海事网络安全：保护数字海洋

IF 2.4 4区计算机科学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

International Journal of Information Security Pub Date : 2024-01-02 DOI:10.1007/s10207-023-00800-0

Ferney Martínez, Luis Enrique Sànchez, Antonio Santos-Olmo, David G. Rosado, Eduardo Fernàndez-Medina

{"title":"海事网络安全：保护数字海洋","authors":"Ferney Martínez, Luis Enrique Sànchez, Antonio Santos-Olmo, David G. Rosado, Eduardo Fernàndez-Medina","doi":"10.1007/s10207-023-00800-0","DOIUrl":null,"url":null,"abstract":"<p>Increasing digitisation in the maritime domain and the intensive use of information technologies have become essential for the effective functioning of systems that manage navigation, communications, sensors and weapons throughout the maritime chain. In this context, the issuance and enforcement of international standards and policies are seeking to mitigate the appearance of threats and vulnerabilities that aim to compromise access to functionalities, on-board systems and network integrity. Thus, in this article, we first review the main proposals for guidelines, frameworks and other solutions related to cybersecurity in the maritime environment. Subsequently, we analyse the way in which cybersecurity challenges specific to systems and equipment in this particular environment are addressed, identifying the main cybersecurity weaknesses and needs in the maritime environment that are not completely addressed. Based on this analysis, we then propose the structure of POSEIDON, a comprehensive framework for managing cybersecurity in maritime environments that addresses the identified gaps. This cybersecurity management framework takes into account existing proposals and is complemented by a set of new elements to provide a comprehensive approach to addressing the weaknesses identified.\n</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"124 1","pages":""},"PeriodicalIF":2.4000,"publicationDate":"2024-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Maritime cybersecurity: protecting digital seas\",\"authors\":\"Ferney Martínez, Luis Enrique Sànchez, Antonio Santos-Olmo, David G. Rosado, Eduardo Fernàndez-Medina\",\"doi\":\"10.1007/s10207-023-00800-0\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>Increasing digitisation in the maritime domain and the intensive use of information technologies have become essential for the effective functioning of systems that manage navigation, communications, sensors and weapons throughout the maritime chain. In this context, the issuance and enforcement of international standards and policies are seeking to mitigate the appearance of threats and vulnerabilities that aim to compromise access to functionalities, on-board systems and network integrity. Thus, in this article, we first review the main proposals for guidelines, frameworks and other solutions related to cybersecurity in the maritime environment. Subsequently, we analyse the way in which cybersecurity challenges specific to systems and equipment in this particular environment are addressed, identifying the main cybersecurity weaknesses and needs in the maritime environment that are not completely addressed. Based on this analysis, we then propose the structure of POSEIDON, a comprehensive framework for managing cybersecurity in maritime environments that addresses the identified gaps. This cybersecurity management framework takes into account existing proposals and is complemented by a set of new elements to provide a comprehensive approach to addressing the weaknesses identified.\\n</p>\",\"PeriodicalId\":50316,\"journal\":{\"name\":\"International Journal of Information Security\",\"volume\":\"124 1\",\"pages\":\"\"},\"PeriodicalIF\":2.4000,\"publicationDate\":\"2024-01-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Information Security\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1007/s10207-023-00800-0\",\"RegionNum\":4,\"RegionCategory\":\"计算机科学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10207-023-00800-0","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

摘要

海事领域日益数字化和信息技术的大量使用，对整个海事链中管理导航、通信、传感器和武器的系统的有效运作至关重要。在这种情况下，国际标准和政策的发布和实施正寻求减少威胁和漏洞的出现，这些威胁和漏洞的目的是破坏对功能、船上系统和网络完整性的访问。因此，在本文中，我们首先回顾了与海事环境网络安全有关的指导方针、框架和其他解决方案的主要建议。随后，我们分析了应对这一特定环境中系统和设备特有的网络安全挑战的方式，确定了海事环境中尚未完全解决的主要网络安全弱点和需求。在此分析基础上，我们提出了 POSEIDON 的结构，这是一个用于管理海事环境中网络安全的综合框架，可解决已确定的差距。该网络安全管理框架考虑了现有的建议，并辅以一系列新要素，以提供一种全面的方法来解决所发现的薄弱环节。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

Maritime cybersecurity: protecting digital seas

查看原文本刊更多论文

Maritime cybersecurity: protecting digital seas

Increasing digitisation in the maritime domain and the intensive use of information technologies have become essential for the effective functioning of systems that manage navigation, communications, sensors and weapons throughout the maritime chain. In this context, the issuance and enforcement of international standards and policies are seeking to mitigate the appearance of threats and vulnerabilities that aim to compromise access to functionalities, on-board systems and network integrity. Thus, in this article, we first review the main proposals for guidelines, frameworks and other solutions related to cybersecurity in the maritime environment. Subsequently, we analyse the way in which cybersecurity challenges specific to systems and equipment in this particular environment are addressed, identifying the main cybersecurity weaknesses and needs in the maritime environment that are not completely addressed. Based on this analysis, we then propose the structure of POSEIDON, a comprehensive framework for managing cybersecurity in maritime environments that addresses the identified gaps. This cybersecurity management framework takes into account existing proposals and is complemented by a set of new elements to provide a comprehensive approach to addressing the weaknesses identified.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

International Journal of Information Security 工程技术-计算机：理论方法

CiteScore

6.30

自引率

3.10%

发文量

审稿时长

12 months

期刊介绍： The International Journal of Information Security is an English language periodical on research in information security which offers prompt publication of important technical work, whether theoretical, applicable, or related to implementation. Coverage includes system security: intrusion detection, secure end systems, secure operating systems, database security, security infrastructures, security evaluation; network security: Internet security, firewalls, mobile security, security agents, protocols, anti-virus and anti-hacker measures; content protection: watermarking, software protection, tamper resistant software; applications: electronic commerce, government, health, telecommunications, mobility.