Abstract: An example system for securely provisioning computerized devices of a plurality of tenants includes a Security Credential Management System (SCMS) host that is communicatively connected to the devices and is operable to receive provisioning requests from computerized devices needing certificates. Each provisioning request indicates a tenant identifier (ID) uniquely identifying a tenant of the plurality of tenants. The system also includes a virtual registration authority communicatively connected to the SCMS host and operable to transmit requests to SCMS backend components.

Abstract: An example system receives certificate requests from clients. Each request indicates: a number of computerized devices needing certificates; a timestamp indicating when the request was transmitted; and a client. The system includes a Quality of Service (QoS) manager that: distributes the requests from the clients across client queues, each of the client queues corresponding to a particular client; and divides requests into smaller subgroups of entries corresponding to a subset of the computerized devices needing certificates. It also includes a QoS arbiter that selects a sequence of entries from the client queues to be placed onto a QoS queue based on a number of entries in the QoS queue, a latency level of a certificate management service, and timestamps indicating when requests were transmitted, where the QoS manager retrieves entries from the QoS queue in the sequence selected by the QoS arbiter and transmits them to the certificate management service.

Abstract: A cloaking authority system that securely and anonymously identifies a misbehaving device based on its digital certificate. The system may include a cloaking authority server that is communicatively connected to a misbehavior authority server, a pseudonym certificate authority device, and a registration authority device. In response to a request from the misbehavior authority server to identify a misbehaving device using the device's pseudonym certificate, the cloaking authority server interacts with the pseudonym certificate authority device and the registration authority device to securely obtain a representation of the linkage chain identifier that is associated with the misbehaving device, while maintaining the anonymity of the real-world identifying information for the misbehaving device. The cloaking authority server creates a cloak index that corresponds to the linkage chain identifier and that identifies the misbehaving device, and provides the cloak index to the misbehavior authority server.