Putting Things in Context: Securing Industrial Authentication with Context Information

Abstract

Copyright © 2019, arXiv, All rights reserved. The development in the area of wireless communication, mobile and embedded computing leads to significant changes in the application of devices. Over the last years, embedded devices were brought into the consumer area creating the Internet of Things. Furthermore, industrial applications increasingly rely on communication through trust boundaries. Networking is cheap and easily applicable while providing the possibility to make everyday life more easy and comfortable and industry more efficient and less time-consuming. One of the crucial parts of this interconnected world is sound and secure authentication of entities. Only entities with valid authorisation should be enabled to act on a resource according to an access control scheme. An overview of challenges and practices of authentication is provided in this work, with a special focus on context information as part of security solutions. It can be used for authentication and security solutions in industrial applications. Additional information about events in networks can aid intrusion detection, especially in combination with security information and event management systems. Finally, an authentication and access control approach, based on context information and -