Conceptual Context-based Access Control Framework for Improving Privacy in Autonomous Vehicles

dc.contributor.authorKaratas, Naz Nebile
dc.contributor.authorNigussie, Ethiopia
dc.contributor.authorVirtanen, Seppo
dc.contributor.authorIsoaho, Jouni
dc.contributor.organizationfi=kyberturvallisuusteknologia|en=Cyber Security Engineering|
dc.contributor.organizationfi=tietotekniikan laitos|en=Department of Computing|
dc.contributor.organization-code1.2.246.10.2458963.20.28753843706
dc.contributor.organization-code1.2.246.10.2458963.20.85312822902
dc.converis.publication-id508582812
dc.converis.urlhttps://research.utu.fi/converis/portal/Publication/508582812
dc.date.accessioned2026-06-10T20:11:05Z
dc.description.abstract<p>Autonomous vehicles (AVs) collect large amounts of raw data from various sensors. Often the data collection, processing and communication raises privacy concerns. These sensor data are integrated with contextual information. This transforms the data into usable metadata that enables real-time processing and analysis. Metadata is privacy sensitive, which requires General Data Protection Regulation (GDPR) compliance and comes with a set of compliance obligations for data controllers and processors. In this research, we propose a conceptual context-based access control framework that enhances the privacy of data collected and processed in autonomous vehicles. The proposed access control framework introduces a layered and modularized architecture. The use of a layered architecture allows the handling of differing privacy risk levels between real-time and historical data. As the potential risk of revealing a specific person in combined data is higher in historical data compared to real-time data, a containment method is proposed for real-time data and sandboxing is proposed for historical data. The data that are processed by AVs consists of personal and non-personal data. While personal data are already a privacy-breaching risk solely, there is also a risk of identifying a specific person by the combination of non-personal data. The proposed access control framework classifies the data, containerizes the data through sandboxing and containment methods, and applies specific access control according to the data context and its privacy implications.<br></p>
dc.format.pagerange405
dc.format.pagerange398
dc.identifier.urihttps://www.utupub.fi/handle/11111/61678
dc.identifier.urlhttps://doi.org/10.1016/j.procs.2026.04.051
dc.identifier.urnURN:NBN:fi-fe2026022315460
dc.language.isoen
dc.okm.affiliatedauthorKaratas, Naz
dc.okm.affiliatedauthorNigussie, Ethiopia
dc.okm.affiliatedauthorVirtanen, Seppo
dc.okm.affiliatedauthorIsoaho, Jouni
dc.okm.discipline113 Computer and information sciencesen_GB
dc.okm.discipline113 Tietojenkäsittely ja informaatiotieteetfi_FI
dc.okm.discipline513 Lawen_GB
dc.okm.discipline513 Oikeustiedefi_FI
dc.okm.discipline213 Electronic, automation and communications engineering, electronicsen_GB
dc.okm.discipline213 Sähkö-, automaatio- ja tietoliikennetekniikka, elektroniikkafi_FI
dc.okm.internationalcopublicationnot an international co-publication
dc.okm.internationalityInternational publication
dc.okm.typeA4 Conference Article
dc.publisher.countryNetherlandsen_GB
dc.publisher.countryAlankomaatfi_FI
dc.publisher.country-codeNL
dc.relation.conferenceInternational Conference on Ambient Systems, Networks and Technologies Networks
dc.relation.doi10.1016/j.procs.2026.04.051
dc.relation.ispartofjournalProcedia Computer Science
dc.relation.volume280
dc.titleConceptual Context-based Access Control Framework for Improving Privacy in Autonomous Vehicles
dc.title.bookThe 17th International Conference on Ambient Systems, Networks and Technologies Networks (ANT)/ the 9th International Conference on Emerging Data and Industry 4.0 (EDI40)
dc.year.issued2026

Tiedostot

Näytetään 1 - 1 / 1
Ladataan...
Name:
1-s2.0-S1877050926010641-main.pdf
Size:
941.89 KB
Format:
Adobe Portable Document Format