PhD researcher creates digital identity and access management system for cars

A postgraduate student at City University of London has participated in a collaborative study to develop the SIUV – a stateful smart automotive digital identity and access management (IAM) system.

Subhajit Bandopadhyay, from City’s Institute for Cyber Security (ICS), participated in the study under the supervision of Professor and ICS Director Muttukrishnan Rajarajan.

The new system, digital ID and access control system for vehicles, based on Usage Control (UCON) and Verifiable Credentials (VCs), is designed to address and patch some of the vulnerabilities commonly found in smart cars.

Specifically, SIUV employs Usage Control policies in order to issue privileges to drivers or applications according to their credentials or claims.

Through these privileges, specific in-car resources like the deployment of airbags and speed limit control are consequently granted or denied access.

To provide an extra layer of security, the digital identity and access system also continuously monitors subject claims, as well as resource attributes and environmental conditions, including time and location.

If the system detects a change it can re-evaluate policies, then automatically provide updates or revoke issued privileges and usage decisions as and when necessary.

Moving forward, the researchers said they will explore possible partners for the issuance of Verifiable Credentials designed to help keep claims secure and verifiable at all times.

According to the findings, the UK Driver and Vehicle Licensing Agency (DVLA) could be a trusted issuer of driving licenses in the form of Verifiable Credentials that are also cryptographically verifiable.

For more information about SIUV, you can read the paper in its entirety here.

Article Topics

access management  |  biometrics  |  continuous authentication  |  digital identity  |  identity verification  |  research and development  |  verifiable credentials