具有空间和时间粒度的ICPS边缘启用零信任架构

Wenxin Lei, Zhibo Pang, Hong Wen, Wenjing Hou, Xiaoling Zhang
{"title":"具有空间和时间粒度的ICPS边缘启用零信任架构","authors":"Wenxin Lei, Zhibo Pang, Hong Wen, Wenjing Hou, Xiaoling Zhang","doi":"10.1109/ICPS58381.2023.10127999","DOIUrl":null,"url":null,"abstract":"Motivated by the rapid advancement of industrial cyber-physical systems (ICPS) and rising voices in favor of zero trust (ZT) security, in this paper, we present an edge-enabled zero trust architecture (ZTA) for ICPS. ZT is thought to be relevant to ICPS with the spatial and temporal granularity in the suggested architecture. In addition to continuous authentication and a dynamic access-control mechanism at the temporal granularity, we recommend edge segmentation at the spatial granularity with microservices as the division units. Finally, we conduct a security assessment of the proposed architecture in the presence of threats faced by ICPS. Overall, our analysis shows that the proposed ZTA helps to promote the security of ICPS.","PeriodicalId":426122,"journal":{"name":"2023 IEEE 6th International Conference on Industrial Cyber-Physical Systems (ICPS)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2023-05-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Edge-enabled Zero Trust Architecture for ICPS with Spatial and Temporal Granularity\",\"authors\":\"Wenxin Lei, Zhibo Pang, Hong Wen, Wenjing Hou, Xiaoling Zhang\",\"doi\":\"10.1109/ICPS58381.2023.10127999\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Motivated by the rapid advancement of industrial cyber-physical systems (ICPS) and rising voices in favor of zero trust (ZT) security, in this paper, we present an edge-enabled zero trust architecture (ZTA) for ICPS. ZT is thought to be relevant to ICPS with the spatial and temporal granularity in the suggested architecture. In addition to continuous authentication and a dynamic access-control mechanism at the temporal granularity, we recommend edge segmentation at the spatial granularity with microservices as the division units. Finally, we conduct a security assessment of the proposed architecture in the presence of threats faced by ICPS. Overall, our analysis shows that the proposed ZTA helps to promote the security of ICPS.\",\"PeriodicalId\":426122,\"journal\":{\"name\":\"2023 IEEE 6th International Conference on Industrial Cyber-Physical Systems (ICPS)\",\"volume\":\"36 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-05-08\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2023 IEEE 6th International Conference on Industrial Cyber-Physical Systems (ICPS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICPS58381.2023.10127999\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2023 IEEE 6th International Conference on Industrial Cyber-Physical Systems (ICPS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICPS58381.2023.10127999","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 0

摘要

由于工业网络物理系统(ICPS)的快速发展和支持零信任(ZT)安全的呼声越来越高,本文提出了一种边缘支持的ICPS零信任架构(ZTA)。ZT被认为与建议架构中具有空间和时间粒度的ICPS相关。除了在时间粒度上使用连续认证和动态访问控制机制外,我们还建议在空间粒度上使用微服务作为划分单元进行边缘分割。最后,我们在ICPS面临威胁的情况下对所提出的架构进行了安全评估。总体而言,我们的分析表明,所提出的ZTA有助于提高ICPS的安全性。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
Edge-enabled Zero Trust Architecture for ICPS with Spatial and Temporal Granularity
Motivated by the rapid advancement of industrial cyber-physical systems (ICPS) and rising voices in favor of zero trust (ZT) security, in this paper, we present an edge-enabled zero trust architecture (ZTA) for ICPS. ZT is thought to be relevant to ICPS with the spatial and temporal granularity in the suggested architecture. In addition to continuous authentication and a dynamic access-control mechanism at the temporal granularity, we recommend edge segmentation at the spatial granularity with microservices as the division units. Finally, we conduct a security assessment of the proposed architecture in the presence of threats faced by ICPS. Overall, our analysis shows that the proposed ZTA helps to promote the security of ICPS.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信