Context-Aware Access Control in Novel Automotive HMI Systems

  • Simon GanselEmail author
  • Stephan Schnitzer
  • Ahmad Gilbeau-Hammoud
  • Viktor Friesen
  • Frank Dürr
  • Kurt Rothermel
  • Christian Maihöfer
  • Ulrich Krämer
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 9478)


The growing relevance of vehicular applications like media player, navigation system, or speedometer using graphical presentation has lead to an increasing number of displays in modernf cars. This effectuates the desire for flexible sharing of all the available displays between several applications. However, automotive requirements include many regulations to avoid driver distraction to ensure safety. To allow for safe sharing of the available screen surface between the many safety-critical and non-safety-critical applications, adequate access control systems are required. We use the notion of contexts to dynamically determine, which application is allowed to access which display area. A context can be derived from vehicle sensors (e.g., the current speed), or be an application-specific state (e.g., which menu item is selected). We propose an access control model that is inherently aware of the context of the car and the applications. It provides delegation of access rights to display areas by applications. We implemented a proof-of-concept implementation that demonstrates the feasibility of our concept and evaluated the latency introduced by access control. Our results show that the delay reacting on dynamic context changes is small enough for automotive scenarios.



This paper has been supported in part by the ARAMiS project of the German Federal Ministry for Education and Research with funding ID 01IS11035.


  1. 1.
    Bell, D.E., Lapadula, L.J.: Secure computer system: unified exposition and MULTICS interpretation. Technical report ESD-TR-75-306 (1976)Google Scholar
  2. 2.
    Bhatti, R., et al.: A trust-based context-aware access control model for web-services. In: Proceedings, International Conference on Web Services (2004)Google Scholar
  3. 3.
    Broy, M., Kruger, I., Pretschner, A., Salzmann, C.: Engineering automotive software. Proc. IEEE 95(2), 356–373 (2007)CrossRefGoogle Scholar
  4. 4.
    Corradi, A., et al.: Context-based access control for ubiquitous service provisioning. In: Proceedings of the 28th COMPSAC (2004)Google Scholar
  5. 5.
    Corradi, A., et al.: Context-based access control management in ubiquitous environments. In: Proceedings of the 3rd NCA (2004)Google Scholar
  6. 6.
    Epstein, J., et al.: A prototype B3 trusted X window system. In: Proceedings of the 7th Annual Computer Security Applications Conference (1991)Google Scholar
  7. 7.
    ESOP: on safe and efficient in-vehicle information and communication systems: update of the European statement of principles on human-machine interface. Commission of the European Communities (2008)Google Scholar
  8. 8.
    Feske, N., Helmuth, C.: Overlay window management: user interaction with multiple security domains (2004)Google Scholar
  9. 9.
    Feske, N., Helmuth, C.: A nitpicker’s guide to a minimal-complexity secure GUI. In: Proceedings of the 21st ACSAC, December 2005Google Scholar
  10. 10.
    Gansel, S., et al.: An access control concept for novel automotive HMI systems. In: Proceedings of the 19th SACMAT (2014)Google Scholar
  11. 11.
    Gansel, S., Schnitzer, S., Dürr, F., Rothermel, K., Maihöfer, C.: Towards virtualization concepts for novel automotive HMI systems. In: Schirner, G., Götz, M., Rettberg, A., Zanella, M.C., Rammig, F.J. (eds.) IESS 2013. IFIP AICT, vol. 403, pp. 193–204. Springer, Heidelberg (2013) CrossRefGoogle Scholar
  12. 12.
    Hansen, J.G.: Blink: advanced display multiplexing for virtualized applications. In: Proceedings of the 17th NOSSDAV (2007)Google Scholar
  13. 13.
    Herges, D., et al.: Ginger: an access control framework for telematics applications. In: Processing of the 11th TrustCom (2012)Google Scholar
  14. 14.
    Hong-Yue, L., Miao-Lei, D., Wei-Dong, Y.: A context-aware fine-grained access control model. In: Computer Science Service System (CSSS) (2012)Google Scholar
  15. 15.
    ISO 26262: Road vehicles - functional safety. ISO, Geneva, CH, November 2011Google Scholar
  16. 16.
    Janker, H.: Straßenverkehrsrecht: StVG, StVO, StVZO, Fahrzeug-ZulassungsVO, Fahrerlaubnis-VO, Verkehrszeichen. Bußgeldkatalog, Beck (2011)Google Scholar
  17. 17.
    Kouadri Mostéfaoui, G., Brézillon, P.: A generic framework for context-based distributed authorizations. In: Blackburn, P., Ghidini, C., Turner, R.M., Giunchiglia, F. (eds.) CONTEXT 2003. LNCS, vol. 2680, pp. 204–217. Springer, Heidelberg (2003) CrossRefGoogle Scholar
  18. 18.
    Schilit, B., Theimer, M.: Disseminating active map information to mobile hosts. IEEE Netw. 8(5), 22–32 (1994)CrossRefGoogle Scholar
  19. 19.
    Strembeck, M., et al.: An integrated approach to engineer and enforce context constraints in RBAC environments. ACM Trans. Inf. Syst. Secur. 7(3), 392–427 (2004)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Simon Gansel
    • 1
    Email author
  • Stephan Schnitzer
    • 2
  • Ahmad Gilbeau-Hammoud
    • 2
  • Viktor Friesen
    • 1
  • Frank Dürr
    • 2
  • Kurt Rothermel
    • 2
  • Christian Maihöfer
    • 1
  • Ulrich Krämer
    • 3
  1. 1.System Architecture and PlatformsMercedes-Benz Cars, Daimler AGStuttgartGermany
  2. 2.Institute of Parallel and Distributed SystemsUniversity of StuttgartStuttgartGermany
  3. 3.Telemotive AGMunichGermany

Personalised recommendations