Access Control Conflicts in Information Technology and Operational Technology

Access controls are a key area for any security program. However, the recommended access controls cannot always be implemented across the entire organisations. This is the case within critical infrastructure organisations that have both Information Technology and Operational Technology assets where many of the controls cannot be implemented on Operational Technology. Also, safety is a key concern for critical infrastructure organisations which is not always the case with many standard commercial organisations. This means the access controls while maintaining security must not impact safety which can occur if considerations are not given to Operational Technology and safety objectives. This paper will provide ways to manage the conflicts and issues that can occur and provide a process to allow critical infrastructure organisations to implement the required controls without impacting safety and security.

Download Full-text

Information technology. Open Systems Interconnection. Local area networks. Medium Access Control (MAC) service definition

10.3403/00254102u ◽

2015 ◽

Keyword(s):

Information Technology ◽

Access Control ◽

Medium Access Control ◽

Open Systems ◽

Local Area Networks ◽

Local Area ◽

Medium Access ◽

Open Systems Interconnection

Download Full-text

ISO/IEC/IEEE International Standard - Telecommunications and exchange between information technology systems -- Requirements for local and metropolitan area networks--Part 1X: Port-based network access control AMENDMENT 2: YANG data model

10.1109/ieeestd.2020.9263413 ◽

2020 ◽

Keyword(s):

Information Technology ◽

Access Control ◽

Metropolitan Area ◽

Data Model ◽

Metropolitan Area Networks ◽

Network Access ◽

International Standard ◽

Network Access Control ◽

Systems Requirements ◽

Technology Systems

Download Full-text

IEEE Standard for Information Technology--Telecommunications and Information Exchange between Systems Local and Metropolitan Area Networks--Specific Requirements Part 11: Wireless LAN Medium Access Control (MAC) and Physical Layer (PHY) Specifications Amendment 1: Enhancements for High-Efficiency WLAN

10.1109/ieeestd.2021.9442429 ◽

2021 ◽

Keyword(s):

Information Technology ◽

Access Control ◽

Medium Access Control ◽

Metropolitan Area ◽

Information Exchange ◽

Wireless Lan ◽

High Efficiency ◽

Metropolitan Area Networks ◽

Medium Access ◽

Ieee Standard

Download Full-text

IEEE/ISO/IEC International Standard-Telecommunications and exchange between information technology systems--Requirements for local and metropolitan area networks--Part 1X:Port-based network access control

10.1109/ieeestd.2021.9650828 ◽

2021 ◽

Keyword(s):

Information Technology ◽

Access Control ◽

Metropolitan Area ◽

Metropolitan Area Networks ◽

Network Access ◽

International Standard ◽

Network Access Control ◽

Systems Requirements ◽

Technology Systems

Download Full-text

A Dynamic Risk Model for Information Technology Security in a Critical Infrastructure Environment

Risk-Based Decisionmaking in Water Resources X ◽

10.1061/40694(2003)3 ◽

2003 ◽

Cited By ~ 1

Author(s):

John H. Saunders

Keyword(s):

Information Technology ◽

Risk Model ◽

Critical Infrastructure ◽

Dynamic Risk ◽

Information Technology Security

Download Full-text

Modeling and Analysis of Information Technology Change and Access Controls in the Business Context

10.21236/ada468600 ◽

2007 ◽

Author(s):

Andrew P. Moore ◽

Rohit S. Antao

Keyword(s):

Information Technology ◽

Technology Change ◽

Modeling And Analysis ◽

Business Context ◽

Access Controls ◽

Information Technology Change

Download Full-text

Coupling of Inference and Access Controls to Ensure Privacy Protection

International Journal of Safety and Security Engineering ◽

10.18280/ijsse.110504 ◽

2021 ◽

Vol 11 (5) ◽

pp. 529-535

Author(s):

Jihane El Mokhtari ◽

Anas Abou El Kalam ◽

Siham Benhaddou ◽

Jean-Philippe Leroy

Keyword(s):

Access Control ◽

Privacy Protection ◽

Multidimensional Analysis ◽

Sensitive Data ◽

Inference Control ◽

External Data ◽

Control Rules ◽

Access Controls ◽

Policy Information ◽

History Of

This article is devoted to the topic of coupling access and inference controls into security policies. The coupling of these two mechanisms is necessary to strengthen the protection of the privacy of complex systems users. Although the PrivOrBAC access control model covers several privacy protection requirements, the risk of inferring sensitive data may exist. Indeed, the accumulation of several pieces of data to which access is authorized can create an inference. This work proposes an inference control mechanism implemented through multidimensional analysis. This analysis will take into account several elements such as the history of access to the data that may create an inference, as well as their influence on the inference. The idea is that this mechanism delivers metrics that reflect the level of risk. These measures will be considered in the access control rules and will participate in the refusal or authorization decision with or without obligation. This is how the coupling of access and inference controls will be applied. The implementation of this coupling will be done via the multidimensional OLAP databases which will be requested by the Policy Information Point, the gateway brick of XACML to the various external data sources, which will route the inference measurements to the decision-making point.

Download Full-text