A Hybrid Access Control Model for CIM-Based SCADA System
Author(s):
Abstract:
Insider attack is one of the most dangerous threats for the security of a critical infrastructure (CI). An insider attack occurs when an authorized operator misuses his/her permissions in order to perform malicious operations in the CI. Providing too many permissions for an operator may backfire when the operator abuses his/her privileges, either intentional or unintentional. Therefore, an access control model is required to provide necessary permissions in order to prevent malicious operations. In this paper, a hybrid access control model (HAC) has been proposed for CI applications which are monitored and controlled by a CIM (IEC-61970-301 common information model)-based supervisory control and data acquisition system. The proposed HAC is an extension of the mandatory and role-based access control models. In the proposed model, the permissions of an operator will be determined according to the predefined types of responsibilities, grid statuses, activation times of roles, security levels, and their periods of validity. A colored Petri-net is employed to simulate and illustrate the effectiveness of the proposed HAC.
Language:
Persian
Published:
Iranian Journal of Electrical and Computer Engineering, Volume:14 Issue: 3, 2017
Page:
249
magiran.com/p1632371
دانلود و مطالعه متن این مقاله با یکی از روشهای زیر امکان پذیر است:
اشتراک شخصی
با عضویت و پرداخت آنلاین حق اشتراک یکساله به مبلغ 1,390,000ريال میتوانید 70 عنوان مطلب دانلود کنید!
اشتراک سازمانی
به کتابخانه دانشگاه یا محل کار خود پیشنهاد کنید تا اشتراک سازمانی این پایگاه را برای دسترسی نامحدود همه کاربران به متن مطالب تهیه نمایند!
توجه!
- حق عضویت دریافتی صرف حمایت از نشریات عضو و نگهداری، تکمیل و توسعه مگیران میشود.
- پرداخت حق اشتراک و دانلود مقالات اجازه بازنشر آن در سایر رسانههای چاپی و دیجیتال را به کاربر نمیدهد.
In order to view content subscription is required
Personal subscription
Subscribe magiran.com for 70 € euros via PayPal and download 70 articles during a year.
Organization subscription
Please contact us to subscribe your university or library for unlimited access!