AC4E: An Access Control Model for Emergencies of Mission-Critical Cyber-Physical Systems

Access control is an essential security component in protecting sensitive data and services from unauthorized access to the resources in mission-critical Cyber-Physical Systems (CPSs). CPSs are different from conventional information processing systems in such that they involve interactions between the cyber world and the physical world. Therefore, existing access control models cannot be used directly and even become disabled in an emergency situation. This paper proposes an adaptive Access Control model for Emergences (AC4E) for mission-critical CPSs. The principal aim of AC4E is to control the criticalities in these systems by executing corresponding responsive actions. AC4E not only provides the ability to control access to data and services in normal situations, but also grants the correct set of access privileges, at the correct time, to the correct set of subjects in emergency situations. It can facilitate adaptively responsive actions altering the privileges to specific subjects in a proactive manner without the need for any explicit access requests. A semiformal validation of the AC4E model is presented, with respect to responsiveness, correctness, safety, non-repudiation and concurrency, respectively. Then a case study is given to demonstrate how the AC4E model detects, responds, and controls the emergency events for a typical CPS adaptively in a proactive manner. Eventually, a wide set of simulations and performance comparisons of the proposed AC4E model are presented.

[1]  Sandeep K. S. Gupta,et al.  Criticality aware access control model for pervasive applications , 2006, Fourth Annual IEEE International Conference on Pervasive Computing and Communications (PERCOM'06).

[2]  Antonio Corradi,et al.  Context-based access control management in ubiquitous environments , 2004, Third IEEE International Symposium on Network Computing and Applications, 2004. (NCA 2004). Proceedings..

[3]  Sandeep K. S. Gupta,et al.  Performance modeling of critical event management for ubiquitous computing applications , 2006, MSWiM '06.

[4]  Siddharth Sridhar,et al.  Cyber–Physical System Security for the Electric Power Grid , 2012, Proceedings of the IEEE.

[5]  Qian Zhang,et al.  Code-Centric RFID System Based on Software Agent Intelligence , 2010, IEEE Intelligent Systems.

[6]  Sudip Misra,et al.  Reputation-based role assignment for role-based access control in wireless sensor networks , 2011, Comput. Commun..

[7]  Gabor Karsai,et al.  Toward a Science of Cyber–Physical System Integration , 2012, Proceedings of the IEEE.

[8]  Yang Yu,et al.  Query privacy in wireless sensor networks , 2007, SECON.

[9]  Jiafu Wan,et al.  Advances in Cyber-Physical Systems Research , 2011, KSII Trans. Internet Inf. Syst..

[10]  Indrajit Ray,et al.  TrustBAC: integrating trust relationships into the RBAC model for access control in open systems , 2006, SACMAT '06.

[11]  Younghan Kim,et al.  Conferencing Service Interworking in Peer-to-Peer and IMS Networks , 2012, KSII Trans. Internet Inf. Syst..

[12]  Sajal K. Das,et al.  Privacy preservation in wireless sensor networks: A state-of-the-art survey , 2009, Ad Hoc Networks.

[13]  Wenjing Lou,et al.  FDAC: Toward Fine-Grained Distributed Data Access Control in Wireless Sensor Networks , 2011 .

[14]  Manachai Toahchoodee,et al.  A Spatio-temporal Role-Based Access Control Model , 2007, DBSec.

[15]  Jae Moung Kim,et al.  Improved Resource Allocation Scheme in LTE Femtocell Systems based on Fractional Frequency Reuse , 2012, KSII Trans. Internet Inf. Syst..

[16]  Manachai Toahchoodee,et al.  A Spatio-temporal Access Control Model Supporting Delegation for Pervasive Computing Applications , 2008, TrustBus.

[17]  Lui Sha,et al.  Cyber-Physical Systems: A New Frontier , 2008, 2008 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (sutc 2008).

[18]  Feng Xia,et al.  A Fault-Tolerant Emergency-Aware Access Control Scheme for Cyber-Physical Systems , 2011, Inf. Technol. Control..

[19]  Insup Lee,et al.  Challenges and Research Directions in Medical Cyber–Physical Systems , 2012, Proceedings of the IEEE.

[20]  Roshan K. Thomas,et al.  Flexible team-based access control using contexts , 2001, SACMAT '01.

[21]  Kai-Di Chang,et al.  A Survey of Trust Management in WSNs, Internet of Things and Future Internet , 2012 .

[22]  Kui Ren,et al.  Distributed Privacy-Preserving Access Control in Sensor Networks , 2012, IEEE Transactions on Parallel and Distributed Systems.

[23]  Heejo Lee,et al.  This article has been accepted for inclusion in a future issue of this journal. Content is final as presented, with the exception of pagination. INVITED PAPER Cyber–Physical Security of a Smart Grid Infrastructure , 2022 .

[24]  Emil C. Lupu,et al.  Security and management policy specification , 2002, IEEE Netw..

[25]  Dean Povey Optimistic security: a new access control paradigm , 1999, NSPW '99.

[26]  Ayan Banerjee,et al.  Ensuring Safety, Security, and Sustainability of Mission-Critical Cyber–Physical Systems , 2012, Proceedings of the IEEE.

[27]  Yu-Jung Huang,et al.  Lightweight authentication scheme for wireless sensor networks , 2012, 2012 IEEE Global High Tech Congress on Electronics.