Authorization Framework for Secure Cloud Assisted Connected Cars and Vehicular Internet of Things

Internet of Things has become a predominant phenomenon in every sphere of smart life. Connected Cars and Vehicular Internet of Things, which involves communication and data exchange between vehicles, traffic infrastructure or other entities are pivotal to realize the vision of smart city and intelligent transportation. Vehicular Cloud offers a promising architecture wherein storage and processing capabilities of smart objects are utilized to provide on-the-fly fog platform. Researchers have demonstrated vulnerabilities in this emerging vehicular IoT ecosystem, where data has been stolen from critical sensors and smart vehicles controlled remotely. Security and privacy is important in Internet of Vehicles (IoV) where access to electronic control units, applications and data in connected cars should only be authorized to legitimate users, sensors or vehicles. In this paper, we propose an authorization framework to secure this dynamic system where interactions among entities is not pre-defined. We provide an extended access control oriented (E-ACO) architecture relevant to IoV and discuss the need of vehicular clouds in this time and location sensitive environment. We outline approaches to different access control models which can be enforced at various layers of E-ACO architecture and in the authorization framework. Finally, we discuss use cases to illustrate access control requirements in our vision of cloud assisted connected cars and vehicular IoT, and discuss possible research directions.

[1]  Hajar Mousannif,et al.  Access control in the Internet of Things: Big challenges and new opportunities , 2017, Comput. Networks.

[2]  Sherali Zeadally,et al.  Internet of Vehicles: Architecture, Protocols, and Security , 2018, IEEE Internet of Things Journal.

[3]  Ricardo Neisse,et al.  DIAT: A Scalable Distributed Architecture for IoT , 2015, IEEE Internet of Things Journal.

[4]  Chin-Teng Lin,et al.  Internet of Vehicles: Motivation, Layered Architecture, Network Model, Challenges, and Future Aspects , 2016, IEEE Access.

[5]  Ravi S. Sandhu,et al.  Access Control Models for Virtual Object Communication in Cloud-Enabled IoT , 2017, 2017 IEEE International Conference on Information Reuse and Integration (IRI).

[6]  Mohsen Guizani,et al.  Internet of Things: A Survey on Enabling Technologies, Protocols, and Applications , 2015, IEEE Communications Surveys & Tutorials.

[7]  Mario Gerla,et al.  Vehicular Cloud Computing , 2012, 2012 The 11th Annual Mediterranean Ad Hoc Networking Workshop (Med-Hoc-Net).

[8]  Sangjin Kim,et al.  Rethinking Vehicular Communications: Merging VANET with cloud computing , 2012, 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings.

[9]  Eui-Nam Huh,et al.  Cloud of Things: Integrating Internet of Things and cloud computing and the issues involved , 2014, Proceedings of 2014 11th International Bhurban Conference on Applied Sciences & Technology (IBCAST) Islamabad, Pakistan, 14th - 18th January, 2014.

[10]  Shangguang Wang,et al.  An overview of Internet of Vehicles , 2014, China Communications.

[11]  Mikio Aoyama,et al.  Computing for the Next-Generation Automobile , 2012, Computer.

[12]  Paolo Bellavista,et al.  Mobeyes: smart mobs for urban monitoring with a vehicular sensor network , 2006, IEEE Wireless Communications.

[13]  Maurizio Morisio,et al.  Connected Car , 2016, ACM Comput. Surv..

[14]  Simon G. M. Koo,et al.  Internet of Things: Services and Applications Categorization , 2011, Adv. Internet Things.

[15]  Vinton G. Cerf,et al.  Access Control and the Internet of Things , 2015, IEEE Internet Comput..

[16]  Raja Lavanya,et al.  Fog Computing and Its Role in the Internet of Things , 2019, Advances in Computer and Electrical Engineering.

[17]  Ludwig Seitz,et al.  Authorization framework for the Internet-of-Things , 2013, 2013 IEEE 14th International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[18]  Ravi Sandhu,et al.  The \mathrm GURA_G GURA G Administrative Model for User and Group Attribute Assignment , 2016, NSS.

[19]  Srdjan Capkun,et al.  The security and privacy of smart vehicles , 2004, IEEE Security & Privacy Magazine.

[20]  Lihua Yin,et al.  Attribute-Role-Based Hybrid Access Control in the Internet of Things , 2014, APWeb Workshophs.

[21]  Stephan Olariu,et al.  Taking VANET to the clouds , 2010, Int. J. Pervasive Comput. Commun..

[22]  Ch. Ramesh Babu,et al.  Internet of Vehicles: From Intelligent Grid to Autonomous Cars and Vehicular Clouds , 2016 .

[23]  Swarun Kumar,et al.  CarSpeak: a content-centric network for autonomous driving , 2012, SIGCOMM '12.

[24]  Ravi S. Sandhu,et al.  POSTER: Access Control Model for the Hadoop Ecosystem , 2017, SACMAT.

[25]  Lida Xu,et al.  The internet of things: a survey , 2014, Information Systems Frontiers.

[26]  Ravi Sandhu,et al.  Multi-Layer Authorization Framework for a Representative Hadoop Ecosystem Deployment , 2017, SACMAT.

[27]  Ravi S. Sandhu,et al.  Access Control Model for AWS Internet of Things , 2017, NSS.

[28]  Maanak Gupta,et al.  An Attribute-Based Access Control Model for Secure Big Data Processing in Hadoop Ecosystem , 2018 .

[29]  Tao Zhang,et al.  Security and Privacy in the Internet of Vehicles , 2015, 2015 International Conference on Identification, Information, and Knowledge in the Internet of Things (IIKI).

[30]  Leilani Battle,et al.  Building the Internet of Things Using RFID: The RFID Ecosystem Experience , 2009, IEEE Internet Computing.

[31]  Ravi S. Sandhu,et al.  An Access Control Framework for Cloud-Enabled Wearable Internet of Things , 2017, 2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC).

[32]  Ravi S. Sandhu,et al.  Object-Tagged RBAC Model for the Hadoop Ecosystem , 2017, DBSec.

[33]  Xin Jin,et al.  A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC , 2012, DBSec.

[34]  Antonio F. Gómez-Skarmeta,et al.  Distributed Capability-based Access Control for the Internet of Things , 2013, J. Internet Serv. Inf. Secur..

[35]  Michael Blackstock,et al.  City Hub: A Cloud-Based IoT Platform for Smart Cities , 2014, 2014 IEEE 6th International Conference on Cloud Computing Technology and Science.

[36]  Antonio Pescapè,et al.  Integration of Cloud computing and Internet of Things: A survey , 2016, Future Gener. Comput. Syst..

[37]  Stephan Olariu,et al.  Towards autonomous vehicular clouds , 2011, EAI Endorsed Trans. Mob. Commun. Appl..

[38]  Domenico Rotondi,et al.  A capability-based security approach to manage access control in the Internet of Things , 2013, Math. Comput. Model..

[39]  Raffaele Giaffreda,et al.  IoT and cloud convergence: Opportunities and challenges , 2014, 2014 IEEE World Forum on Internet of Things (WF-IoT).

[40]  Ravi S. Sandhu,et al.  Access Control Models for Cloud-Enabled Internet of Things: A Proposed Architecture and Research Agenda , 2016, 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC).

[41]  Marimuthu Palaniswami,et al.  Internet of Things (IoT): A vision, architectural elements, and future directions , 2012, Future Gener. Comput. Syst..

[42]  Benedikt Falkhofen,et al.  Cooperative Intelligent Transport Systems (C‑ITS) , 2019, Computer Law Review International.

[43]  Rajkumar Buyya,et al.  A survey on vehicular cloud computing , 2014, J. Netw. Comput. Appl..

[44]  Antonio Pescapè,et al.  On the Integration of Cloud Computing and Internet of Things , 2014, 2014 International Conference on Future Internet of Things and Cloud.

[45]  Ru-chuan Wang,et al.  An efficient authentication and access control scheme for perception layer of Internet of Things , 2014 .

[46]  Jim Barbaresso,et al.  USDOT’s Intelligent Transportation Systems (ITS) ITS strategic plan, 2015-2019. , 2014 .

[47]  Adel Said Elmaghraby,et al.  Cyber security challenges in Smart Cities: Safety, security and privacy , 2014, Journal of advanced research.

[48]  Luigi Atzori,et al.  The Virtual Object as a Major Element of the Internet of Things: A Survey , 2016, IEEE Communications Surveys & Tutorials.

[49]  Manuel Díaz,et al.  State-of-the-art, challenges, and open issues in the integration of Internet of things and cloud computing , 2016, J. Netw. Comput. Appl..