The increasing degree of connectivity in factory of the future (FoF) environments, with systems that were never designed for a networked environment in terms of their technical security nature, is accompanied by a number of security risks that must be considered. This leads to the necessity of relying on risk assessment-based approaches to reach a sufficiently mature cyber security management level. However, the lack of common definitions of cyber threat actors (CTA) poses challenges in untested environments such as the FoF. This paper analyses policy papers and reports from expert organizations to identify common definitions of CTAs. A significant consensus exists only on two common CTAs, while other CTAs are often either ignored or overestimated in their importance. The identified motivations of CTAs are contrasted with the specific characteristics of FoF environments to determine the most likely CTAs targeting FoF environments. Special emphasis is given to corporate competitors, as FoF environments probably provide better opportunities than ever for industrial espionage if they are not sufficiently secured. In this context, the study aims to draw attention to the research gaps in this area.
In traditional centralized internet services, third parties authenticate the transactions of the users. An important property of decentralized blockchain networks is the unrestricted and secured access to the private keys of users, which may often be threatened for several reasons. One considerable problem in systems based on blockchain technology is when users lose access to their keys due to e.g. a broken or lost device. This paper, firstly, introduces an implementation that generates and maintains the private key in an Intel SGX enclave. The implementation allows using the private key in a process isolated from all other processes running on the same system. Secondly, the paper provides a method that enables the secure storage and recovery of a backup key to and from an external repository, using an end-to-end secure connection. One proposed application, with which this technology could be exploited, is the social wallet.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.