Um Data Diode com Hardware Criptográfico para Redes Industriais Críticas
Resumo
Este artigo apresenta um esquema de segurança capaz de tratar os problemas encontrados na integração de redes industriais críticas com redes corporativas inseguras, objetivando garantir integridade dos dados e confiabilidade entre os dispositivos. Para esse fim é proposto a utilização de um Data Diode na interligação das redes para a proteção da planta industrial e um hardware criptográfico TPM (Trusted Platform Module) para garantia de integridade e confiabilidade dos dispositivos envolvidos. Como forma de provar a efetividade dessa arquitetura, foram realizados testes, que ao final no trabalho, mostram que é possível alcançar resultados superiores aos trabalhos já existentes na literatura.
Referências
Arkhangelskii, V., Epishkina, A., Kalmytov, V., and Kogos, K. (2016). Secure One-Way Data Transfer. pages 392–395.
Heo, Y., Kim, B., Kang, D., and Na, J. (2016). A Design of Unidirectional Security Gateway for Enforcement Reliability and Security of Transmission Data in Industrial Control Systems. pages 310–313.
Heo, Y. and Na, J. (2016). Development of unidirectional security gateway appliance using intel 82580EB NIC interface. 2016 International Conference on Information and Communication Technology Convergence, ICTC 2016, pages 1194–1196.
Jeon, B.-s. and Na, J.-c. (2016). A Study of Cyber Security Policy in Industrial Control System using Data Diodes. pages 314–317.
Moreira, N., Molina, E., Lázaro, J., Jacob, E., and Astarloa, A. (2016). Cyber-security in substation automation systems. Renewable and Sustainable Energy Reviews, 54:1552–1562.
Oh, Y.-c., Han, M.-r., Shin, Y., and Kim, J.-b. (2015). A Study on the Communication Agent Model for One-way Data Transfer System. 9(10):161–168.
Osborn, J. D. and Challener, D. C. (2013). Trusted platform Module evolution. Johns Hopkins APL Technical Digest (Applied Physics Laboratory), 32(2):536–543.
Winter, J. and Dietrich, K. (2013). A hijacker’s guide to communication interfaces of the trusted platform module. Computers and Mathematics with Applications, 65(5):748–761.
Heo, Y., Kim, B., Kang, D., and Na, J. (2016). A Design of Unidirectional Security Gateway for Enforcement Reliability and Security of Transmission Data in Industrial Control Systems. pages 310–313.
Heo, Y. and Na, J. (2016). Development of unidirectional security gateway appliance using intel 82580EB NIC interface. 2016 International Conference on Information and Communication Technology Convergence, ICTC 2016, pages 1194–1196.
Jeon, B.-s. and Na, J.-c. (2016). A Study of Cyber Security Policy in Industrial Control System using Data Diodes. pages 314–317.
Moreira, N., Molina, E., Lázaro, J., Jacob, E., and Astarloa, A. (2016). Cyber-security in substation automation systems. Renewable and Sustainable Energy Reviews, 54:1552–1562.
Oh, Y.-c., Han, M.-r., Shin, Y., and Kim, J.-b. (2015). A Study on the Communication Agent Model for One-way Data Transfer System. 9(10):161–168.
Osborn, J. D. and Challener, D. C. (2013). Trusted platform Module evolution. Johns Hopkins APL Technical Digest (Applied Physics Laboratory), 32(2):536–543.
Winter, J. and Dietrich, K. (2013). A hijacker’s guide to communication interfaces of the trusted platform module. Computers and Mathematics with Applications, 65(5):748–761.
Publicado
25/10/2018
Como Citar
TEIXEIRA, Gabriel Carrijo B.; FEITOSA, Eduardo L..
Um Data Diode com Hardware Criptográfico para Redes Industriais Críticas. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 18. , 2018, Natal.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2018
.
p. 141-154.
DOI: https://doi.org/10.5753/sbseg.2018.4249.
