Combining System Integrity Verification with Identity and Access Management

European Conference on Cyber Warfare and Security Pub Date : 2022-06-08 DOI:10.34190/eccws.21.1.202

Markku Kylänpää, J. Salonen

{"title":"Combining System Integrity Verification with Identity and Access Management","authors":"Markku Kylänpää, J. Salonen","doi":"10.34190/eccws.21.1.202","DOIUrl":null,"url":null,"abstract":"Digital transformation and the utilization of Industrial IoT (IIoT) introduces numerous interconnected devices to factories increasing among others the challenge of managing their software versions and giving attackers new possibilities to exploit various software vulnerabilities. \nFactory networks were earlier isolated from the Internet. However, this separation is no longer valid and there can be connections that allow intruders to penetrate into information systems of factories. Another issue is that although factories typically are physically isolated, it is not necessarily safe to assume that physical security is in good shape as the novel supply networks comprise subcontracted activities and temporary work force. Another threat can also arise from unauthorized monitoring of devices and the unauthorized replacement of existing ones. \nBased on the previous, it is crucial that IIoT security should be built into factories of the future (FoF) right from the design phase and even low-end devices need to be supported. Trusted computing concept called remote attestation should be used. Remote attestation allows remote parties to verify the integrity of each system component. System components should include trusted hardware components that can be used to measure executable software. The term measurement means calculating the cryptographic hash of the binary component before passing control to it. Trusted hardware components should also have a mechanism to protect the integrity of the measurement list and cryptographic keys that can be used to sign integrity assertions. The verifier part should have a storage of reference integrity metrics identifying the expected values of these measurements. \nDeploying trusted computing and remote attestation concepts to industrial automation is not straightforward. Even if it is possible to use remote attestation with suitable hardware components, it is not clear how remote attestation should be integrated with various operational technology (OT) industrial automation protocols. Approaches to use remote attestation with existing industrial automation protocols (e.g., OPC UA) is discussed. Advanced identity and access management (e.g., OAuth2, OpenID Connect) can be used to combine integrity measurements with device identity information so that the remote attestation process is triggered by authentication during the first transaction. The focus is on machine-to-machine (M2M) communications with immutable device identities and integrity evidence transfer.","PeriodicalId":258360,"journal":{"name":"European Conference on Cyber Warfare and Security","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-06-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"European Conference on Cyber Warfare and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.34190/eccws.21.1.202","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Digital transformation and the utilization of Industrial IoT (IIoT) introduces numerous interconnected devices to factories increasing among others the challenge of managing their software versions and giving attackers new possibilities to exploit various software vulnerabilities. Factory networks were earlier isolated from the Internet. However, this separation is no longer valid and there can be connections that allow intruders to penetrate into information systems of factories. Another issue is that although factories typically are physically isolated, it is not necessarily safe to assume that physical security is in good shape as the novel supply networks comprise subcontracted activities and temporary work force. Another threat can also arise from unauthorized monitoring of devices and the unauthorized replacement of existing ones. Based on the previous, it is crucial that IIoT security should be built into factories of the future (FoF) right from the design phase and even low-end devices need to be supported. Trusted computing concept called remote attestation should be used. Remote attestation allows remote parties to verify the integrity of each system component. System components should include trusted hardware components that can be used to measure executable software. The term measurement means calculating the cryptographic hash of the binary component before passing control to it. Trusted hardware components should also have a mechanism to protect the integrity of the measurement list and cryptographic keys that can be used to sign integrity assertions. The verifier part should have a storage of reference integrity metrics identifying the expected values of these measurements. Deploying trusted computing and remote attestation concepts to industrial automation is not straightforward. Even if it is possible to use remote attestation with suitable hardware components, it is not clear how remote attestation should be integrated with various operational technology (OT) industrial automation protocols. Approaches to use remote attestation with existing industrial automation protocols (e.g., OPC UA) is discussed. Advanced identity and access management (e.g., OAuth2, OpenID Connect) can be used to combine integrity measurements with device identity information so that the remote attestation process is triggered by authentication during the first transaction. The focus is on machine-to-machine (M2M) communications with immutable device identities and integrity evidence transfer.

查看原文本刊更多论文

将系统完整性验证与身份和访问管理相结合

数字化转型和工业物联网(IIoT)的利用为工厂引入了许多互联设备，增加了管理其软件版本的挑战，并为攻击者提供了利用各种软件漏洞的新可能性。工厂网络早先是与互联网隔离的。然而，这种分离不再有效，并且可能存在允许入侵者渗透到工厂信息系统的连接。另一个问题是，虽然工厂通常在物理上是隔离的，但由于新的供应网络包括分包活动和临时劳动力，因此假设物理安全状况良好并不一定安全。另一种威胁还可能来自未经授权的设备监控和未经授权的现有设备更换。基于之前的情况，从设计阶段开始就应该将IIoT安全性构建到未来工厂(FoF)中，甚至需要支持低端设备，这一点至关重要。应该使用称为远程认证的可信计算概念。远程认证允许远程各方验证每个系统组件的完整性。系统组件应该包括可用于度量可执行软件的可信硬件组件。术语度量意味着在将控制传递给二进制组件之前计算其加密散列。受信任的硬件组件还应该有一种机制来保护度量列表的完整性，以及可用于签署完整性断言的加密密钥。验证者部分应该存储识别这些度量的期望值的参考完整性度量。将可信计算和远程认证概念部署到工业自动化并不简单。即使可以在合适的硬件组件上使用远程认证，也不清楚远程认证应该如何与各种操作技术(OT)工业自动化协议集成。讨论了与现有工业自动化协议(如OPC UA)一起使用远程认证的方法。高级身份和访问管理(例如，OAuth2, OpenID Connect)可用于将完整性测量与设备身份信息相结合，以便在第一次交易期间通过身份验证触发远程认证过程。重点是具有不可变设备身份和完整性证据传输的机器对机器(M2M)通信。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

European Conference on Cyber Warfare and Security

自引率

0.00%

发文量