Access Control Policies for Network Function Virtualization environments in Industrial Control Systems

Murillo, Andrés; Rueda, Sandra

doi:10.1109/ciot50422.2020.9244205

Cited by 5 publications

(5 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [178], the authors summarized nearly 20 smart grid simulators (commercial and open source). The work [179] described an opensource smart grid simulator 29 . There are almost no network simulator for network slicing in smart grid or smart energy systems.…”

Section: Discussion and Remarks 1) Computational Complexity And Resou...mentioning

confidence: 99%

“…Although they are widely used in 5G network slicing, the performance of isolation is still a hot research topic and is being researched and improved [27]. Isolation can also be achieved through using different physical resources [28] or access control mechanisms [29], [30]. In 5G network slicing, according to the business needs, a network slice could be a slice of radio access network (RAN) resources only, a slice of core network resources only, or a slice of resources spanning RAN, core network, and transport networks.…”

Section: Related Work On Network Slicingmentioning

confidence: 99%

See 1 more Smart Citation

A Survey of Intelligent Network Slicing Management for Industrial IoT: Integrated Approaches for Smart Transportation, Smart Energy, and Smart Factory

Dai²,

Wang

et al. 2022

IEEE Commun. Surv. Tutorials

140

View full text Add to dashboard Cite

show abstract

Section: Discussion and Remarks 1) Computational Complexity And Resou...mentioning

confidence: 99%

Section: Related Work On Network Slicingmentioning

confidence: 99%

A Survey of Intelligent Network Slicing Management for Industrial IoT: Integrated Approaches for Smart Transportation, Smart Energy, and Smart Factory

Dai²,

Wang

et al. 2022

IEEE Commun. Surv. Tutorials

140

View full text Add to dashboard Cite

show abstract

“…The approach considered a robust insider adversary model capable of compromising one or multiple VNFs within the Management and Orchestration (MANO) framework. Furthermore, Murillo et al [18] introduced a specialized access control framework for virtualized Industrial Control Systems (ICS). The framework incorporated an advanced policy language to clearly define the components, roles, and authorized operations within the ICS.…”

Section: Related Workmentioning

confidence: 99%

“…Prior investigations in the field of NFV resource sharing have notably neglected the examination of robust access control strategies, despite their pivotal significance. Other research on access control [15][16][17][18] primarily focuses on Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and Policy-Based Access Control (PBAC). To ensure precise subject identification and verification within the NFV system, trusted identity management and authentication mechanisms are commonly deployed.…”

Section: Introductionmentioning

confidence: 99%

Enhancing Resource Sharing and Access Control for VNF Instantiation with Blockchain

Dong,

Wang,

et al. 2023

Sensors

View full text Add to dashboard Cite

In the realm of Network Function Virtualization (NFV), Virtual Network Functions (VNFs) are crucial software entities that require execution on virtualized hardware infrastructure. Deploying a Service Function Chain (SFC) requires multiple steps for instantiating VNFs to analyze, request, deploy, and monitor resources. It is well recognized that the sharing of infrastructure resources among different VNFs will enhance resource utilization. However, conventional mechanisms for VNF sharing often neglect the interests of both VNF instances and infrastructure providers. In this context, this paper presents a blockchain-based framework that focuses on resource sharing and access control, with a particular emphasis on ensuring profitability during VNF instantiation. Additionally, a resource sharing game model and a novel greedy matching algorithm are introduced to optimize the benefits for both VNF instances and infrastructure resource providers. Furthermore, a blockchain-based access control mechanism is designed to securely store keys and provide fine-grained access control. The experimental results demonstrate that the proposed resource sharing game model and greedy matching algorithm promote healthy competition among resource owners and facilitate effective bargaining between resource owners and infrastructure providers. In comparison to the standard Stackelberg game solution, our proposed method achieves up to an 8.1 times performance improvement while sacrificing fewer optimal social utility values. Furthermore, compared to other CP-ABE methods, the proposed approach enhances security within a blockchain-based framework while maintaining an excellent encryption efficiency and a moderate decryption efficiency.

show abstract

“…In addition, a preliminary security assessment was conducted for the new state replication model and architecture based on the identified requirements. The authors have conducted preliminary discussions on the intrusion detection, access control, and formal security analysis based on the proposed state replication scheme, but have not yet Murillo and Rueda [8] have deeply studied the application of digital twins in industrial control network security from the perspective of access control, proposed a lightweight access control framework for the digital twins of industrial control systems, provided a language for defining the access control policies for them, and implemented a proof of concept using OpenStack. The results indicate that the developed policy language can describe the components and relationships established in the digital twins of industrial control systems, and then use these relationships to define the access control rules.…”

Section: Researches Of Digital Twinmentioning

confidence: 99%

Research on Digital Twin Technology and Application in Campus

2023

FSST

View full text Add to dashboard Cite

With the continuous development of the science and technology, driven by the emerging industrial information systems and industrial intelligence, the digital twin technology has become a new research hotpot. In view of this, the basic concepts, application prospects, technical connotations and development trends of digital twin technology, as well as the existing preliminary research plans and the phased achievements are reviewed. The digital twin technology system, key technologies, development trends and technical challenges in the field of campus oriented intelligent operation and maintenance are summarized. It is expected to provide some references for the application of digital twin technology in campus.

show abstract

Access Control Policies for Network Function Virtualization environments in Industrial Control Systems

Cited by 5 publications

References 18 publications

A Survey of Intelligent Network Slicing Management for Industrial IoT: Integrated Approaches for Smart Transportation, Smart Energy, and Smart Factory

A Survey of Intelligent Network Slicing Management for Industrial IoT: Integrated Approaches for Smart Transportation, Smart Energy, and Smart Factory

Enhancing Resource Sharing and Access Control for VNF Instantiation with Blockchain

Research on Digital Twin Technology and Application in Campus

Contact Info

Product

Resources

About