Markus Tauber

Security vulnerabilities and risks in industrial usage of wireless communication

Due to its availability and low cost, the use of wireless communication technologies increases in domains beyond the originally intended usage areas, e.g. M2M communication in industrial applications. Such industrial applications often have specific security requirements. Hence, it is important to understand the characteristics of such applications and evaluate the vulnerabilities bearing the highest risk in this context. We present a comprehensive overview of security issues and features in existing WLAN, NFC and ZigBee standards, investigating the usage characteristics of these standards in industrial environments. We apply standard risk assessment methods to identify vulnerabilities with the highest risk across multiple technologies. We present a threat catalogue, conclude in which direction new mitigation methods should progress and how security analysis methods should be extended to meet requirements in the M2M domain.

Towards Continuous Cloud Service Assurance for Critical Infrastructure IT

The momentum behind Cloud Computing has revolutionized how ICT services are provided, adopted and delivered. Features such as high scalability, fast provisioning, on demand resource availability makes it an attractive proposition for deploying complex and demanding systems. Clouds are also very suitable for deploying systems with unpredictable load patterns including Critical infrastructure services. Though, the major obstacle in hosting Critical infrastructures is often a lack of assurance. The transparency and flexibility offered by the Cloud, abstracts per definition over e.g. data placement, hardware, service migration. This makes it very hard to assure security properties. We present an investigation of assurance approaches, an analysis of their suitability for Critical Infrastructure Services being deployed in the Cloud and presents our approach.

Trustworthy evidence gathering mechanism for multilayer cloud compliance

Cloud Computing allows the designing of systems which dynamically acquire compute resources. This makes it very suitable for Critical Infrastructures where unpredictable load due to human usage patterns are very likely. Especially in this domain legal compliance is a growing concern in general. Abstraction over multiple architectural cloud layers allows for individual layers being operated by different providers. This makes it hard to determine whether legal compliance is given. In this paper we motivate the research towards an Event Gathering Mechanism which is envisioned to allow the modelling of legal aspects in a multi layered cloud environment.

A Lightweight Authentication Mechanism for M2M Communications in Industrial IoT Environment

In the emerging industrial Internet of Things (IIoT) era, machine-to-machine (M2M) communication technology is considered as a key underlying technology for building IIoT environments, where devices (e.g., sensors, actuators, and gateways) are enabled to exchange information with each other in an autonomous way without human intervention. However, most of the existing M2M protocols that can be also used in the IIoT domain provide security mechanisms based on asymmetric cryptography resulting in high computational cost. As a consequence, the resource-constrained IoT devices are not able to support them appropriately and thus, many security issues arise for the IIoT environment. Therefore, lightweight security mechanisms are required for M2M communications in IIoT in order to reach its full potential. As a step toward this direction, in this paper, we propose a lightweight authentication mechanism, based only on hash and XOR operations, for M2M communications in IIoT environment. The proposed mechanism is characterized by low computational cost, communication, and storage overhead, while achieving mutual authentication, session key agreement, device’s identity confidentiality, and resistance against the following attacks: replay attack, man-in-the-middle attack, impersonation attack, and modification attack.

A Multi-layer and MultiTenant Cloud Assurance Evaluation Methodology

Data with high security requirements is being processed and stored with increasing frequency in the Cloud. To guarantee that the data is being dealt in a secure manner we investigate the applicability of Assurance methodologies. In a typical Cloud environment the setup of multiple layers and different stakeholders determines security properties of individual components that are used to compose Cloud applications. We present a methodology adapted from Common Criteria for aggregating information reflecting the security properties of individual constituent components of Cloud applications. This aggregated information is used to categorise overall application security in terms of Assurance Levels and to provide a continuous assurance level evaluation. It gives the service owner an overview of the security of his service, without requiring detailed manual analyses of log files.

Impact of Critical Infrastructure Requirements on Service Migration Guidelines to the Cloud

A high level of information security in critical infrastructure IT systems and services has to be preserved when migrating their IT services to the cloud. Often various legislative and security constraints have to be met in line with best practice guidelines and international standards to perform the migration. To support the critical infrastructure providers in migrating their services to the cloud we are developing a process based migration guideline for critical infrastructure providers focusing on information security. First of all we investigate, via questionnaires, how the importance of individual security topics covered in such guidelines differentiates between industry stakeholders and critical infrastructure providers. This supports the selection of relevant security topics and the considered guidelines and standards, which we survey in search for common relevant security topics. Subsequently we present the analysis of the above-mentioned security requirements and how they affect a here developed taxonomy for a process-based security guideline. Furthermore we present potential service migration use cases and how our methodology would affect the migration of secure critical infrastructure services.

Security standards taxonomy for Cloud applications in Critical Infrastructure IT

The trend of using the Cloud will soon reach Critical Infrastructure (CI) IT. Due to the lack of relevant taxonomies and criteria catalogs, it is often difficult for software development teams who work in the CI and cloud domain to adopt the right standard or tool for the context at hand. This work motivates the investigation of the applicability of software security standards and tools for CI IT, outlines the relevant security issues and investigates gaps in existing work on this topic.

Towards Resilience Metrics for Future Cloud Applications

An analysis of new technologies can yield insight into the way these technologies will be used. Inevitably, new technologies and their uses are likely to result in new security issues regarding threats, vulnerabilities and attack vectors. In this paper, we investigate and analyse technological and security trends and their potential to become future threats by systematically examining industry reports on existing technologies. Using a cloud computing use case we identify potential resilience metrics that can shed light on the security properties of the system.

Harmonized Monitoring for High Assurance Clouds

Due to a lack of transparency in cloud based services well-defined security levels cannot be assured within current cloud infrastructures. Hence sectors with stringent security requirements hesitate to migrate their services to the cloud. This applies especially when considering services where high security requirements are combined with legal constraints. To tackle this challenge this paper presents an extension to our existing work on assurance methodologies in cloud based environments by investigating how current state of the art monitoring solutions can be used to support assurance throughout the entire infrastructure. A case study is used in which monitoring information representing a set of relevant security properties is being collected. As result, we propose that a combination of existing tools should be used to harmonize existing monitoring artifacts. We describe and evaluate an Evidence Gathering Mechanism (EGM) that provides this harmonization and show how this can support assurance. This can also underpin legal proceedings from an evidence law perspective.

Categorization of Standards, Guidelines and Tools for Secure System Design for Critical Infrastructure IT in the Cloud

With the increasing popularity of cloud computing, security in cloud-based applications is gaining awareness and is regarded as one of the most crucial factors for the long term success of such applications. Despite all benefits of cloud computing, its fate lies in its success in gaining trust from its users achieved by ensuring cloud services being built in a safe and secure manner. This work evaluates existing security standards and tools for creating Critical Infrastructure (CI) services in cloud environments -- often implemented as cyber physical systems (CPS). We also identify security issues from a literature review and from a show case analysis. Furthermore, we analyse and evaluate how mitigation options for identified open security issues for CI in the cloud point to individual aspects of standards and guidelines to support the creation of secure CPS/CI in the cloud. Additionally, we presented the results in a multidimensional taxonomy based on the mapping of the issues and the standards and tools. We show which areas require the attention as they are currently not covered completely by existing standards, guidelines and tools.