industrial+internetsecurity+framework+€¦ · industrial+internetsecurity+framework+ +...
TRANSCRIPT
Industrial Internet Security Framework Hamed Soroush, Ph.D Senior Research Security Engineer (RTI) IIC Security Working Group Co-‐Chair
CommunicaFons & ConnecFvity Layers
ConnecFvity Standards & Security
• Requirements for Core ConnecFvity Technology: – be an open standard with strong independent, internaFonal governance, such as IEEE, IETF, OASIS, OMG, or W3C,
– be horizontal and neutral in its applicability across industries,
– be applicable, stable and proven across mulFple industries and
– have standard-‐defined gateways to all other connecFvity standards.
Building Blocks for ProtecFng Exchanged Content
• Explicit Endpoint CommunicaFon Policies • Cryptographically Strong Mutual AuthenFcaFon Between Endpoints • AuthorizaFon Mechanism for Enforcing Access Control Rules from Policy • Cryptographically Backed Mechanisms for Ensuring ConfidenFality, Integrity, and Freshness of Exchanged InformaFon
Examples
InformaFon Flow ProtecFon
• Network SegmentaFon • Gateways & Filtering – Layer 2, Layer 3/4, ApplicaFon/Middleware, Message rewriFng, Proxies, Server ReplicaFon
• Network Firewalls • UnidirecFonal Gateways • Network Access Control
Thank You!