Industrial Control Systems (ICSs) play a critical role in various industries, automating processes and efficiency optimization. However, these systems have security vulnerabilities that make them prone to cyber attacks, so it is crucial to have strong access control mechanisms in place. This master thesis focuses on the investigation, development, and evaluation of workflow-driven dynamic authorization for modular automation systems. The authorization enables specifying of policies that can adapt in real-time to the dynamic security environment of ICSs. Furthermore, the thesisexplores the efficiency of authorization in terms of execution time, memory consumption, andtoken size through experimental evaluation. The experimental evaluation compares three variationsof token population: a baseline approach that directly encodes accesscontrol list permissions into the token, and two token population algorithms that aim to reduce thetoken size by replacing permissions with overlapping roles. The results show that the baseline approach achieves the shortest execution time and lowest memory consumption, but leads to increased token sizes. On the other hand, the token population algorithms reduce the token size at the costof increased execution time and memory consumption. The choice between these approaches wouldinvolve trade-offs and would depend on the specific requirements of the ICSs environment. / InSecTT
| Identifer | oai:union.ndltd.org:UPSALLA1/oai:DiVA.org:mdh-63779 |
| Date | January 2023 |
| Creators | Basic, Enna, Radonjic, Ivan |
| Publisher | Mälardalens universitet, Akademin för innovation, design och teknik |
| Source Sets | DiVA Archive at Upsalla University |
| Language | English |
| Detected Language | English |
| Type | Student thesis, info:eu-repo/semantics/bachelorThesis, text |
| Format | application/pdf |
| Rights | info:eu-repo/semantics/openAccess |
Page generated in 0.3734 seconds