skip to main content
10.1145/3538969.3543792acmotherconferencesArticle/Chapter ViewAbstractPublication PagesaresConference Proceedingsconference-collections
research-article

Distributed Enforcement of Access Control policies in Intelligent Transportation System (ITS) for Situation Awareness

Published: 23 August 2022 Publication History

Abstract

Intelligent Transport Systems (ITS) are crucial to support Situation Awareness (SA), which aims to keep a safe and efficient driving experience. While promising, ITS use for SA brings several security challenges, including enforcing access control policies in distributed environments with stringent computational constraints in terms of availability, consistency, and latency. Consequently, traditional mechanisms used to enforce authorization policies cannot be reused off-the-shelf but need to be carefully adapted to the particular requirements and minimize the overhead of access control enforcement. In this paper, we propose a distributed architecture for access control enforcement for ITS capable of satisfying the requirements of SA scenarios based on the idea of dynamically compiling a high-level specification of access control policies (written in the Attribute-Based Access Control model) into a set of low-level Access Control Lists that are easier to enforce. We discuss how to realize it by reusing well-known techniques developed in the field of distributed systems. To evaluate the applicability of the proposed approach, we build a prototype that we use to conduct an experimental evaluation in the context of two practical use case scenarios.

References

[1]
Tahir Ahmad, Umberto Morelli, and Silvio Ranise. 2020. Deploying Access Control Enforcement for IoT in the Cloud-Edge Continuum with the help of the CAP Theorem. In Proceedings of the 25th ACM Symposium on Access Control Models and Technologies. 213–220.
[2]
Tahir Ahmad, Umberto Morelli, Silvio Ranise, and Nicola Zannone. 2018. A lazy approach to access control as a service (ACaaS) for IoT: an AWS case study. In Proceedings of the 23nd ACM on Symposium on Access Control Models and Technologies. 235–246.
[3]
Tahir Ahmad, Umberto Morelli, Silvio Ranise, and Nicola Zannone. 2021. Extending access control in AWS IoT through event-driven functions: an experimental evaluation using a smart lock system. International Journal of Information Security (2021), 1–30.
[4]
Sami S Albouq and Erik M Fredericks. 2017. Securing communication between service providers and road side units in a connected vehicle infrastructure. In 2017 IEEE 16th International Symposium on Network Computing and Applications (NCA). IEEE, 1–5.
[5]
Aljawharah Alnasser, Hongjian Sun, and Jing Jiang. 2019. Cyber security challenges and solutions for V2X communications: A survey. Computer Networks 151(2019), 52–67.
[6]
Peter Bailis and Ali Ghodsi. 2013. Eventual Consistency Today: Limitations, Extensions, and Beyond: How can applications be built on eventually consistent infrastructure given no guarantee of safety?Queue 11, 3 (2013), 20–32.
[7]
Andrew Banks, Ed Briggs, Ken Borgendale, and Rahul Gupta. 2019. MQTT Version 5.0. Technical Report. OASIS. https://docs.oasis-open.org/mqtt/mqtt/v5.0/mqtt-v5.0.html
[8]
Andrew Banks and Rahul Gupta. 2015. MQTT Version 3.1.1 Plus Errata 01. Technical Report. OASIS. https://docs.oasis-open.org/mqtt/mqtt/v3.1.1/mqtt-v3.1.1.html
[9]
Smriti Bhatt and Ravi Sandhu. 2020. Abac-cc: Attribute-based access control and communication control for internet of things. In Proceedings of the 25th ACM Symposium on Access Control Models and Technologies. 203–212.
[10]
Claudia Campolo, Antonella Molinaro, Antoine O Berthet, and Alexey Vinel. 2019. On latency and reliability of road hazard warnings over the cellular V2X sidelink interface. IEEE Communications Letters 23, 11 (2019), 2135–2138.
[11]
Ali Dorri, Marco Steger, Salil S Kanhere, and Raja Jurdak. 2017. Blockchain: A distributed solution to automotive security and privacy. IEEE Communications Magazine 55, 12 (2017), 119–125.
[12]
Edlira Dushku, Md Masoom Rabbani, Mauro Conti, Luigi V Mancini, and Silvio Ranise. 2020. SARA: Secure asynchronous remote attestation for IoT systems. IEEE Transactions on Information Forensics and Security 15 (2020), 3123–3136.
[13]
David Ferraiolo, Ramaswamy Chandramouli, Rick Kuhn, and Vincent Hu. 2016. Extensible access control markup language (XACML) and next generation access control (NGAC). In Proceedings of the 2016 ACM International Workshop on Attribute Based Access Control. 13–24.
[14]
David Ferraiolo, Serban Gavrila, and Gopi Katwala. 2018. A System for Centralized ABAC Policy Administration and Local ABAC Policy Decision and Enforcement in Host Systems using Access Control Lists. In Proceedings of the Third ACM Workshop on Attribute-Based Access Control. 35–42.
[15]
Keyvan Golestan, Ridha Soua, Fakhri Karray, and Mohamed S Kamel. 2016. Situation awareness within the context of connected cars: A comprehensive review and recent trends. Information Fusion 29(2016), 68–83.
[16]
Maanak Gupta and Ravi Sandhu. 2018. Authorization framework for secure cloud assisted connected cars and vehicular internet of things. In Proceedings of the 23nd ACM on symposium on access control models and technologies. 193–204.
[17]
Sergio Gusmeroli, Salvatore Piccione, and Domenico Rotondi. 2013. A capability-based security approach to manage access control in the internet of things. Mathematical and Computer Modelling 58, 5-6 (2013), 1189–1205.
[18]
Sonia Jahid, Carl A Gunter, Imranul Hoque, and Hamed Okhravi. 2011. MyABDAC: compiling XACML policies for attribute-based database access control. In Proceedings of the first ACM conference on Data and application security and privacy. 97–108.
[19]
Leslie Lamport. 2019. Time, clocks, and the ordering of events in a distributed system. In Concurrency: the Works of Leslie Lamport. 179–196.
[20]
Louis Marinos. 2017. Security Concerns in Cooperative Intelligent Transportation Systems. In Intrusion Detection and Prevention for Mobile Ecosystems. CRC Press, 487–522.
[21]
DL Mills. 1985. RFC0958: Network Time Protocol (NTP).
[22]
Sowmya Ravidas, Priyanka Karkhanis, Yanja Dajsuren, and Nicola Zannone. 2019. An authorization framework for cooperative intelligent transport systems. In International Workshop on Emerging Technologies for Authorization and Authentication. Springer, 16–34.
[23]
Sowmya Ravidas, Alexios Lekidis, Federica Paci, and Nicola Zannone. 2019. Access control in Internet-of-Things: A survey. Journal of Network and Computer Applications 144 (2019), 79–101.
[24]
Paul M Salmon, Neville A Stanton, and Kristie Lee Young. 2012. Situation awareness on the road: review, theoretical and methodological issues, and future directions. Theoretical Issues in Ergonomics Science 13, 4 (2012), 472–492.
[25]
Stavros Salonikias, Ioannis Mavridis, and Dimitris Gritzalis. 2015. Access control issues in utilizing fog computing for transport infrastructure. In International Conference on Critical Information Infrastructures Security. Springer, 15–26.
[26]
Pierangela Samarati and Sabrina Capitani de Vimercati. 2000. Access control: Policies, models, and mechanisms. In International School on Foundations of Security Analysis and Design. Springer, 137–196.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
ARES '22: Proceedings of the 17th International Conference on Availability, Reliability and Security
August 2022
1371 pages
ISBN:9781450396707
DOI:10.1145/3538969
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 23 August 2022

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Access Control
  2. Access Control List
  3. Attribute-based Access Control
  4. Intelligent Transport System
  5. MQTT

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Conference

ARES 2022

Acceptance Rates

Overall Acceptance Rate 228 of 451 submissions, 51%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 96
    Total Downloads
  • Downloads (Last 12 months)22
  • Downloads (Last 6 weeks)2
Reflects downloads up to 20 Feb 2025

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media