Overview of Authentication and Access Controls for I&amp;C systems

Tellabi, Asmaa; Sassmanhausen, Jochen; Bajramovic, Edita; Ruland, Karl Christoph

doi:10.1109/indin.2018.8472068

Cited by 5 publications

(6 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Separation of duties prevents users from exceeding the level of authority in relation to their position by implementing constraints that limit a user's permissions. Static separation of duties implements constraints on user-role (Alhaqbani and Fidge, 2007;Bertino and Takahashi, 2011;Bilong et al, 2020;Desai, 2012;Furnell et al, 2008;Igarashi and Watanobe, 2018;Kuhn et al, 2010;Mao et al, 2009;Rasiwasia, 2017;Sifou et al, 2017;Tellabi et al, 2018) ICS 28,3 assignments while dynamic separation of duties implements constraints on user-role activations within a session. While RBAC has advantages over the other access control models, one of its most notable disadvantages is that it does not support the handling of dynamic events (INCITS, 2012b;Kuhn et al, 2010;Sifou et al, 2017;Singh et al, 2019).…”

Section: Authorisationmentioning

confidence: 99%

A Clark-Wilson and ANSI role-based access control model

Tsegaye

Flowerday

2020

ICS

View full text Add to dashboard Cite

Purpose An electronic health record (EHR) enables clinicians to access and share patient information electronically and has the ultimate goal of improving the delivery of healthcare. However, this can create security and privacy risks to patient information. This paper aims to present a model for securing the EHR based on role-based access control (RBAC), attribute-based access control (ABAC) and the Clark-Wilson model. Design/methodology/approach A systematic literature review was conducted which resulted in the collection of secondary data that was used as the content analysis sample. Using the MAXQDA software program, the secondary data was analysed quantitatively using content analysis, resulting in 2,856 tags, which informed the discussion. An expert review was conducted to evaluate the proposed model using an evaluation framework. Findings The study found that a combination of RBAC, ABAC and the Clark-Wilson model may be used to secure the EHR. While RBAC is applicable to healthcare, as roles are linked to an organisation’s structure, its lack of dynamic authorisation is addressed by ABAC. Additionally, key concepts of the Clark-Wilson model such as well-formed transactions, authentication, separation of duties and auditing can be used to secure the EHR. Originality/value Although previous studies have been based on a combination of RBAC and ABAC, this study also uses key concepts of the Clark-Wilson model for securing the EHR. Countries implementing the EHR can use the model proposed by this study to help secure the EHR while also providing EHR access in a medical emergency.

show abstract

Section: Authorisationmentioning

confidence: 99%

A Clark-Wilson and ANSI role-based access control model

Tsegaye

Flowerday

2020

ICS

View full text Add to dashboard Cite

show abstract

“…Access control technology [5], as one of the important technologies to protect the integrity, evaluates whether the trader has the right to execute the current transaction according to the trader identity, to regulate the access behaviour to the network resource storage. In practice, mandatory access control is usually adopted.…”

Section: Introductionmentioning

confidence: 99%

CL-BC: A Secure Data Storage Model for Social Networks

Wang

Zhu

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

While bringing convenience to people, social networks cause various security problems, such as information leakage, which belongs to the security category of data storage. The related research focuses more on the confidentiality design and lacks the discussion of data integrity protection technology. Thus, the electronic data editability invites the risk of data tampering and destruction, making other operations meaningless once the data are inaccurate. A social network-oriented data security storage model, CL-BC, included conceptual design, preliminary framework design, and detailed flow design, to improve the security threats such as overauthorization and illegal execution in data storage. The blockchain technology is combined with the improved Clark–Wilson model to achieve data integrity access control protection through execution rules and authentication rules. The system uses the subalgorithm of DR-BFT for reference when deploying the algorithm program and adopts the intelligent contract to complete the design rules. The experimental analysis shows the CL-BC model adapts to the actual security environment, ensures the data storage integrity in the social network stored process, and has application value.

show abstract

“…Self-diagnostics applications are capable of testing multiple modules that are available in the platform [4]. In [5], the different authentication and access controls mechanisms were presented, including security concerns surrounding industrial systems. As stated in [5], for industrial computers, Availability is the primary security concern and self-diagnostics applications can be used to verify the internal status.…”

mentioning

confidence: 99%

“…In [5], the different authentication and access controls mechanisms were presented, including security concerns surrounding industrial systems. As stated in [5], for industrial computers, Availability is the primary security concern and self-diagnostics applications can be used to verify the internal status. The idea of developing self-diagnostics applications are based on the findings in [5].…”

mentioning

confidence: 99%

See 1 more Smart Citation

Self Diagnostics and Isolation Mechanisms for Mixed Criticality Systems

Tellabi

Ruland

Waedt

et al. 2019

JCOMSS

Self Cite

View full text Add to dashboard Cite

Virtualization is a technology that is frequently employed in computers and servers to provide isolation for execution environments, and to support the execution of multiple Operating Systems (OS) on the same hardware platform. In the embedded systems´ world, virtualization has been a rising trend, essentially because it offers an isolation mechanism that provides hardware manufacturer´ independence and it avoids obsolescence issues. The isolation mechanism supports safety and security measures, and assists in the certification of safety-critical systems. Virtualization offers improved performances, better transparency, portability and interoperability by integrating hardware and software resources, and also networking services into one computing entity. It makes the integration process of Mixed Criticality Systems (MCS) easier. For industries, Field-Programmable Gate Arrays (FPGAs) hardware solutions provide the needed level of flexibility and performance. In this paper, a Self-test application is integrated in the hardware and also in the software level. The importance of self-test applications for Instrumentation and Control (I&C) systems will be discussed in the context of virtualization. For this implementation a type 1 hypervisor called Xtratum is used. An analysis of inter-partition communication channels´ performance will be provided including the implications multicore approaches will have on communication. The novelty of this work is to study the isolation impact multicore approaches can have on inter-partitions communications in Xtratum. Another novel aspect is the implementation of a self-test application in the hypervisor and the board as well.

show abstract

Overview of Authentication and Access Controls for I&C systems

Cited by 5 publications

References 8 publications

A Clark-Wilson and ANSI role-based access control model

A Clark-Wilson and ANSI role-based access control model

CL-BC: A Secure Data Storage Model for Social Networks

Self Diagnostics and Isolation Mechanisms for Mixed Criticality Systems

Contact Info

Product

Resources

About