Authorization Framework for Secure Cloud Assisted Connected Cars and Vehicular Internet of Things Maanak Gupta and Ravi SandhuInstitute for Cyber Security

Authorization Framework for Secure Cloud Assisted
Connected Cars and Vehicular Internet of Things
Maanak Gupta and Ravi SandhuInstitute for Cyber Security (ICS),
Center for Security and Privacy Enhanced Cloud Computing (C-SPECC), Department of Computer Science, University of Texas at San Antonio Email: [email protected], [email protected]
ABSTRACTInternet of Things has become a predominant phenomenon in ev-
ery sphere of smart life. Connected Cars and Vehicular Internet of
Things, which involves communication and data exchange between
vehicles, traffic infrastructure or other entities are pivotal to realize
the vision of smart city and intelligent transportation. Vehicular
Cloud offers a promising architecture wherein storage and process-
ing capabilities of smart objects are utilized to provide on-the-fly
fog platform. Researchers have demonstrated vulnerabilities in this
emerging vehicular IoT ecosystem, where data has been stolen from
critical sensors and smart vehicles controlled remotely. Security
and privacy is important in Internet of Vehicles (IoV) where ac-
cess to electronic control units, applications and data in connected
cars should only be authorized to legitimate users, sensors or ve-
hicles. In this paper, we propose an authorization framework to
secure this dynamic system where interactions among entities is
not pre-defined. We provide an extended access control oriented
(E-ACO) architecture relevant to IoV and discuss the need of ve-
hicular clouds in this time and location sensitive environment. We
outline approaches to different access control models which can be
enforced at various layers of E-ACO architecture and in the autho-
rization framework. Finally, we discuss use cases to illustrate access
control requirements in our vision of cloud assisted connected cars
and vehicular IoT, and discuss possible research directions.
• Security and privacy ?Security requirements
;Access con-
trol ;Authorization ;
Access Control; Internet of Things; Vehicular Internet of Things;
Connected Cars; Vehicular Cloud; Internet of Vehicles; Big Data;
Attributes Based; Trust; Fog Computing; Cloud Computing ACM Reference Format:
Maanak Gupta and Ravi Sandhu. 2018. Authorization Framework for SecureCloud Assisted Connected Cars and Vehicular Internet of Things. In Pro- ceedings of 23rd ACM Symposium on Access Control Models and Technologies
Permission to make digital or hard copies of all or part of this work for personal orclassroom use is granted without fee provided that copies are not made or distributedfor profit or commercial advantage and that copies bear this notice and the full citationon the first page. Copyrights for components of this work owned by others than ACMmust be honored. Abstracting with credit is permitted. To copy otherwise, or republish,to post on servers or to redistribute to lists, requires prior specific permission and /or afee. Request permissions from [email protected]
SACMAT’18, June 13–15, 2018, Indianapolis, IN, USA
© 2018 Association for Computing Machinery.
ACM ISBN 978-1-4503-5666-4/18/06. . . $15.00 https://doi .org/10 .1145/3205977 .3205994
(SACMAT’18). ACM, New York, NY, USA, 12 pages. https://doi .org/10 .1145/ 3205977 .3205994
Internet of Things (IoT) is the new era of technology which en-
visions to make human lives smarter. The concept has attracted
wide applications and services in variety of domains including
health-care, homes, industry, transportation, power grids etc. The
magnitude of this technology is illustrated by the number of de-
vices which are estimated to be more than 20 billion by year 2020
32. The prime asset delivered by such massive interconnection
and networking of smart devices is Big Data, which is analyzed to
gather insights and deliver valuable information.
IoT requires the use of multiple technologies including identi-
fication (naming and addressing), sensing (sensor devices, RFID
tags etc.), communication technologies (Bluetooth, WiFi etc.), com-
putation technologies involving hardware or software platforms
like Cloud, multiple IoT services 35 and the applications which
provide functionalities to the end user 9,13,36. Several IoT archi-
tectures have been demonstrated to incorporate physical objects,
object abstraction (virtual objects), middleware or service, applica-
tion and business layers with variations in architecture stack and
nomenclature 9,13. Cloud computing is also an important domain
in today’s world which offers boundless applications and resources
(storage and compute) to multiple users. Therefore, the merger of
IoT and cloud is arguably indispensable to harness the full potential
of IoT smart objects which have limited storage, processing and
communication capabilities. The literature has recognized this desir-
able integration using terms such as cloud-assisted, cloud-enabled,
and cloud-centric IoT 8, 16, 18, 20, 21, 25, 50.
Smart cities and intelligent transportation has been a vision of
future society. IoT plays an important role to make transportation
smarter by introducing connected cars and vehicular communica-
tion. Vehicular IoT involves interaction and V2X data/messages ex-
change between several entities including vehicle to vehicle (V2V),
vehicle to road infrastructure (V2I), vehicle to human (V2H), intra-
vehicle, and vehicle to cloud (V2C). Vehicular Ad-hoc Networks
(VANETs) provide necessary connectivity which is extended with
use of smarter devices and cloud or fog infrastructures. Several
sensors in and around connected car ‘talk’ to each other for smarter
decisions and convenient transportation experience to user. Our
vision of vehicular IoT harness computation and storage capabilities
of cloud and the concept of virtual objects (e.g. AWS shadows 14).
Security and privacy have been a serious concern and challenge
for the adoption of IoT. The gravity of these issues is magnified


I'm Dora

Would you like to get a custom essay? How about receiving a customized one?

Check it out

I'm Barry!

Would you like to get a custom essay? How about receiving a customized one?

Check it out