Ephemeral Secret Leakage-Free ID-Role-Based Access Control Authentication and Key Exchange Protocol for Securing Electric Vehicle Data

Aim: 

          The aim of this work is to develop a robust and efficient authorization management system for accessing electric vehicle (EV) data stored in a cloud server by integrating Role-based Access Control (RBAC) with identity-based cryptography (IBC).

Abstract:

          Role-based Access Control (RBAC) offers an efficient method for managing authorization to resources, such as electric vehicle (EV) data stored in the cloud. In this context, the access control system must ensure both strong security and efficiency, particularly with regard to EV user authentication. Authentication serves as a crucial prerequisite for access control, ensuring only legitimate users can access sensitive EV data.

           To enhance the security and scalability of the system, this work integrates identity-based cryptography (IBC) with RBAC. IBC is used to securely authenticate EV users, ensuring that their identity is tied to their role in the system. Each EV user’s authentication is coupled with a unique identity, which is also used in the key exchange process. This combination of RBAC and IBC ensures that access to the cloud-based EV data is tightly controlled. By linking users’ roles with their identities, the system can effectively manage access permissions based on both their role and verified identity, enhancing security and streamlining the management of user access. This approach offers a robust and scalable solution for EV data protection.

Existing System:

          The existing system for managing access to electric vehicle (EV) data primarily utilizes Role-based Access Control (RBAC), which assigns permissions based on user roles established by the National Institute of Standards and Technology (NIST). While RBAC provides a structured framework for access management, it heavily relies on authentication as a prerequisite for accessing resources.

           This system allows for dynamic role assignments during user sessions, but often suffers from complexity and inefficiency in authentication processes, which can lead to delays and user frustration. Additionally, traditional RBAC lacks advanced mechanisms for robust identity verification, making it vulnerable to unauthorized access. Although there are efforts to minimize computational costs, existing systems may still face challenges in real-time responsiveness. Overall, while effective in its basic form, the existing RBAC system requires enhancements to better secure EV data and improve user experience.

Proposed System:

            The proposed system enhances the management of electric vehicle (EV) data by incorporating a secure access control mechanism that integrates Role-based Access Control (RBAC) with identity-based cryptography (IBC). In this system, a unique private key is generated for each owner and driver, which is securely sent to their registered email addresses. This private key serves as a vital tool for authentication, ensuring that only authorized users can access sensitive vehicle information.

            Owners have the ability to add vehicles to their profiles seamlessly, providing an intuitive management interface. They can also view a comprehensive list of associated drivers, enhancing their oversight and control. When owners wish to access detailed vehicle data, an additional layer of security is implemented through One-Time Password (OTP) authorization. This ensures that sensitive information is only available after verifying the owner’s identity with an OTP, adding a crucial layer of protection.

            Drivers also benefit from the system, as they can utilize their private keys for authentication while being granted specific access based on their roles. By leveraging IBC and OTP for secure access, the proposed system not only simplifies vehicle management but also ensures that all data remains protected, providing a secure and efficient platform for both owners and drivers to manage their electric vehicles confidently.