(May 29, 2018) -- A new study by Maanak Gupta, doctoral candidate at The University of Texas at San Antonio, and Ravi Sandhu, Lutcher Brown Endowed Professor of computer science and founding executive director of the UTSA Institute for Cyber Security (ICS), examines the cybersecurity risks for new generations of smart which includes both autonomous and internet connected cars.
“Driverless and connected cars are increasingly becoming a part of our world, where cybersecurity threats are already a reality,” Sandhu said. “It’s imperative that we support research that addresses these concerns and presents a strong, innovative solution.”
Cars with internet connectivity, also known as “connected cars,” offer potential for many conveniences and innovations. They could allow for real-time and location-sensitive communication between drivers or even pedestrians, which could help make the roads safer for both. The connectivity could also allow the cars to capture safety and environmental conditions around the vehicle, including road obstructions, accidents, which also enables real-time vehicle-to-vehicle interaction on road.
“Connected cars have almost infinite possibilities for creative technological applications,” Gupta said. “Companies could even take advantage of the connectivity to implement location-based marketing tactics, providing drivers with nearby sales and offers.”
However, the researchers caution that as soon as cars are exposed to internet supported functionality, they are also open to the same cybersecurity threats that loom over other electronic devices, such as computers and cell phones. For this reason, Gupta and Sandhu created an authorization framework for connected cars which provides a conceptual overview of various access control decision and enforcement points needed for dynamic and short-lived interaction in smart cars ecosystem.
“There are vulnerabilities in every machine,” said Gupta. “We’re working to make sure someone doesn’t take advantage of those vulnerabilities and turn them into threats. The questions of ‘who do I trust?’ and ‘how do I trust?’ are still to be answered in smart cars.”
Gupta and Sandhu framework discussed an access control oriented architecture for connected cars and proposed authorization framework, which is a key to determine what and where vulnerabilities can be exploited. They further discuss several approaches to mitigate cyber threats in this ecosystem.
Using this framework, the team at ICS is trying to create and use security authorization policies in different access control decision points to prevent cyber attacks and unauthorized access to sensors and data in smart cars.
“There are infinite opportunities in this new IoT domain but at the same time cyber threats will have serious implications in smart cars. Can you imagine if someone controls your car steering remotely, or shuts down the engine in the middle of the road?” Gupta said. “There should not be absolutely any open end to orchestrate attacks on these cars.”
According to Gupta, the authorization framework can also be applied to driverless cars, noting that these vehicles may be even more vulnerable to cyber threats.
“If we’re going to open the world to cars driven by machines, we must be absolutely certain that they aren’t able to be compromised by a malicious attack,” he said. “That it what this framework is for.”
Read Maanak Gupta and Ravi Sandhu’s study, “Authorization Framework for Secure Cloud Assisted Connected Cars and Vehicular Internet of Things.”
Learn more about the UTSA Institute for Cyber Security.
Learn more about the UTSA Department of Computer Science.
Students and alumni of all partnering UT System institutions will have the opportunity to virtually network with employers from across the nation.Accessible Online
The University of Texas at San Antonio is dedicated to the advancement of knowledge through research and discovery, teaching and learning, community engagement and public service. As an institution of access and excellence, UTSA embraces multicultural traditions and serves as a center for intellectual and creative resources as well as a catalyst for socioeconomic development and the commercialization of intellectual property - for Texas, the nation and the world.
To be a premier public research university, providing access to educational excellence and preparing citizen leaders for the global environment.
We encourage an environment of dialogue and discovery, where integrity, excellence, inclusiveness, respect, collaboration and innovation are fostered.
UTSA is a proud Hispanic Serving Institution (HSI) as designated by the U.S. Department of Education.