Data Protection and Data Sharing in Telematics

Automotive telematics may be defined as the information-intensive applications enabled for vehicles by a combination of telecommunications and computing technology. Telematics by its nature requires the capture, storage, and exchange of sensor data to obtain remote services. Such data likely include personal, sensitive information, which require proper handling to protect the driver's privacy. Some existing approaches focus on protecting privacy through anonymous interactions or by stopping information flow altogether. We complement these by concentrating instead on giving different stakeholders control over data sharing and use. In this paper, we identify several data protection challenges specifically related to the automotive telematics domain, and propose a general data protection framework to address some of those challenges. The framework enables data aggregation before data is released to service providers, which minimizes the disclosure of privacy sensitive information. We have implemented the core component, the privacy engine, to help users manage their privacy policies and to authorize data requests based on policy matching. The policy manager provides a flexible privacy policy model that allows data subjects to express rich constraint-based policies, including event-based, and spatio-temporal constraints. Thus, the policy engine can decide on a large number of requests without user assistance and causes no interruptions while driving. A performance study indicates that the overhead is stable with an increasing number of data subjects.

[1]  William A. Arbaugh,et al.  A secure and reliable bootstrap architecture , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).

[2]  Rolf Oppliger Security issues related to mobile code and agent-based systems , 1999, Comput. Commun..

[3]  Einar Snekkenes,et al.  Concepts for personal location privacy policies , 2001, EC '01.

[4]  William M. Farmer,et al.  Security for Mobile Agents: Issues and Requirements , 1996 .

[5]  Michael Waidner,et al.  Platform for Enterprise Privacy Practices: Privacy-Enabled Management of Customer Data , 2002, Privacy Enhancing Technologies.

[6]  Marc Langheinrich,et al.  The platform for privacy preferences 1.0 (p3p1.0) specification , 2002 .

[7]  Barbara Gengler Reports: Trusted Computing Platform Alliance , 2001 .

[8]  Edith Schonberg,et al.  Personal Information Management and Distribution , 2001 .

[9]  Gregory D. Abowd,et al.  Securing context-aware applications using environment roles , 2001, SACMAT '01.

[10]  S. Fischer-h bner IT-Security and Privacy: Design and Use of Privacy-Enhancing Security Mechanisms , 2001 .

[11]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[12]  Sean W. Smith,et al.  Building a high-performance, programmable secure coprocessor , 1999, Comput. Networks.

[13]  Bruce Schneier,et al.  Secure audit logs to support computer forensics , 1999, TSEC.

[14]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[15]  Ronald Perez,et al.  Personal Firewalls and Intrusion Detection Systems , 2001 .

[16]  Marc Langheinrich,et al.  Privacy by Design - Principles of Privacy-Aware Ubiquitous Systems , 2001, UbiComp.

[17]  Edith Schonberg,et al.  How to go Shopping on the World Wide Web without having your Privacy Violated , 2001 .

[18]  Uwe Georg Wilhelm,et al.  A TECHNICAL APPROACH TO PRIVACY BASED ON MOBILE AGENTS PROTECTED BY TAMPER-RESISTANT HARDWARE , 1999 .

[19]  Andreas Pfitzmann,et al.  Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology , 2000, Workshop on Design Issues in Anonymity and Unobservability.

[20]  Marco Gruteser,et al.  USENIX Association , 1992 .

[21]  Donna L. Hoffman,et al.  Building consumer trust online , 1999, CACM.

[22]  Hillary Brown Building for high performance , 2000 .