Skip to Main Content
Many of the applications proposed for intelligent transportation systems (ITS) need to process and communicate detailed personal identifiable information. Examples are detailed location traces or unique identifiers for authentication towards paid services. Existing applications often run as monolithic black boxes inside users' cars. Hence, users cannot verify that applications behave as expected. We propose CANE, an application sandboxing approach that enhances user control over privacy properties while, at the same time, supporting common application requirements. CANE makes privacy-relevant application properties explicit and allows their analysis and enforcement during application runtime. We evaluate CANE using a common ITS use case and demonstrate feasibility with a proof-of-concept implementation.