A Privacy-aware Data Access System for Automotive Applications

The introduction of Information technology (IT) in modern vehicles enables a plethora of new applications ranging from value added services up to autonomous driving vehicles. However, this also introduces new threats with regard to IT security and privacy. In this paper, we discuss the new privacy issues and propose a privacy-aware data access system for automotive applications. Our system informs the user over all privacy aspects and enables him to control third-party access to his personal data. We developed an easily usable human machine interface (HMI) and an underlying policy system to control data flows which is compliant to the European General Data Protection Regulation (GDPR). Our system can be easily integrated in future automotive architectures.

[1]  Carsten Ochs,et al.  Do-It-Yourself Data Protection—Empowerment or Burden? , 2016 .

[2]  Selim G. Akl,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983, TOCS.

[3]  Marit Hansen,et al.  Privacy Policy Icons , 2011, Privacy and Identity Management for Life.

[4]  Wouter Joosen,et al.  A Secure Multi-Application Platform for Vehicle Telematics , 2010, 2010 IEEE 72nd Vehicular Technology Conference - Fall.

[5]  Sushil Jajodia,et al.  Over-encryption: Management of Access Control Evolution on Outsourced Data , 2007, VLDB.

[6]  Philip S. Yu,et al.  Privacy-preserving data publishing: A survey of recent developments , 2010, CSUR.

[7]  H. Nissenbaum A Contextual Approach to Privacy Online , 2011, Daedalus.

[8]  G AklSelim,et al.  Cryptographic solution to a problem of access control in a hierarchy , 1983 .

[9]  Marco Gruteser,et al.  Framework for security and privacy in automotive telematics , 2002, WMC '02.

[10]  Tim Bray,et al.  Internet Engineering Task Force (ietf) the Javascript Object Notation (json) Data Interchange Format , 2022 .

[11]  Jan Camenisch,et al.  A Signature Scheme with Efficient Protocols , 2002, SCN.

[12]  Ernest F. Brickell,et al.  Direct anonymous attestation , 2004, CCS '04.

[13]  Lassi A. Liikkanen,et al.  Lean UX: the next generation of user-centered agile development? , 2014, NordiCHI.

[14]  Marc Joye,et al.  A Practical and Provably Secure Coalition-Resistant Group Signature Scheme , 2000, CRYPTO.

[15]  Cynthia Dwork,et al.  Differential Privacy , 2006, ICALP.

[16]  Christoph Krauß,et al.  Selbstdatenschutz im vernetzten Fahrzeug , 2017, Datenschutz und Datensicherheit - DuD.

[17]  Srdjan Capkun,et al.  The security and privacy of smart vehicles , 2004, IEEE Security & Privacy Magazine.