SIUV: A Smart Car Identity Management and Usage Control System Based on Verifiable Credentials

The automotive industry is witnessing an accelerated growth in digital innovations that turn modern vehicles into digital systems. This makes the security of modern vehicles a crucial concern as they have evolved into cyber-physical and safety-critical systems. Therefore, stateful identity management and continuous access control have become a paramount requirement in smart vehicles. Indeed, several Identity and Access Management (IAM) frameworks have been proposed in the automotive field, but context awareness and continuity of control remain overlooked. To address these challenges, we present SIUV: a stateful smart-car IAM that is based on Usage Control (UCON) and Verifiable Credentials (VCs). SIUV uses Attribute Based Access Control (ABAC) policies to issue privileges to subjects (i.e. drivers or applications) according to their credentials and claims. The issued privileges are then used to decide whether to grant or deny access to in-car resources. Furthermore, the system continuously monitors subject claims, resource attributes and environmental conditions (e.g. location or time). Hence, if a change occurs, the system re-evaluates policies and updates or revokes issued privileges and usage decisions accordingly. We describe the architecture of SIUV, discuss the evaluation results, and define future directions.