A Methodology and Toolkit for Deploying Reliable Security Policies in Critical Infrastructures

Jaidi, Faouzi; Ayachi, Faten Labbene; Bouhoula, Adel

doi:10.1155/2018/7142170

Cited by 9 publications

(7 citation statements)

References 50 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Braun et al [65] developed an approach for investigating road network vulnerability in developing regions in Chile. Jaïdi et al [66] proposed a methodology for monitoring the compliance of trusted access control policies in CIs. A comparative exploration of approaches to managing risks related to hazardous incidents and critical infrastructure outages has been carried out by Krings et al [67].…”

Section: Cluster#1 "Risk Assessment" (39 Documents)mentioning

confidence: 99%

Critical Infrastructures Overview: Past, Present and Future

2022

View full text Add to dashboard Cite

Industrialized societies depend on the proper functioning of a whole range of technological infrastructures, such as electricity, road and railway networks and telecommunications which, due to their importance, are generically referred to as critical infrastructures (CIs). Technical failures, natural disasters and malicious events, if not terrorist, could have devastating effects on these infrastructures. The events of the last few years have accelerated efforts to identify and designate CIs at national and European levels and have reinforced concerns about increasing their protection in sensitive sectors for the safety of the individual and the community. The aim of this research is to provide the basic elements to understand the issue along with the reasons for its importance both at national, European and international level. In particular, after analyzing the origin of the problem, a systematic literature review is carried out to study the current research around future perspectives relating to the management of Cis, with particular focus on three research questions: RQ1 “What types of risk assessment methods are used to manage CIs?”, RQ2 “What are the environmental risk mitigation strategies for CIs?” and RQ3 “What is the role of the human factor in the prevention of risks for CIs?”. The results aim to be guidelines for decision makers and researchers interested in this topic.

show abstract

Section: Cluster#1 "Risk Assessment" (39 Documents)mentioning

confidence: 99%

Critical Infrastructures Overview: Past, Present and Future

2022

View full text Add to dashboard Cite

show abstract

“…Despite the fact that the informal approach is easier to develop and implement, it is significantly inferior to the formal one in reliability, since it does not allow rigorous evidence of guaranteed security. This circumstance is reflected in various documents defining the security classes of computer systems [8,9,10].…”

Section: Implementation In the Information Systemmentioning

confidence: 99%

Joint Implementation of Mandated and Role-Based Delimitation of Access to Information Flows in Info-communication Systems

Kadirov¹

2020

IJETER

View full text Add to dashboard Cite

Protection of data integrity, which is granted access to subjects in the information system, is achieved due to the fact that the information system is presented as part of the formal security model of logical mandatory and role-based access and information flow management and integrity control. Based on the de jure and de facto rules, an algorithm has been developed for the implementation of mandatory and role-based access control access to check the security status of a secure information system.The main idea is to prevent the role of violating entities of the protected information system from using role parameters, including access rights of roles to entities, for implementing information flows from memory or time from entities with a high level of confidentiality to entities with a low level of confidentiality of information.

show abstract

“…Authorization is the process of allowing/denying authenticated users access to a resource after checking the regulations and policies of an organization or industry sector [4]. It includes the following phases [5,6]:…”

Section: Introductionmentioning

confidence: 99%

Instantiation and Implementation of HEAD Metamodel in an Industrial Environment: Non-IoT and IoT Case Studies

Kashmar,

Adda,

Ibrahim

et al. 2023

Electronics

View full text Add to dashboard Cite

Access to resources can take many forms: digital access via an onsite network, through an external site, website, etc., or physical access to labs, machines, information repositories, etc. Whether access to resources is digital or physical, it must be allowed, denied, revoked, or disabled using robust and coherent access control (AC) models. What makes the process of AC more complicated is the emergence of digital transformation technologies and pervasive systems such as the internet of things (IoT) and industry 4.0 systems, especially with the growing demand for transparency in users’ interaction with various applications and services. Controlling access and ensuring security and cybersecurity in IoT and industry 4.0 environments is a challenging task. This is due to the increasing distribution of resources and the massive presence of cyber-threats and cyber-attacks. To ensure the security and privacy of users in industry sectors, we need an advanced AC metamodel that defines all the required components and attributes to derive various instances of AC models and follow the new and increasing demand for AC requirements due to continuous technology upgrades. Due to the several limitations in the existing metamodels and their inability to answer the current AC requirements, we have developed a Hierarchical, Extensible, Advanced, Dynamic (HEAD) AC metamodel with significant features that overcome the existing metamodels’ limitations. In this paper, the HEAD metamodel is employed to specify the needed AC policies for two case studies inspired by the computing environment of Institut Technologique de Maintenance Industrielle (ITMI)-Sept-Îles, QC, Canada; the first is for ITMI’s local (non-IoT) environment and the second for ITMI’s IoT environment. For each case study, the required AC model is derived using the domain-specific language (DSL) of HEAD metamodel, then Xtend notation (an expressive dialect of Java) is utilized to generate the needed Java code which represents the concrete instance of the derived AC model. At the system level, to get the needed AC rules, Cypher statements are generated and then injected into the Neo4j database to represent the Next Generation Access Control (NGAC) policy as a graph. NGAC framework is used as an enforcement point for the rules generated by each case study. The results show that the HEAD metamodel can be adapted and integrated into various local and distributed environments. It can serve as a unified framework, answer current AC requirements and follow policy upgrades. To demonstrate that the HEAD metamodel can be implemented on other platforms, we implement an administrator panel using VB.NET and SQL.

show abstract

A Methodology and Toolkit for Deploying Reliable Security Policies in Critical Infrastructures

Cited by 9 publications

References 50 publications

Critical Infrastructures Overview: Past, Present and Future

Critical Infrastructures Overview: Past, Present and Future

Joint Implementation of Mandated and Role-Based Delimitation of Access to Information Flows in Info-communication Systems

Instantiation and Implementation of HEAD Metamodel in an Industrial Environment: Non-IoT and IoT Case Studies

Contact Info

Product

Resources

About