Top

Published in:

2019 | OriginalPaper | Chapter

Access Control in the Industrial Internet of Things

Authors : Stavros Salonikias, Antonios Gouglidis, Ioannis Mavridis, Dimitris Gritzalis

Published in: Security and Privacy Trends in the Industrial Internet of Things

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The Industrial Internet of Things (IIoT) is an ecosystem that consists of – among others – various networked sensors and actuators, achieving mainly advancements related with lowering production costs and providing workflow flexibility. Introducing access control in such environments is considered to be challenging, mainly due to the variety of technologies and protocols in IIoT devices and networks. Thus, various access control models and mechanisms should be examined, as well as the additional access control requirements posed by these industrial environments. To achieve these aims, we elaborate on existing state-of-the-art access control models and architectures and investigate access control requirements in IIoT, respectively. These steps provide valuable indications on what type of an access control model and architecture may be beneficial for application in the IIoT. We describe an access control architecture capable of achieving access control in IIoT using a layered approach and based on existing virtualization concepts (e.g., the cloud). Furthermore, we provide information on the functionality of the individual access control related components, as well as where these should be placed in the overall architecture. Considering this research area to be challenging, we finally discuss open issues and anticipate these directions to provide interesting multi-disciplinary insights in both industry and academia.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter A Survey on Lightweight Authenticated Encryption and Challenges for Securing Industrial IoT

next chapter A Distributed Usage Control Framework for Industrial Internet of Things

Abowd GD, Dey AK, Brown PJ, Davies N, Smith M, Steggles P (1999) Towards a better understanding of context and context-awareness. In: International Symposium on Handheld and Ubiquitous Computing. Springer, pp 304–307

Alshehri A, Sandhu R (2016) Access control models for cloud-enabled internet of things: a proposed architecture and research agenda. In: 2016 IEEE 2nd International Conference on Collaboration and Internet Computing (CIC), pp 530–538

Atzori L, Iera A, Morabito G (2010) The internet of things: a survey. Comput Netw 54(15):2787–2805CrossRef

Bonomi F, Milito R, Zhu J, Addepalli S (2012) Fog computing and its role in the internet of things. In: Proceedings of the First Edition of the MCC Workshop on Mobile Cloud Computing. ACM, pp 13–16

Daugherty P, Banerjee P, Negm W, Alter AE (2015) Driving unconventional growth through the industrial internet of things. In: Accenture technology. https://www.accenture.com/ph-en/_acnmedia/Accenture/next-gen/reassembling-industry/pdf/Accenture-Driving-Unconventional-Growth-through-IIoT.pdf. Accessed 1 June 2018

Ferraiolo DF, Kuhn DR, Chandramouli R (2003) Role-based access control. Artech House Inc., NorwoodMATH

Gouglidis A, Mavridis I (2012) domRBAC: an access control model for modern collaborative systems. Comput Secur 31(4):540–556CrossRef

Gouglidis A, Hu VC, Busby JS, Hutchison D (2017) Verification of resilience policies that assist attribute based access control. In: Proceedings of the 2nd ACM Workshop on Attribute-Based Access Control. ACM, pp 43–52

Gouglidis A, Grompanopoulos C, Mavridou A (2018) Formal verification of usage control models: a case study of UseCON using TLA+. In: International Workshop on Methods and Tools for Rigorous System Design

10.

Grompanopoulos C, Gouglidis A, Mavridis I (2012) A use-based approach for enhancing UCON. In: International Workshop on Security and Trust Management. Springer, pp 81–96

11.

Hu VC, Ferraiolo D, Kuhn R, Friedman AR, Lang AJ, Cogdell MM, Schnitzer A, Sandlin K, Miller R, Scarfone K et al (2014) Guide to attribute based access control (ABAC) definition and considerations. NIST Special Publication. U.S. Department of Commerce Gaithersburg, p 800

12.

Hu VC, Kuhn DR, Ferraiolo DF, Voas J (2015) Attribute-based access control. Computer 48(2):85–88CrossRef

13.

Industrial Internet Consortium: Technical papers, publications, and white papers. https://www.iiconsortium.org/white-papers.htm/. [Online; Accessed 01 June 2018]

14.

Iorga M, Feldman L, Barton R, Martin M, Goren N, Mahmoudi C (2018) Fog computing conceptual model, recommendations of the National Institute of Standards and Technology. NIST Special Publication, pp 500–325

15.

ITU Information technology – open systems interconnection – security frameworks for open systems: access control framework. https://www.itu.int/rec/T-REC-X.812/en/. [Online; Accessed 1 June 2018]

16.

ITU Y.2060: overview of the internet of things. https://www.itu.int/rec/T-REC-Y.2060-201206-I/. [Online; Accessed 1 June 2018]

17.

Jin X, Krishnan R, Sandhu R (2012) A unified attribute-based access control model covering DAC, MAC and RBAC. In: IFIP Annual Conference on Data and Applications Security and Privacy. Springer, pp 41–55

18.

Lin SW, Miller B, Durand J, Joshi R, Didier P, Chigani A, Torenbeek R, Duggal D, Martin R, Bleakley G et al (2015) Industrial internet reference architecture. Industrial Internet Consortium (IIC), Technical Report

19.

Liu Q, Zhang H, Wan J, Chen X (2017) An access control model for resource sharing based on the role-based access control intended for Multi-domain manufacturing internet of things. IEEE Access 5:7001–7011CrossRef

20.

Lopez J, Rubio JE (2018) Access control for cyber-physical systems interconnected to the cloud. Comput Netw 134:46–54CrossRef

21.

Navarro-Ortiz J, Sendra S, Ameigeiras P, Lopez-Soler JM (2018) Integration of LoRaWAN and 4G/5G for the industrial internet of things. IEEE Commun Mag 56(2):60–67CrossRef

22.

OASIS: eXtensible Access Control Markup Language (XACML) Version 3.0. http://docs.oasis-open.org/xacml/3.0/xacml-3.0-core-spec-os-en.html/. [Online; Accessed 1 June 2018]

23.

Ouaddah A, Mousannif H, Elkalam AA, Ouahman AA (2017) Access control in the internet of things: big challenges and new opportunities. Comput Netw 112:237–262CrossRef

24.

Park J, Sandhu R (2004) The UCON ABC usage control model. ACM Trans Inf Syst Secur (TISSEC) 7(1):128–174CrossRef

25.

Pesonen LI, Eyers DM, Bacon J (2006) A capability-based access control architecture for multi-domain publish/subscribe systems. In: International Symposium on Applications and the Internet, SAINT 2006, 7 pp

26.

Salonikias S, Mavridis I, Gritzalis D (2015) Access control issues in utilizing fog computing for transport infrastructure. In: International Conference on Critical Information Infrastructures Security. Springer, pp 15–26

27.

Serpanos D, Wolf M (2017) Internet-of-things (IoT) systems: architectures, algorithms, methodologies. Springer, Singapore

28.

Welbourne E, Battle L, Cole G, Gould K, Rector K, Raymer S, Balazinska M, Borriello G (2009) Building the internet of things using RFID: the RFID ecosystem experience. IEEE Internet Comput 13(3):48–55CrossRef

29.

Wilkes MV, Needham RM (1979) In: Denning PJ (ed) The Cambridge CAP computer and its operating system, Operating and programming systems series. North Holland, New York City

30.

Zhang X, Nakae M, Covington MJ, Sandhu R (2008) Toward a usage-based security framework for collaborative computing systems. ACM Trans Inf Syst Secur (TISSEC) 11(1):3CrossRef

Title: Access Control in the Industrial Internet of Things
Authors: Stavros Salonikias
Antonios Gouglidis
Ioannis Mavridis
Dimitris Gritzalis
Publisher: Springer International Publishing
Book: Security and Privacy Trends in the Industrial Internet of Things
Print ISBN: 978-3-030-12329-1

Electronic ISBN: 978-3-030-12330-7

Copyright Year: 2019
DOI: https://doi.org/10.1007/978-3-030-12330-7_5

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner