Kern, Alexander ; Anderl, Reiner (2019)
Securing Industrial Remote Maintenance Sessions using Software-Defined Networking.
In: 2019 Sixth International Conference on Software Defined Systems (SDS)
doi: 10.1109/SDS.2019.8768719
Buchkapitel, Bibliographie
Kurzbeschreibung (Abstract)
Many modern business models of the manufacturing industry use the possibilities of digitization. In particular, the idea of connecting machines to networks and communication infrastructure is gaining momentum. However, in addition to the considerable economic advantages, this development also brings decisive disadvantages. By connecting previously encapsulated industrial networks with untrustworthy external networks such as the Internet, machines and systems are suddenly exposed to the same threats as conventional IT systems. A key problem today is the typical network paradigm with static routers and switches that cannot meet the dynamic requirements of a modern industrial network. Current security solutions often only threat symptoms instead of tackling the cause. In this paper we will therefore analyze the weaknesses of current networks and security solutions using the example of industrial remote maintenance. We will then present a novel concept of how Software-Defined Networking (SDN) in combination with a policy framework that supports attribute-based access control can be used to meet current and future security requirements in dynamic industrial networks. Furthermore, we will introduce an examplary implementation of this novel security framework for the use case of industrial remote maintenance and evaluate the solution. Our results show that SDN in combination with an Attribute-based Access Control (ABAC) policy framework is perfectly suited to increase flexibility and security of modern industrial networks at the same time.
Typ des Eintrags: | Buchkapitel |
---|---|
Erschienen: | 2019 |
Autor(en): | Kern, Alexander ; Anderl, Reiner |
Art des Eintrags: | Bibliographie |
Titel: | Securing Industrial Remote Maintenance Sessions using Software-Defined Networking |
Sprache: | Englisch |
Publikationsjahr: | 25 Juli 2019 |
Ort: | Rome, Italy |
Verlag: | IEEE |
Buchtitel: | 2019 Sixth International Conference on Software Defined Systems (SDS) |
DOI: | 10.1109/SDS.2019.8768719 |
URL / URN: | https://ieeexplore.ieee.org/servlet/opac?punumber=8764267 |
Kurzbeschreibung (Abstract): | Many modern business models of the manufacturing industry use the possibilities of digitization. In particular, the idea of connecting machines to networks and communication infrastructure is gaining momentum. However, in addition to the considerable economic advantages, this development also brings decisive disadvantages. By connecting previously encapsulated industrial networks with untrustworthy external networks such as the Internet, machines and systems are suddenly exposed to the same threats as conventional IT systems. A key problem today is the typical network paradigm with static routers and switches that cannot meet the dynamic requirements of a modern industrial network. Current security solutions often only threat symptoms instead of tackling the cause. In this paper we will therefore analyze the weaknesses of current networks and security solutions using the example of industrial remote maintenance. We will then present a novel concept of how Software-Defined Networking (SDN) in combination with a policy framework that supports attribute-based access control can be used to meet current and future security requirements in dynamic industrial networks. Furthermore, we will introduce an examplary implementation of this novel security framework for the use case of industrial remote maintenance and evaluate the solution. Our results show that SDN in combination with an Attribute-based Access Control (ABAC) policy framework is perfectly suited to increase flexibility and security of modern industrial networks at the same time. |
Freie Schlagworte: | SDN, network security, industrial remote maintenance, industrial networks, ABAC, XACML |
Fachbereich(e)/-gebiet(e): | 16 Fachbereich Maschinenbau 16 Fachbereich Maschinenbau > Fachgebiet Datenverarbeitung in der Konstruktion (DiK) (ab 01.09.2022 umbenannt in "Product Life Cycle Management") |
Hinterlegungsdatum: | 10 Sep 2019 05:34 |
Letzte Änderung: | 10 Sep 2019 05:34 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Frage zum Eintrag |
Optionen (nur für Redakteure)
Redaktionelle Details anzeigen |