Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported
| Autor(a) principal: | |
|---|---|
| Data de Publicação: | 2022 |
| Outros Autores: | |
| Tipo de documento: | Artigo |
| Idioma: | eng |
| Título da fonte: | Repositório Institucional da Udesc |
| dARK ID: | ark:/33523/0013000005f5f |
| Texto Completo: | https://repositorio.udesc.br/handle/UDESC/2874 |
Resumo: | © 2022 by the authors.The Zero Trust concept is being adopted in information technology (IT) deployments, while human users remain to be the main risk for operational technology (OT) deployments. This article proposes to enhance the new Modbus/TCP Security protocol with authentication and authorization functions that guarantee security against intentional unauthorized access. It aims to comply with the principle of never trusting the person who is accessing the network before carrying out a security check. Two functions are tested and used in order to build an access control method that is based on a username and a password for human users with knowledge of industrial automation control systems (IACS), using simple means, low motivation, and few resources. A man-in-the-middle (MITM) component was added in order to intermediate the client and the server communication and to validate these functions. The proposed scenario was implemented using the Node-RED programming platform. The tests implementing the functions and the access control method through the Node-RED software have proven their potential and their applicability. |
| id |
UDESC-2_84f42fed5e5b0dd39cce9e577234de3d |
|---|---|
| oai_identifier_str |
oai:repositorio.udesc.br:UDESC/2874 |
| network_acronym_str |
UDESC-2 |
| network_name_str |
Repositório Institucional da Udesc |
| repository_id_str |
6391 |
| spelling |
Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported© 2022 by the authors.The Zero Trust concept is being adopted in information technology (IT) deployments, while human users remain to be the main risk for operational technology (OT) deployments. This article proposes to enhance the new Modbus/TCP Security protocol with authentication and authorization functions that guarantee security against intentional unauthorized access. It aims to comply with the principle of never trusting the person who is accessing the network before carrying out a security check. Two functions are tested and used in order to build an access control method that is based on a username and a password for human users with knowledge of industrial automation control systems (IACS), using simple means, low motivation, and few resources. A man-in-the-middle (MITM) component was added in order to intermediate the client and the server communication and to validate these functions. The proposed scenario was implemented using the Node-RED programming platform. The tests implementing the functions and the access control method through the Node-RED software have proven their potential and their applicability.2024-12-05T20:21:59Z2022info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/article1424-822010.3390/s22208024https://repositorio.udesc.br/handle/UDESC/2874ark:/33523/0013000005f5fSensors2220Martins T.*Oliveira, Sergio Vidal Garciaengreponame:Repositório Institucional da Udescinstname:Universidade do Estado de Santa Catarina (UDESC)instacron:UDESCinfo:eu-repo/semantics/openAccess2024-12-07T20:40:03Zoai:repositorio.udesc.br:UDESC/2874Biblioteca Digital de Teses e Dissertaçõeshttps://pergamumweb.udesc.br/biblioteca/index.phpPRIhttps://repositorio-api.udesc.br/server/oai/requestri@udesc.bropendoar:63912024-12-07T20:40:03Repositório Institucional da Udesc - Universidade do Estado de Santa Catarina (UDESC)false |
| dc.title.none.fl_str_mv |
Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title |
Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| spellingShingle |
Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported Martins T.* |
| title_short |
Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title_full |
Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title_fullStr |
Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title_full_unstemmed |
Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title_sort |
Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| author |
Martins T.* |
| author_facet |
Martins T.* Oliveira, Sergio Vidal Garcia |
| author_role |
author |
| author2 |
Oliveira, Sergio Vidal Garcia |
| author2_role |
author |
| dc.contributor.author.fl_str_mv |
Martins T.* Oliveira, Sergio Vidal Garcia |
| description |
© 2022 by the authors.The Zero Trust concept is being adopted in information technology (IT) deployments, while human users remain to be the main risk for operational technology (OT) deployments. This article proposes to enhance the new Modbus/TCP Security protocol with authentication and authorization functions that guarantee security against intentional unauthorized access. It aims to comply with the principle of never trusting the person who is accessing the network before carrying out a security check. Two functions are tested and used in order to build an access control method that is based on a username and a password for human users with knowledge of industrial automation control systems (IACS), using simple means, low motivation, and few resources. A man-in-the-middle (MITM) component was added in order to intermediate the client and the server communication and to validate these functions. The proposed scenario was implemented using the Node-RED programming platform. The tests implementing the functions and the access control method through the Node-RED software have proven their potential and their applicability. |
| publishDate |
2022 |
| dc.date.none.fl_str_mv |
2022 2024-12-05T20:21:59Z |
| dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
| dc.type.driver.fl_str_mv |
info:eu-repo/semantics/article |
| format |
article |
| status_str |
publishedVersion |
| dc.identifier.uri.fl_str_mv |
1424-8220 10.3390/s22208024 https://repositorio.udesc.br/handle/UDESC/2874 |
| dc.identifier.dark.fl_str_mv |
ark:/33523/0013000005f5f |
| identifier_str_mv |
1424-8220 10.3390/s22208024 ark:/33523/0013000005f5f |
| url |
https://repositorio.udesc.br/handle/UDESC/2874 |
| dc.language.iso.fl_str_mv |
eng |
| language |
eng |
| dc.relation.none.fl_str_mv |
Sensors 22 20 |
| dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
| eu_rights_str_mv |
openAccess |
| dc.source.none.fl_str_mv |
reponame:Repositório Institucional da Udesc instname:Universidade do Estado de Santa Catarina (UDESC) instacron:UDESC |
| instname_str |
Universidade do Estado de Santa Catarina (UDESC) |
| instacron_str |
UDESC |
| institution |
UDESC |
| reponame_str |
Repositório Institucional da Udesc |
| collection |
Repositório Institucional da Udesc |
| repository.name.fl_str_mv |
Repositório Institucional da Udesc - Universidade do Estado de Santa Catarina (UDESC) |
| repository.mail.fl_str_mv |
ri@udesc.br |
| _version_ |
1848168336271081472 |