This content is not included in your SAE MOBILUS subscription, or you are not logged in.
Introducing Attribute-Based Access Control to AUTOSAR
ISSN: 0148-7191, e-ISSN: 2688-3627
Published April 05, 2016 by SAE International in United States
Annotation ability available
Cyber security concerns in the automotive industry have been constantly increasing as automobiles are more computerized and networked. AUTOSAR is the standard architecture for automotive software development, addressing various aspects including security. The current version of AUTOSAR is concerned with only cryptography-based security for secure authentication at the communication level. However, there has been an increasing need for authorization security to control access on software resources such as data and services in the automobile. In this paper, we introduce attribute-based access control (ABAC) to AUTOSAR to address authorization in automotive software.
CitationKim, D., Song, E., and Yu, H., "Introducing Attribute-Based Access Control to AUTOSAR," SAE Technical Paper 2016-01-0069, 2016, https://doi.org/10.4271/2016-01-0069.
- AUTOSAR. AUTomotive Open System Architecture.
- Schneider D.. Jeep Hacking 101. [Online]. http://spectrum.ieee.org/cars-that-think/transportation/systems/jeep-hacking-101
- Harris M.. Researcher Hacks Self-driving Car Sensors. [Online]. http://spectrum.ieee.org/cars-that-think/transportation/self-driving/researcher-hacks-selfdriving-car-sensors
- Markey ED, "Tracking & Hacking: Security & Privacy Gaps Put American Drivers at Risk," 2015.
- Wolf Marko, Weimerskirch Andre, and Wollinger Thomas, "State of the Art: Embedding Security in Vehicles," EURASIP Journal on Embedded Systems, p. 16, 2007.
- Kuhn D. Richard, Coyne Edward J., and Weil Timothy R., "Adding Attributes to Role-Based Access Control," IEEE Computer, vol. 43, no. 6, pp. 79 -- 81, 2010.
- Kim Sangsig, Kim Dae-Kyoo, Kim Suntae, and Park Sooyong, "A feature-based approach for modeling role-based access control systems," Journal of Systems & Software, vol. 84, no. 12, pp. 2035-2052, 2011.
- Hu V. C. et al., "Guide to attribute based access control (ABAC) definition and considerations (draft)," NIST Special Publication, vol. 800, no. 162, 2013.
- OASIS Standard, Adventures in Automotive Networks and Control Units, 2013.
- Miller C. and Valasek C., Adventures in Automotive Networks and Control Units, 2013.
- ISO 15765-2, Road vehicles - Diagnostics on Controller Area Networks (CAN) - Part 2: Network layer services, 2011.
- ISO 14229-1, Road vehicles - Unified Diagnostic Services (UDS) - Part 1: Specification and requirements, 2013.