An access control and authorization model with Open stack cloud for Smart Grid

In compare to Authentication for identification and relationship of an identity of a user with its task and process within the system, authorization in access control is much anxious about confirming that user and its task in the form of system process, access to the assets of any particular domain is only approved when proven obedient to the identified policies. Access control and authorization is always an area of interest for researchers for enhancing security of critical assets from many decades. Our prime focus and interest is in the field of access control model based on Attribute base access control (ABAC) and with this paper we tried to integrate ABAC with openstack cloud for achieving finer level of granularity in access policies for domain like smart grid. Technical advancement of current era demands that critical infrastructure like traditional electrical grid open ups to the modern information and communication technology to get the benefit in terms of efficiency, scalability, accessibility and transparency for better adaptability in real world. Incorporation of ICT with electric grid makes it possible to do greater level of bi-directional interaction among stake holders like customer, generation units, distribution units and administrations and these leads international organization to contribute for standardization of smart grid concepts and technology so that the realization of smart grid becomes reality. Smart grid is a distributed system of very large scale by its nature and needs to integrate available legacy systems with its own security requirements. Cloud computing proven to be most efficient approach for said requirements and we have identified openstack as our cloud platform. We have integrated ABAC approach with default RBAC approach of openstack and provide a frame work that supports and integrate multiple access control polices in making authorization decisions. Smart grid domain in considered as case study which requires support of multiple access policies (RBAC, ABAC or DAC etc) with our model for access control and authorization.

Download Full-text

The NAC System in the Smart Grid Systems

Applied Mechanics and Materials ◽

10.4028/www.scientific.net/amm.462-463.924 ◽

2013 ◽

Vol 462-463 ◽

pp. 924-928

Author(s):

Ling Zheng ◽

Zhen Wei Wang ◽

Chang Song Zhao

Keyword(s):

Access Control ◽

Smart Grid ◽

Security Requirements ◽

Smart Devices ◽

Network Access ◽

Wireless Data ◽

Internal Security ◽

Grid Systems ◽

Wireless Data Acquisition ◽

Key Techniques

During the process of the Smart Grid systems construction, the Safe Access Platform has an increasing important role. Not only could it meet the demand that people of power system can telecommute, but also provides different level of security mechanisms for various smart devices, such as Hand-hold Terminal System PDA, Ultra Mobile Personal Computer (UMPC) and Wireless Data Acquisition Terminal. Determining how to guarantee the internal security and meet the security requirements of access control based on roles is an important subject. The paper presents a new network access control system (NAC system) based on roles. According to the security metrics of the network access equipment (NAE), the NAC system has been designed and implemented to provide different safety strategies for different application scenarios. Besides, 802.1x and L2-IP are discussed specially as the most important key techniques of the implementation of the system.

Download Full-text

Towards Cross-Standard Compliance Readiness: Security Requirements Model for Smart Grid

Energies ◽

10.3390/en14216862 ◽

2021 ◽

Vol 14 (21) ◽

pp. 6862

Author(s):

Milan Stojkov ◽

Nikola Dalčeković ◽

Branko Markoski ◽

Branko Milosavljević ◽

Goran Sladić

Keyword(s):

Smart Grid ◽

Critical Infrastructure ◽

Unified Modeling Language ◽

Building Blocks ◽

Security Requirements ◽

Security Controls ◽

Geographical Regions ◽

Custom Made ◽

Security Standards ◽

Iec 62443

The critical infrastructure is constantly under cyber and physical threats. Applying security controls without guidance or traceability can create a false sense of security. Security standards facilitate security knowledge and control best practices in a more systematic way. However, the number of standards is continually increasing. Product providers that operate in multiple geographical regions often face the obligation to comply with multiple standards simultaneously. This introduces the problem of the convenient interpretation of different standards. Thus, a comprehensive analysis of the requirements from different security standards and guidelines applicable to the smart grid has been performed to detect similarities that can be shaped into entities of the conceptual model for requirement representation. The purpose of the model—presented in a form of a Unified Modeling Language (UML) class diagram—is to give product providers a canonical way to map requirements from arbitrary standards, guidelines, and regulations and accelerate the cross-standard compliance readiness by defining priority for requirement implementation. In addition, the research showed that multiple vectors should impact the priority of the implementation of the security controls defined through the requirements: domain affiliation, the essence of the requirement, associated threats, risks, and social dependencies between actors involved in the implementation. To examine the model correctness, NISTIR 7628—de facto smart grid standard—was used to provide insights into how the model would be used for requirements implementation tracking. The structure of individual requirements was analyzed to detect the building blocks and extract relevant parts that can be mapped to the model components. Further, all requirements were classified into one of the defined domains to provide the basis for referencing similar requirements from different standards. Finally, one arbitrary requirement was used to demonstrate model usage, and depict all available information that can be provided to the users in a custom-made scenario where the need arises to have simultaneous alignment with three standards—NISTIR 7628, NIST 800-53, and IEC 62443-3-3.

Download Full-text

Fortifying Large Scale, Geospatial Networks

Securing Critical Infrastructures and Critical Control Systems ◽

10.4018/978-1-4666-2659-1.ch013 ◽

2013 ◽

pp. 301-323 ◽

Cited By ~ 1

Author(s):

Alan T. Murray ◽

Tony H. Grubesic

Keyword(s):

Human Error ◽

Large Scale ◽

Critical Infrastructure ◽

Investment Decision ◽

Modern Society ◽

Optimization Approach ◽

Strategic Investment ◽

Cascading Effects ◽

Electrical Grid ◽

Investment Decision Making

Large scale, geospatial networks—such as the Internet, the interstate highway system, gas pipelines, and the electrical grid—are integral parts of modern society, facilitating the capability to communicate, transport goods and services between locations, and connect homes and businesses to basic necessities like water and electricity. The associated management and protection of this critical infrastructure is a challenging task because it is often compromised or damaged by natural disasters, human error, or sabotage. Further, the cascading effects associated with disruptions can impact related interdependent infrastructure, such as supervisory control and data acquisition systems (SCADA). In this context, although the protection and/or hardening of network elements can reduce disruptive impacts, the cost to protect all equipment in the system is prohibitive. The purpose of this chapter is to detail an optimization approach for selecting elements on a network to be protected, under budget constraints, in order to maximize system performance if one or more components are damaged or destroyed. Applications results for a large scale, geospatial network are explored and presented, illustrating problem complexities as well as the potential for informed strategic investment decision making. The implications for SCADA systems relying on large scale geospatial networks, including the public Internet, are also discussed.

Download Full-text

Fortifying Large Scale, Geospatial Networks

Crisis Management ◽

10.4018/978-1-4666-4707-7.ch009 ◽

2013 ◽

pp. 224-246 ◽

Cited By ~ 1

Author(s):

Alan T. Murray ◽

Tony H. Grubesic

Keyword(s):

Human Error ◽

Large Scale ◽

Critical Infrastructure ◽

Investment Decision ◽

Modern Society ◽

Optimization Approach ◽

Strategic Investment ◽

Cascading Effects ◽

Electrical Grid ◽

Investment Decision Making

Download Full-text

Security strategies for cloud identity management - a study

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.10410 ◽

2018 ◽

Vol 7 (2) ◽

pp. 732 ◽

Cited By ~ 1

Author(s):

Anilkumar Chunduru ◽

Sumathy S

Keyword(s):

Cloud Computing ◽

Access Control ◽

Resource Sharing ◽

Large Scale ◽

Identity Management ◽

Critical Infrastructure ◽

Critical Issue ◽

Government Organizations ◽

Control Schemes ◽

Federated Identity

Emphasis on security for providing Access Control in Cloud computing environment plays a significant role. Cloud computing provides number of benefits such as resource sharing, low speculation and large storage space. Huge amount of information stored in cloud can be accessed from anywhere, anytime on pay-per use basis. Resources in cloud should be accessed only by the authorized clients. Access Control in cloud computing has become a critical issue due to increasing number of users experiencing dynamic changes. Authentication, authorization and approval of the access ensuring liability of entities from login credentials including passwords and biometric scan is essential. Also, the federated authentication management is secured. Current approaches require large-scale distributed access control in cloud environment. Data security and access control are the drawbacks in existing access control schemes. Due to the drawbacks in existing access control schemes such as privacy of information when susceptible information is stored in intermediary service provider a federated identity access management is essential. Access control applications majorly concentrate on Healthcare, Government Organizations, Commercial, Critical Infrastructure and Financial Institutions. This review illustrates a detailed study of access control models in cloud computing and various cloud identity management schemes.

Download Full-text

Trust Management in Collaborative Systems for Critical Infrastructure Protection

Security and Communication Networks ◽

10.1155/2018/7938727 ◽

2018 ◽

Vol 2018 ◽

pp. 1-15

Author(s):

Nawal Ait Aali ◽

Amine Baina ◽

Loubna Echabbi

Keyword(s):

Trust Management ◽

Critical Infrastructure ◽

Evaluation Process ◽

Security Requirements ◽

Security Policies ◽

Collaborative Systems ◽

Critical Infrastructure Protection ◽

Trust Evaluation ◽

Electrical Grid

Due to the necessity of Critical Infrastructure (CI) Protection against different threats, several security policies must be applied among the organizations of CI. Based on our conducted study about the different constraints and requirements of the collaborative systems within CI, we reached a security solution: Tr-OrBAC. Its principle is to evaluate the trustworthiness of collaborating organizations based on relevant trust criteria aimed at enhancing collaboration decision-making. The taken decision presents the attribution of the access to the desired service based on calculated trust score which is the result of the combination of the trust criteria values. Generally, the desired services do not meet the same criticism, security requirements, sensitivity, etc. Also, the collaboration context varies from a set of collaborating organizations to another. In this sense, the importance of each trust criterion depends on the desired service and the collaboration context. In this paper, we focus on detailing the trust criteria used in our approach for collaborative system security. Then, we analyze the context variability with the trust evaluation process. In addition, we present a case study to demonstrate and illustrate the feasibility of our solution for CI protection, especially the electrical grid.

Download Full-text

SealedGRID: Secure and Interoperable Platform for Smart GRID Applications

Sensors ◽

10.3390/s21165448 ◽

2021 ◽

Vol 21 (16) ◽

pp. 5448

Author(s):

George Suciu ◽

Mari-Anais Sachian ◽

Alexandru Vulpe ◽

Marius Vochin ◽

Aristeidis Farao ◽

...

Keyword(s):

Access Control ◽

Smart Grid ◽

Information And Communication Technologies ◽

Hierarchical Architecture ◽

Social Infrastructure ◽

Access Control Policies ◽

Information And Communication ◽

Security Infrastructure ◽

Grid Applications ◽

Attribute Based Access Control

Recent advancements in information and communication technologies (ICT) have improved the power grid, leading to what is known as the smart grid, which, as part of a critical economic and social infrastructure, is vulnerable to security threats from the use of ICT and new emerging vulnerabilities and privacy issues. Access control is a fundamental element of a security infrastructure, and security is based on the principles of less privilege, zero-trust, and segregation of duties. This work addresses how access control can be applied without disrupting the power grid’s functioning while also properly maintaining the security, scalability, and interoperability of the smart grid. The authentication in the platform presumes digital certificates using a web of trust. This paper presents the findings of the SealedGRID project, and the steps taken for implementing Attribute-based access control policies specifically customized to the smart grid. The outcome is to develop a novel, hierarchical architecture composed of different licensing entities that manages access to resources within the network infrastructure. They are based on well-drawn policy rules and the security side of these resources is placed through a context awareness module. Together with this technology, the IoT is used with Big Data (facilitating easy handling of large databases). Another goal of this paper is to present implementation and evaluations details of a secure and scalable security platform for the smart grid.

Download Full-text

Increasing Energy Efficiency of Mobile Nodes Using Distributed Energy-Adaptive Location Based Cooperative- Medium Access Control Protocol (DEL-CMAC) in Large Scale MANETs

International Review on Computers and Software (IRECOS) ◽

10.15866/irecos.v9i10.984 ◽

2014 ◽

Vol 9 (10) ◽

pp. 1651

Author(s):

Vijayakumar Adaickalam ◽

K. Selvamani Kadhirvelu

Keyword(s):

Energy Efficiency ◽

Access Control ◽

Medium Access Control ◽

Large Scale ◽

Medium Access Control Protocol ◽

Mobile Nodes ◽

Distributed Energy ◽

Medium Access ◽

Control Protocol

Download Full-text

СОЦИАЛЬНО-ЭКОНОМИЧЕСКИЕ КОНФЛИКТЫ В РАМКАХ «КАПИТАЛИЗМА ПЛАТФОРМ»

Konfliktologia ◽

10.31312/2310-6085-2019-14-3-33-43 ◽

2019 ◽

Vol 14 (3) ◽

pp. 33

Author(s):

L. V. Tomin

Keyword(s):

Large Scale ◽

Network Effects ◽

Corporate Control ◽

Balance Of Power ◽

Negative Effects ◽

Potential Threat ◽

Communication Infrastructure ◽

Political Effects ◽

Information And Communication ◽

Integrated Information

The article is devoted to the analysis of the structure, the peculiarities of functioning and the socio-economic and political effects of the «platform capitalism». The basis of this model is the network effects produced by the integrated information and communication infrastructure, which contribute to the monopolization and the constant expansion of platform companies into new areas. The principle of functioning of this infrastructure is the continuous collection and further monetization of data extracted from the interactions of individuals among themselves or with one of the elements of a digitalized economy or government structures. Such an infrastructure — forms a potential threat of strengthening state and corporate control over citizens. In addition, the activities of platform companies produce negative effects on the labor market, reinforcing the process of precarization of employment. The integrated information and communication infrastructure of platform companies form a system of a kind of «digital Taylorism», which deprives the employee of autonomy and privacy in the workplace. The influence of digitalization, subjected to the technocratic logic of the neoliberal model of governance in democratic countries, strengthens the de-politicization of relations between the citizen and the state and further changes the balance of power between labor and capital in favor of the latter. Large-scale protests of the last years against the companies of “capitalism of platforms” demonstrated the structural contradictions of this model and formed new forms of organization and actions of grassroots workers of the “digital economy”.

Download Full-text

To the comparative analysis of the digitalization process of state administration in Russia and other countries

Russian Economic Journal ◽

10.33983/0130-9757-2020-5-75-117 ◽

2020 ◽

pp. 75-117

Author(s):

A.N. Shvetsov

Keyword(s):

Public Administration ◽

Information And Communication Technologies ◽

Large Scale ◽

Communication Technologies ◽

Developed Countries ◽

Electronic Government ◽

Digital Government ◽

Information And Communication ◽

The Developed Countries ◽

Comprehensive Programs

The article compares the processes of dissemination of modern information and communication technologies in government bodies in Russia and abroad. It is stated that Russia began the transition to «electronic government» later than the developed countries, in which this process was launched within the framework of large-scale and comprehensive programs for reforming public administration in the 1980s and 1990s. However, to date, there is an alignment in the pace and content of digitalization tasks. At a new stage in this process, the concept of «electronic government» under the influence of such newest phenomena of the emerging information society as methods of analysis of «big data», «artificial intelligence», «Internet of things», «blockchain» is being transformed into the category of «digital government». Achievements and prospects of public administration digitalization are considered on the example of countries with the highest ratings — Denmark, Australia, Republic of Korea, Great Britain, USA and Russia.

Download Full-text