Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Secure Role and Rights Management for Automotive Access and Feature Activation

: Plappert, Christian; Jäger, Lukas; Fuchs, Andreas


Cao, J. ; Association for Computing Machinery -ACM-; Association for Computing Machinery -ACM-, Special Interest Group on Security, Audit and Control -SIGSAC-:
ASIA CCS 2021, ACM Asia Conference on Computer and Communications Security. Proceedings : June 7-11, 2021, Virtual Event, Hong Kong
New York: ACM, 2021
ISBN: 978-1-4503-8287-8
Asia Conference on Computer and Communications Security (ASIA CCS) <2021, Online>
Fraunhofer SIT ()

The trend towards fully autonomous vehicles changes the concept of car ownership drastically. Purchasing a personal car becomes obsolete. Thus, business models related to feature activation are gaining even higher importance for car manufacturers in order to retain their customers. Various recent security incidents demonstrated however that vehicles are a valuable attack goal ranging from illegal access to car features to the theft of the whole vehicles.
In this paper, we present a secure access and feature activation system for automotive scenarios that uses a TPM 2.0 as trust anchor within the vehicle to mitigate potential security threats. Our system enables a fine-granular authorization mechanism by utilizing TPM 2.0 enhanced authorization constructs to implement usage restrictions and revocation policies as well as offline rights delegation. The TPM 2.0 acts as a communication end point to the vehicles' environment and integrates seamlessly with already deployed security features of the in-vehicle network.
We implemented our concept on a Raspberry Pi as a lightweight equivalent to hardware used in the automotive domain and evaluate our solution by performance measurements.