Securing communication between service providers and road side units in a connected vehicle infrastructure

Road Side Units (RSUs) within the connected vehicle infrastructure are vulnerable to security and access control challenges. RSUs may share resources with unreliable SPs that could lead to information leakage due to an insecure messaging infrastructure. To mitigate these concerns, we introduce an automated service provision mechanism that enables a controlled messaging infrastructure using a Distributed Security Framework (DSF). Service provision is accomplished by providing RSUs with publish/subscribe brokers that enable authorized SPs to distribute their services as topics and define access rights through the DSF. The DSF acts as a secure middle layer that is hosted by fog computing nodes to ensure close proximity to RSUs, handles resource authorization (i.e., topic creation in specific brokers), and provides identity authentication of both RSUs and SPs. The DSF uses an attribute-based access control model to enable both SPs and RSUs to define and dynamically manage attribute-based access policies to cope with run-time changes of protection requirements. We validate the DSF framework in a simulated smart highway environment comprising interconnected RSUs and SPs to demonstrate our technique's effectiveness.

[1]  D. Richard Kuhn,et al.  Attribute-Based Access Control , 2017, Computer.

[2]  Erik M. Fredericks,et al.  Lightweight Detection and Isolation of Black Hole Attacks in Connected Vehicles , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems Workshops (ICDCSW).

[3]  Anne-Marie Kermarrec,et al.  The many faces of publish/subscribe , 2003, CSUR.

[4]  Ilias Leontiadis,et al.  Publish/subscribe notification middleware for vehicular networks , 2007, MDS '07.

[5]  Seung-Woo Seo,et al.  RSU-Based Distributed Key Management (RDKM) For Secure Vehicular Multicast Communications , 2011, IEEE Journal on Selected Areas in Communications.

[6]  Deepak Garg,et al.  Publish/subscribe based information dissemination over VANET utilizing DHT , 2012, Frontiers of Computer Science.

[7]  Dimitris Gritzalis,et al.  Access Control Issues in Utilizing Fog Computing for Transport Infrastructure , 2015, CRITIS.

[8]  David F. Ferraiolo,et al.  Guide to Attribute Based Access Control (ABAC) Definition and Considerations , 2014 .

[9]  Raja Sengupta,et al.  Vehicle-to-vehicle safety messaging in DSRC , 2004, VANET '04.

[10]  Jing Zhao,et al.  Service Scheduling of Vehicle-Roadside Data Access , 2010, Mob. Networks Appl..

[11]  Cecilia Mascolo,et al.  A hybrid approach for content-based publish/subscribe in vehicular networks , 2009, Pervasive Mob. Comput..

[12]  Raja Lavanya,et al.  Fog Computing and Its Role in the Internet of Things , 2019, Advances in Computer and Electrical Engineering.

[13]  Andrea Vinci,et al.  Smart Agents and Fog Computing for Smart City Applications , 2016, Smart-CT.

[14]  Vladimiro Sassone,et al.  A Distributed Access Control System for Cloud Federations , 2017, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).