Controller area network, a serial message-based communication protocol was officially introduced by Bosch in 1986. Originally, it was designed to be put into use in automotive applications. Nowadays, the CAN system has been popular in many fields of applications because of its two main characteristics: high reliability and cost-efficiency. It eventually became an international standard (ISO11898). These days, in order to apply IT technology to vehicles, it is inevitable to use more electronic control units (ECUs). However, the number of ECUs is increasing as more control functions are added in automotive. These ECUs are responsible for most of the functionality for vehicles. CAN bus with its limited bandwidth may get overloaded due to the increase in bus load. What’s more, nowadays, the security attacks in vehicles are increasing as more and more ECUs are added. Since security is not considered in the design of CAN, the information may be eavesdropped easily. This attack may appear frequently when the vehicle is connected to some diagnostic tools. The CAN data frames without encryption and authentication to force control will cause safety issues.Researches on CAN security have been conducted by projects for last ten years such as EVITA, PRECIOSA, OVERSEE and so on. Among these projects, either a specific security architecture is not provided or the security technique can not be applied to the CAN immediately. Security protocols should support real-time data processing and be designed considering the limited data payload of the CAN data frame. Therefore, security protocols are excepted to meet the requirements of real time and cost constraint without increasing the bus load. In this thesis, a CAN security protocol is proposed using Advanced Encryption Standard (AES-128) encryption and Hash Message Authentication Code (HMAC) authentication. By applying CAN data compression techniques, there will be enough space for us to apply the security protocol to authenticate the data to be transferred. Our experiments results show that our proposed protocol can remedy the vulnerabilities of CAN so that it can be put into use in the in-vehicle networks.