356
views
0
recommends
+1 Recommend
1 collections
    0
    shares
      • Record: found
      • Abstract: found
      • Conference Proceedings: found
      Is Open Access

      HADA: Hybrid Access Decision Architecture for Building Automation and Control Systems

      1 , 2 , 1 , 1

      1st International Symposium for ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013) (ICSCSR)

      ICS & SCADA Cyber Security Research 2013

      16-17 September 2013

      Information Security, Access Control, Authorization, Building Automation and Control Systems

      Read this article at

      Bookmark
          There is no author summary for this article yet. Authors can add summaries to their articles on ScienceOpen to make them more accessible to a non-specialist audience.

          Abstract

          Industrial Control Systems (ICS) and Building Automation and Control Systems (BACS) are being deployed to enable monitoring and control of various intelligent systems like Heating, Ventilation and Air Conditioning (HVAC), safety, access and lighting systems. Each system is an integral part of the ICS and BACS, allowing for optimized industrial operations where devices interact with each other, with users and with other third party systems such as energy management. A key need when interacting is the controlled and trustworthy disclosure of information so that only authenticated and authorized entities can have access and control the resources of a device. However, secure authentication and authorization is not easy due to the combined distributed/centralized operation of ICS and BACS, its large scale deployment, as well as the resource-constrained nature of sensors and actuators. This paper analyzes the security requirements and constraints in ICS/BACS and proposes the Hybrid Access Decision Architecture (HADA) to allow for interoperability between centralized and distributed access control methods. While a central party is in control of policy specification, the system also allows for the deployment of lightweight and compact access control policies to the target devices so that access control decisions can take place in a distributed manner. Our prototype that is based on 6LoWPAN/CoAP IP protocols and binary JSON access control policies shows the feasibility of our approach.

          Related collections

          Most cited references 16

          • Record: found
          • Abstract: not found
          • Article: not found

          Role-based access control models

            Bookmark
            • Record: found
            • Abstract: not found
            • Article: not found

            Proposed NIST standard for role-based access control

              Bookmark
              • Record: found
              • Abstract: not found
              • Article: not found

              Kerberos: an authentication service for computer networks

               B.C. Neuman,  T. Ts'o (1994)
                Bookmark

                Author and article information

                Contributors
                Conference
                September 2013
                September 2013
                : 1-11
                Affiliations
                [1 ]Lighting Control Systems Dept., Philips Research, High Tech Campus 34, 5656 AE, Eindhoven, The Netherlands
                [2 ]School of Computing Science, University of Glasgow Singapore, 9 Woodlands Avenue 9, Singapore 738984
                Article
                10.14236/ewic/ICSCSR2013.1
                © Amit Soni et al. Published by BCS Learning and Development Ltd. 1st International Symposium for ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013), Leicester, UK

                This work is licensed under a Creative Commons Attribution 4.0 Unported License. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/

                1st International Symposium for ICS & SCADA Cyber Security Research 2013 (ICS-CSR 2013)
                ICSCSR
                1
                Leicester, UK
                16-17 September 2013
                Electronic Workshops in Computing (eWiC)
                ICS & SCADA Cyber Security Research 2013
                Product
                Product Information: 1477-9358BCS Learning & Development
                Self URI (journal page): https://ewic.bcs.org/
                Categories
                Electronic Workshops in Computing

                Comments

                Comment on this article