Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Optimization Approaches to Security-Constrained Unit Commitment and Economic Dispatch with Uncertainty Analysis Read chapter Read first chapter

2013 | OriginalPaper | Chapter

Data Diodes in Support of Trustworthy Cyber Infrastructure and Net-Centric Cyber Decision Support

Authors : H. Okhravi, F. T. Sheldon, J. Haines

Published in: Optimization and Security Challenges in Smart Power Grids

Publisher: Springer Berlin Heidelberg

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

Data diodes provide protection of critical cyber assets by the means of physically enforcing traffic direction on the network. In order to deploy data diodes effectively, it is imperative to understand the protection they provide, the protection they do not provide, their limitations, and their place in the larger security infrastructure. In this work, we study data diodes, their functionalities and limitations. We then propose two critical infrastructure systems that can benefit from the additional protection offered by data diodes: process control networks and net-centric cyber decision support systems. We review the security requirements of these systems, describe the architectures, and study the trade-offs. Finally, the architectures are evaluated against different attack patterns.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Known Secure Sensor Measurements Concept and Its Application for Critical Infrastructure Systems
Literature
CAPEC (2008) Common attack pattern enumeration and classification
Davis CM, Tate JE, Okhravi H, Grier C, Overbye TJ, Nicol D (2006) SCADA cyber security testbed development. In: Proceedings of the 38th North American power symposium (NAPS 2006), pp 483–488
Gagnon M, Haines J, Kapadia A, Truelove J, Huang O (2010) Towards net-centric cyber survivability for ballistic missile defense. In: 1st international symposium on architecting critical systems federated with CompArch 2010 (ISARCS’10)
Hari A, Suri S, Parulkar G (2000) Detecting and resolving packet filter conflicts. In: Proceedings of IEEE INFOCOM, pp 1203–1212
Hofstadter DR (1979) Godel, Escher, Bach: an eternal golden, 1st edn. Basic Books Inc., New York
Interactive Link Data Diode Device (2010) Manual, BAE Systems
Jones DW, Bowersox TC (2006) Secure data export and auditing using data diodes. In: Proceedings of the USENIX electronic voting technology workshop 2006, EVT’06. USENIX Association, Berkeley, CA, USA, p 4
Kang MH, Moskowitz IS, Chincheck S (2005) The pump: a decade of covert fun. In: Proceedings of the IEEE computer society on 21st annual computer security applications conference ACSAC ’05, Washington, DC, USA, pp 352–360
Menoher J, Mraz R (2007) CWID 2007 data diode case study. In: Invited presentation at the 23st annual computer security applications conference (ACSAC ’07)
Network Admission Control (NAC) (2005) Technical overview, Cisco Systems, Inc.
Okhravi H, Nicol D (2009) Application of trusted network technology to industrial control networks. Elsevier Int J Crit Infrastruct Prot (IJCIP) 2(3):84–94CrossRef
Okhravi H, Nicol D (2008) Applying trusted network technology to process control systems. In: Goetz E, Shenoi S (eds) Critical infrastructure protection II, 2nd edn. Springer, Boston, pp 57–70
Rieback MR, Crispo B, Tanenbaum AS (2006) Is your cat infected with a computer virus? In: Proceedings of the fourth annual IEEE international conference on pervasive computing and communications, pp 169–179
Roach J (2007) The architecture of aircraft instrumentation networks. In: Proceedings of the international telemetering conference (ITC 2007)
Stevens M, Pope M (1995) Data diodes. Technical report DSTO-TR-0209, Electronics and Surveillance Research Laboratory (DSTO)
Wool A (2004) A quantitative study of firewall configuration errors. Computer 37(6):62–67CrossRef
Metadata
Title
Data Diodes in Support of Trustworthy Cyber Infrastructure and Net-Centric Cyber Decision Support
Authors
H. Okhravi
F. T. Sheldon
J. Haines
Copyright Year
2013
Publisher
Springer Berlin Heidelberg
Book
Optimization and Security Challenges in Smart Power Grids

Print ISBN: 978-3-642-38133-1

Electronic ISBN: 978-3-642-38134-8

Copyright Year: 2013

DOI
https://doi.org/10.1007/978-3-642-38134-8_10