{"title":"基于风险的工业物联网非法信息流检测","authors":"Argiro Anagnostopoulou, I. Mavridis, D. Gritzalis","doi":"10.5220/0012079800003555","DOIUrl":null,"url":null,"abstract":": Industrial IoT (IIoT) consists of a great number of low-cost interconnected devices, including sensors, actuators, and PLCs. Such environments deal with vast amounts of data originating from a wide range of devices, applications, and services. These data should be adequately protected from unauthorized users and services. As IIoT environments are scalable and decentralized, the conventional security schemes have difficulties in protecting systems. Information flow control, along with delegation of accurate access control rules is crucial. In this work, we propose an approach to assess the existing information flows and detect the illegal ones in IIoT environments, which utilizes a risk-based method for critical infrastructure dependency modeling. We define formulas to indicate the nodes with a high-risk level. We create a graph based on business processes, operations, and current access control rules of an infrastructure. In the graph, the edges represent the information flows. For each information flow we calculate the risk level. This aids to reconstruct current access control rules on the high-risk nodes of the infrastructure.","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"10 1","pages":"377-384"},"PeriodicalIF":0.0000,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Risk-Based Illegal Information Flow Detection in the IIoT\",\"authors\":\"Argiro Anagnostopoulou, I. Mavridis, D. Gritzalis\",\"doi\":\"10.5220/0012079800003555\",\"DOIUrl\":null,\"url\":null,\"abstract\":\": Industrial IoT (IIoT) consists of a great number of low-cost interconnected devices, including sensors, actuators, and PLCs. Such environments deal with vast amounts of data originating from a wide range of devices, applications, and services. These data should be adequately protected from unauthorized users and services. As IIoT environments are scalable and decentralized, the conventional security schemes have difficulties in protecting systems. Information flow control, along with delegation of accurate access control rules is crucial. In this work, we propose an approach to assess the existing information flows and detect the illegal ones in IIoT environments, which utilizes a risk-based method for critical infrastructure dependency modeling. We define formulas to indicate the nodes with a high-risk level. We create a graph based on business processes, operations, and current access control rules of an infrastructure. In the graph, the edges represent the information flows. For each information flow we calculate the risk level. This aids to reconstruct current access control rules on the high-risk nodes of the infrastructure.\",\"PeriodicalId\":74779,\"journal\":{\"name\":\"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography\",\"volume\":\"10 1\",\"pages\":\"377-384\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-01-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.5220/0012079800003555\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.5220/0012079800003555","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Risk-Based Illegal Information Flow Detection in the IIoT
: Industrial IoT (IIoT) consists of a great number of low-cost interconnected devices, including sensors, actuators, and PLCs. Such environments deal with vast amounts of data originating from a wide range of devices, applications, and services. These data should be adequately protected from unauthorized users and services. As IIoT environments are scalable and decentralized, the conventional security schemes have difficulties in protecting systems. Information flow control, along with delegation of accurate access control rules is crucial. In this work, we propose an approach to assess the existing information flows and detect the illegal ones in IIoT environments, which utilizes a risk-based method for critical infrastructure dependency modeling. We define formulas to indicate the nodes with a high-risk level. We create a graph based on business processes, operations, and current access control rules of an infrastructure. In the graph, the edges represent the information flows. For each information flow we calculate the risk level. This aids to reconstruct current access control rules on the high-risk nodes of the infrastructure.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
