Providing an access control layer to web-based applications for the industrial domain

The advances in virtual engineering brought about the creation of models of physical systems. This has been enhanced by the use of relevant standards and web technologies to develop interfaces for monitoring and controlling industrial systems at the shop floor or remotely over the internet. However, owing to the open nature of the internet as well as vulnerabilities associated with internet-based technologies, it becomes imperative to put in place security measures. This will allow to mitigate this particularly as it concerns the management, control, and monitoring of entities making use of the interface. The first step is to ensure an efficient user access control for web-based solutions. This article proposes an approach for developing an access control layer to web applications. In addition, a web-based application, i.e., the FASTory simulator, is used as the test-bed for implementing this approach.

[1]  José L. Martínez Lastra,et al.  An approach for OSGi and DPWS interoperability: Bridging enterprise application with shop-floor , 2013, 2013 11th IEEE International Conference on Industrial Informatics (INDIN).

[2]  Kai Chen,et al.  A Lattice-Based Access Control Model for Social Networks , 2016, 2016 International Conference on Cyber-Enabled Distributed Computing and Knowledge Discovery (CyberC).

[3]  Stamatis Karnouskos,et al.  Developing a web application for monitoring and management of Smart Grid neighborhoods , 2013, 2013 11th IEEE International Conference on Industrial Informatics (INDIN).

[4]  Dick Hardt,et al.  The OAuth 2.0 Authorization Framework , 2012, RFC.

[5]  Luis E. Gonzalez Moctezuma,et al.  Security in Cloud-Based Cyber-Physical Systems , 2015, 2015 10th International Conference on P2P, Parallel, Grid, Cloud and Internet Computing (3PGCIC).

[6]  Wael M. Mohammed,et al.  A web-based simulator for a discrete manufacturing system , 2016, IECON 2016 - 42nd Annual Conference of the IEEE Industrial Electronics Society.

[7]  Stamatis Karnouskos,et al.  IMC-AESOP outcomes: Paving the way to collaborative manufacturing systems , 2014, 2014 12th IEEE International Conference on Industrial Informatics (INDIN).

[8]  Jay P. Kesan Privacy, Law, and Cloud Services , 2015 .

[9]  Jay Lee,et al.  Smart Agents in Industrial Cyber–Physical Systems , 2016, Proceedings of the IEEE.

[10]  Milan Stetina,et al.  eScop project physical layer development: INCAS conveyor line pilot case study , 2015, 2015 IEEE 13th International Conference on Industrial Informatics (INDIN).

[11]  Wolfgang Kuehn,et al.  Digital Factory - Simulation Enhancing the Product and Production Engineering Process , 2006, Proceedings of the 2006 Winter Simulation Conference.

[12]  Irena Bojanova,et al.  Distributed Access Control in Cloud Computing Systems , 2016 .

[13]  Soundar R. T. Kumara,et al.  Cyber-physical systems in manufacturing , 2016 .

[14]  Lihui Wang,et al.  Current status and advancement of cyber-physical systems in manufacturing , 2015 .

[15]  Tullio Tolio,et al.  A virtual factory approach for in situ simulation to support production and maintenance planning , 2015 .

[16]  Herbert J. Mattord,et al.  Principles of Information Security , 2004 .

[17]  Miguel Correia,et al.  Securing energy metering software with automatic source code correction , 2013, 2013 11th IEEE International Conference on Industrial Informatics (INDIN).

[18]  Francesco Benzi,et al.  IIoT based efficiency monitoring of a Gantry robot , 2016, 2016 IEEE 14th International Conference on Industrial Informatics (INDIN).

[19]  Arafat Abdulgader Mohammed Elhag,et al.  Proposed security model for web based applications and services , 2017, 2017 International Conference on Communication, Control, Computing and Electronics Engineering (ICCCCEE).

[20]  Anagnostopoulos Christos,et al.  Integrating IoT to manufacturing processes utilizing semantics , 2016 .

[21]  李洋,et al.  Security Objectives of Cyber Physical Systems , 2014 .

[22]  Valentina Casola,et al.  Methodology to Obtain the Security Controls in Multi-cloud Applications , 2016, CLOSER.

[23]  José L. Martínez Lastra,et al.  Condition monitoring for distributed systems with reconfigurable user interfaces and data permissions , 2016, IECON 2016 - 42nd Annual Conference of the IEEE Industrial Electronics Society.

[24]  Fadi Al-Ayed,et al.  Synopsis of Security: Using Kerberos Method to Secure File Transfer Sessions , 2016, 2016 International Conference on Computational Science and Computational Intelligence (CSCI).

[25]  Bilal Ahmad,et al.  Engineering Methods and Tools for Cyber–Physical Automation Systems , 2016, Proceedings of the IEEE.

[26]  Valeriy Vyatkin,et al.  Knowledge-based web service integration for industrial automation , 2014, 2014 12th IEEE International Conference on Industrial Informatics (INDIN).

[27]  Rainer Drath,et al.  AutomationML - the glue for seamless automation engineering , 2008, 2008 IEEE International Conference on Emerging Technologies and Factory Automation.

[28]  Dimitris Mourtzis,et al.  Digital manufacturing: History, perspectives, and outlook , 2009 .

[29]  Sabrina De Capitani di Vimercati,et al.  Access Control Policies, Models, and Mechanisms , 2011, Encyclopedia of Cryptography and Security.