TSSG researchers Ruisong Han, Fan Zhang (ex TSSG), etc., have submitted a conference paper, titled FACT: Fine-grained Access Control for Cooperative Intelligent Transport Systems, to the 2020 IEEE International Conference on Communications. The IEEE International Conference on Communications (ICC) is one of the IEEE Communications Society’s two flagship conferences dedicated to driving innovation in nearly every aspect of communications.
With the research work carried in D6.8 CyberSecurity of TransSec, Dr Han, the WP6 Vehicle-to-Everything (V2X) leader, found that most of the security standards for ITS-G5 are a little outdated and not well supported by commercial off-the-shelf products. Also, conventional access control in V2X is role-based and coarse-grained, which lacks flexibility in securing the critical assets. Thus, TSSG researchers have utilised their expertise in V2X, IoT and cybersecurity and proposed a dynamic ﬁne-grained access control framework for cooperative intelligent transport systems named FACT.
In FACT, an open-source, high-performance, resource-efﬁcient, XACML3 standard-compatible Policy Decision Point (PDP) is integrated with an Enhanced Authorization Authority (EAA) to provide effective and accurate access decisions expressed as Attribute-Based Access Control (ABAC) policies. Thus, the proposed framework can support ABAC and realize smarter authorization and communication choices. Also, it can support more C-ITS authorization contexts than the traditional framework. Figure 1 below illustrates two use cases proposed by the paper. In these use cases, the EAA can evaluate the incoming resources request, checks the relevant attributes, evaluates against its policies, and grant corresponding communication rights dynamically.
Below is the abstract of the paper:
The architecture of Cooperative Intelligent Transport Systems (C-ITS) from ETSI enables a variety of physical access methods, ITS applications and services to be offered to road users. The architecture requires enhanced authorization to ensure communication security and privacy. The relevant ETSI architecture includes a high-level design for security management and identiﬁes the need for ﬂexible and dynamic access control. However, most existing access control solutions support only coarse-grained functionality. In this paper, we propose a dynamic ﬁne-grained access control framework for cooperative intelligent transport systems named FACT. In FACT, an open-source, high-performance, resource-efﬁcient, XACML3 standard-compatible Policy Decision Point (PDP) is integrated with an Enhanced Authorization Authority (EAA) to provide effective and accurate access decisions expressed as Attribute-Based Access Control (ABAC) policies. The proposed FACT Authorization Framework is an implementation of a C-ITS EAA and employs an event driven architecture and a non-blocking computational model for enhancing the performance and reducing the resource consumption in a fog node. The proposed solution was validated in terms of reliability, resource usage, and latency.