Title :
Scalable Authentication and Key Management in SCADA
Author :
Xiao, Liangliang ; Yen, I-Ling ; Bastani, Farokh
Author_Institution :
Univ. of Texas at Dallas, Dallas, TX, USA
Abstract :
In this paper we develop a SCADA key management system to provide better security, performance, and scalability. Conventional symmetric key based approaches have several problems. We adopt public key based approaches due to its flexibility in authentication and access control and efficiency in rekeying. However, existing public key based approaches are not scalable. Simple replication of CAs (certificate authorities) raises security concerns. We consider several novel designs to bridge the gaps in existing approaches. First, a master key based semi-autonomous key refreshing scheme has been developed to shift the rekeying burdens from CAs to individual SCADA node. Then, we design a CA-grid approach, which combines the threshold scheme and replication of CAs to achieve better protection of the master keys, improved availability, and enhanced performance by load sharing. Analyses show that our scheme has many advantages than the existing SCADA key management systems.
Keywords :
SCADA systems; authorisation; public key cryptography; CA grid approach; SCADA key management systems; SCADA node; access control; certificate authorities; load sharing; master keys; public key based approach; scalable authentication; security concerns; semiautonomous key refreshing scheme; symmetric key; threshold scheme; SCADA system; access control; authentication; key management;
Conference_Titel :
Parallel and Distributed Systems (ICPADS), 2010 IEEE 16th International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-1-4244-9727-0
Electronic_ISBN :
1521-9097
DOI :
10.1109/ICPADS.2010.66
