Search

US-12625974-B2 - Context-aware fine-grained device access control for a vehicle

US12625974B2US 12625974 B2US12625974 B2US 12625974B2US-12625974-B2

Abstract

Context-aware fine-grained device access control for a vehicle is provided. Aspects include receiving an access request from an application installed on the vehicle, obtaining one or more operating characteristics of the vehicle, and inputting the access request and the one or more operating characteristics of the vehicle into an access control model. Aspects also include granting the access request to the application based on one of receiving a grant access request from the access control model and receiving an approval of the access request from the operator of the vehicle. Based on one of receiving a deny access request from the access control model and receiving the denial of the access request from the operator of the vehicle, aspects include denying the access request to the application. The access request includes an identifier of the application and an identifier of a type of access being requested by the application.

Inventors

  • FAN JING MENG
  • Jing Yan Zhang
  • Yuan Yuan
  • Jia Liu
  • Ziyue YANG

Assignees

  • INTERNATIONAL BUSINESS MACHINES CORPORATION

Dates

Publication Date
20260512
Application Date
20240320

Claims (15)

  1. 1 . A computer-implemented method for context-aware fine-grained device access control for a vehicle, the method comprising: receiving an access request from an application installed on the vehicle; obtaining one or more operating characteristics of the vehicle; identifying an operator of the vehicle; responsive to identifying the operator, obtaining, from a mobile device associated with the operator, an access control model corresponding to the operator and storing the access control model in a data store of the vehicle; inputting the access request and the one or more operating characteristics of the vehicle into an access control model corresponding to the operator obtained from the mobile device; based on receiving a user input needed response from the access control model, obtaining from an operator of the vehicle one of an approval of the access request and a denial of the access request; based on one of receiving a grant access request from the access control model and receiving the approval of the access request from the operator of the vehicle, granting the access request to the application; and based on one of receiving a deny access request from the access control model and receiving the denial of the access request from the operator of the vehicle, denying the access request to the application, wherein the access request includes an identifier of the application and an identifier of a type of access being requested by the application, wherein the context-aware fine-grained device access control is performed by access control software installed on a vehicle processing system disposed in the vehicle, and wherein the type of access is one of a microphone access, a camera access, a speedometer access, a location access, and a data access.
  2. 2 . The computer-implemented method of claim 1 , wherein the operator of the vehicle is identified based on one of a facial recognition of the operator, a determination that a mobile device associated is located within the vehicle, and a determination that a key associated is located within the vehicle.
  3. 3 . The computer-implemented method of claim 1 , further comprising updating the access control model based on receiving the one of the approval of the access request and the denial of the access request.
  4. 4 . The computer-implemented method of claim 3 , further comprising storing the updated access control model on one or more of a memory disposed in the vehicle and a mobile device associated with the operator.
  5. 5 . The computer-implemented method of claim 1 , wherein the one or more operating characteristics of the vehicle include an operating speed of the vehicle, a location of the vehicle, and a number of occupants of the vehicle.
  6. 6 . A computing system having a memory having computer readable instructions and one or more processors for executing the computer readable instructions, the computer readable instructions controlling the one or more processors to perform operations comprising: receiving an access request from an application installed on a vehicle; obtaining one or more operating characteristics of the vehicle; identifying an operator of the vehicle; responsive to identifying the operator, obtaining, from a mobile device associated with the operator, an access control model corresponding to the operator and storing the access control model in a data store of the vehicle inputting the access request and the one or more operating characteristics of the vehicle into an access control model corresponding to the operator obtained from the mobile device; based on receiving a user input needed response from the access control model, obtaining from an operator of the vehicle one of an approval of the access request and a denial of the access request; based on one of receiving a grant access request from the access control model and receiving the approval of the access request from the operator of the vehicle, granting the access request to the application; and based on one of receiving a deny access request from the access control model and receiving the denial of the access request from the operator of the vehicle, denying the access request to the application, wherein the access request includes an identifier of the application and an identifier of a type of access being requested by the application, wherein the context-aware fine-grained device access control is performed by access control software installed on a vehicle processing system disposed in the vehicle, and wherein the type of access is one of a microphone access, a camera access, a speedometer access, a location access, and a data access.
  7. 7 . The computing system of claim 6 wherein the operator of the vehicle is identified based on one of a facial recognition of the operator, a determination that a mobile device associated is located within the vehicle, and a determination that a key associated is located within the vehicle.
  8. 8 . The computing system of claim 6 , wherein the operations further comprise updating the access control model based on receiving the one of the approval of the access request and the denial of the access request.
  9. 9 . The computing system of claim 8 , wherein the operations further comprise storing the updated access control model on one or more of a memory disposed in the vehicle and a mobile device associated with the operator.
  10. 10 . The computing system of claim 6 , wherein the one or more operating characteristics of the vehicle include an operating speed of the vehicle, a location of the vehicle, and a number of occupants of the vehicle.
  11. 11 . A computer program product comprising a computer readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to perform operations comprising: receiving an access request from an application installed on a vehicle; obtaining one or more operating characteristics of the vehicle; identifying an operator of the vehicle; responsive to identifying the operator, obtaining, from a mobile device associated with the operator, an access control model corresponding to the operator and storing the access control model in a data store of the vehicle inputting the access request and the one or more operating characteristics of the vehicle into an access control model corresponding to the operator obtained from the mobile device; based on receiving a user input needed response from the access control model, obtaining from an operator of the vehicle one of an approval of the access request and a denial of the access request; based on one of receiving a grant access request from the access control model and receiving the approval of the access request from the operator of the vehicle, granting the access request to the application; and based on one of receiving a deny access request from the access control model and receiving the denial of the access request from the operator of the vehicle, denying the access request to the application, wherein the access request includes an identifier of the application and an identifier of a type of access being requested by the application, wherein the context-aware fine-grained device access control is performed by access control software installed on a vehicle processing system disposed in the vehicle, and wherein the type of access is one of a microphone access, a camera access, a speedometer access, a location access, and a data access.
  12. 12 . The computer program product of claim 11 , wherein the operator of the vehicle is identified based on one of a facial recognition of the operator, a determination that a mobile device associated is located within the vehicle, and a determination that a key associated is located within the vehicle.
  13. 13 . The computer program product of claim 11 , wherein the operations further comprise updating the access control model based on receiving the one of the approval of the access request and the denial of the access request.
  14. 14 . The computer program product of claim 13 , wherein the operations further comprise storing the updated access control model on one or more of a memory disposed in the vehicle and a mobile device associated with the operator.
  15. 15 . The computer program product of claim 11 , wherein the one or more operating characteristics of the vehicle include an operating speed of the vehicle, a location of the vehicle, and a number of occupants of the vehicle.

Description

BACKGROUND Aspects of the present invention generally relate to controlling access to data in a vehicle and, more specifically, to methods for context-aware fine-grained device access control for a vehicle. With the advancement of technology, the number of ways of obtaining the private personal data of an individual is becoming more extensive and is no longer limited to computers, cell phones, tablets, and other terminals. Modern vehicles are equipped with advanced processing systems that often allow users to install various third-party applications (i.e., applications not developed by the manufacturer of the vehicle) on the vehicle. In addition, modern vehicles are often equipped with a wide variety of sensors, such as microphones and cameras, that can be used to obtain private personal data of individuals within the vehicle. As a result, vehicles have become a potential source of private personal data. Currently, modern vehicles are not equipped with systems for controlling the access to the various sensors of the vehicle by third-party applications installed on the vehicle processing system. SUMMARY Embodiments of the present disclosure are directed to computer-implemented methods for context-aware fine-grained device access control for a vehicle. According to an aspect, a computer-implemented method includes receiving an access request from an application installed on a vehicle, obtaining one or more operating characteristics of the vehicle, and inputting the access request and the one or more operating characteristics of the vehicle into an access control model. Based on receiving a user input needed response from the access control model, the method includes obtaining from an operator of the vehicle one of an approval of the access request and a denial of the access request. Based on one of receiving a grant access request from the access control model and receiving the approval of the access request from the operator of the vehicle, the method includes granting the access request to the application. Based on one of receiving a deny access request from the access control model and receiving the denial of the access request from the operator of the vehicle, the method includes denying the access request to the application. The access request includes an identifier of the application and an identifier of a type of access being requested by the application. According to another non-limiting embodiment of the disclosure, a system having a memory having computer-readable instructions and one or more processors for executing the computer-readable instructions, the computer-readable instructions controlling the one or more processors to perform operations. The operations include receiving an access request from an application installed on a vehicle, obtaining one or more operating characteristics of the vehicle, and inputting the access request and the one or more operating characteristics of the vehicle into an access control model. Based on receiving a user input needed response from the access control model, the operations include obtaining from an operator of the vehicle one of an approval of the access request and a denial of the access request. Based on one of receiving a grant access request from the access control model and receiving the approval of the access request from the operator of the vehicle, the operations include granting the access request to the application. Based on one of receiving a deny access request from the access control model and receiving the denial of the access request from the operator of the vehicle, the operations include denying the access request to the application. The access request includes an identifier of the application and an identifier of a type of access being requested by the application. According to another non-limiting embodiment of the disclosure, a computer program product for estimating workload energy consumption is provided. The computer program product includes a computer-readable storage medium having program instructions embodied therewith, the program instructions executable by a processor to cause the processor to perform operations. The operations include receiving an access request from an application installed on a vehicle, obtaining one or more operating characteristics of the vehicle, and inputting the access request and the one or more operating characteristics of the vehicle into an access control model. Based on receiving a user input needed response from the access control model, the operations include obtaining from an operator of the vehicle one of an approval of the access request and a denial of the access request. Based on one of receiving a grant access request from the access control model and receiving the approval of the access request from the operator of the vehicle, the operations include granting the access request to the application. Based on one of receiving a deny access request from the access control model and receiving t