Application Scenario: Car Sharing
Within the last decade, the car sharing market has grown exponentially and the rapid development of car sharing solutions is drastically changing the transportation landscape, especially in metropolitan areas. Reasons for this are diverse and include, i.a., a general growth of world’s urban population and a changing mobility concept in favor of car sharing’s on-demand car access. By offering anytime access to a network of vehicles for short-term use, car sharing solutions preserve the users' mobility while decreasing associated costs that come with car ownership. Moreover, they improve the traffic and parking situation in urban areas and address environmental issues by reducing CO2 emission due to decreased number of cars per user.
Motivated by the rapid development in the car sharing sector, Fraunhofer SIT developed a car sharing solution which is based on the Key2Share smartphone-based access control system and therefore inherits Key2Share's security features.
Despite the fact that there is a variety of car sharing solutions already deployed in the field, these suffer from various shortcomings that typically include a mandatory online connection of the cars in order to open them, a cumbersome user registration process for smartcard-based solutions that involve either a physical meeting with the car sharing provider or long waiting times to retrieve the card via mail and, for app-based solutions, a platform security concept that relies solely on OS-level security mechanisms.
These shortcomings are addressed by Fraunhofer's car sharing solution. It supports (i) offline car access by utilizing short-range wireless communication interfaces to communicate with the respective cars via smartphone. This allows to utilize the service also in areas without any network connections like underground carparks. Furthermore, the solution (ii) enables a fast user registration that avoids long waiting times by handling the registration process solely online and (iii) protects security-critical data in an isolated environment where current solutions typically rely solely on OS-level security mechanisms to secure the platform. This isolated environment can either be instantiated on the smartphone itself to achieve software-based isolation or can be hosted on any external Java- or Android-based platform to achieve true hardware-based isolation which is resistant to all software-based attacks trying to gain unauthorized access to security-sensitive data.
Similar to Key2Share's concept, also within the car sharing context access control rights to the car pool are managed by a central authority, the Car Sharing Provider. These access rights are issued as electronic keys to registered users who then use them to open booked cars with their smartphone.
Fig 1. System Overview
The process is as follows: After the customer has (1.) registered with the car sharing provider via the car sharing app and logged in, he or she can further use the app to (2.) search the environment for bookable cars and (3.) book them for a self-defined period of time. As a result of the booking, the customer (4.) receives an electronic key that is only valid for the previously defined car and the previously defined time period and which is securely stored on the smartphone. The customer can now use the app to navigate to the booked car and (5.) can open it solely offline over short-range wireless communication interfaces like Bluetooth or NFC. The service is (6.) concluded via the checkout process in which the electronic key is invalidated and the billing process is initiated.
Fig 2. The user uses the app to search his or her environment for bookable cars (left).
Fig 3. The user can open the nearby car with the smartphone app by clicking on the respective key (right).