As control systems are becoming more complex and capable with much functionality, it requires more efforts not only to maintain correct operations but also to protect them from various threats. Security of the control network which connects entities in the system and serves as a path for information transfer between them is a major cause of concern. Operators of the control systems have taken a conservative way to provide a protection to the network where it is simply isolated from other systems and networks that could introduce access channels. Even though the isolation provides a great protection, it limits management efficiency and expandability of the system. Solving the problem of providing interconnectivity as well as sufficient protection to the control network is not trivial.Existing work proposed a solution where they applied a multi-tier web server system to the control system in the effort to provide better connectivity and introduced a concept of redundant authentication to mitigate risks to the system. In this architecture, a front end system that accepts requests from users is required to provide a non-repudiable credential of the requesting user when it passes the request to a back end proxy that has access privilege on the control system. This limits malicious actions that could be performed by the compromised front end system. It, however, forces every recently authenticated user to share the vulnerability in the case of the compromised front end system due to a requirement that clients should remain unmodified.In this thesis, we suggest a new solution with a client program to overcome the above limitation and provide a better protection. Installation of the client program is required in order to access the control system from the outside network. With this architecture, users who have chosen to opt out by not installing the client program are safe from the risk introduced by other users who have chosen to install the program and use the service. Non-repudiable credentials are still required with every request to the control system hence containing the possible actions of the compromised front end system on the control system. We validate our strategy on Building Automation System (BAS) testbed with a practical application which allows users to unlock doors of the building.
【 预 览 】
附件列表
Files
Size
Format
View
Improving the security in interconnecting building automation systems to outside networks