Dynamic security rules for legacy systems
Identifikátory výsledku
Kód výsledku v IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216208%3A11320%2F19%3A10406092" target="_blank" >RIV/00216208:11320/19:10406092 - isvavai.cz</a>
Výsledek na webu
<a href="https://doi.org/10.1145/3344948.3344974" target="_blank" >https://doi.org/10.1145/3344948.3344974</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1145/3344948.3344974" target="_blank" >10.1145/3344948.3344974</a>
Alternativní jazyky
Jazyk výsledku
angličtina
Název v původním jazyce
Dynamic security rules for legacy systems
Popis výsledku v původním jazyce
Industry 4.0 tries to digitalize the production process further. The digitalization is achieved by connecting different entities (machines, worker) to data-exchange, which needs to be dynamic and to adapt to different changing situations and members in the process. However, just exchanging data might lead to confidentiality issues. The data-exchange needs to be protected to secure the confidentiality and trust in the system. Therefore, security rules need to adapt to these dynamic situations. One part of a possible solution might be dynamic access control rules. However in many cases, existing "legacy" systems are reused, which can in not handle dynamic access control rules. Due to this gap between the required and provided functionality, we propose an approach, which integrates dynamic access control based on the system-context into legacy systems. Our approach uses a security adaption controller, which dynamically adapts the access control rules to a new situation and integrates them into an existing legacy system. We discussed our approach with industrial practitioners and related our approach to their existing legacy system. In addition, we performed a scalability analysis to demonstrate the applicability of our approach in a realistic environment.
Název v anglickém jazyce
Dynamic security rules for legacy systems
Popis výsledku anglicky
Industry 4.0 tries to digitalize the production process further. The digitalization is achieved by connecting different entities (machines, worker) to data-exchange, which needs to be dynamic and to adapt to different changing situations and members in the process. However, just exchanging data might lead to confidentiality issues. The data-exchange needs to be protected to secure the confidentiality and trust in the system. Therefore, security rules need to adapt to these dynamic situations. One part of a possible solution might be dynamic access control rules. However in many cases, existing "legacy" systems are reused, which can in not handle dynamic access control rules. Due to this gap between the required and provided functionality, we propose an approach, which integrates dynamic access control based on the system-context into legacy systems. Our approach uses a security adaption controller, which dynamically adapts the access control rules to a new situation and integrates them into an existing legacy system. We discussed our approach with industrial practitioners and related our approach to their existing legacy system. In addition, we performed a scalability analysis to demonstrate the applicability of our approach in a realistic environment.
Klasifikace
Druh
D - Stať ve sborníku
CEP obor
—
OECD FORD obor
10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)
Návaznosti výsledku
Projekt
<a href="/cs/project/TF04000064" target="_blank" >TF04000064: Trust 4.0: Datově orientované modelování a analýza pro důvěryhodné procesy v systémech Průmyslu 4.0</a><br>
Návaznosti
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)
Ostatní
Rok uplatnění
2019
Kód důvěrnosti údajů
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Údaje specifické pro druh výsledku
Název statě ve sborníku
ECSA 2019: PROCEEDINGS OF THE 13TH EUROPEAN CONFERENCE ON SOFTWARE ARCHITECTURE: COMPANION PROCEEDINGS
ISBN
978-1-4503-7142-1
ISSN
—
e-ISSN
—
Počet stran výsledku
8
Strana od-do
277-284
Název nakladatele
ASSOC COMPUTING MACHINERY
Místo vydání
NEW YORK
Místo konání akce
Paris
Datum konání akce
9. 9. 2019
Typ akce podle státní příslušnosti
EUR - Evropská akce
Kód UT WoS článku
—