AC4AV: A Flexible and Dynamic Access Control Framework for Connected and Autonomous Vehicles

Sensing data plays a pivotal role in connected and autonomous vehicles (CAVs), enabling CAV to perceive surroundings. For example, malicious applications might tamper this life-critical data, resulting in erroneous driving decisions and threatening the safety of passengers. Access control, one of the promising solutions to protect data from unauthorized access, is urgently needed for vehicle sensing data. However, due to the intrinsic complexity of vehicle sensing data, including historical and real time, and access patterns of different data sources, there is currently no suitable access control framework that can systematically solve this problem; current frameworks only focus on one aspect. In this article, we propose a novel and flexible access control framework, AC4AV, which aims to support various access control models, and provide APIs for dynamically adjusting access control models and developing customized access control models, thus supporting access control research on CAV for the community. In addition, we propose a data abstraction method to clearly identify data, applications, and access operations in CAV, and therefore is easily able to configure the permits of each data and application in access control policies. We have implemented a prototype to demonstrate our architecture on NATS for real-time data and NGINX for historical data, and three access control models as built-in models. We measured the performance of our AC4AV while applying these access control models to real-time and historical data. The experimental results show that the framework has little impact on real-time data access within a tolerable range.

[1]  Weidong Shi,et al.  A comparison study of intel SGX and AMD memory encryption technology , 2018, HASP@ISCA.

[2]  Vitaly Shmatikov,et al.  Situational Access Control in the Internet of Things , 2018, CCS.

[3]  Yunpeng Zhang,et al.  Access Control in Internet of Things: A Survey , 2016, ArXiv.

[4]  Agostino Cortesi,et al.  Procedurally Provisioned Access Control for Robotic Systems , 2018, 2018 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS).

[5]  Morgan Quigley,et al.  ROS: an open-source Robot Operating System , 2009, ICRA 2009.

[6]  Shehzad Khalid,et al.  Security and privacy based access control model for internet of connected vehicles , 2019, Future Gener. Comput. Syst..

[7]  Quan Zhang,et al.  Distributed Collaborative Execution on the Edges and Its Application to AMBER Alerts , 2018, IEEE Internet of Things Journal.

[8]  Ninghui Li,et al.  SPOKE: Scalable Knowledge Collection and Attack Surface Analysis of Access Control Policy for Security Enhanced Android , 2017, AsiaCCS.

[9]  Yifan Wang,et al.  AutoVAPS: an IoT-enabled public safety service on vehicles , 2019, SCOPE@CPSIoTWeek.

[10]  Weisong Shi,et al.  Edge Computing for Autonomous Driving: Opportunities and Challenges , 2019, Proceedings of the IEEE.

[11]  Suman Banerjee,et al.  A vehicle-based edge computing platform for transit and human mobility analytics , 2017, SEC.

[12]  Johannes Götzfried,et al.  Hardware-Based Trusted Computing Architectures for Isolation and Attestation , 2018, IEEE Transactions on Computers.

[13]  Amnon Shashua,et al.  Safe, Multi-Agent, Reinforcement Learning for Autonomous Driving , 2016, ArXiv.

[14]  Denis Fize,et al.  Speed of processing in the human visual system , 1996, Nature.

[15]  Jianxiong Xiao,et al.  DeepDriving: Learning Affordance for Direct Perception in Autonomous Driving , 2015, 2015 IEEE International Conference on Computer Vision (ICCV).

[16]  Weisong Shi,et al.  HydraOne: An Indoor Experimental Research and Education Platform for CAVs , 2019, HotEdge.

[17]  Xiaopei Wu,et al.  OpenVDAP: An Open Vehicular Data Analytics Platform for CAVs , 2018, 2018 IEEE 38th International Conference on Distributed Computing Systems (ICDCS).

[18]  Lin Wang,et al.  MobileEdge: Enhancing On-Board Vehicle Computing Units Using Mobile Edges for CAVs , 2019, 2019 IEEE 25th International Conference on Parallel and Distributed Systems (ICPADS).

[19]  Ji Wan,et al.  Multi-view 3D Object Detection Network for Autonomous Driving , 2016, 2017 IEEE Conference on Computer Vision and Pattern Recognition (CVPR).

[20]  Henrik I. Christensen,et al.  SROS: Securing ROS over the wire, in the graph, and through the kernel , 2016, ArXiv.

[21]  Robert H. Deng,et al.  Security and Privacy in Smart Health: Efficient Policy-Hiding Attribute-Based Access Control , 2018, IEEE Internet of Things Journal.

[22]  Abdul Nasir Khan,et al.  A survey on privacy and access control schemes in fog computing , 2019, Int. J. Commun. Syst..

[23]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[24]  Xiaochen Zhang,et al.  SBAC: A secure blockchain-based access control framework for information-centric networking , 2020, J. Netw. Comput. Appl..

[25]  Qian Wang,et al.  SEM-ACSIT: Secure and Efficient Multiauthority Access Control for IoT Cloud Storage , 2020, IEEE Internet of Things Journal.

[26]  Peter Schartner,et al.  Secure communication for the robot operating system , 2017, 2017 Annual IEEE International Systems Conference (SysCon).

[27]  Zhi Chen,et al.  A lightweight attribute-based encryption scheme for the Internet of Things , 2015, Future Gener. Comput. Syst..

[28]  Lingjia Tang,et al.  The Architectural Implications of Autonomous Driving: Constraints and Acceleration , 2018, ASPLOS.

[29]  Samiran Chattopadhyay,et al.  Provably Secure Fine-Grained Data Access Control Over Multiple Cloud Servers in Mobile Cloud Computing Based Healthcare Applications , 2019, IEEE Transactions on Industrial Informatics.

[30]  Vijayalakshmi Atluri,et al.  The Policy Machine: A novel architecture and framework for access control policy specification and enforcement , 2011, J. Syst. Archit..

[31]  Ragunathan Rajkumar,et al.  Towards a viable autonomous driving research platform , 2013, 2013 IEEE Intelligent Vehicles Symposium (IV).

[32]  H. M. N. Dilum Bandara,et al.  Cloud-based driver monitoring and vehicle diagnostic with OBD2 telematics , 2015, 2015 Fifteenth International Conference on Advances in ICT for Emerging Regions (ICTer).

[33]  Peter Schartner,et al.  Security for the Robot Operating System , 2017, Robotics Auton. Syst..

[34]  Jie Cui,et al.  PA-CRT: Chinese Remainder Theorem Based Conditional Privacy-Preserving Authentication Scheme in Vehicular Ad-Hoc Networks , 2019, IEEE Transactions on Dependable and Secure Computing.

[35]  Elisa Bertino,et al.  Context-Based Access Control Systems for Mobile Devices , 2015, IEEE Transactions on Dependable and Secure Computing.

[36]  Weisong Shi,et al.  SafeShareRide: Edge-Based Attack Detection in Ridesharing Services , 2018, 2018 IEEE/ACM Symposium on Edge Computing (SEC).

[37]  Xiaohong Jiang,et al.  Smart Contract-Based Access Control for the Internet of Things , 2018, IEEE Internet of Things Journal.

[38]  Kemal Akkaya,et al.  Block4Forensic: An Integrated Lightweight Blockchain Framework for Forensics Applications of Connected Vehicles , 2018, IEEE Communications Magazine.

[39]  Robert H. Deng,et al.  Privacy-Preserving Data Processing with Flexible Access Control , 2020, IEEE Transactions on Dependable and Secure Computing.

[40]  Zhe Zhang,et al.  Computer Architectures for Autonomous Driving , 2017, Computer.

[41]  Jinjun Chen,et al.  Cyberspace-Oriented Access Control: A Cyberspace Characteristics-Based Model and its Policies , 2019, IEEE Internet of Things Journal.