An access control and authorization model with Open stack cloud for Smart Grid
Abstract In compare to Authentication for identification and relationship of an identity of a user with its task and process within the system, authorization in access control is much anxious about confirming that user and its task in the form of system process, access to the assets of any particular domain is only approved when proven obedient to the identified policies. Access control and authorization is always an area of interest for researchers for enhancing security of critical assets from many decades. Our prime focus and interest is in the field of access control model based on Attribute base access control (ABAC) and with this paper we tried to integrate ABAC with openstack cloud for achieving finer level of granularity in access policies for domain like smart grid. Technical advancement of current era demands that critical infrastructure like traditional electrical grid open ups to the modern information and communication technology to get the benefit in terms of efficiency, scalability, accessibility and transparency for better adaptability in real world. Incorporation of ICT with electric grid makes it possible to do greater level of bi-directional interaction among stake holders like customer, generation units, distribution units and administrations and these leads international organization to contribute for standardization of smart grid concepts and technology so that the realization of smart grid becomes reality. Smart grid is a distributed system of very large scale by its nature and needs to integrate available legacy systems with its own security requirements. Cloud computing proven to be most efficient approach for said requirements and we have identified openstack as our cloud platform. We have integrated ABAC approach with default RBAC approach of openstack and provide a frame work that supports and integrate multiple access control polices in making authorization decisions. Smart grid domain in considered as case study which requires support of multiple access policies (RBAC, ABAC or DAC etc) with our model for access control and authorization.
- Referencias
- Cómo citar
- Del mismo autor
- Métricas
1. U.S. National Institute of Standards and Technology, “Guidelines for Smart Grid Cybersecurity NISTIR 7628 Revision 1,” U.S. Dep. Commer. NISTIR, vol. 1, no. September, p. 668, 2014, doi: 10.6028/NIST.IR.7628r1.
2. C. Wei, “A conceptual framework for smart grid,” Asia-Pacific Power Energy Eng. Conf. APPEEC, 2010, doi: 10.1109/APPEEC.2010.5448786.
3. H. Melvin, “The role of ICT in evolving SmartGrids,” in The 10th International Conference on Digital Technologies 2014, Jul. 2014, pp. 235–237, doi: 10.1109/DT.2014.6868720.
4. A. R. Metke and R. L. Ekl, “Smart grid security technology,” Innov. Smart Grid Technol. Conf. ISGT 2010, pp. 1–7, 2010, doi: 10.1109/isgt.2010.5434760.
5. M. B. Line, I. A. Tøndel, and M. G. Jaatun, “Cyber security challenges in Smart Grids,” IEEE PES Innov. Smart Grid Technol. Conf. Eur., pp. 1–8, 2011, doi: 10.1109/ISGTEurope.2011.6162695.
6. A. Bere?, B. Genge, and I. Kiss, “A Brief Survey on Smart Grid Data Analysis in the Cloud,” Procedia Technol., vol. 19, pp. 858–865, 2015, doi: 10.1016/j.protcy.2015.02.123.
7. “OpenStack Docs: Keystone, the OpenStack Identity Service.” .
8. A. R. Anggraini and J. Oliver, Access control systems, vol. 53, no. 9. 2019.
9. R. S. Sandhu and P. Samarati, “1994 Access Control 1.pdf,” IEEE Communications Magazine, pp. 40–48, Sep. 1994.
10. H. Cheung, C. Yang, and H. Cheung, “New Smart-Grid Operation-Based Network Access Control,” in 2015 IEEE Energy Conversion Congress and Exposition (ECCE), 2015, pp. 1203–1207.
11. U. Khalid, A. Ghafoor, M. Irum, and M. A. Shibli, “Cloud based secure and privacy enhanced authentication & authorization protocol,” Procedia Comput. Sci., vol. 22, pp. 680–688, 2013, doi: 10.1016/j.procs.2013.09.149.
12. V. C. Hu et al., “Guide to attribute based access control (abac) definition and considerations,” NIST Spec. Publ., vol. 800, p. 162, 2014, doi: 10.6028/NIST.SP.800-162.
13. C. Alcaraz, I. Agudo, D. Nu, and J. Lopez, “Managing Incidents in Smart Grids a` la Cloud,” 2011, doi: 10.1109/CloudCom.2011.79.
14. M. Yigit, V. C. Gungor, and S. Baktir, “Cloud Computing for Smart Grid applications,” Comput. Networks, vol. 70, pp. 312–329, 2014, doi: 10.1016/j.comnet.2014.06.007.
15. P. Naveen, W. K. Ing, M. K. Danquah, A. S. Sidhu, and A. Abu-Siada, “Cloud computing for energy management in smart grid - An application survey,” IOP Conf. Ser. Mater. Sci. Eng., vol. 121, no. 1, 2016, doi: 10.1088/1757-899X/121/1/012010.
16. S. Rusitschka, K. Eger, and C. Gerdes, “Smart Grid Data Cloud: A Model for Utilizing Cloud Computing in the Smart Grid Domain,” pp. 483–488, 2010, doi: 10.1109/smartgrid.2010.5622089.
17. H. Bai, Z. Ma, and Y. Zhu, “The application of cloud computing in smart grid status monitoring,” Commun. Comput. Inf. Sci., vol. 312 CCIS, pp. 460–465, 2012, doi: 10.1007/978-3-642-32427-7_64.
18. A. Califano, E. Dincelli, and S. Goel, “Using Features of Cloud Computing to Defend Smart Grid against DDoS Attacks,” 10th Annu. Symp. Inf. Assur., no. June, p. 44, 2015.
19. B. Fang et al., “The contributions of cloud technologies to smart grid,” Renew. Sustain. Energy Rev., vol. 59, no. June, pp. 1326–1331, 2016, doi: 10.1016/j.rser.2016.01.032.
20. John vacca, cloud computing security foundation and challenges, vol. 53, no. 9. CRC press, 2013.
21. V. Barot, V. Kapadia, and S. Pandya, “QoS Enabled IoT Based Low Cost Air Quality Monitoring System with Power Consumption Optimization,” vol. 20, no. 2, pp. 122–140, 2020, doi: 10.2478/cait-2020-0021.
22. V. Barot and V. Kapadia, “Towards building a scalable IoT based system for carbon monoxide monitoring and forecasting,” Int. J. Adv. Sci. Technol., vol. 29, no. 3, pp. 5583–5590, 2020.
23. S. Zahoor, S. Javaid, N. Javaid, M. Ashraf, F. Ishmanov, and M. K. Afzal, “Cloud-fog-based smart grid model for efficient resource management,” Sustain., vol. 10, no. 6, pp. 1–21, 2018, doi: 10.3390/su10062079.
24. P. Naveen, W. Kiing, I. Michael, K. Danquah, A. S. Sidhu, and A. Abu-Siada, “A Cloud Associated Smart Grid Admin Dashboard,” Technol. Appl. Sci. Res., vol. 8, no. 1, pp. 2499–2507, 2018.
25. F. Buccafurri, C. Labrini, and L. Musarella, “Smart-contract based access control on distributed information in a smart-city scenario,” CEUR Workshop Proc., vol. 2580, 2020.
26. V. R. Elonnai Hickok, “Cyber Security of Smart Grids in India,” Centre for Internet and Society (CIS), 2016.
27. M. Ed-Daibouni, A. Lebbat, S. Tallal, and H. Medromi, “Toward a New Extension of the Access Control Model ABAC for Cloud Computing,” in Advances in Ubiquitous Networking, 2016, pp. 79–89.
28. G. Suciu, C. Istrate, A. Vulpe, M.-A. Sachian, and M. Vochin, “Attribute-based Access Control for Secure and Resilient Smart Grids,” 2019, doi: 10.14236/ewic/icscsr19.9.
29. E. D. Knapp and R. Samani, Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure. 2013.
30. “Openstack documnetation Policies,” 2020. https://docs.openstack.org/security-guide/identity/policies.html.
2. C. Wei, “A conceptual framework for smart grid,” Asia-Pacific Power Energy Eng. Conf. APPEEC, 2010, doi: 10.1109/APPEEC.2010.5448786.
3. H. Melvin, “The role of ICT in evolving SmartGrids,” in The 10th International Conference on Digital Technologies 2014, Jul. 2014, pp. 235–237, doi: 10.1109/DT.2014.6868720.
4. A. R. Metke and R. L. Ekl, “Smart grid security technology,” Innov. Smart Grid Technol. Conf. ISGT 2010, pp. 1–7, 2010, doi: 10.1109/isgt.2010.5434760.
5. M. B. Line, I. A. Tøndel, and M. G. Jaatun, “Cyber security challenges in Smart Grids,” IEEE PES Innov. Smart Grid Technol. Conf. Eur., pp. 1–8, 2011, doi: 10.1109/ISGTEurope.2011.6162695.
6. A. Bere?, B. Genge, and I. Kiss, “A Brief Survey on Smart Grid Data Analysis in the Cloud,” Procedia Technol., vol. 19, pp. 858–865, 2015, doi: 10.1016/j.protcy.2015.02.123.
7. “OpenStack Docs: Keystone, the OpenStack Identity Service.” .
8. A. R. Anggraini and J. Oliver, Access control systems, vol. 53, no. 9. 2019.
9. R. S. Sandhu and P. Samarati, “1994 Access Control 1.pdf,” IEEE Communications Magazine, pp. 40–48, Sep. 1994.
10. H. Cheung, C. Yang, and H. Cheung, “New Smart-Grid Operation-Based Network Access Control,” in 2015 IEEE Energy Conversion Congress and Exposition (ECCE), 2015, pp. 1203–1207.
11. U. Khalid, A. Ghafoor, M. Irum, and M. A. Shibli, “Cloud based secure and privacy enhanced authentication & authorization protocol,” Procedia Comput. Sci., vol. 22, pp. 680–688, 2013, doi: 10.1016/j.procs.2013.09.149.
12. V. C. Hu et al., “Guide to attribute based access control (abac) definition and considerations,” NIST Spec. Publ., vol. 800, p. 162, 2014, doi: 10.6028/NIST.SP.800-162.
13. C. Alcaraz, I. Agudo, D. Nu, and J. Lopez, “Managing Incidents in Smart Grids a` la Cloud,” 2011, doi: 10.1109/CloudCom.2011.79.
14. M. Yigit, V. C. Gungor, and S. Baktir, “Cloud Computing for Smart Grid applications,” Comput. Networks, vol. 70, pp. 312–329, 2014, doi: 10.1016/j.comnet.2014.06.007.
15. P. Naveen, W. K. Ing, M. K. Danquah, A. S. Sidhu, and A. Abu-Siada, “Cloud computing for energy management in smart grid - An application survey,” IOP Conf. Ser. Mater. Sci. Eng., vol. 121, no. 1, 2016, doi: 10.1088/1757-899X/121/1/012010.
16. S. Rusitschka, K. Eger, and C. Gerdes, “Smart Grid Data Cloud: A Model for Utilizing Cloud Computing in the Smart Grid Domain,” pp. 483–488, 2010, doi: 10.1109/smartgrid.2010.5622089.
17. H. Bai, Z. Ma, and Y. Zhu, “The application of cloud computing in smart grid status monitoring,” Commun. Comput. Inf. Sci., vol. 312 CCIS, pp. 460–465, 2012, doi: 10.1007/978-3-642-32427-7_64.
18. A. Califano, E. Dincelli, and S. Goel, “Using Features of Cloud Computing to Defend Smart Grid against DDoS Attacks,” 10th Annu. Symp. Inf. Assur., no. June, p. 44, 2015.
19. B. Fang et al., “The contributions of cloud technologies to smart grid,” Renew. Sustain. Energy Rev., vol. 59, no. June, pp. 1326–1331, 2016, doi: 10.1016/j.rser.2016.01.032.
20. John vacca, cloud computing security foundation and challenges, vol. 53, no. 9. CRC press, 2013.
21. V. Barot, V. Kapadia, and S. Pandya, “QoS Enabled IoT Based Low Cost Air Quality Monitoring System with Power Consumption Optimization,” vol. 20, no. 2, pp. 122–140, 2020, doi: 10.2478/cait-2020-0021.
22. V. Barot and V. Kapadia, “Towards building a scalable IoT based system for carbon monoxide monitoring and forecasting,” Int. J. Adv. Sci. Technol., vol. 29, no. 3, pp. 5583–5590, 2020.
23. S. Zahoor, S. Javaid, N. Javaid, M. Ashraf, F. Ishmanov, and M. K. Afzal, “Cloud-fog-based smart grid model for efficient resource management,” Sustain., vol. 10, no. 6, pp. 1–21, 2018, doi: 10.3390/su10062079.
24. P. Naveen, W. Kiing, I. Michael, K. Danquah, A. S. Sidhu, and A. Abu-Siada, “A Cloud Associated Smart Grid Admin Dashboard,” Technol. Appl. Sci. Res., vol. 8, no. 1, pp. 2499–2507, 2018.
25. F. Buccafurri, C. Labrini, and L. Musarella, “Smart-contract based access control on distributed information in a smart-city scenario,” CEUR Workshop Proc., vol. 2580, 2020.
26. V. R. Elonnai Hickok, “Cyber Security of Smart Grids in India,” Centre for Internet and Society (CIS), 2016.
27. M. Ed-Daibouni, A. Lebbat, S. Tallal, and H. Medromi, “Toward a New Extension of the Access Control Model ABAC for Cloud Computing,” in Advances in Ubiquitous Networking, 2016, pp. 79–89.
28. G. Suciu, C. Istrate, A. Vulpe, M.-A. Sachian, and M. Vochin, “Attribute-based Access Control for Secure and Resilient Smart Grids,” 2019, doi: 10.14236/ewic/icscsr19.9.
29. E. D. Knapp and R. Samani, Applied Cyber Security and the Smart Grid: Implementing Security Controls into the Modern Power Infrastructure. 2013.
30. “Openstack documnetation Policies,” 2020. https://docs.openstack.org/security-guide/identity/policies.html.
Rathod, Y. A. (2020). An access control and authorization model with Open stack cloud for Smart Grid. ADCAIJ: Advances in Distributed Computing and Artificial Intelligence Journal, 9(3), 69–87. https://doi.org/10.14201/ADCAIJ2020936987
Downloads
Download data is not yet available.
+
−