Identity and Access Management for IoT in Smart Grid

Abreu, Vilmar; Santin, Altair O.; Viegas, Eduardo K.; Cogo, Vinicius Vielmo

doi:10.1007/978-3-030-44041-1_104

Cited by 15 publications

(10 citation statements)

References 19 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Several access control schemes have been designed in smart grid systems over the last few years: they range from pure RBAC [ 15 ] or pure ABAC [ 16 ] to using combinations of RBAC and ABAC [ 17 ]. It is noteworthy to mention that many works mention authentication together with access control and, while authentication is subject to more advanced mathematical algorithms, usually access control is merely policy-based (such an example can be found in [ 18 ]).…”

Section: Related Workmentioning

confidence: 99%

“…This is a reference in the sector to address the security of industrial networks, since it provides useful guidelines for introducing aspects related to authenticity, confidentiality, and integrity in the communication and control protocols of the smart grid. It is composed of eleven parts, where part eight is especially applied to control access mechanisms based on RBAC [8][9][10][11][12][13][14][15][16][17][18][19][20][21][22][23].…”

mentioning

confidence: 99%

See 1 more Smart Citation

SealedGRID: Secure and Interoperable Platform for Smart GRID Applications

Suciu¹,

Sachian²,

Vulpe

et al. 2021

Sensors

View full text Add to dashboard Cite

Recent advancements in information and communication technologies (ICT) have improved the power grid, leading to what is known as the smart grid, which, as part of a critical economic and social infrastructure, is vulnerable to security threats from the use of ICT and new emerging vulnerabilities and privacy issues. Access control is a fundamental element of a security infrastructure, and security is based on the principles of less privilege, zero-trust, and segregation of duties. This work addresses how access control can be applied without disrupting the power grid’s functioning while also properly maintaining the security, scalability, and interoperability of the smart grid. The authentication in the platform presumes digital certificates using a web of trust. This paper presents the findings of the SealedGRID project, and the steps taken for implementing Attribute-based access control policies specifically customized to the smart grid. The outcome is to develop a novel, hierarchical architecture composed of different licensing entities that manages access to resources within the network infrastructure. They are based on well-drawn policy rules and the security side of these resources is placed through a context awareness module. Together with this technology, the IoT is used with Big Data (facilitating easy handling of large databases). Another goal of this paper is to present implementation and evaluations details of a secure and scalable security platform for the smart grid.

show abstract

Section: Related Workmentioning

confidence: 99%

mentioning

confidence: 99%

SealedGRID: Secure and Interoperable Platform for Smart GRID Applications

Suciu¹,

Sachian²,

Vulpe

et al. 2021

Sensors

View full text Add to dashboard Cite

show abstract

“…Secure access control and identity management mechanisms are proposed for Smart Grids in [ 41 ]. The authors have proposed a time-based one-time password (TOTP) based authentication model with three major system components.…”

Section: Related Workmentioning

confidence: 99%

“…The components of their model are the central system, the data concentrator, and the smart meter. The communication between the central system and the data concentrator is based on public-key encryption and the communication between the data concentrator and the smart meter is symmetric-key encryption [ 41 ]. The authors also proposed a role-based access control for the users to ensure proper authorization to the resources.…”

Section: Related Workmentioning

confidence: 99%

IMSC-EIoTD: Identity Management and Secure Communication for Edge IoT Devices

Sadique

Rahmani

Johannesson

2020

Sensors

View full text Add to dashboard Cite

The Internet of things (IoT) will accommodate several billions of devices to the Internet to enhance human society as well as to improve the quality of living. A huge number of sensors, actuators, gateways, servers, and related end-user applications will be connected to the Internet. All these entities require identities to communicate with each other. The communicating devices may have mobility and currently, the only main identity solution is IP based identity management which is not suitable for the authentication and authorization of the heterogeneous IoT devices. Sometimes devices and applications need to communicate in real-time to make decisions within very short times. Most of the recently proposed solutions for identity management are cloud-based. Those cloud-based identity management solutions are not feasible for heterogeneous IoT devices. In this paper, we have proposed an edge-fog based decentralized identity management and authentication solution for IoT devices (IoTD) and edge IoT gateways (EIoTG). We have also presented a secure communication protocol for communication between edge IoT devices and edge IoT gateways. The proposed security protocols are verified using Scyther formal verification tool, which is a popular tool for automated verification of security protocols. The proposed model is specified using the PROMELA language. SPIN model checker is used to confirm the specification of the proposed model. The results show different message flows without any error.

show abstract

“…O administrador deve primeiro coletar grandes quantidades de tráfego de rede, ao mesmo tempo que rotula cada evento como sendo normal ou ataque. Se esta atividade for manual, rotular cada evento pode exigir várias semanas ou mesmo meses de trabalho [Abreu et al 2020].…”

unclassified

Atualização de Modelo baseado em Aumento de Dados e Transferência de Aprendizagem para Detecção de Intrusão em Redes

Horchulhack

Viegas²,

Santin³

et al. 2022

Anais Do XXII Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2022)

Self Cite

View full text Add to dashboard Cite

Neste artigo apresentamos uma abordagem para atualização do modelo de aprendizagem de máquina para detecção de intrusão. Inicialmente, o tráfego de rede é aumentando por uma Redes Adversárias Generativas (GANs). Depois, as atualizações de modelos são realizadas por meio de Transferência de Aprendizagem sobre o conjunto de dados aumentado. O número de instâncias a ser rotuladas e os custos computacionais das atualizações do modelo são diminuídas significativa na proposta. A experimentação foi feita num conjunto de dados de 8TB (tráfego de rede de 1 ano), demonstrando a ineficiência dos trabalhos da literatura para detectar mudanças de comportamento no tráfego na rede. No caso do nosso modelo a taxa de falsos positivos diminuiu em até 18,1% quando atualizações periódicas são realizadas. As atualizações contemplaram somente 2,3% das instâncias, com uma diminuição de 14% no custo computacional.

show abstract

Identity and Access Management for IoT in Smart Grid

Cited by 15 publications

References 19 publications

SealedGRID: Secure and Interoperable Platform for Smart GRID Applications

SealedGRID: Secure and Interoperable Platform for Smart GRID Applications

IMSC-EIoTD: Identity Management and Secure Communication for Edge IoT Devices

Atualização de Modelo baseado em Aumento de Dados e Transferência de Aprendizagem para Detecção de Intrusão em Redes

Contact Info

Product

Resources

About