Maanak Gupta
Ravi Sandhu
ABSTRACT
Internet of Things has become a predominant phenomenon in every sphere of smart life. Connected Cars and Vehicular Internet of Things, which involves communication and data exchange between vehicles, traffic infrastructure or other entities are pivotal to realize the vision of smart city and intelligent transportation. Vehicular Cloud offers a promising architecture wherein storage and processing capabilities of smart objects are utilized to provide on-the-fly fog platform. Researchers have demonstrated vulnerabilities in this emerging vehicular IoT ecosystem, where data has been stolen from critical sensors and smart vehicles controlled remotely. Security and privacy is important in Internet of Vehicles (IoV) where access to electronic control units, applications and data in connected cars should only be authorized to legitimate users, sensors or vehicles. In this paper, we propose an authorization framework to secure this dynamic system where interactions among entities is not pre-defined. We provide an extended access control oriented (E-ACO) architecture relevant to IoV and discuss the need of vehicular clouds in this time and location sensitive environment. We outline approaches to different access control models which can be enforced at various layers of E-ACO architecture and in the authorization framework. Finally, we discuss use cases to illustrate access control requirements in our vision of cloud assisted connected cars and vehicular IoT, and discuss possible research directions.
- M. Aazam and et al. 2014. Cloud of Things: Integrating Internet of Things and cloud computing and the issues involved Proc. of IBCAST. 414--419. Farhan Patwa, and Ravi Sandhu. 2017. POSTER: Access Control Model for the Hadoop Ecosystem Proc. of SACMAT. ACM, 125--127. Google Scholar
Digital Library
- Maanak Gupta and Ravi Sandhu. 2016. The GURA_G Administrative Model for User and Group Attribute Assignment Proc. of NSS. Springer, 318--332.Google Scholar
- Sergio Gusmeroli, Salvatore Piccione, and Domenico Rotondi. 2013. A capability-based security approach to manage access control in the internet of things. Mathematical and Computer Modelling Vol. 58, 5 (2013), 1189--1205.Google ScholarCross Ref
- J. Hernandez-Ramos and et al. 2013. Distributed capability-based access control for the internet of things. J. of Internet Services and Info. Sec. Vol. 3, 3/4 (2013), 1--16.Google Scholar
- Jean-Pierre Hubaux, Srdjan Capkun, and Jun Luo. 2004. The security and privacy of smart vehicles. IEEE Security & Privacy Vol. 2, 3 (2004), 49--55. Google ScholarDigital Library
- Rasheed Hussain and et al. 2012. Rethinking vehicular communications: Merging VANET with cloud computing Proc. of CloudCom. IEEE, 606--609. Google ScholarDigital Library
- Xin Jin, Ram Krishnan, and Ravi Sandhu. 2012. A unified attribute-based access control model covering DAC, MAC and RBAC Proc. of DBSec. Springer, 41--55. Google ScholarDigital Library
- O. Kaiwartya and et al. 2016. Internet of vehicles: Motivation, layered architecture, network model, challenges, and future aspects. IEEE Access Vol. 4 (2016), 5356--5373.Google ScholarCross Ref
- Sun Kaiwen and Yin Lihua. 2014. Attribute-role-based hybrid access control in the internet of things Proc. of APWeb. Springer, 333--343.Google Scholar
- Swarun Kumar and et al. 2012. CarSpeak: A Content-centric Network for Autonomous Driving. SIGCOMM Comput. Commun. Rev. Vol. 42, 4 (Aug.. 2012), 259--270. showISSN0146--4833 Google ScholarDigital Library
- R. Lea and M. Blackstock. 2014. City Hub: A Cloud-Based IoT Platform for Smart Cities Proc. of CloudCom. IEEE, 799--804. Google ScholarDigital Library
- U. Lee and et al. 2006. Mobeyes: smart mobs for urban monitoring with a vehicular sensor network. IEEE Wireless Communications (2006), 52--57. showISSN1536--1284 Google ScholarDigital Library
- NHTSA. 2016. NHTSA and Vehicle CyberSecurity. NHTSA Report (2016).Google Scholar
- NHTSA. 2016, October. Cybersecurity Best Practices for Modern Vehicles. NHTSA Report No. DOT HS 812 333 (2016, October).Google Scholar
- NIST. 2016. Framework for Cyber-Physical Systems. https://www.nist.gov/itl/applied-cybersecurity/nist-initiatives-iot {Online; Accessed: 2018-01--13}.Google Scholar
- M. Nitti and et al. 2016. The virtual object as a major element of the internet of things: a survey. IEEE Comm. Surveys & Tutorials (2016), 1228--1240.Google Scholar
- Stephan Olariu and et al. 2011. Taking VANET to the clouds. International Journal of Pervasive Computing and Communications, Vol. 7, 1 (2011), 7--21.Google ScholarCross Ref
- Aafaf Ouaddah and et al. 2017. Access control in The Internet of Things: Big challenges and new opportunities. Computer Networks Vol. 112 (2017), 237--262. Google ScholarDigital Library
- Christopher Poulen. 2014. Driving security: Cyber assurance for next-generation vehicles. IBM Global Business Services (2014).Google Scholar
- Brian Russell and et al. 2017. Observations and Recommendations on Connected Vehicle Security. Cloud Security Alliance (2017).Google Scholar
- Chayan Sarkar and et al. 2015. DIAT: A scalable distributed architecture for IoT. IEEE Internet of Things journal Vol. 2, 3 (2015), 230--239.Google ScholarCross Ref
- Ludwig Seitz, Göran Selander, and Christian Gehrmann. 2013. Authorization framework for the internet-of-things Proc. of WoWMoM. IEEE, 1--6.Google Scholar
- Yunchuan Sun and et al. 2015. Security and Privacy in the Internet of Vehicles. Proc. of IIKI. IEEE, 116--121. Google ScholarDigital Library
- Toyota. 2011. Toyota-to-launch-smartphone-on-wheels. https://www.2wglobal.com/news-and-insights/articles/features/Toyota-to-launch-smartphone-on-wheels/ {Online; Accessed: 2018-02-03}.Google Scholar
- European Union. 2017. Certificate Policy for Deployment and Operation of European Cooperative Intelligent Transport Systems (C-ITS). https://ec.europa.eu/transport/sites/transport/files/c-its_certificate_policy_release_1.pdfGoogle Scholar
- European Union. 2017. Security Policy & Governance Framework for Deployment and Operation of European Cooperative Intelligent Transport Systems (C-ITS). https://ec.europa.eu/transport/sites/transport/files/c-its_security_policy_release_1.pdfGoogle Scholar
- USAToday. 2017. Chinese group hacks a Tesla for the second year in a row.Google Scholar
- USDOT. 2016. Connected Vehicles and Your Privacy. https://www.its.dot.gov/factsheets/pdf/Privacy_factsheet.pdfGoogle Scholar
- USDOT. 2016. Securty Credential Management System. https://www.its.dot.gov/resources/scms.htm {Online; Accessed: 2018-01--13}.Google Scholar
- Timo van Roermund. 2015. Secure Connected Cars for a Smarter World. NXP Semiconductors (2015).Google Scholar
- Evan Welbourne and et al. 2009. Building the internet of things using RFID: the RFID ecosystem experience. IEEE Internet computing Vol. 13, 3 (2009). Google ScholarDigital Library
- Md Whaiduzzaman and et al. 2014. A survey on vehicular cloud computing. Journal of Network and Computer Applications Vol. 40 (2014), 325--344.Google ScholarDigital Library
- Ning Ye and et al. 2014. An efficient authentication and access control scheme for perception layer of internet of things. Applied Mathematics and Information Sciences, Vol. 8, 4 (2014), 1617--1624.Google ScholarCross Ref
Index Terms
- Authorization Framework for Secure Cloud Assisted Connected Cars and Vehicular Internet of Things
Recommendations
Dynamic Groups and Attribute-Based Access Control for Next-Generation Smart Cars
CODASPY '19: Proceedings of the Ninth ACM Conference on Data and Application Security and PrivacySmart cars are among the essential components and major drivers of future cities and connected world. The interaction among connected entities in this vehicular internet of things (IoT) domain, which also involves smart traffic infrastructure, ...
Job Completion Time in Dynamic Vehicular Cloud Under Multiple Access Points
Cloud Computing – CLOUD 2020AbstractVehicular cloud is a group of vehicles whose corporate computing, sensing, communication and physical resources can be coordinated and dynamically allocated to authorized users. One of the attributes that set vehicular clouds apart from ...
Vehicular Cloud: Stochastic Analysis of Computing Resources in a Road Segment
PE-WASUN '15: Proceedings of the 12th ACM Symposium on Performance Evaluation of Wireless Ad Hoc, Sensor, & Ubiquitous NetworksConsiderable attention has been assigned to Vehicular Cloud towards identifying methods to utilize under-used, available computing and physical resources of vehicles effectively. Most work on vehicular cloud is so far on the taxonomy definition level, ...
Comments