Abstract
The complex industrial environment of the 21st century is equipped with the Internet of Things platform, with the objective of real-time operational visibility, improved device management and predictive maintenance. To unleash the focused importance of its policy, a secure connectivity must be realized through a range of existing and dissimilar devices and data sources. During the conceptualization phase, the authors aimed to compel the following: (a) that restriction of access should be based on the presence of unexpected device actions that may point to a security breach, and (b) ensure the safety of the system by constant tracking of connected devices and data. In this paper, a policy-driven, zero-trust defense model is proposed to address numerous vulnerable entry points, validate device access to legitimate enterprise functions, quarantine unsecure devices, and trigger automated warnings and policy validation for hardware, software, network connectivity and data management. To handle active scanning, bots, passive auditing, outbound threat management, and device interconnections, an experimental environment was put up. This environment provides holistic visibility and a persistent view of all resources, including those that were previously unknown. A steady stream of reliable and authenticated data has helped to develop and adjust a scalable implementation strategy by avoiding recognized anomalous traps. Actual data was aggregated and analyzed to assess the proposed methodology. Comparative analysis of ‘device exposure view, attack path analysis, controlled view of devices, comprehensive vulnerability evaluation, and effective communication of cyber risk’ has proved the effectiveness of the proposed methodology.
Funder
Deanship of Scientific Research at Prince Sattam Bin Abdulaziz University
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering
Reference25 articles.
1. Amin, H., and Burkett, R. (2018, January 29–30). SAMIIT: Spiral attack model in IIoT mapping security alerts to attack life cycle phases. Proceedings of the 5th International Symposium for ICS & SCADA Cyber Security Research, Hamburg, Germany.
2. Bassam, Z., Hussaini, A., and Ali-Gombe, A. (2021, January 26–28). IIoT-ARAS: IIoT/ICS Automated Risk Assessment System for Prediction and Prevention. Proceedings of the Eleventh ACM Conference on Data and Application Security and Privacy, Virtual Event.
3. Hardware-intrinsic multi-layer security: A new frontier for 5G ena-bled IIoT;Hussain;Sensors,2020
4. Blockchain-Based Massive Data Dissemination Handling in IIoT Environ-ment;Kumari;IEEE Netw.,2021
5. Towards design and implementation of security and privacy framework for internet of medical things (iomt) by leveraging blockchain and ipfs technology;Kumar;J. Supercomput.,2021
Cited by
3 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献