TY - JOUR
T1 - An Attribute-Based Access Control for Cloud Enabled Industrial Smart Vehicles
AU - Gupta, Maanak
AU - Awaysheh, Feras M.
AU - Benson, James
AU - Alazab, Mamoun
AU - Patwa, Farhan
AU - Sandhu, Ravi
N1 - Publisher Copyright:
© 2005-2012 IEEE.
Copyright:
Copyright 2021 Elsevier B.V., All rights reserved.
PY - 2021/6
Y1 - 2021/6
N2 - Smart cities' vision will encompass connected industrial vehicles, which will offer data-driven and intelligent services to the user. Such interaction within dispersed connected objects are sometimes referred as the industrial Internet-of-Vehicles (IIoV). The prime motivation of an intelligent transportation system (ITS) is ensuring the safety of the drivers and offering a comfortable experience to the user. However, such complex infrastructures opens broad attack surfaces to the adversaries, which can remotely exploit and control the critical mechanics in the smart vehicles, including engine and brake systems. Security and privacy concerns are significant barriers to the wide adoption of this revolutionary technology that has to be addressed before a comprehensive implementation of the real vision of ITS. This article is a stepping stone to address access control issues in the IIoV ecosystem and propose a formal attribute-based access control system (referred to ITS-ABAC\mathrm{_G}). The proposed model introduces the notion of groups, which are assigned to various smart entities based on the different attributes. It also offers the implementation of fine-grained security policies and considers individualized privacy preferences along with system-wide policies to accept or reject notification, alerts, and advertisements from different participating smart entities. We present the prototype implementation of our proposed model in the Amazon Web Services IoT platform together with extensive performance to reflect the practicality and wide-scale adoption of the proposed system.
AB - Smart cities' vision will encompass connected industrial vehicles, which will offer data-driven and intelligent services to the user. Such interaction within dispersed connected objects are sometimes referred as the industrial Internet-of-Vehicles (IIoV). The prime motivation of an intelligent transportation system (ITS) is ensuring the safety of the drivers and offering a comfortable experience to the user. However, such complex infrastructures opens broad attack surfaces to the adversaries, which can remotely exploit and control the critical mechanics in the smart vehicles, including engine and brake systems. Security and privacy concerns are significant barriers to the wide adoption of this revolutionary technology that has to be addressed before a comprehensive implementation of the real vision of ITS. This article is a stepping stone to address access control issues in the IIoV ecosystem and propose a formal attribute-based access control system (referred to ITS-ABAC\mathrm{_G}). The proposed model introduces the notion of groups, which are assigned to various smart entities based on the different attributes. It also offers the implementation of fine-grained security policies and considers individualized privacy preferences along with system-wide policies to accept or reject notification, alerts, and advertisements from different participating smart entities. We present the prototype implementation of our proposed model in the Amazon Web Services IoT platform together with extensive performance to reflect the practicality and wide-scale adoption of the proposed system.
KW - Attribute-based access control (ABAC)
KW - cloud computing
KW - Industrial Internet-of-Vehicles (IIoV)
KW - Intelligent Transportation System (ITS)
KW - privacy
KW - security policies
KW - smart-connected vehicles
UR - http://www.scopus.com/inward/record.url?scp=85102341398&partnerID=8YFLogxK
U2 - 10.1109/TII.2020.3022759
DO - 10.1109/TII.2020.3022759
M3 - Article
AN - SCOPUS:85102341398
SN - 1551-3203
VL - 17
SP - 4288
EP - 4297
JO - IEEE Transactions on Industrial Informatics
JF - IEEE Transactions on Industrial Informatics
IS - 6
M1 - 9187899
ER -