Return to search

Authorization for Industrial Control Systems

Every day more and more devices are getting connected to the Internet, a phenomenon commonly referred to as the Internet of Things. Since security and privacy are more important than ever before this presents an interesting problem. Suddenly devices with not even near as much computing power as a desktop computer are tasked with performing heavy security computations designed to be used in powerful systems with little resource and power limitations. This thesis presents a solution for performing authorization for a resource limited system using a trusted third party, thus transferring the usually quite heavy authorization computations from a resource constrained device to another device where no such restrictions exists. When a client wishes to request a resource on the constrained device it must first retrieve authorization information from the third party and include this in the request. The authorization information is then validated by confirming that it originates from the trusted third party using a shared secret. In this thesis the constrained system is represented by an ABB control system of model 800xA and by transferring the authorization cost to another system the increased amount of resource usage on this device is kept to a minimum. It is also shown that this increase is negligible compared to the increase in resource usage when authentication and message protection in the form of TLS was implemented. / <p>Thesis conduced in cooperation with ABB AB. Supervisors: Ludwig Seitz - SICS, Andreas Bäckman - ABB</p>

Identiferoai:union.ndltd.org:UPSALLA1/oai:DiVA.org:ri-24326
Date January 2014
CreatorsNiklas, Hjern, Jonas, Vistrand
Source SetsDiVA Archive at Upsalla University
LanguageEnglish
Detected LanguageEnglish
TypeStudent thesis, info:eu-repo/semantics/bachelorThesis, text
Formatapplication/pdf
Rightsinfo:eu-repo/semantics/openAccess

Page generated in 0.0023 seconds