle(V2V) communication.
2) Roadside Cloud Layer'It is another local cloud which is
formed by the road-side infrastructure. These roadside clouds
are formed by attaching cloud servers to road-side units. The
vehicles communicate with these road-side clouds via vehicle
to infrastructure(V2I) communication.
3) Central Cloud Layer'It is like a business cloud which is
formed by different servers in the Internet. It consists of both
private cloud servers and public cloud servers.
In the vehicular cloud layer, two customization strategies have been
1) Generalized vehicular cloud customization in which there is a
cloud controller that aims at creation, maintenance and deletion
of a vehicular cloud. The cloud controller schedules all the
resources of the vehicular clouds.
2) Specified vehicular cloud customization in which there is no
concept of cloud controller. The vehicle is solely responsible for
specifying some vehicles as clouds from which it can request
The roadside cloud layer comprises of RSUs and cloud servers
linked with them. They are like a cloudlet  which is a trusted rich
source of computational devices or powerful cluster of computers
connected to Internet to provide services to nearby vehicles. The
roadside cloud layer becomes a roadside cloudlet which offers cloud
services to nearby passing vehicles. The vehicles can customize a
transient cloud from a roadside cloudlet to get virtual resources from
it. The concept of roadside cloudlet makes service delivery more
reliable and efficient. The central cloud layer is a giant pool of
resources which are generally driven by servers in the Internet. When
there is a need of a highly complex computation or massive data
storage, central cloud plays its role. The central cloud is connected
to roadside cloudlets and vehicles to offer more gamut of services.
The architecture have been proposed based on its several advan-
tages. As all computation and storage resources of vehicles and
RSUs are merged into a cloud, this architecture fully utilizes the
physical resources of the entire network. Every vehicle have access
to all the clouds. Vehicles equipped with different communication
technologies can access different layers of clouds for their respective
services. The vehicular clouds and the roadside cloudlets are locally
distributed clouds that can be quickly deployed to offer quick services
on demand. There are various applications of cloud-based vehicular
networks such as : a) traffic data mining for real-time navigation; b)
distributed storage in video surveillance; c) cooperative download of
a large file.
V. P OTENTIAL A PPLICATIONS OF VCC
Today customers don't want vehicles for just transportation purpose
but they want an intelligent transportation system which not only
ensures safety of vehicles, roads and drivers but also provides various
types of services like high computing power, storage, network access,
data caching and many more to other needy customers driving
on road. Thus, users want their future vehicles to be intelligent
machines with powerful on-board devices that can support various
new advanced applications including location-specific services.
Some of the potential applications of vehicular cloud computing
are mentioned below:
1) Traffic management on busy lanes : Vehicular clouds can
provide continuous reports on traffic status across busy lanes
such that the drivers can get details of the congestion caused
2) Sharing information about condition of roads : Sometimes
conditions of roads is not fine due to ongoing construction,
rains, storms, floods, etc. Such information can be shared by
VCs to vehicle drivers about demure road conditions.
3) Warning for accidents : During winters, when there is fog
all around, there are more chances of road-accidents at road
intersection points. VCs can perform continuous scanning of
theses vulnerable intersections and can warn drivers of the
4) Maintenance of vehicles : Vehicles also need various types of
software updates which can be easily provided by the vehic-
ular clouds with the latest version. The vehicle maintenance
becomes vital especially for security updates.
Traffic signal optimization : VCs can provide immense help
in traffic signal optimization by sensing the traffic congestion
and transferring the related data to a navigation server through
on-board vehicle navigators. The navigation server then returns
the optimized routes to the vehicles on move.
Metro-station parking lot as a data cloud : Vehicles remain
stagnant in the the parking-lots of metro-stations for a signif-
icant amount of time. The resources of these vehicles can be
used to form a data cloud providing services to the consumers
having wireless devices with them.
Vehicles parking management : The vehicles can request to VCs
for the best parking lots available in the area. The vehicles can
book a parking spot on-the-fly as all the information is present
on clouds regarding parking services.
Retail stores as data center : Shopping malls and retail stores
are the places where the customers and their vehicles spend a
lot of their time. The retailers can use the resources of their
customer's vehicles(which form VC) either on rent or providing
customers with various discount offers on eclectic items.
Managing planned evacuations : The main advantage of VCs
comes in disaster management. Floods, landslides, hurricanes,
tsunamis create a havoc, devastating whole network in seconds.
Vehicular clouds can serve in planned evacuations during such
Applications regarding safety : Users can download various
safety related applications from vehicular clouds which can
help them in driving safely.
Mobile infotainment : VCs can entertain users by providing
on-line gaming, web-based applications, audio-video uploading
and downloading, creating a social network with the nearby
vehicles, and many more.
VI. S ECURITY AND P RIVACY ATTRIBUTES OF VCC
A. Vehicular Cloud Confidentiality
Vehicular Cloud Confidentiality means that the users data is kept
confidential from both cloud service providers and other cloud
customers. The main threat to vehicular cloud confidentiality is the
cross-virtual machine attack via side channels. The attacker can place
a malicious VM on the same physical machine where the target user
VM is located. As the two VMs are being co-resided, the attacker can
perform certain attacks on resources of the user by gaining privileges
over them. The another internal threat is from the system admin of
the cloud server who is privileged and can perform attacks on user's
VM by accessing its memory.
C. Vehicular Cloud Availability
Vehicular Cloud Availability is a vital attribute of security and
privacy in VCs. If a VC cannot provide a service for a specified
period of time, users may no more trust the vehicular cloud system.
Two types of threats are well known to availability of vehicular
cloud service. One threat is imposed by flooding attack via bandwidth
starvation in which an enormous amount of unwanted requests are
sent to a particular service to prevent it from working effectively.
Such a threat comes under denial of service(DOS) attack which can
be direct or indirect in nature. To initiate a DOS attack, first the
network topology is identified, access is gained to enough hosts
and then the attack is performed. Another threat is the Fraudulent
Resource Consumption(FRC) attack in which the victim is deprived
of its resources over a long period of time causing a financial burden
on the victim.
D. Vehicular Cloud Privacy
Vehicular Cloud Privacy  is a more strict form of VC con-
fidentiality. As the whole customer data and information resides
on vehicular cloud servers which are distributed over the ad-hoc
network, there is a risk of disclosure of vital information to other
customers who can misuse it for some illegal purpose. Here, privacy-
preservability is taken as the main attribute of security and privacy
and VC privacy is defined in terms of data privacy and computation
VII. S ECURITY AND P RIVACY C HALLENGES IN VCC
Taking security considerations in VANETs and Cloud Computing
separately has been done earlier but identifying security and privacy
issues specially for Vehicular Clouds is relatively a new area of
research. There are lots of security challenges in a highly dynamic
vehicular environment like authentication of vehicles, confidentiality
of data and services, identification and privacy of various cloud users
and many more. To widely adopt the concept of Vehicular Clouds, one
also need to address the various security and privacy issues related to
them. Traditional networks provide efficient security mechanism to
prevent intruders from attacking the system but in Vehicular Cloud
environment, users and attackers are almost equal. Some security
issues are very much specific to VC like the dynamic motion of
vehicles makes it difficult to manage authentication, authorization
and accountability as the vehicles always communicate through
dedicated short-range communications(DSRC) . Many protocols
have been proposed for the security of VANETs like Public Key
Infrastructure(PKI) and Digital Signature methods. Cloud Security
has been addressed simply by restricting access to cloud hardware
facilities. No protocol has been there that can work for the security of
VC as such. First, there is a need to analyze the security and privacy
attacks in VC.
B. Vehicular Cloud Integrity A. Threats to Vehicular Clouds
Vehicular Cloud Integrity in a VCC scenario refers to both data There are certain other threats to Vehicular Clouds. The main threat
integrity and computation integrity. Data integrity means that the is the spoofing of user identity where the attacker pretends to be
accurate data should be stored on cloud servers and any violations another user and wish to collect information by illegal means. The
to data storage should be detected. Computation integrity means that attacker can also modify documents and other resources. He can also
the operations and programs should be executed properly and any manipulate the identification of new data, actions and operations. He
computation problem should be detected. The main threat to vehicular can also go for vital information disclosure over the VC and can also
cloud integrity is the data loss or data being modified. One cannot pose denial of service attack by consuming system resources and
trust mobile cloud servers in terms of security and reliability. The making them unavailable to intended users. Thus, the authentication
another threat is of incorrect computing results which can be returned of high-mobility nodes is must. There are certain metrics which
by untrustworthy VC providers as the computation details are not can be adopted for authentication purpose namely, some unique
made transparent to VC users. identity of the user; some unique things which the user only knows;
and biometrics which include signature, face, voice, retina scan and
fingerprint. Authentication is also a challenging task in VC due to
the features of VANETs. High mobility makes it a difficult task
to authenticate messages on move. Sometimes a short transmission
range may make a user out of reach. Authenticating a vehicle's or
driver's identity in the VC is more challenging due to privacy issues.
To ensure privacy, pseudonyms  are often used in place of real
B. The Attacker Model
Researchers need to ponder about the attacker model in advance
as security in VC deals with much severe challenges as the multiple
service users and an attacker can equally share the same physical
infrastructure, although all of them may be running on different
virtual machines(VMs). The attacker may target the confidentiality
which include user identities, vital documents and location of virtual
machines where user's services are being executed. He can also
breach the integrity such as important files and documents stored
on the VC. Getting information about the availability of physical
machines, resources, services and privileges can also be the part of
attacker model. The intruder can find the geographic location of the
target vehicle and can move closer to it. By looking at the topology
of VC, he can track the various services that are executing on behalf
of the user. He can experimentally find out whether the target user is
on the same virtual machine or can get into the user's VM. He can
launch multiple service requests on the same VM and can use the
system loopholes to get access and privilege to user's resources.
The highly dynamic environment of VC also poses challenges for
attackers since the high mobility of vehicles is like a double-edged
sword that also creates difficulty in attacking a particular vehicle.
The challenge lies in locating the machine on which target user is
executing its services as all the users in VC are distributed on virtual
machines. Moreover, the vehicles access to virtual machines may be
transient as the vehicles continously move from one place to another.
To perform an attack, the attacker need to be on the same physical
machine for which he has to be physically present in the same region
with the target vehicle with almost same speed. As the co-existence
is very hard to achieve and is transient, attacking a target vehicle
becomes much more a daunting task. Lastly, the attacker also needs
to deal with the security system of the target vehicle.
C. Other Security Issues
1) Establishing Trust Relationship: The most important thing in
VC is to establish a trust relationship  among cloud servers
and cloud users which is even more challenging than in tradi-
tional vehicular networks and conventional cloud computing. The
communication in VC is normally based on dedicated short-range
communication(DSRC) whereas many applications need multi-hop
routing, which involves multiple nodes during communication and
establishing a trust relationship among all these nodes, RSUs and
service providers is not an easy task.
2) Verification and Validation of Vehicle and its Location: Almost
every VC application requires correct location details which must
be verified and validated. A vehicle's identity is often taken as
its owner's identity so tracking a vehicle may sometimes violate
its owner's privacy. The owner's privacy can be protected  by
replacing vehicle's identity with pseudonym. The Psuedonymization
Service Center is a secured and trusted organization which issues and
verifies pseudonyms assigned to various vehicles.
3) Providing a Single-User-Interface: Vehicular Clouds should
also provide a single user interface for delivering their services. As
the number of cloud users will increase, more and more virtual
machines(VMs) will be assigned in order to improve quality of
service, which in turn will raise more security concerns. During
decline in service, the number of VMs will decrease as well to give
a better throughput. All this should be transparent to vehicles which
will communicate through a single interface and will be unaware with
the changing of VMs.
4) Heterogeneity in Vehicular Nodes: Heterogeneity in the nodes
of VC is a major concern since not every vehicle is equipped with the
same type of on-board devices. Computing power, storage capacity,
network devices may be of varying specifications which form a
heterogeneous network. Such a network with heterogeneous nodes
becomes difficult to adapt various security schemes and strategies.
Certain cryptographic algorithms require specific hardware criteria
which is hard to achieve when every node in the network is different
from other in terms of on-board devices. All the security schemes
applicable to VC must have scalability such that they can be applied
to any sort of traffic on the road.
VIII. O PEN I SSUES
The section provides several vital open issues in the area of
vehicular clouds. The area of vehicular clouds is recent, and therefore,
it invites various open issues and research challenges. One need to
look deep into these open issues and challenges so as to get future
research directions in the field of VCC. The following subsections
describe some of the major issues which need to be addressed.
A. Vehicular Cloud Architecture and Design Issues
VC are formed by using different types of resources creating a
virtual environment for providing services to the customers. Many
virtual machines are created on a single physical machine , all
nodes are in motion and the communication is wireless. The mobility
of nodes needs to be managed and the communication should be
persistent. There is a need to develop a flexible mobile architecture
and specific networking protocols for VC communication. With
flexibility, robustness should also be imbibed in VC architecture.
The robust architecture signifies the proper working of the system
in adversarial situations. The computational, storage and networking
resources should be well integrated to provide reliable services. More-
over, the architecture should be a service-based network architecture.
The TCP/IP protocol is alone not sufficient in defining a network
architecture for newly emerging technologies like VANET and VC.
The service-oriented and component based architecture should be
deployed to enhance the functionality of vehicular clouds.
B. Vehicular Clouds Security and Privacy Issues
The major issues that have arise with the advent of vehicular clouds
are of security and privacy which requires a greater concern than any
other challenge. The main reason for security and privacy in VC is
the high mobility of nodes. The wireless communication link also
pose certain type of vulnerabilities to VC. Although, many security
and privacy-preserving protocols  are present for VANET and
clouds and their adaptable version can be used in VC, but still there
is a need to develop standard security protocols specific to vehicular
clouds. The main security challenges  are of authentication,
confidentiality and privacy in a mobile environment. Advancement in
new cryptographic algorithms should be done and stringent network
security schemes should be deployed for VC. The heterogeneity in the
nodes of VC also pose compatibility issue for certain cryptographic
algorithms to work properly.
C. Management of Operations and Policies in VC
Besides architecture, implementation and security issues, various
operations and policies of vehicular clouds needs to be managed .
Reality based metrics should be provided to judge the operations of
VC. The metrics will help in effective policy making for properly
utilization of VC resources. There should be a decision support
system and an expert system that can bolster quick decision making
and can further help in determining the economic models for realistic
pricing and billing of various cloud services . There should be
an assurance of trust management as in some situations the VC
needs to take local actions based on instant decisions instead of
a central authority doing the same. The emphasis should be given
to essential functioning policies so that the accountability metrics,
regulations and standardization in policy making can be established.
Moreover, in near future, not only vehicular clouds, but more cloud
technologies like sensor cloud, smart-phone cloud and laptop cloud
will also emerge. These clouds should be compatible in terms of
interoperability with each other. Such methodologies also need to be
IX. C ONCLUSION AND F UTURE W ORK
The Vehicular Cloud Computing is going to be the next generation
of dynamic distributed computing. One thing is for sure, VCC is
going to have an enormous societal impact in near future. Intelligent
transportation system providing on-demand services to customers on
the move is highly indispensable in today's world and VCC promises
such a system. The computing resources in our vehicles either get
underutilized or desolated. VCC offers an effective solution for
properly utilizing all the computing resources of the vehicles whether
they are stagnant or in motion. The paper discusses the concept of
VANET, Cloud Computing and Vehicular Cloud Computing. The
architecture of VCC is described to make readers understand the es-
oteric operating principles of vehicular clouds. Potential applications
of VCC in providing efficient solutions towards traffic management,
traffic optimization, road-condition sharing, vehicle maintenance and
mobile infotainment are discussed to motivate readers. Security and
privacy issues related to vehicular clouds have been presented in
brief. The survey is also emphasized towards discussing some of
the open issues in the area of vehicular clouds which can provide
future research directions in this emerging field. True to the fact,
VCC is a new paradigm shift in vehicular technology which is going
to continue for a long time in future. The future work includes
the investigation of new system designs and more stringent security
solutions for most of the applications developed on VC.