You are required to read and agree to the below before accessing a full-text version of an article in the IDE article repository.

The full-text document you are about to access is subject to national and international copyright laws. In most cases (but not necessarily all) the consequence is that personal use is allowed given that the copyright owner is duly acknowledged and respected. All other use (typically) require an explicit permission (often in writing) by the copyright owner.

For the reports in this repository we specifically note that

  • the use of articles under IEEE copyright is governed by the IEEE copyright policy (available at http://www.ieee.org/web/publications/rights/copyrightpolicy.html)
  • the use of articles under ACM copyright is governed by the ACM copyright policy (available at http://www.acm.org/pubs/copyright_policy/)
  • technical reports and other articles issued by M‰lardalen University is free for personal use. For other use, the explicit consent of the authors is required
  • in other cases, please contact the copyright owner for detailed information

By accepting I agree to acknowledge and respect the rights of the copyright owner of the document I am about to access.

If you are in doubt, feel free to contact webmaster@ide.mdh.se

A Recipe-based Algorithm for Access Control in Modular Automation Systems

Fulltext:


Research group:


Publication Type:

Report - MRTC

Publisher:

Mälardalen Real-Time Research Centre, Mälardalen University

ISRN:

MDH-MRTC-333/2020-1-SE


Abstract

In the emerging trend towards modular automation, a need for adaptive, strict access control between interacting components has been identified as a key challenge. In this article we discuss the need for such a functionality, and propose a workflow-driven method for automatic access control policies generation within a modular automation system.The solution is based on recipes, formulated using Sequential Function Charts (SFC). The generated policies are expressed using Next Generation Access Control (NGAC), an Attribute Based Access Control (ABAC) standard developed by NIST. We provide (1) a definition of required policies for device-to device interactions within a modular automation system, (2) an algorithm for automatic generation of access policies, (3) a formal proof of the correctness of this algorithm, and (4) an illustration of its use.

Bibtex

@techreport{Leander5939,
author = {Bj{\"o}rn Leander and Aida Causevic and Hans Hansson},
title = {A Recipe-based Algorithm for Access Control in Modular Automation Systems},
month = {September},
year = {2020},
publisher = {M{\"a}lardalen Real-Time Research Centre, M{\"a}lardalen University},
url = {http://www.es.mdh.se/publications/5939-}
}