"City Ph.D. Researcher Develops a Smart-Car Identity and Access Management (IAM) System"
Subhajit Bandopadhyay, a post-graduate student at City, University of London’s Institute for Cyber Security (ICS), is trying to address the vulnerability of smart cars to hacking and security breaches. Subhajit, under the supervision of Professor Muttukrishnan Rajarajan, Director of the ICS, has been involved in collaborative research aimed at developing SIUV, which is a smart car Identity and Access Management (IAM) system based on Usage Control (UCON) and Verifiable Credentials (VCs). SIUV stems from Subhajit’s research paper, co-authored by Professor Rajarajan, Ali Hariri (Huawei Munich Research Center and the University of Trento), and more. Smart cars have become safety-critical and cyber-physical systems that are increasingly exposed to cyber vulnerabilities. SIUV employs Usage Control policies to issue privileges to drivers or applications, such as airbag deployment or speed limit control, based on their credentials or claims. The privileges issued by SIUV are then used to determine whether to grant or deny access to in-car resources. The system also continuously monitors subject claims, resource attributes, and environmental conditions such as time or location. If a change is made, the system can reevaluate policies, provide updates or revoke issued privileges and usage decisions. This article continues to discuss the concept, development, and research behind SIUV.