Home // SECURWARE 2014, The Eighth International Conference on Emerging Security Information, Systems and Technologies // View article
Authors:
Rainer Falk
Steffen Fries
Keywords: Digital certificate, certificate whitelisting, credential management, PKI, device authentication, Internet of Things
Abstract:
Device authentication is a basic security feature for automation systems and for the future Internet of Things. The design, setup and operation of a practically usable security infrastructure for the management of required device credentials -- as cryptographic device keys and device certificates -- is a huge challenge. Also, access permissions defining authorized communication peers have to be configured on devices. The set-up and operation of a public key infrastructure PKI with registration authority (RA) and certification authority (CA), as well as the management of device permissions has shown to be burdensome for industrial application domains. A recent approach is based on certificate whitelisting. It is currently standardized for field device communication within energy automation systems by IEC~62351 in alignment with ITU-T~X.509. This new approach changes the way how digital certificates are used and managed significantly. After describing the new approach of managed certificate whitelisting and giving a summary of ongoing standardization activities, an example for the application in a real-world application domain is described. Needs for further technical work are derived, and solution options are presented.
Pages: 167 to 172
Copyright: Copyright (c) IARIA, 2014
Publication date: November 16, 2014
Published in: conference
ISSN: 2162-2116
ISBN: 978-1-61208-376-6
Location: Lisbon, Portugal
Dates: from November 16, 2014 to November 20, 2014