Skip to main content
main-content

Tipp

Weitere Kapitel dieses Buchs durch Wischen aufrufen

2020 | OriginalPaper | Buchkapitel

An Authorization Framework for Cooperative Intelligent Transport Systems

verfasst von: Sowmya Ravidas, Priyanka Karkhanis, Yanja Dajsuren, Nicola Zannone

Erschienen in: Emerging Technologies for Authorization and Authentication

Verlag: Springer International Publishing

share
TEILEN

Abstract

Cooperative Intelligent Transport Systems (C-ITS) aims to enhance the existing transportation infrastructure through the use of sensing capabilities and advanced communication technologies. While improving the safety, efficiency and comfort of driving, C-ITS introduces several security and privacy challenges. Among them, a main challenge is the protection of sensitive information and resources gathered and exchanged within C-ITS. Although several authorization frameworks have been proposed over the years, they are unsuitable to deal with the demands of C-ITS. In this paper, we present an authorization framework that addresses the challenges characterizing the C-ITS domain. Our framework leverages principles of both policy-based and token-based architectures to deal with the dynamicity of C-ITS while reducing the overhead introduced by the authorization process. We demonstrate our framework using typical use case scenarios from the C-ITS domain on location tracking.
Fußnoten
1
Constraints can be specified in XACML using element <Obligations>. In XACML, obligations are returned along with the access decision (either permit or deny) to enrich the decision.
 
Literatur
4.
Zurück zum Zitat Directive 2010/40/EU of the European Parliament and of the Council. Official Journal of the European Union, vol. 50, p. 207 (2010) Directive 2010/40/EU of the European Parliament and of the Council. Official Journal of the European Union, vol. 50, p. 207 (2010)
5.
Zurück zum Zitat Intelligent Transport Systems (ITS); Security; ITS communications security architecture and security management. ETSI TS 102 940, ETSI (2018) Intelligent Transport Systems (ITS); Security; ITS communications security architecture and security management. ETSI TS 102 940, ETSI (2018)
6.
Zurück zum Zitat Abrougui, K., Boukerche, A.: Efficient group-based authentication protocol for location-based service discovery in intelligent transportation systems. Secur. Commun. Netw. 6(4), 473–484 (2013) CrossRef Abrougui, K., Boukerche, A.: Efficient group-based authentication protocol for location-based service discovery in intelligent transportation systems. Secur. Commun. Netw. 6(4), 473–484 (2013) CrossRef
7.
Zurück zum Zitat Ahmad, T., Morelli, U., Ranise, S., Zannone, N.: A lazy approach to access control as a service (ACaaS) for IoT: an AWS case study. In: Proceedings of Symposium on Access Control Models and Technologies, pp. 235–246. ACM (2018) Ahmad, T., Morelli, U., Ranise, S., Zannone, N.: A lazy approach to access control as a service (ACaaS) for IoT: an AWS case study. In: Proceedings of Symposium on Access Control Models and Technologies, pp. 235–246. ACM (2018)
8.
Zurück zum Zitat Albouq, S.S., Fredericks, E.M.: Securing communication between service providers and road side units in a connected vehicle infrastructure. In: Proceedings of International Symposium on Network Computing and Applications, pp. 1–5. IEEE (2017) Albouq, S.S., Fredericks, E.M.: Securing communication between service providers and road side units in a connected vehicle infrastructure. In: Proceedings of International Symposium on Network Computing and Applications, pp. 1–5. IEEE (2017)
10.
Zurück zum Zitat Damen, S., den Hartog, J., Zannone, N.: Collac: collaborative access control. In: Proceedings of International Conference on Collaboration Technologies and Systems, pp. 142–149. IEEE (2014) Damen, S., den Hartog, J., Zannone, N.: Collac: collaborative access control. In: Proceedings of International Conference on Collaboration Technologies and Systems, pp. 142–149. IEEE (2014)
12.
Zurück zum Zitat Dorri, A., Steger, M., Kanhere, S.S., Jurdak, R.: Blockchain: a distributed solution to automotive security and privacy. IEEE Commun. Mag. 55(12), 119–125 (2017) CrossRef Dorri, A., Steger, M., Kanhere, S.S., Jurdak, R.: Blockchain: a distributed solution to automotive security and privacy. IEEE Commun. Mag. 55(12), 119–125 (2017) CrossRef
13.
Zurück zum Zitat Festag, A.: Cooperative intelligent transport systems standards in Europe. IEEE Commun. Mag. 52(12), 166–172 (2014) CrossRef Festag, A.: Cooperative intelligent transport systems standards in Europe. IEEE Commun. Mag. 52(12), 166–172 (2014) CrossRef
14.
Zurück zum Zitat Guarda, P., Zannone, N.: Towards the development of privacy-aware systems. Inf. Software Technol. 51(2), 337–350 (2009) CrossRef Guarda, P., Zannone, N.: Towards the development of privacy-aware systems. Inf. Software Technol. 51(2), 337–350 (2009) CrossRef
15.
Zurück zum Zitat Gupta, M., Sandhu, R.: Authorization framework for secure cloud assisted connected cars and vehicular internet of things. In: Proceedings of Symposium on Access Control Models and Technologies, pp. 193–204. ACM (2018) Gupta, M., Sandhu, R.: Authorization framework for secure cloud assisted connected cars and vehicular internet of things. In: Proceedings of Symposium on Access Control Models and Technologies, pp. 193–204. ACM (2018)
16.
Zurück zum Zitat Hernández-Ramos, J.L., Jara, A.J., Marin, L., Skarmeta, A.F.: Distributed capability-based access control for the internet of things. J. Internet Serv. Inf. Secur. 3(3/4), 1–16 (2013) Hernández-Ramos, J.L., Jara, A.J., Marin, L., Skarmeta, A.F.: Distributed capability-based access control for the internet of things. J. Internet Serv. Inf. Secur. 3(3/4), 1–16 (2013)
17.
Zurück zum Zitat Jia, Y.J., et al.: ContexIoT: towards providing contextual integrity to appified IoT platforms. In: Proceedings of Network and Distributed System Security Symposium (2017) Jia, Y.J., et al.: ContexIoT: towards providing contextual integrity to appified IoT platforms. In: Proceedings of Network and Distributed System Security Symposium (2017)
18.
Zurück zum Zitat Kaluvuri, S.P., Egner, A.I., den Hartog, J., Zannone, N.: SAFAX - anextensible authorization service for cloud environments. Front. ICT (2015) Kaluvuri, S.P., Egner, A.I., den Hartog, J., Zannone, N.: SAFAX - anextensible authorization service for cloud environments. Front. ICT (2015)
19.
Zurück zum Zitat Karafili, E., Lupu, E.C.: Enabling data sharing in contextual environments: Policy representation and analysis. In: Proceedings of Symposium on Access Control Models and Technologies, pp. 231–238. ACM (2017) Karafili, E., Lupu, E.C.: Enabling data sharing in contextual environments: Policy representation and analysis. In: Proceedings of Symposium on Access Control Models and Technologies, pp. 231–238. ACM (2017)
20.
Zurück zum Zitat Karkhanis, P., van den Brand, M., Rajkarnikar, S.: Defining the C-ITS reference architecture. In: Proceedings of International Conference on Software Architecture Companion, pp. 148–151. IEEE (2018) Karkhanis, P., van den Brand, M., Rajkarnikar, S.: Defining the C-ITS reference architecture. In: Proceedings of International Conference on Software Architecture Companion, pp. 148–151. IEEE (2018)
21.
Zurück zum Zitat Laaroussi, Z., Morabito, R., Taleb, T.: Service provisioning in vehicular networks through edge and cloud: an empirical analysis. In: Proceedings of Conference on Standards for Communications and Networking. IEEE (2018) Laaroussi, Z., Morabito, R., Taleb, T.: Service provisioning in vehicular networks through edge and cloud: an empirical analysis. In: Proceedings of Conference on Standards for Communications and Networking. IEEE (2018)
22.
Zurück zum Zitat Le, V.H., den Hartog, J., Zannone, N.: Security and privacy for innovative automotive applications: a survey. Comput. Commun. 132, 17–41 (2018) CrossRef Le, V.H., den Hartog, J., Zannone, N.: Security and privacy for innovative automotive applications: a survey. Comput. Commun. 132, 17–41 (2018) CrossRef
24.
Zurück zum Zitat Martinez, J.A., Ruiz, P.M., Marin, R.: Impact of the pre-authentication performance in vehicular networks. In: Proceedings of Vehicular Technology Conference-Fall. IEEE (2010) Martinez, J.A., Ruiz, P.M., Marin, R.: Impact of the pre-authentication performance in vehicular networks. In: Proceedings of Vehicular Technology Conference-Fall. IEEE (2010)
25.
Zurück zum Zitat Matteucci, I., Petrocchi, M., Sbodio, M.L.: CNL4DSA: a controlled natural language for data sharing agreements. In: Proceedings of Symposium on Applied Computing, pp. 616–620. ACM (2010) Matteucci, I., Petrocchi, M., Sbodio, M.L.: CNL4DSA: a controlled natural language for data sharing agreements. In: Proceedings of Symposium on Applied Computing, pp. 616–620. ACM (2010)
26.
Zurück zum Zitat OASIS: eXtensible Access Control Markup Language (XACML) v. 3.0. OASIS Standard (2013) OASIS: eXtensible Access Control Markup Language (XACML) v. 3.0. OASIS Standard (2013)
27.
Zurück zum Zitat Ojanperä, T., Mäkelä, J., Mämmelä, O., Majanen, M., Martikainen, O.: Use cases and communications architecture for 5G-enabled road safety services. In: Proceedings of European Conference on Networks and Communications, pp. 335–340. IEEE (2018) Ojanperä, T., Mäkelä, J., Mämmelä, O., Majanen, M., Martikainen, O.: Use cases and communications architecture for 5G-enabled road safety services. In: Proceedings of European Conference on Networks and Communications, pp. 335–340. IEEE (2018)
28.
Zurück zum Zitat Paci, F., Squicciarini, A.C., Zannone, N.: Survey on access control for community-centered collaborative systems. ACM Comput. Surv. 51(1), 6:1–6:38 (2018) CrossRef Paci, F., Squicciarini, A.C., Zannone, N.: Survey on access control for community-centered collaborative systems. ACM Comput. Surv. 51(1), 6:1–6:38 (2018) CrossRef
29.
Zurück zum Zitat Pearson, S., Casassa-Mont, M.: Sticky policies: an approach for managing privacy across multiple parties. Computer 44(9), 60–68 (2011) CrossRef Pearson, S., Casassa-Mont, M.: Sticky policies: an approach for managing privacy across multiple parties. Computer 44(9), 60–68 (2011) CrossRef
30.
Zurück zum Zitat Ravidas, S., Lekidis, A., Paci, F., Zannone, N.: Access control in internet-of-things: a survey. J. Netw. Comput. Appl. 144, 79–101 (2019) CrossRef Ravidas, S., Lekidis, A., Paci, F., Zannone, N.: Access control in internet-of-things: a survey. J. Netw. Comput. Appl. 144, 79–101 (2019) CrossRef
31.
Zurück zum Zitat Raya, M., Papadimitratos, P., Hubaux, J.P.: Securing vehicular communications. IEEE Wirel. Commun. 13(5), 8–15 (2006) CrossRef Raya, M., Papadimitratos, P., Hubaux, J.P.: Securing vehicular communications. IEEE Wirel. Commun. 13(5), 8–15 (2006) CrossRef
32.
Zurück zum Zitat Riabi, I., Saidane, L.A., Ayed, H.K.B.: A proposal of a distributed access control over Fog computing: the ITS use case. In: Proceedings of International Conference on Performance Evaluation and Modeling in Wired and Wireless Networks. IEEE (2017) Riabi, I., Saidane, L.A., Ayed, H.K.B.: A proposal of a distributed access control over Fog computing: the ITS use case. In: Proceedings of International Conference on Performance Evaluation and Modeling in Wired and Wireless Networks. IEEE (2017)
34.
Zurück zum Zitat van Sambeek, M., et al.: Towards an architecture for cooperative-intelligent transport system (C-ITS) applications in the Netherlands. Technical report, DITCM Innovations (2015) van Sambeek, M., et al.: Towards an architecture for cooperative-intelligent transport system (C-ITS) applications in the Netherlands. Technical report, DITCM Innovations (2015)
35.
Zurück zum Zitat Schuster, R., Shmatikov, V., Tromer, E.: Situational access control in the internet of things. In: Proceedings of Conference on Computer and Communications Security, pp. 1056–1073. ACM (2018) Schuster, R., Shmatikov, V., Tromer, E.: Situational access control in the internet of things. In: Proceedings of Conference on Computer and Communications Security, pp. 1056–1073. ACM (2018)
36.
Zurück zum Zitat Sha, K., Xi, Y., Shi, W., Schwiebert, L., Zhang, T.: Adaptive privacy-preserving authentication in vehicular networks. In: Proceedings of International Conference on Communications and Networking in China, pp. 1–8. IEEE (2006) Sha, K., Xi, Y., Shi, W., Schwiebert, L., Zhang, T.: Adaptive privacy-preserving authentication in vehicular networks. In: Proceedings of International Conference on Communications and Networking in China, pp. 1–8. IEEE (2006)
37.
Zurück zum Zitat Sucasas, V., Mantas, G., Saghezchi, F.B., Radwan, A., Rodriguez, J.: An autonomous privacy-preserving authentication scheme for intelligent transportation systems. Computers & Security 60, 193–205 (2016) CrossRef Sucasas, V., Mantas, G., Saghezchi, F.B., Radwan, A., Rodriguez, J.: An autonomous privacy-preserving authentication scheme for intelligent transportation systems. Computers & Security 60, 193–205 (2016) CrossRef
Metadaten
Titel
An Authorization Framework for Cooperative Intelligent Transport Systems
verfasst von
Sowmya Ravidas
Priyanka Karkhanis
Yanja Dajsuren
Nicola Zannone
Copyright-Jahr
2020
DOI
https://doi.org/10.1007/978-3-030-39749-4_2

Premium Partner