Next-Generation Access Control for Distributed Control Systems

被引:19
作者
Huh, Jun Ho
Bobba, Rakesh B. [1 ]
Markham, Tom
Nicol, David M. [2 ]
Hull, Julie
Chernoguzov, Alex
Khurana, Himanshu
Staggs, Kevin
Huang, Jingwei [3 ]
机构
[1] Oregon State Univ, Sch Elect Engn & Comp Sci, Corvallis, OR 97331 USA
[2] Univ Illinois, Elect & Comp Engn, Urbana, IL 61801 USA
[3] Old Dominion Univ, Engn Management & Syst Engn, Norfolk, VA 23529 USA
来源
IEEE INTERNET COMPUTING | 2016年 / 20卷 / 05期
关键词
access control; distributed control systems; industrial control systems; Internet/Web technologies; role-based access control;
D O I
10.1109/MIC.2016.105
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Wired and wireless internetworking technologies are rapidly integrating, leaving distributed control systems (DCS) increasingly susceptible to cyberattacks. Access control frameworks can contain and mitigate the impact of cyberattacks, but existing solutions often leave holes that can undermine a plant's security. This article identifies key challenges in creating a complete, manageable access control framework for DCS and presents a model architecture that can ensure that each access is checked against policies that adhere to the least-privilege principle. The proposed architecture facilitates centralized, plant-wide policy management and protection of all connected field devices.
引用
收藏
页码:28 / 37
页数:10
相关论文
共 5 条
[1]   A model for attribute-based user-role assignment [J].
Al-Kahtani, MA ;
Sandhu, R .
18TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 2002, :353-362
[2]   Meta-policies for distributed role-based access control systems [J].
Belokosztolszki, A ;
Moody, K .
THIRD INTERNATION WORKSHOP ON POLICIES FOR DISTRIBUTED SYSTEMS AND NETWORKS, PROCEEDINGS, 2002, :106-115
[3]  
Bertino E., 2012, HDB SECURING CYBER P
[4]  
Huang Jingwei., 2012, Proceedings of the 17th ACM Symposium on Access Control Models and Technologies, P187
[5]  
National Institute of Standards and Technology, 2014, FRAM IMPR CRIT INFR
1