An OpenRBAC Semantic Model for Access Control in Vehicular Networks

Inter-vehicle communication has the potential to significantly improve driving safety, but also raises security concerns. The fundamental mechanism to govern information sharing behaviors is access control. Since vehicular networks have a highly dynamic and open nature, access control becomes very challenging. Existing works are not applicable to the vehicular world. In this paper, we develop a new access control model, openRBAC, and the corresponding mechanisms for access control in vehicular systems. Our approach lets the accessee define a relative role hierarchy, specifying all potential accessor roles in terms of their relative perception to the accessees. Access control policies are defined for the relative roles in the hierarchy. Since the accessee has a clear understanding of the relative roles defined by itself, the policy definitions can be precise and less flawed.

[1]  M. Parashar,et al.  Context-aware Dynamic Access Control for Pervasive Applications , 2004 .

[2]  Barbara Carminati,et al.  Rule-Based Access Control for Social Networks , 2006, OTM Workshops.

[3]  Antonio F. Gómez-Skarmeta,et al.  Distributed Capability-based Access Control for the Internet of Things , 2013, J. Internet Serv. Inf. Secur..

[4]  Yuan Cheng,et al.  A User-to-User Relationship-Based Access Control Model for Online Social Networks , 2012, DBSec.

[5]  Elisa Bertino,et al.  Highly efficient randomized authentication in VANETs , 2018, Pervasive Mob. Comput..

[6]  Pascal Paillier,et al.  Public-Key Cryptosystems Based on Composite Degree Residuosity Classes , 1999, EUROCRYPT.

[7]  Bhavani M. Thuraisingham,et al.  A semantic web based framework for social network access control , 2009, SACMAT '09.

[8]  Lihua Yin,et al.  Attribute-Role-Based Hybrid Access Control in the Internet of Things , 2014, APWeb Workshophs.

[9]  Richard N. Taylor,et al.  An architectural approach for decentralized trust management , 2005, IEEE Internet Computing.

[10]  Yen-Cheng Chen,et al.  ABACS: An Attribute-Based Access Control System for Emergency Services over Vehicular Ad Hoc Networks , 2011, IEEE Journal on Selected Areas in Communications.

[11]  Qing Ye,et al.  An Attribute-based Fine-grained Access Control Scheme in Vehicular Ad-hoc Networks , 2017, WCNA 2017.

[12]  Jing Liu,et al.  Authentication and Access Control in the Internet of Things , 2012, 2012 32nd International Conference on Distributed Computing Systems Workshops.

[13]  V. S. Subrahmanian,et al.  Merging Heterogeneous Security Orderings , 1996, ESORICS.

[14]  Jason Crampton,et al.  Path conditions and principal matching: a new approach to access control , 2014, SACMAT '14.

[15]  Sanggon Lee,et al.  Security Analysis and Improvements of Authentication and Access Control in the Internet of Things , 2014, Sensors.

[16]  Indrakshi Ray,et al.  Analysis of a Relationship Based Access Control Model , 2015, C3S2E.

[17]  Jeong-Oog Lee,et al.  Context-Aware Access Control Mechanism for Ubiquitous Applications , 2005, AWIC.

[18]  Farokh B. Bastani,et al.  Semantic-Based Information Sharing in Vehicular Networks , 2018, 2018 IEEE International Conference on Web Services (ICWS).

[19]  Elisa Bertino,et al.  Self-Generation of Access Control Policies , 2018, SACMAT.

[20]  Heejo Lee,et al.  Enforcing Access Control Using Risk Assessment , 2007, Fourth European Conference on Universal Multiservice Networks (ECUMN'07).

[21]  Bhavani M. Thuraisingham,et al.  Role-Based Integrated Access Control and Data Provenance for SOA Based Net-Centric Systems , 2011, IEEE Transactions on Services Computing.

[22]  Dijiang Huang,et al.  ASPE: attribute-based secure policy enforcement in vehicular ad hoc networks , 2009, Ad Hoc Networks.

[23]  Muhammad Tariq,et al.  Cross-Domain Fine-Grained Data Usage Control Service for Industrial Wireless Sensor Networks , 2015, IEEE Access.

[24]  Elisa Bertino,et al.  Secure collaboration in mediator-free environments , 2005, CCS '05.

[25]  Antonio F. Gómez-Skarmeta,et al.  TACIoT: multidimensional trust-aware access control system for the Internet of Things , 2016, Soft Comput..

[26]  Cláudio T. Silva,et al.  Provenance for Computational Tasks: A Survey , 2008, Computing in Science & Engineering.

[27]  Maxim O. Kalinin,et al.  Role-Based Access Control for Vehicular Adhoc Networks , 2018, 2018 IEEE International Black Sea Conference on Communications and Networking (BlackSeaCom).

[28]  Elisa Bertino,et al.  Secure interoperation in a multidomain environment employing RBAC policies , 2005, IEEE Transactions on Knowledge and Data Engineering.

[29]  Raymond A. Paul,et al.  Data provenance in SOA: security, reliability, and integrity , 2007, Service Oriented Computing and Applications.

[30]  Farokh B. Bastani,et al.  Resource and Role Hierarchy Based Access Control for Resourceful Systems , 2018, 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC).