Controlling and filtering users data in Intelligent Transportation System

Abstract Intelligent Transportation Systems (ITS) provide mechanisms so that users are better informed in order to use efficiently the existing and future transportation capabilities. However, in order for ITS to be helpful and reliable in real-life situations, security and privacy considerations have to be taken into account. Users are contributing with data captured from private sensors, raising privacy risks when sharing this within the ITS context. For example, GPS data can facilitate the construction of ITS services for route discovery, but in the same time malicious users can use the information in order to derive location patterns and geographical habits. Several ITS companies could gain interesting insights about the traffic and safety events, if they put together owned private data. However, at this moment, the security risks prohibit such an endeavor. In this paper, we illustrate a security model where ITS participants can specify how data sharing captured by an ITS application will behave in regards to their own privacy requirements. The proposed solution is able to mediate the differences between ITS applications needs regarding data usage under various context based constraints and user focused constraints defined using security policies for their shared data. The next topic discussed in the paper is our proposal of an appropriate ITS mechanism that manages to establish the level of trust in the information disseminated in the system. The trust level mechanism is used in order to decide whether an ITS event should be are advertised or not to other users or ITS applications. In systems like ITS that are dynamic and changing frequently, trust in shared data must be calculated taking into consideration both the contextual information disseminated in the system, but also the sources’ reputation. Our proposals’ evaluations is done using ITS implementations in real-world conditions.

[1]  Kim-Kwang Raymond Choo,et al.  A Data Exfiltration and Remote Exploitation Attack on Consumer 3D Printers , 2016, IEEE Transactions on Information Forensics and Security.

[2]  Laurence T. Yang,et al.  Data Exfiltration From Internet of Things Devices: iOS Devices as Case Studies , 2017, IEEE Internet of Things Journal.

[3]  Kim-Kwang Raymond Choo Legal Issues in the Cloud , 2014, IEEE Cloud Computing.

[4]  Daniele Sgandurra,et al.  A Survey on Security for Mobile Devices , 2013, IEEE Communications Surveys & Tutorials.

[5]  Katie Shilton,et al.  Four billion little brothers? , 2009, Commun. ACM.

[6]  Delphine Christin,et al.  Privacy in mobile participatory sensing , 2016 .

[7]  George Mastorakis,et al.  Security in Smart Grids and Smart Spaces for Smooth IoT Deployment in 5G , 2016 .

[8]  Stephan Huber,et al.  Calculate Travel Time and Distance with Openstreetmap Data Using the Open Source Routing Machine (OSRM) , 2016 .

[9]  Ciprian Dobre,et al.  Secure model to share data in Intelligent Transportation Systems , 2016, 2016 18th Mediterranean Electrotechnical Conference (MELECON).

[10]  Kim-Kwang Raymond Choo Cloud computing: Challenges and future directions , 2010 .

[11]  Deborah Estrin,et al.  PEIR, the personal environmental impact report, as a platform for participatory sensing systems research , 2009, MobiSys '09.

[12]  Wim Lamotte,et al.  WiFiPi: Involuntary tracking of visitors at mass events , 2013, 2013 IEEE 14th International Symposium on "A World of Wireless, Mobile and Multimedia Networks" (WoWMoM).

[13]  Kim-Kwang Raymond Choo,et al.  Cloud computing and its implications for cybercrime investigations in Australia , 2013, Comput. Law Secur. Rev..

[14]  Kyriakos Mouratidis,et al.  Preventing Location-Based Identity Inference in Anonymous Spatial Queries , 2007, IEEE Transactions on Knowledge and Data Engineering.

[15]  Bernhard Mitschang,et al.  Privacy Management for Mobile Platforms -- A Review of Concepts and Approaches , 2013, 2013 IEEE 14th International Conference on Mobile Data Management.

[16]  Kim-Kwang Raymond Choo,et al.  Cloud Storage Forensics , 2013, Contemporary Digital Forensic Investigations of Cloud and Mobile Applications.

[17]  Ciprian Dobre,et al.  Putting the User in Control of the Intelligent Transportation System , 2016, ACISP.

[18]  Achim Autenrieth,et al.  Street-aware infrastructure planning tool for Next Generation Optical Access networks , 2012, 2012 16th International Conference on Optical Network Design and Modelling (ONDM).

[19]  Renaud Payre,et al.  The importance of being connected : city networks and urban government, Lyon and Eurocities (1990-2005) , 2010 .

[20]  Cacm Staff,et al.  A conversation with David E. Shaw , 2009 .

[21]  Wojciech Mazurczyk,et al.  Steganography in Modern Smartphones and Mitigation Techniques , 2014, IEEE Communications Surveys & Tutorials.

[22]  Stephen J. Maybank,et al.  The ADVISOR Visual Surveillance System , 2004 .

[23]  Malcolm Hall,et al.  ProtectMyPrivacy: detecting and mitigating privacy leaks on iOS devices using crowdsourcing , 2013, MobiSys '13.

[24]  Li Yang,et al.  Network covert channels on the Android platform , 2011, CSIIRW '11.

[25]  Patrick Weber,et al.  OpenStreetMap: User-Generated Street Maps , 2008, IEEE Pervasive Computing.

[26]  Sergiy Vilkomir,et al.  Testing-as-a-Service for Mobile Applications: State-of-the-Art Survey , 2015 .

[27]  Ahmad-Reza Sadeghi,et al.  Flexible and Fine-grained Mandatory Access Control on Android for Diverse Security and Privacy Policies , 2013, USENIX Security Symposium.

[28]  Yuan-Kai Wang,et al.  Context awareness and adaptation in mobile learning , 2004, The 2nd IEEE International Workshop on Wireless and Mobile Technologies in Education, 2004. Proceedings..

[29]  Kim-Kwang Raymond Choo,et al.  A Forensically Sound Adversary Model for Mobile Devices , 2015, PloS one.

[30]  Juan E. Tapiador,et al.  Evolution, Detection and Analysis of Malware for Smart Devices , 2014, IEEE Communications Surveys & Tutorials.