Modern industrial systems are enriched by cyber–physical devices and interconnections with business processes that enable flexible production, remote monitoring, control and maintenance. These systems are typically subject to multiple authorities which must cooperate with each other, as in the case of segmented industrial environments and supply chains. In similar contexts, voluntary or unintentional damages may be caused by cyber attacks or by misbehaving authorized parties. We propose an original architecture that regulates accesses to industrial systems’ resources through authorization delegation procedures. It guarantees several benefits that include the possibility of auditing authorizations released by delegated third parties, of detecting misconducts and possible attacks, and of assuring attribution of misconducts. The proposed solution is compatible with constraints characterizing industrial environments and with security and performance requirements of industrial architectures. The performance and latencies of the auditing mechanisms are evaluated through a prototype.
Verifiable and auditable authorizations for smart industries and industrial Internet-of-Things / Ferretti, L.; Longo, F.; Merlino, G.; Colajanni, M.; Puliafito, A.; Tapas, N.. - In: JOURNAL OF INFORMATION SECURITY AND APPLICATIONS. - ISSN 2214-2134. - 59:(2021), pp. 102848-102848. [10.1016/j.jisa.2021.102848]
Verifiable and auditable authorizations for smart industries and industrial Internet-of-Things
Ferretti L.;
2021
Abstract
Modern industrial systems are enriched by cyber–physical devices and interconnections with business processes that enable flexible production, remote monitoring, control and maintenance. These systems are typically subject to multiple authorities which must cooperate with each other, as in the case of segmented industrial environments and supply chains. In similar contexts, voluntary or unintentional damages may be caused by cyber attacks or by misbehaving authorized parties. We propose an original architecture that regulates accesses to industrial systems’ resources through authorization delegation procedures. It guarantees several benefits that include the possibility of auditing authorizations released by delegated third parties, of detecting misconducts and possible attacks, and of assuring attribution of misconducts. The proposed solution is compatible with constraints characterizing industrial environments and with security and performance requirements of industrial architectures. The performance and latencies of the auditing mechanisms are evaluated through a prototype.
Pubblicazioni consigliate
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris
