1 option
An Adaptive Risk-Based Access Control with Trusted Execution Environment for Vehicles Tongji University
- Format:
- Book
- Conference/Event
- Author/Creator:
- Luo, Feng, author.
- Conference Name:
- WCX SAE World Congress Experience (2025-04-08 : Detroit, Michigan, United States)
- Language:
- English
- Physical Description:
- 1 online resource cm
- Place of Publication:
- Warrendale, PA SAE International 2025
- Summary:
- The rapid development of intelligent and connected vehicles is transforming them into data-rich information carriers, which generate and store vast amounts of sensitive information. However, the frequent sharing of resources within these vehicles poses substantial risks to user privacy and data security. Should sensitive resources be accessed maliciously, the consequences could be severe, leading to significant threats to the safety, property, and reputation of both drivers and passengers. To address these risks, this paper proposes an adaptive risk-based access control with Trusted Execution Environment (TEE) specifically designed for vehicles, aimed at managing and restricting access permissions based on risk assessments. Firstly, this paper designs an adaptive risk model in accordance with ISO/SAE 21434, taking into account factors such as the security levels of subjects and objects, context, and the risk history of subjects to separately quantify threats and impacts. By adjusting the model's weighting factors, the model can adapt to various application scenarios and security requirements, enabling dynamic and adaptive risk evaluation. Based on the risk model, an Adaptive Risk-Based Access Control with TEE (AdRbAC-TEE) is proposed, featuring a globally distributed and locally centralized architecture. This model leverages the physical isolation characteristics of TEE to securely protect and store risk logic and sensitive data. Additionally, a comprehensive design is presented for the data flow model and access control process, along with key security considerations for practical deployment. Finally, the effectiveness and reliability of the proposed method are validated through an automotive diagnostic access control case study, demonstrating its ability to ensure both security and efficiency
- Notes:
- Vendor supplied data
- Publisher Number:
- 2025-01-8089
- Access Restriction:
- Restricted for use by site license
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.