Abstract
Smartphones have become very popular and versatile de-vices. An emerging trend is the integration of smartphones into automotive systems and applications, particularly access control systems to unlock cars (doors and immobilizers). Smartphone-based automotive solutions promise to greatly enhance the user’s experience by providing advanced features far beyond the conventional dedicated tokens/tranponders. We present the first opensecurity framework for secure smartphone-based immobilizers. Our generic security architecture protects the electronic access tokens on the smart-phone and provides advanced features such as context-aware access policies, remote issuing and revocation of access rights and their delegation to other users. We discuss various approaches to instantiate our security architecture based on different hardware-based trusted execution environments, and elaborate on their security properties. We implemented our immobilizer system based on the latest Android-based smartphone and a microSD smartcard. Further, we support the algorithmic proofs of the security of the underlying protocols with automated formal verification tools.
Users
Please
log in to take part in the discussion (add own reviews or comments).