Access Control for Industry 4.0 - Initial Trust with Blockchain
Authors
Kjærsgaard, Jacob ; Eriksen, Martin
Term
4. term
Education
Publication year
2018
Submitted on
2018-06-07
Pages
72
Abstract
Industri 4.0 forbinder maskiner og computere i produktionen til netværket og skaber nye cybersikkerhedsudfordringer, som adskiller sig fra klassiske virksomhedsnet. Derfor kan eksisterende sikkerhedsløsninger ikke altid bruges. Et sikkert setup begynder med adgangskontrol, at afgøre hvilke enheder og brugere der må forbinde, og hvad de må gøre, og fordi der er mange enheder, skal dette i høj grad automatiseres. Dette projekt præsenterer et design for et identitetsstyringssystem baseret på blockchain (en fælles, manipulationssikker log) og en automatisk autentificeringsprotokol, der bruger asymmetrisk kryptografi (offentlig/privat nøgle). Systemet er ikke implementeret; i stedet er designet evalueret. Evalueringen indikerer, at et blockchain-baseret identitetsstyringssystem er muligt og kan give høj grad af automatiseret identitetshåndtering, som modstår manipulation og misbrug. Den automatiske autentificeringsprotokol kan fungere med TLS (standarden for krypteret kommunikation) uden at involvere en traditionel PKI (public key infrastructure). Samlet set tilbyder designet en sikker og automatiseret tilgang til adgangskontrol i Industri 4.0.
Industry 4.0 connects machines and computers on the factory floor to the network, creating new cybersecurity challenges that differ from traditional office IT. As a result, existing enterprise security solutions cannot always be applied. A secure setup starts with access control, deciding which devices and users may connect and what they are allowed to do, and because there are many devices, this must be highly automated. This thesis presents a design for an identity management system based on blockchain (a shared, tamper-resistant ledger) and an automated authentication protocol that uses asymmetric cryptography (public/private keys). The system is not implemented; instead, the design is evaluated. The evaluation indicates that a blockchain-based identity management system is feasible and can provide highly automated identity handling that resists tampering and misuse. The automated authentication protocol can work with TLS (the standard for encrypted communication) without relying on a traditional PKI (public key infrastructure). Overall, the design offers a secure and automated approach to access control in Industry 4.0 environments.
[This abstract was generated with the help of AI]
Documents