1. Blockchain-based Role-Delegation Access Control for Industrial Control System
- Author
-
GUO Xian, WANG Yu-yue, FENG Tao, CAO Lai-cheng, JIANG Yong-bo, ZHANG Di
- Subjects
industrial control system ,blockchain ,smart contract ,delegatable role ,access control ,Computer software ,QA76.75-76.765 ,Technology (General) ,T1-995 - Abstract
The concept of "network perimeter" in industrial control system is becoming vague due to the integration of IT and OT technology.The fine-grained access control strategy that intends to protect each network connection can ensure the network security of industrial control system.The role-delegation-based access control scheme can delegate an access right of user in a domain to a user in another domain or a company partner so that these users can remotely access the network resources of the industrial enterprise.However,these benefits resulted from the delegation may increase the attack surface for industrial control system.The blockchain technology with decentralization,tamper-proof,auditable and other characteristics can be considered as a basic framework of the role-delegation access control for network resources in industrial control system.This paper proposes a role-delegation access control scheme DRBAC based on blockchain.DRBAC includes several important components:user role management and delegation,access control,monitoring mechanism,etc.The DRBAC solution is implemented based on smart contract.The DRBAC ensures that each network connection must be protected by fine-grained access control strategies.Finally,the correctness,feasibility and overhead of DRBAC are tested and analyzed in a private blockchain network.
- Published
- 2021
- Full Text
- View/download PDF