Skip to content

A Recommendation Model for Security Risk Management in Car-Sharing Scenarios

    Author: Ijeoma Faustina Ekeh

    Supervisor: Raimundas Matulevičius

    Abstract: The sharing economy has become more common today, and car-sharing has grown globally as a transportation alternative. While this is an intelligent concept to reduce traffic congestion as countries transition towards smarter cities and more shared mobility, several researchers have raised concerns about users’ data privacy when their information is shared to access this service and the security risks of sharing such information between systems. In this thesis, we used the research method of a systematic literature review to understand the state-of-the-art and context of the car-sharing system. The research result identified the existing context and scenarios of car-sharing. Furthermore, the thesis follows the Information System Security Risk Management (ISSRM) methodology for implementing Security Risk Management (SRM). Based on this, we identify assets, the security risks that present the threats and vulnerabilities associated with car-sharing scenarios, and mitigation strategies by utilising the results retrieved from the SLR carried out. We present the threat modelling approach, STRIDE; thus, the risk analysis was pivotal in understanding the scope of each threat based on the literature. Finally, the thesis proposed a security risk recommendation model for reducing car-sharing scenario risks. To achieve this, the model depicts the protected assets and the control measures. The instantiated model shows the proof of concept for implementing the recommendation model into car-sharing business processes.

    Thesis