Researchers develop identity and access management systems in order to prevent events like hijack and security breaches in smart vehicles.
Over the past decade, various advancements have been made to make vehicles smarter. These advancements have transformed a vehicle into a digital IoT system on wheels. With this, potential threats such as hijacking, data manipulation and other security threats increase.
Safety is a primary concern in smart automotive technologies. A Ph. D. student at the City University London is developing a security system that can prevent events like hijack and security breaches in smart vehicles.
Subhajit Bandopadhyay, studying for a Ph.D. under the supervision of Professor Muttukrishnan Rajarajan, director of the Institute for Cyber Security (ICS), are developing the SIUV—a stateful smart car identity and access management (IAM) system, based on usage control (UCON) and verifiable credentials (VCs).
SIUVs use usage control policies in order to issue privileges to drivers or applications (such as the deployment of air bags or speed limit control) according to their credentials or claims. These privileges are used to decide whether to allow access to the car or not. It also continuously monitors subject claims, resource attributes and environmental conditions such as time or location so that if a change is made. Moreover, the system can re-evaluate policies, provide updates or revoke issued privileges and usage decisions accordingly.
The claims within the credentials can be continuously evaluated in order to ensure that the vehicle is safe. According to the researchers, this work is vital in comprehensively taking care of the safety and security of the smart cars of the future.
The work is described in ICT Systems Security and Privacy Protection (2021).