Abstract
The growing relevance of vehicular applications like media player, navigation system, or speedometer using graphical presentation has lead to an increasing number of displays in modernf cars. This effectuates the desire for flexible sharing of all the available displays between several applications. However, automotive requirements include many regulations to avoid driver distraction to ensure safety. To allow for safe sharing of the available screen surface between the many safety-critical and non-safety-critical applications, adequate access control systems are required. We use the notion of contexts to dynamically determine, which application is allowed to access which display area. A context can be derived from vehicle sensors (e.g., the current speed), or be an application-specific state (e.g., which menu item is selected). We propose an access control model that is inherently aware of the context of the car and the applications. It provides delegation of access rights to display areas by applications. We implemented a proof-of-concept implementation that demonstrates the feasibility of our concept and evaluated the latency introduced by access control. Our results show that the delay reacting on dynamic context changes is small enough for automotive scenarios.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Bell, D.E., Lapadula, L.J.: Secure computer system: unified exposition and MULTICS interpretation. Technical report ESD-TR-75-306 (1976)
Bhatti, R., et al.: A trust-based context-aware access control model for web-services. In: Proceedings, International Conference on Web Services (2004)
Broy, M., Kruger, I., Pretschner, A., Salzmann, C.: Engineering automotive software. Proc. IEEE 95(2), 356–373 (2007)
Corradi, A., et al.: Context-based access control for ubiquitous service provisioning. In: Proceedings of the 28th COMPSAC (2004)
Corradi, A., et al.: Context-based access control management in ubiquitous environments. In: Proceedings of the 3rd NCA (2004)
Epstein, J., et al.: A prototype B3 trusted X window system. In: Proceedings of the 7th Annual Computer Security Applications Conference (1991)
ESOP: on safe and efficient in-vehicle information and communication systems: update of the European statement of principles on human-machine interface. Commission of the European Communities (2008)
Feske, N., Helmuth, C.: Overlay window management: user interaction with multiple security domains (2004)
Feske, N., Helmuth, C.: A nitpicker’s guide to a minimal-complexity secure GUI. In: Proceedings of the 21st ACSAC, December 2005
Gansel, S., et al.: An access control concept for novel automotive HMI systems. In: Proceedings of the 19th SACMAT (2014)
Gansel, S., Schnitzer, S., Dürr, F., Rothermel, K., Maihöfer, C.: Towards virtualization concepts for novel automotive HMI systems. In: Schirner, G., Götz, M., Rettberg, A., Zanella, M.C., Rammig, F.J. (eds.) IESS 2013. IFIP AICT, vol. 403, pp. 193–204. Springer, Heidelberg (2013)
Hansen, J.G.: Blink: advanced display multiplexing for virtualized applications. In: Proceedings of the 17th NOSSDAV (2007)
Herges, D., et al.: Ginger: an access control framework for telematics applications. In: Processing of the 11th TrustCom (2012)
Hong-Yue, L., Miao-Lei, D., Wei-Dong, Y.: A context-aware fine-grained access control model. In: Computer Science Service System (CSSS) (2012)
ISO 26262: Road vehicles - functional safety. ISO, Geneva, CH, November 2011
Janker, H.: Straßenverkehrsrecht: StVG, StVO, StVZO, Fahrzeug-ZulassungsVO, Fahrerlaubnis-VO, Verkehrszeichen. Bußgeldkatalog, Beck (2011)
Kouadri Mostéfaoui, G., Brézillon, P.: A generic framework for context-based distributed authorizations. In: Blackburn, P., Ghidini, C., Turner, R.M., Giunchiglia, F. (eds.) CONTEXT 2003. LNCS, vol. 2680, pp. 204–217. Springer, Heidelberg (2003)
Schilit, B., Theimer, M.: Disseminating active map information to mobile hosts. IEEE Netw. 8(5), 22–32 (1994)
Strembeck, M., et al.: An integrated approach to engineer and enforce context constraints in RBAC environments. ACM Trans. Inf. Syst. Secur. 7(3), 392–427 (2004)
Acknowledgement
This paper has been supported in part by the ARAMiS project of the German Federal Ministry for Education and Research with funding ID 01IS11035.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Gansel, S. et al. (2015). Context-Aware Access Control in Novel Automotive HMI Systems. In: Jajoda, S., Mazumdar, C. (eds) Information Systems Security. ICISS 2015. Lecture Notes in Computer Science(), vol 9478. Springer, Cham. https://doi.org/10.1007/978-3-319-26961-0_8
Download citation
DOI: https://doi.org/10.1007/978-3-319-26961-0_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26960-3
Online ISBN: 978-3-319-26961-0
eBook Packages: Computer ScienceComputer Science (R0)