ProTACD: A Generic Privacy Process for Vehicle Development

The growth in information technology and connectivity has enabled a significant range of new functionalities in modern automobiles, such as telematics wireless interfaces via Wi-Fi. At the same time, the protection of privacy is becoming a major concern and questions are being raised regarding the need for current privacy concepts to be extended or even replaced by integrative and structured privacy approaches. This might be necessary to uncover isolated and unexpected privacy threats, e.g., tracking of multiple in-car wireless sensors. We identify the key challenges for privacy enforcement in the vehicle's lifecycle and propose a generic, yet integrative, privacy process for vehicle development (ProTACD). The final decision to enforce and deploy privacy features in vehicular development requires several prerequisites to be provided by ProTACD. In this paper, we outline the phases and interactions of ProTACD, and discuss its general objectives and differences from other approaches.

[1]  Zhendong Ma,et al.  Privacy Requirements in Vehicular Communication Systems , 2009, 2009 International Conference on Computational Science and Engineering.

[2]  Panagiotis Papadimitratos,et al.  Efficient and robust pseudonymous authentication in VANET , 2007, VANET '07.

[3]  Carmela Troncoso,et al.  PriPAYD: Privacy-Friendly Pay-As-You-Drive Insurance , 2011, IEEE Transactions on Dependable and Secure Computing.

[4]  Michael Weber,et al.  Ginger: An Access Control Framework for Telematics Applications , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[5]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[6]  Sarah Spiekermann,et al.  Privacy-by-Design through Systematic Privacy Impact Assessment - a Design Science Approach , 2012, ECIS.

[7]  Tomas Olovsson,et al.  Security aspects of the in-vehicle network in the connected car , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[8]  Marco Gruteser,et al.  USENIX Association , 1992 .

[9]  Michael Weber,et al.  Towards an Identity-Based Data Model for an Automotive Privacy Process , 2012, 2012 International Conference on Privacy, Security, Risk and Trust and 2012 International Confernece on Social Computing.

[10]  S. Gritzalis,et al.  Dealing with privacy issues during the system design process , 2005, Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005..

[11]  David Wright,et al.  Should privacy impact assessments be mandatory? , 2011, Commun. ACM.

[12]  Marco Gruteser,et al.  Data Protection and Data Sharing in Telematics , 2004, Mob. Networks Appl..

[13]  Tobias Hoppe,et al.  Automotive IT-Security as a Challenge: Basic Attacks from the Black Box Perspective on the Example of Privacy Threats , 2009, SAFECOMP.

[14]  Gunter Saake,et al.  On the Need of Data Management in Automotive Systems , 2009, BTW.

[15]  Samsung Lim,et al.  Location Privacy in Automotive Telematics , 2009 .

[16]  Michael Weber,et al.  V-Tokens for Conditional Pseudonymity in VANETs , 2010, 2010 IEEE Wireless Communication and Networking Conference.

[17]  Stefanos Gritzalis,et al.  Using Privacy Process Patterns for Incorporating Privacy Requirements into the System Design Process , 2007, The Second International Conference on Availability, Reliability and Security (ARES'07).

[18]  Jana Dittmann,et al.  Security threats to automotive CAN networks - Practical examples and selected short-term countermeasures , 2008, Reliab. Eng. Syst. Saf..

[19]  Wenyuan Xu,et al.  Security and Privacy Vulnerabilities of In-Car Wireless Networks: A Tire Pressure Monitoring System Case Study , 2010, USENIX Security Symposium.

[20]  Naim Asaj,et al.  Entropy-based anomaly detection for in-vehicle networks , 2011, 2011 IEEE Intelligent Vehicles Symposium (IV).

[21]  M. Hafiz A collection of privacy design patterns , 2006, PLoP '06.

[22]  Kyriakos Mouratidis,et al.  Spatial Cloaking Revisited: Distinguishing Information Leakage from Anonymity , 2009, SSTD.

[23]  John Krumm,et al.  A survey of computational location privacy , 2009, Personal and Ubiquitous Computing.

[24]  Naim Asaj Datenschutz im Fahrzeug , 2011, Datenschutz und Datensicherheit - DuD.

[25]  Siani Pearson,et al.  Context-Aware Privacy Design Pattern Selection , 2010, TrustBus.

[26]  Wouter Joosen,et al.  A Secure Multi-Application Platform for Vehicle Telematics , 2010, 2010 IEEE 72nd Vehicular Technology Conference - Fall.

[27]  Frank Kargl,et al.  A location privacy metric for V2X communication systems , 2009, 2009 IEEE Sarnoff Symposium.

[28]  Stefanos Gritzalis,et al.  Addressing privacy requirements in system design: the PriS method , 2008, Requirements Engineering.

[29]  Antonio Kung,et al.  Privacy-by-design in ITS applications , 2011, 2011 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks.

[30]  Antonio Kung,et al.  Privacy Verification Using Ontologies , 2011, 2011 Sixth International Conference on Availability, Reliability and Security.

[31]  A. Pfitzmann,et al.  A terminology for talking about privacy by data minimization: Anonymity, Unlinkability, Undetectability, Unobservability, Pseudonymity, and Identity Management , 2010 .