Logo des Repositoriums

Auflistung nach Schlagwort "ABAC"

1 - 2 von 2
  • Konferenzbeitrag
    Preservation of (higher) Trustworthiness in IAM for distributed workflows and systems based on eIDAS
    (Open Identity Summit 2022, 2022) Strack, H.; Karius, S.; Gollnick, M.; Lips, M.; Wefel, S.; Altschaffel, R.
    The secure digitalisation of distributed workflows with different stakeholders (and trust relationships) using systems from different stakeholder domains is of increasing interest. Just one example is the workflow/policy area of student mobility. Others are from public administration and from economic sectors. According to the eIDAS regulation, eID and trust services (TS) are available across EU - upcoming also EUid & wallets (eIDAS 2.0) - to improve security aspects (providing interoperability or standards). We present some security enhancements to maintainhigher trustworthiness in Identity and Access Management (IAM) services for different policy areas with mandatory, owner-based and self-sovereign control aspects - based on eIDAS and different standards and the integration of views/results from deployed or ongoing projects (EMREX/ELMO, Europass/ EDCI, eIDAS, EUid, Verifiable Credentials, NBP initiative, OZG implementation, Self-Sovereign Identities SSI, RBAC, ABAC, DAC/MAC, IPv6) and a trustistor.
  • Konferenzbeitrag
    Secure Granular Interoperability with OPC UA
    (INFORMATIK 2019: 50 Jahre Gesellschaft für Informatik – Informatik für Gesellschaft (Workshop-Beiträge), 2019) Watson, Venesa; Sassmannshausen, Jochen; Waedt, Karl
    Open Platform Communications Unified Architecture (OPC UA) is the communication standard earmarked for future industrial automation, particularly for the Industry 4.0 (I4.0) infrastructure where it provides the key services for interoperability and built-in communication security. OPC UA defines several models for these services and has already been deployed by industrial partners in their efforts to achieve I4.0 market readiness and to provide more robust systems. Of particular interest is the security services offered by OPC UA, as they are expected to strengthen the security posture of industrial automation systems, which have so far suffered a number of sophisticated cyber-attacks. In general, cyber-attacks are more severe based on the level of access acquired by the attacker, for example, an attacker with unrestricted administrative level access can issue more powerful commands. It is safe to say then that a more stringent access control security concept can offer systems greater protection from unauthorized access. Several access control models exist, which are categorized under two headings discretionary (data owners/users set the access control rules) and non-discretionary (security administrators control the access granted to users). Here, a non-discretionary access control model, namely the attributebased access control (ABAC) model is compared to the role-based access control (also nondiscretionary) typically assumed with OPC UA, to ascertain how a more granular security structure with ABAC could provide additional security advantages for industry.