TU Darmstadt / ULB / TUbiblio

Using RBAC to Enforce the Principle of Least Privilege in Industrial Remote Maintenance Sessions

Kern, Alexander and Anderl, Reiner (2018):
Using RBAC to Enforce the Principle of Least Privilege in Industrial Remote Maintenance Sessions.
In: 2018 Fifth International Conference on Internet of Things: Systems, Management and Security, Valencia, Spain, IEEE, pp. 107-114, [Online-Edition: https://ieeexplore.ieee.org/document/8554805],
[Book Section]

This is the latest version of this item.

Abstract

In recent years, digitalization is having a great impact on industry. Especially the rising degree of cross-linked machines is resulting in new business models and great economic advantages. One example is remote maintenance. It leads to less downtime and gained efficiency due to a quicker response time of highly qualified maintenance technicians. However, connecting industrial machines to WANs opens up new attack surfaces. In particular, machines with long lifetimes are often severely outdated since updates that might cause downtime stand in direct conflict to the central objective of availability. In case of remote maintenance, it additionally requires great trust in the external maintenance technician not to use the remote connection for wrong doing. On the market multiple solutions for securing remote maintenance sessions exist. However, these solutions mainly focus on network security and disregard system security entirely. Security doctrines such as the principle of least privilege should be used to enhance the system security. This paper focuses on system security of industrial machines and proposes the use of role based access control to confine users and attackers alike. This way, consequences of security breaches and wrong doing can be minimized. The scientific contribution is the development, implementation and assessment of a concept for the usage of RBAC on system level to solve current system security issues, with the focus on remote maintenance sessions.

Item Type: Book Section
Erschienen: 2018
Creators: Kern, Alexander and Anderl, Reiner
Title: Using RBAC to Enforce the Principle of Least Privilege in Industrial Remote Maintenance Sessions
Language: English
Abstract:

In recent years, digitalization is having a great impact on industry. Especially the rising degree of cross-linked machines is resulting in new business models and great economic advantages. One example is remote maintenance. It leads to less downtime and gained efficiency due to a quicker response time of highly qualified maintenance technicians. However, connecting industrial machines to WANs opens up new attack surfaces. In particular, machines with long lifetimes are often severely outdated since updates that might cause downtime stand in direct conflict to the central objective of availability. In case of remote maintenance, it additionally requires great trust in the external maintenance technician not to use the remote connection for wrong doing. On the market multiple solutions for securing remote maintenance sessions exist. However, these solutions mainly focus on network security and disregard system security entirely. Security doctrines such as the principle of least privilege should be used to enhance the system security. This paper focuses on system security of industrial machines and proposes the use of role based access control to confine users and attackers alike. This way, consequences of security breaches and wrong doing can be minimized. The scientific contribution is the development, implementation and assessment of a concept for the usage of RBAC on system level to solve current system security issues, with the focus on remote maintenance sessions.

Title of Book: 2018 Fifth International Conference on Internet of Things: Systems, Management and Security
Place of Publication: Valencia, Spain
Publisher: IEEE
ISBN: 978-1-5386-9585-2
Divisions: 16 Department of Mechanical Engineering
16 Department of Mechanical Engineering > Department of Computer Integrated Design (DiK)
Date Deposited: 08 Feb 2019 08:00
Official URL: https://ieeexplore.ieee.org/document/8554805
Export:
Suche nach Titel in: TUfind oder in Google

Available Versions of this Item

  • Using RBAC to Enforce the Principle of Least Privilege in Industrial Remote Maintenance Sessions. (deposited 08 Feb 2019 08:00) [Currently Displayed]
Send an inquiry Send an inquiry

Options (only for editors)

View Item View Item