Skip to main page content
U.S. flag

An official website of the United States government

Dot gov

The .gov means it’s official.
Federal government websites often end in .gov or .mil. Before sharing sensitive information, make sure you’re on a federal government site.

Https

The site is secure.
The https:// ensures that you are connecting to the official website and that any information you provide is encrypted and transmitted securely.

Access keys NCBI Homepage MyNCBI Homepage Main Content Main Navigation
. 2023 Feb 4;23(4):1763.
doi: 10.3390/s23041763.

XACML for Mobility (XACML4M)-An Access Control Framework for Connected Vehicles

Ashish Ashutosh  1   2 Armin Gerl  2 Simon Wagner  2 Lionel Brunie  1 Harald Kosch  2
Affiliations

XACML for Mobility (XACML4M)-An Access Control Framework for Connected Vehicles

Ashish Ashutosh et al. Sensors (Basel). .

Abstract

The automotive industry is experiencing a transformation with the rapid integration of software-based systems inside vehicles, which are complex systems with multiple sensors. The use of vehicle sensor data has enabled vehicles to communicate with other entities in the connected vehicle ecosystem, such as the cloud, road infrastructure, other vehicles, pedestrians, and smart grids, using either cellular or wireless networks. This vehicle data are distributed, private, and vulnerable, which can compromise the safety and security of vehicles and their passengers. It is therefore necessary to design an access control mechanism around the vehicle data's unique attributes and distributed nature. Since connected vehicles operate in a highly dynamic environment, it is important to consider context information such as location, time, and frequency when designing a fine-grained access control mechanism. This leads to our research question: How can Attribute-Based Access Control (ABAC) fulfill connected vehicle requirements of Signal Access Control (SAC), Time-Based Access Control (TBAC), Location-Based Access Control (LBAC), and Frequency-Based Access Control (FBAC)? To address the issue, we propose a data flow model based on Attribute-Based Access Control (ABAC) called eXtensible Access Control Markup Language for Mobility (XACML4M). XACML4M adds additional components to the standard eXtensible Access Control Markup Language (XACML) to satisfy the identified requirements of SAC, TBAC, LBAC, and FBAC in connected vehicles. Specifically, these are: Vehicle Data Environment (VDE) integrated with Policy Enforcement Point (PEP), Time Extensions, GeoLocation Provider, Polling Frequency Provider, and Access Log Service. We implement a prototype based on these four requirements on a Raspberry Pi 4 and present a proof-of-concept for a real-world use case. We then perform a functional evaluation based on the authorization policies to validate the XACML4M data flow model. Finally, we conclude that our proposed XACML4M data flow model can fulfill all four of our identified requirements for connected vehicles.

Keywords: ABAC; V2X; XACML; access control; connected vehicles; frequency; location; time.

PubMed Disclaimer

Conflict of interest statement

The authors declare no conflict of interest.

Figures

Figure 1
Figure 1
Use Case—Vehicle-to-Cloud (V2C) communication between the SmartSurance application installed in the vehicle and the SmartSurance service in the cloud.
Figure 2
Figure 2
Access Control Flow for Signal Access Control (SAC)—GPS data access is authorized and engine data access is restricted.
Figure 3
Figure 3
Access Control Flow for Time-Based Access Control (TBAC)—Access request at 2 AM, which is within the allowed time period of 8 PM to 8 AM, is granted, otherwise, it is denied.
Figure 4
Figure 4
Access Control Flow for Location-Based Access Control (LBAC)—Access request within the city limits of Passau is granted, otherwise, it is denied.
Figure 5
Figure 5
Access Control Flow for Frequency-Based Access Control (FBAC)—Access request frequency when >=33 ms is granted, otherwise, it is denied.
Figure 6
Figure 6
XACML4M Data Flow Model (based on XACML data flow model [21])—components added specifically to automotive requirements are highlighted.
Figure 7
Figure 7
XACML4M access control enforcement message flow.
Figure 8
Figure 8
Functional Evaluation—Location-based Access Control (access denied when inside the town of Haiden, as defined by a polygon) tested on the SmartSurance Application.
Figure 9
Figure 9
Functional Evaluation—Time-based Access Control (access denied between 05:05 PM–8:00 PM) tested on the SmartSurance Application.
Figure 10
Figure 10
Functional Evaluation—Frequency-Based Access (access granted every 1000 ms) tested on the SmartSurance Application [47].
See this image and copyright information in PMC

References

    1. Collingwood L. Privacy implications and liability issues of autonomous vehicles. Inf. Commun. Technol. Law. 2017;26:32–45. doi: 10.1080/13600834.2017.1269871. - DOI
    1. Miller C., Valasek C. Remote exploitation of an unaltered passenger vehicle; Proceedings of the Black Hat USA; Las Vegas, NV, USA. 1–4 August 2015;
    1. Pesé M.D., Shin K.G. Survey of Automotive Privacy Regulations and Privacy-Related Attacks. SAE Technical Paper; SAE International; Warrendale, PA, USA: 2019. - DOI
    1. Krontiris I., Grammenou K., Terzidou K., Zacharopoulou M., Tsikintikou M., Baladima F., Sakellari C., Kaouras K. Autonomous Vehicles: Data Protection and Ethical Considerations; Proceedings of the Computer Science in Cars Symposium, CSCS ’20; Feldkirchen, Germany. 2 December 2020; New York, NY, USA: Association for Computing Machinery; 2020. - DOI
    1. Rumez M., Duda A., Gründer P., Kriesten R., Sax E. Integration of Attribute-based Access Control into Automotive Architectures; Proceedings of the 2019 IEEE Intelligent Vehicles Symposium (IV); Paris, France. 9–12 June 2019; pp. 1916–1922. - DOI