Dynamic security rules for legacy systems

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216208%3A11320%2F19%3A10406092" target="_blank" >RIV/00216208:11320/19:10406092 - isvavai.cz</a>

Výsledek na webu

<a href="https://doi.org/10.1145/3344948.3344974" target="_blank" >https://doi.org/10.1145/3344948.3344974</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/3344948.3344974" target="_blank" >10.1145/3344948.3344974</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Dynamic security rules for legacy systems

Popis výsledku v původním jazyce

Industry 4.0 tries to digitalize the production process further. The digitalization is achieved by connecting different entities (machines, worker) to data-exchange, which needs to be dynamic and to adapt to different changing situations and members in the process. However, just exchanging data might lead to confidentiality issues. The data-exchange needs to be protected to secure the confidentiality and trust in the system. Therefore, security rules need to adapt to these dynamic situations. One part of a possible solution might be dynamic access control rules. However in many cases, existing &quot;legacy&quot; systems are reused, which can in not handle dynamic access control rules. Due to this gap between the required and provided functionality, we propose an approach, which integrates dynamic access control based on the system-context into legacy systems. Our approach uses a security adaption controller, which dynamically adapts the access control rules to a new situation and integrates them into an existing legacy system. We discussed our approach with industrial practitioners and related our approach to their existing legacy system. In addition, we performed a scalability analysis to demonstrate the applicability of our approach in a realistic environment.

Název v anglickém jazyce

Dynamic security rules for legacy systems

Popis výsledku anglicky

Industry 4.0 tries to digitalize the production process further. The digitalization is achieved by connecting different entities (machines, worker) to data-exchange, which needs to be dynamic and to adapt to different changing situations and members in the process. However, just exchanging data might lead to confidentiality issues. The data-exchange needs to be protected to secure the confidentiality and trust in the system. Therefore, security rules need to adapt to these dynamic situations. One part of a possible solution might be dynamic access control rules. However in many cases, existing &quot;legacy&quot; systems are reused, which can in not handle dynamic access control rules. Due to this gap between the required and provided functionality, we propose an approach, which integrates dynamic access control based on the system-context into legacy systems. Our approach uses a security adaption controller, which dynamically adapts the access control rules to a new situation and integrates them into an existing legacy system. We discussed our approach with industrial practitioners and related our approach to their existing legacy system. In addition, we performed a scalability analysis to demonstrate the applicability of our approach in a realistic environment.

Druh

D - Stať ve sborníku

CEP obor

—

OECD FORD obor

10201 - Computer sciences, information science, bioinformathics (hardware development to be 2.2, social aspect to be 5.8)

Projekt

<a href="/cs/project/TF04000064" target="_blank" >TF04000064: Trust 4.0: Datově orientované modelování a analýza pro důvěryhodné procesy v systémech Průmyslu 4.0</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)

Rok uplatnění

2019

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

ECSA 2019: PROCEEDINGS OF THE 13TH EUROPEAN CONFERENCE ON SOFTWARE ARCHITECTURE: COMPANION PROCEEDINGS

ISBN

978-1-4503-7142-1

ISSN

—

e-ISSN

—

Počet stran výsledku

8

Strana od-do

277-284

Název nakladatele

ASSOC COMPUTING MACHINERY

Místo vydání

NEW YORK

Místo konání akce

Paris

Datum konání akce

9. 9. 2019

Typ akce podle státní příslušnosti

EUR - Evropská akce

Kód UT WoS článku

—