Page 45 - Use cases and requirements for the vehicular multimedia networks - Focus Group on Vehicular Multimedia (FG-VM)
P. 45

For multi-passengers in  a shared vehicle the person  who has  initiated the process,  e.g.,  parking,
            charging, refueling, drive-in will be asked by the VMS if he wants to pay individually or if he would
            like to  share costs  with  the other passengers.  In case this  person wants  to  share costs the VMS
            dispatches messages to the individual VMS's of the other passengers asking confirmation of the other
            passengers for participation in the payment. These passengers confirm or deny the payment at their
            individual VMS within the vehicle using, e.g., touch screens, voice, mobile phone confirmation or
            other available means (like scanning RFID identification card, replying to keyword challenge they
            have previously established).

            11.3.1.1    Proposed requirements
            R1: VMS may have access to different cloud platforms in which the different users have deposited
            their personal and payment data. In case user has no payment profile VMS should support payment
            through credit card.
            R2: The VMS shall be able to dispatch VMS messages and processes to individual VMS terminals
            within the vehicle
            R3:  VMS  should  be  able  to  connect  to  user  personal  mobile  phone  for  personal  information,
            communication, and confirmation in case vehicle would not be equipped at all seats with displays
            and vehicle VMS interfaces.
            R4: Upon detection of change of the VMS user, the VMS should wipe personal data transferred
            through the mobile device connected to the VMS in order to respect privacy of personal data.


            12      Security

            12.1    Use Case – User data protection

            As vehicles become connected and offer more interactive services, more user data and privacy-related
            information (such as users viewing preferences and habits) could be generated and stored in the VM
            system (vehicle) and in the VM service (cloud/servers). The user data and privacy-related information
            should not be transmitted between systems without user consent. Similarly, these data should not be
            accessed by another system without user consent. When the user data and privacy-related information
            are  transmitted  between  systems,  the  protection  of  user  data  shall  be  ensured  and  becomes  an
            important consideration in the performance and security evaluation of vehicle multimedia systems.

            The system  should guarantee that the user data  cannot  be given to  third  parties  without explicit
            authorization from the user.


            12.1.1  Requirements
            R1:  The  in-vehicle  multimedia  platform  should  provide  end-to-end  data  protection  to  ensure
            confidentiality and integrity of user data, including data protection at rest in local terminals, during
            transmission over different channels and when processed at the cloud platform.

            12.2    Use Case – VMN application security
            A VMN application should be securely developed according to best practices and applicable local
            regulations and not bring additional risks within the vehicle and should not be tampered with or
            corrupted.

            12.2.1  Requirements
            R1: In order to verify the application and to ensure its origin authorization, a VMN application should
            be signed.

            R2: The VMS should be able to verify the signature of the VMN application in actual use prior to
            allowing access to APIs (e.g., communication APIs)


                                                                                 FGVM-01R1 (2019)          35
   40   41   42   43   44   45   46   47   48   49   50