A survey on security and privacy issues in IoV

As an up-and-coming branch of the internet of things, internet of vehicles (IoV) is imagined to fill in as a fundamental information detecting and processing platform for astute transportation frameworks. Today, vehicles are progressively being associated with the internet of things which empower them to give pervasive access to data to drivers and travelers while moving. Be that as it may, as the quantity of associated vehicles continues expanding, new prerequisites, (for example, consistent, secure, vigorous, versatile data trade among vehicles, people, and side of the road frameworks) of vehicular systems are developing. Right now, the unique idea of vehicular specially appointed systems is being changed into another idea called the internet of vehicles (IoV). We talk about the issues faced in implementing a secure IoV architecture. We examine the various challenges in implementing security and privacy in IoV by reviewing past papers along with pointing out research gaps and possible future work and putting forth our on inferences relating to each paper

Knot Flow Classification and its Applications in Vehicular Ad-Hoc Networks (VANET)

Intrusion detection systems (IDSs) play a crucial role in the identification and mitigation for attacks on host systems. Of these systems, vehicular ad hoc networks (VANETs) are difficult to protect due to the dynamic nature of their clients and their necessity for constant interaction with their respective cyber-physical systems. Currently, there is a need for a VANET-specific IDS that meets this criterion. To this end, a spline-based intrusion detection system has been pioneered as a solution. By combining clustering with spline-based general linear model classification, this knot flow classification method (KFC) allows for robust intrusion detection to occur. Due its design and the manner it is constructed, KFC holds great potential for implementation across a distributed system. The purpose of this thesis was to explain and extrapolate the afore mentioned IDS, highlight its effectiveness, and discuss the conceptual design of the distributed system for use in future research

Sustainable Adoption of Connected Vehicles in the Brazilian Landscape: Policies, Technical Specifications and Challenges

This review addresses the intervehicular communication in Connected Vehicles (CV) by emphasizing V2V (vehicle-to-vehicle) and V2I (vehicle-to-infrastructure) communications in terms of evolution, current standards, state-of-the-art studies, embedded devices, simulation, trends, challenges, and relevant legislation. This review is based on studies conducted from 2009 to 2019, government reports about the sustainable deployment of these technologies and their adoption in the Brazilian automotive market. Moreover, WAVE (Wireless Access in Vehicular Environment) and DSRC (Dedicated Short-range Communication) standards, the performance analysis of communication parameters and intervehicular available at the market are also described. The current status of ITS (Intelligent Transportation System) development in Brazil was reviewed, as well as the research institutes and governmental actions focused on introducing the concept of connected vehicles into the society. The Brazilian outlook for technological adoption concerning CVs was also discussed. Moreover, challenges related to technical aspects, safety and environmental issues, and the standardization for vehicle communication are also described. Finally, this review highlights the challenges and proposals from available technologies devoted to the roads and vehicular infrastructure communication, their evolution and upcoming trends

Privacy and trust in the internet of vehicles

The Internet of Vehicles aims to fundamentally improve transportation by connecting vehicles, drivers, passengers, and service providers together. Several new services such as parking space identification, platooning and intersection control--to name just a few--are expected to improve traffic congestion, reduce pollution, and improve the efficiency, safety and logistics of transportation. Proposed end-user services, however, make extensive use of private information with little consideration for the impact on users and third parties (those individuals whose information is indirectly involved). This article provides the first comprehensive overview of privacy and trust issues in the Internet of Vehicles at the service level. Various concerns over privacy are formalised into four basic categories: personal information privacy, multi-party privacy, trust, and consent to share information. To help analyse services and to facilitate future research, the main relevant end-user services are taxonomised according to voluntary and involuntary information they require and produce. Finally, this work identifies several open research problems and highlights general approaches to address them. These especially relate to measuring the trade-off between privacy and service functionality, automated consent negotiation, trust towards the IoV and its individual services, and identifying and resolving multi-party privacy conflicts

HoBAC : famille de modèles de contrôle d'accès généralisant ABAC

RÉSUMÉ: L'environnement dynamique est l'une des principales caractéristiques de l'Internet des Objets ou Internet of Things (IoT), garantir et assurer la sécurité dans un tel environnement est simultanément une tâche primordiale et qui représente un grand défi. L'un des aspects essentiels de la sécurité de données est le contrôle d'accès, ce mécanisme vise à contrôler l'accès à l'information en fonction des stratégies d'accès spécifiques afin d'empêcher tout accès illégitime. Différents modèles de contrôle d'accès ont été proposés pour restreindre l'accès aux données des dispositifs IoT. AttributeBased Access Control (ABAC) est l'un des modèles et des normes qui ont reçu une attention significative au cours de ces dernières années. Dans ce modèle, les demandes d'accès des utilisateurs seront accordées ou refusées en fonction de différents attributs (attributs attribués aux objets, aux sujets et aux conditions environnementales) et d'un ensemble de règles spécifiées en fonction de ces attributs et conditions. Donc, les droits d'autorisations dans ABAC sont octroyés aux utilisateurs à travers une politique qui combine des attributs provenant principalement des objets, des sujets et des contextes. Il est à noter que différents modèles visant l'extension de ABAC ont été suggérés. Cependant, les politiques d'accès qui peuvent être générées de ces approches restent restrictives et peu flexibles, cela représente une limitation majeure en particulier dans le contexte IoT. Ce projet de recherche est motivé par les opportunités prometteuses du mécanisme de contrôle d'accès qui est l'un des aspects de sécurité essentiels et critiques permettant de contrôler l'accès aux ressources protégées par la définition d'une politique qui précise notamment les conditions dans lesquelles une ressource peut être accédée par un utilisateur. En effet, dans ce mémoire, nous tirons parti des limitations des différents modèles de contrôle d'accès qui ont été proposés pour l'IoT en général et les modèles visant l'extension du modèle ABAC en particulier afin de proposer un nouveau modèle de contrôle d'accès nommé Higher-order Attribute-Based Access Control (HoBAC). HoBAC est un nouveau modèle de contrôle d'accès qui est une généralisation du modèle ABAC. Ce nouveau modèle permet de mettre en oeuvre des politiques de contrôle d'accès flexibles, adaptées aux systèmes IoT et non IoT basées sur des hiérarchies d'entités (objets, sujets et contextes) construites à l'aide de la composition fine et les opérations d'agrégations sur les attributs. Ce mécanisme d'abstraction représente une couche de sécurité supplémentaire qui permet d'assurer la sécurité des données en empêchant la manipulation directe des sujets, des objets et des contextes de bas niveau. Ce travail de recherche présente les fondements théoriques de HoBAC et introduit également son architecture générale. Deux instances du modèle théorique sont présentées dans ce mémoire dont la première instanciation génère le modèle ABAC d'origine et la deuxième génère un modèle de contrôle d'accès à quatre couches qui convient aux systèmes IoT où la politique est distribuée à travers les différentes couches (périphériques IoT, la couche Edge, la couche Fog et la couche Cloud), ces instances permettent de montrer la flexibilité de notre modèle et qu'il est assez général pour exprimer différentes politiques de contrôle d'accès. Afin de montrer l'applicabilité des concepts de base du modèle HoBAC et ses relations, nous avons créé une application Web pour l'administration de sa politique d'accès. Ainsi, nous avons implémenté l'instanciation du modèle HoBAC de base (HoBAC0) en utilisant la Policy Machine (PM) afin d'appliquer sa politique d'accès qui correspond au modèle ABAC. -- Mot(s) clé(s) en français : IoT, Sécurité, Contrôle d'accès, ABAC. -- ABSTRACT: The dynamic environment is one of the characteristics of the Internet of Things (IoT), ensuring security in such environment is a prominent and challenging task at the same time. One of the vital aspects of data security is Access Control, it intends to control access to information based on access policies in order to prevent any illegitimate access. Different access control models have been proposed to restrict access to data of IoT devices. Attribute-Based Access Control (ABAC) is one of the most promising access control models and standards which has received meaningful attention in recent years. In this model, the access requests from users will be granted or denied based on different attributes (attributes assigned to objects, to subjects and environmental conditions) and a specified set of rules based on those attributes and conditions. Therefore, the access rights in ABAC are granted to users through a policy which combines a set of attributes which comes mainly from objects, subjects and contexts. It should be noted that several models that extend the ABAC model have been suggested. However, the access policies that can be generated from these approaches remain restrictive and they are not very flexible, this represents a major limitation especially in the IoT context. This research project is motivated by the promising opportunities of the access control mechanism which is one of the essential and critical aspects of security that can control access to protected resources by the definition of policies that dictate the conditions under which a resource may be accessed by a user. Indeed, in this thesis, we take advantage of the limitations of the different access control models that have been proposed for IoT in general and the models extending the ABAC model in particular in order to propose a new access control model named Higher-order Attribute-Based Access Control (HoBAC). HoBAC is a new access control model that is a generalization of the original ABAC model. This new model makes it possible to implement flexible access control policies adapted to IoT and non-IoT systems based on hierarchies of entities (objects, subjects and contexts) built using fine composition and aggregation operations on the attributes. This abstraction mechanism is by itself an additional security layer that ensures data security by preventing direct manipulation of the low-level objects, subjects and contexts. This research work presents the theoretical foundations of HoBAC and introduces its general architecture. Two instances of the theoretical model are presented in this thesis, The first instantiation yields the original ABAC model and the second instance yields a four-layer AC model that is suitable for IoT systems where the policy is distributed through the different layers (sensors, edge, fog and cloud). These instances show the flexibility of our model and that it is general enough to express different access control policies. In order to show the applicability of the main concepts of HoBAC model and their relationships, we have created a Web application for administration of its access policy. Thus, we have implemented the instantiation of the basic HoBAC model (HoBAC0) using the Policy Machine (PM) in order to apply its access control policy which is equivalent to the ABAC model. -- Mot(s) clé(s) en anglais : IoT, Security, Access Control, ABAC

Business impact, risks and controls associated with the internet of things

Thesis (MCom)--Stellenbosch University, 2017.ENGLISH SUMMARY : Modern businesses need to keep up with the ever-evolving state of technology to determine how a change in technology will affect their operations. Adopting Internet of Things to operations will assist businesses in achieving the goals set by management and, through data integration, add additional value to information. With the Internet of Things forming a global communication network, data is gathered in real time by sensor technologies embedded in uniquely identifiable virtual and physical objects. This data gathered are integrated and analysed to extract knowledge, in order to provide services like inventory management, customised customer service and elearning as well as accurate patient records. This integrated information will generate value for businesses by, inter alia, improving the quality of information and business operations. Business may be quick to adopt the Internet of Things into their operations because of the promised benefits, without fully understanding its enabling technologies. It is important that businesses acquire knowledge of the impact that these technologies will have on their operations as well as the risks associated with the use of these technologies before they deploy the Internet of Things in their business environment. The purpose of this study was to identify the business impact, risks and controls associated with the Internet of Things and its enabling technologies. Through the understanding of the enabling technologies of Internet of Things, the possible uses and impact on business operations can be identified. With the help of a control framework, the understanding gained on the technologies were used to identify the risks associated with them. The study concludes by formulating internal controls to address the identified risks. It was found that the core technologies (smart objects, wireless networks and semantic technologies) adopt humanlike characteristics and convert most manual business operations into autonomous operations, leading to increased business productivity, market differentiation, cost reduction and higher-quality information. The identified risks centred on data integrity, privacy and confidentiality, authenticity, unauthorised access, network availability and semantic technology vulnerabilities. A multi-layered approach of technical and non-technical internal controls were formulated to mitigate the identified risks to an acceptable level. The findings will assist information technology specialists and executive management of industries to identify the risks associated with the implementation of Internet of Things in operations, mitigate the risks to an acceptable level through controls as well as assist them to determine the possible uses and its impact on operations.AFRIKAANSE OPSOMMING : Moderne ondernemings moet tred hou met die voortdurende ontwikkeling van tegnologie om te bepaal hoe ʼn verandering in tegnologie hulle bedrywighede sal beïnvloed. Inkorporering van Internet van Dinge in bedrywighede sal besighede help om die doelwitte wat deur bestuur gestel is te bereik en, deur data integrasie, additionele waarde te voeg tot inligting. Met Internet van Dinge wat ʼn globale kommunikasienetwerk vorm, word data in regte tyd versamel deur ensortegnologieë wat ingebed is in unieke identifiseerbare virtuele en fisiese voorwerpe. Hierdie versamelde data word geïntegreer en ontleed om kennis te onttrek om sodoende dienste te lewer, soos voorraadbestuur, pasgemaakte kliëntediens en e-leer sowel as akkurate pasiënt rekords. Hierdie geïntegreerde inligting sal waarde genereer vir ondernemings deur, inter alia, die gehalte van inligting en sakebedrywighede te verbeter. Ondernemings mag vinnig Internet van Dinge in hulle bedrywighede inkorporeer as gevolg van die beloofde voordele, sonder om die instaatstellende tegnologieë ten volle te verstaan. Dit is belangrik dat ondernemings kennis inwin oor die impak wat hierdie tegnologieë sal hê op hulle bedrywighede sowel as die risiko’s wat geassosieer word met die gebruik van hierdie tegnologieë voordat Internet van Dinge in hulle sakeomgewings ontplooi word. Die doel van hierdie studie was om die besigheidsimpak, risko’s en kontroles wat geassosieer word met Internet van Dinge en die instaatstellende tegnologieë te identifiseer. Deur die instaatstellende tegnologieë van Internet van Dinge te verstaan, kan die moontlike gebruike en impak daarvan op sakebedrywighede geïdentifiseer word. Met behulp van ʼn kontroleraamwerk, is die begrip van die tegnologieë gebruik om die risiko’s wat geassosieer word met hulle te identifiseer. Die studie sluit af met die formulering van interne kontroles om die geïdentifiseerde risko’s aan te spreek. Daar is gevind dat die kerrntegnologiekomponente (slim voorwerpe, draadlose netwerke en semantiese tegnologieë) menslike eienskappe aanneem en die meeste handsakebedrywighede omskakel na outonome bedrywighede, wat lei tot verhoogte sakeproduktiwiteit, markdifferensiasie, kostebesparing en hoërgehalte-inligting. Die geïdentifiseerde risiko’s is toegespits op data integriteit, -privaatheid en - vertroulikheid, egtheid, ongemagtigde toegang, netwerkbeskikbaarheid en semantiese tegnologiekwesbaarhede. ʼn Multilaagbenadering van tegniese en nie-tegniese interne kontroles is geformuleer, om sodoende die geïdentifiseerde risiko’s tot ʼn aanvaarbare vlak te versag. Die bevindinge sal inligtingstegnologie-spesialiste en uitvoerende bestuur van industrieë help om die risiko’s verbonde aan implementering van Internet van Dinge te identifiseer, risko’s te versag tot ʼn aanvaarbare vlak met kontroles sowel as hulle te help om moontlike gebruike en hulle impak op bedrywighede vas te stel

The r-evolution of driving: from Connected Vehicles to Coordinated Automated Road Transport (C-ART)

Connected and automated vehicles could revolutionise road transport. New traffic management approaches may become necessary, especially in light of a potential increase in travel demand. Coordinated Automated Road Transport (C-ART) is presented as a novel approach that stakeholders may consider for an eventual full realisation of a safe and efficient mobility system.JRC.C.4-Sustainable Transpor