{"ID":2864031,"CreatedAt":"2026-06-01T04:54:23.091178241Z","UpdatedAt":"2026-06-01T04:54:23.091178241Z","DeletedAt":null,"paper_url":"https://arxiv.org/abs/2509.25566","arxiv_id":"2509.25566","title":"Towards a Zero Trust Decentralized Identity Management System for Secure Autonomous Vehicles","abstract":"Autonomous vehicles (AVs) rely on pervasive connectivity to enable cooperative and safety-critical applications, but this connectivity also exposes them to a wide range of cybersecurity threats. Existing perimeter-based security and centralized identity management approaches are inadequate for highly dynamic V2X environments, as they depend on implicit trust and suffer from scalability and single-point-of-failure limitations. This paper proposes D-IM, a Zero Trust-based decentralized identity management and authentication framework for secure V2X communication. D-IM integrates continuous verification with a permissioned blockchain to eliminate centralized trust assumptions and enforce explicit, verifiable identity relationships among vehicles and infrastructure. The framework is designed around clear Zero Trust-aligned goals, including mutual authentication, decentralization, privacy protection, non-repudiation, and traceability, and addresses a comprehensive attacker model covering identity, data integrity, collusion, availability, and accountability threats. We present the D-IM system architecture and identification and authorization protocol, and validate its security properties through both qualitative analysis and a formal BAN logic-based verification. Simulation results in urban and highway scenarios using DSRC and C-V2X demonstrate that D-IM introduces limited overhead while preserving network performance, supporting its practicality for real-world AV deployments.","short_abstract":"Autonomous vehicles (AVs) rely on pervasive connectivity to enable cooperative and safety-critical applications, but this connectivity also exposes them to a wide range of cybersecurity threats. Existing perimeter-based security and centralized identity management approaches are inadequate for highly dynamic V2X enviro...","url_abs":"https://arxiv.org/abs/2509.25566","url_pdf":"https://arxiv.org/pdf/2509.25566v2","authors":"[\"Amal Yousseef\",\"Shalaka Satam\",\"Banafsheh Saber Latibari\",\"Mai Abdel-Malek\",\"Soheil Salehi\",\"Pratik Satam\"]","published":"2025-09-29T22:42:51Z","proceeding":"cs.CR","tasks":"[\"cs.CR\"]","methods":"[]","has_code":false}