Smart cities' vision will encompass connected industrial vehicles, which will offer data-driven and intelligent services to the user. Such interaction within dispersed connected objects, sometimes referred as the industrial Internet-of-Vehicles (IIoV). The prime motivation of intelligent transportation system (ITS) is ensuring the safety of the drivers and offering a comfortable experience to the user. However, such complex infrastructures offer broad attack surfaces to the adversaries, which can remotely exploit and control the critical mechanics in the smart car, including engine and brake systems. Security and privacy concerns are significant barriers to the wide adoption of this revolutionary technology that has to be addressed before a comprehensive implementation of the real vision of ITS. This research is a stepping stone to address access control issues in the IIoV ecosystem and propose a formal attribute-based access control system (referred to \cvac). The proposed model introduces the notion of groups, which are assigned to various smart entities based on the different attributes. It also offers the implementation of fine-grained security policies and considers individualized privacy preferences along with system-wide policies to accept or reject notification, alerts, and advertisements from different participating smart entities. We present the prototype implementation of our proposed model in the Amazon Web Services IoT platform together with extensive performance evaluation, to reflect the practicality and wide-scale adoption of the proposed system.
Keywords: Intelligent Transportation System, Cloud Computing, Attribute-Based Access Control, Security Policies, Smart Connected Vehicles, Privacy, Industrial IoV