Björn Wiedersheim

Secure vehicular communication systems: implementation, performance, and research challenges

Vehicular communication systems are on the verge of practical deployment. Nonetheless, their security and privacy protection is one of the problems that have been addressed only recently. In order to show the feasibility of secure VC, certain implementations are required. we discuss the design of a VC security system that has emerged as a result of the European SeVe-Com project. In this second article we discuss various issues related to the implementation and deployment aspects of secure VC systems. Moreover, we provide an outlook on open security research issues that will arise as VC systems develop from todays simple prototypes to full-fledged systems.

Privacy in inter-vehicular networks: Why simple pseudonym change is not enough

Inter-vehicle communication (IVC) systems disclose rich location information about vehicles. State-of-the-art security architectures are aware of the problem and provide privacy enhancing mechanisms, notably pseudonymous authentication. However, the granularity and the amount of location information IVC protocols divulge, enable an adversary that eavesdrops all traffic throughout an area, to reconstruct long traces of the whereabouts of the majority of vehicles within the same area. Our analysis in this paper confirms the existence of this kind of threat. As a result, it is questionable if strong location privacy is achievable in IVC systems against a powerful adversary.

Secure and efficient beaconing for vehicular networks

The basis for many VANET applications are periodic beacons carrying information like location, heading and speed. In order to secure beaconing, messages should be signed and carry a certificate to attest valid network participants. In order to reduce the significant communication and computational overhead created by this, we propose to skip signatures or certificates in certain situations.

Efficiency analysis of geocast target region specifications for VANET applications

Geocast is a communication paradigm for disseminating information in a specified target region rather than based on IP addresses. Local hazard or accident warnings and warnings of approaching emergency vehicles are examples of potential use cases in vehicular ad hoc networks (VANETs). Different geocast target region specifications have been proposed in recent years. Yet, the impact of the selected geocast target region specification on communication efficiency and network overload has not been extensively studied so far. We provide a comparative analysis of different geocast target region specifications, namely circle, rectangle, polygon, and route. In our analysis we consider introduced communication overhead, as well as false positive and false negative rates for three representative VANET applications. Our simulation results show that a circular region, despite its simplicity, performs better in most scenarios than rectangular, polygon-based, or route-based regions. However, optimal radius selection has a significant impact on efficiency.

homeBLOX: making home automation usable

Home automation aims to increase convenience of residential living. The homeBLOX system uses a process-driven execution model to enable complex automation tasks with heterogeneous devices, while providing a user interface that abstracts from lower-level complexity. Complex automation tasks are created as sequences consisting of events and actions linked to physical and virtual devices, which are translated into BPEL code for execution. We outline the key concepts, architecture, and prototype of our system.

homeBLOX: introducing process-driven home automation

Home automation promises more convenience for residential living. We propose process-driven home automation as an approach to reduce the difficulty of specifying automation tasks without restricting users in terms of customizability and complexity of supported scenarios. Our graph-based user interface abstracts from the complexity of process specification, while created sequences are automatically translated into BPEL code for execution. Our homeBLOX architecture extends a process engine with the capabilities to communicate with heterogeneous smart devices, integrate virtual devices, and support different home automation protocols. We report on initial user tests with our automation interface and demonstrate the customizability and expressiveness of our system based on realized example use cases.

PriCal: context-adaptive privacy in ambient calendar displays

PriCal is an ambient calendar display that shows a users schedule similar to a paper wall calendar. PriCal provides context-adaptive privacy to users by detecting present persons and adapting event visibility according to the users privacy preferences. We present a detailed privacy impact assessment of our system, which provides insights on how to leverage context to enhance privacy without being intrusive. PriCal is based on a decentralized architecture and supports the detection of registered users as well as unknown persons. In a three-week deployment study with seven displays, ten participants used PriCal in their real work environment with their own digital calendars. Our results provide qualitative insights on the implications, acceptance, and utility of context-adaptive privacy in the context of a calendar display system, indicating that it is a viable approach to mitigate privacy implications in ubicomp applications.

Privacy & Trust in Ambient Intelligence Environments

Privacy and trust are critical factors for the acceptance and success of next generation ambient intelligence environments. Those environments often act autonomously to support a user’s activity based on context information gathered from ubiquitous sensors. The autonomous nature, their accessibility to large amounts of personal information, and the fact that actuators and sensors are invisibly embedded in such environments, raise several privacy issues for participants. Those issues need to be addressed by adequate mechanisms for privacy protection and trust establishment. In this chapter, we provide an overview of existing privacy enhancing technologies (PETs) in the area of ambient intelligence environments and present the ATRACO approach to achieve privacy within those environments. Further, we will discuss how computational trust mechanisms and social trust aspects can be utilized to support privacy protection and the establishment of trust between system components and between the system and participants. After describing the integration of these mechanisms in the overall system architecture of ATRACO, we conclude by giving an outlook on future directions in this area.

WiSec 2011 demo: PRECIOSA PeRA -- practical enforcement of privacy policies in intelligent transportation systems

Cooperative Intelligent Transportation Systems must incorporate privacy-enhancing mechanisms to gain public acceptance. The PRECIOSA Privacy-enforcing Runtime Architecture (PeRA) provides a data-centric protection chain, which ensures that ITS components process data according to attached user-defined privacy policies. PeRA instances constitute a distributed privacy middleware that evaluates privacy policies to mediate data access by applications. An integrity protection layer creates a distributed policy enforcement perimeter between ITS nodes to prevent circumvention of policies. The PeRA has been implemented as a proof-of-concept prototype.

Privacy management and control in ATRACO

Privacy is a critical factor for the acceptance and success of next generation ambient intelligent environments. Those environments often act autonomously to support a users activity based on context information gathered from ubiquitous sensors. The autonomous nature and their accessibility to large amount of personal information raises several privacy issues for participants in such environments. Those issues need to be addressed by adequate privacy mechanisms. In this paper we present an overview of the ATRACO approach to provide privacy management and control in an ambient intelligent environment.