A Design of Service Protocol Based Security Framework for ICT Convergence Industry Environment

  • Abstract
  • Keywords
  • References
  • PDF
  • Abstract

    Background/Objectives: Numerous cyber security incidents in the field of ICT have become more intelligent and are being reproduced in the ICT convergence industry.

    Methods/Statistical analysis: Convergence security technology targeting from domestic facilities such as electricity and transportation to household products such as TV and refrigerator have become necessary.It is necessary to develop security functions for each protocol layer that can detect and block threats in industries based on convergence security technology.Therefore, it is urgent to develop a security framework that enables developers to implement security functions easily and quickly at low cost.

    Findings: This paper analyzes vulnerabilities of service-based protocols used in ICT convergence industry such as smart grid, smart factory, smart traffic, smart home, smart healthcare, etc., and proposes technologies that can detect and block security threats.we also defined protocol common security elements and designed a security modules for each protocol layer that contained them.In other words, we designed a service-oriented protocol security framework that enables the development of security functions easily and quickly in an open environment.It will be possible to develop a flexible and fast convergence security system in the ICT convergence industrial environment where various protocols are used by developing a framework structure in which protocol-independent security modules and protocol-specific security modules are separated.In addition, the overall security level of the ICT industry network can be improved by adding on the necessary security module on the system in operation. And In the field of industrial security, you can improve productivity by reusing each security module.

    Improvements/Applications: Future research on the development of various ICT convergence industry control security systems based on the developed security framework will be carried out.

  • Keywords

    ICT Convergence Industry, Security Vulnerability, Security Measures, Service-Oriented Protocol , Security Framework

  • References

      [1] Mohamed A.& Geir M. K. (2015). Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks. Journal of Cyber Security and Mobility, 4(1), 65-88. doi: 10.13052/jcsm2245-1439.414.

      [2] Isaac Ghansah. (2012). SMART GRID CYBER SECURITYPOTENTIAL THREATS,VULNERABILITIES AND RISKS(California Energy Commission No. CEC‐500‐2012‐047). Retrieved fromhttp://www.energy.ca.gov/2012publications/CEC-500-2012-047/CEC-500-2012-047.pdf.

      [3] Kristen Noakes-Fry. (2003). Firewalls: Technology Overview(Gartner GroupTechnology Overview DPRO-90318).Retrieved fromhttp://www.bus.umich.edu/kresgepublic/journals/gartner/research/90300/90318/90318.pdf.

      [4] Web Application Security Consortium. (2006). Web Application Firewall Evaluation Criteria. Retrieved fromhttp://projects.webappsec.org/f/wasc-wafec-v1.0.pdf.

      [5] openADR Alliance. (2012). OpenADR 2.0 Profile Specification B Profile. http://cimug.ucaiug.org/Projects/CIM-OpenADR/Shared%20Documents/Source%20Documents/OpenADR%20Alliance/OpenADR_2_0b_Profile_Specification_v1.0.pdf.

      [6] Internet Engineering Task Force. (2014). The Constrained Application Protocol (CoAP). Retrieved from https://tools.ietf.org/html/rfc7252.

      [7] OASIS. (2014). MQTT Version 3.1.1. Retrieved fromhttp://upfiles.heclouds.com/123/ueditor/2016/07/14/184e2dd5bc35bd9de59abc740665faac.pdf.

      [8] Computer Science and Engineering Department, THAPAR University. (2009). Deep Packet Inspection in Linux Kernel Firewall. Retrieved fromhttp://dspace.thapar.edu:8080/jspui/bitstream/10266/862/3/862%20Vaibhav%20Bhadade%20%2880732004%29.pdf .

      [9] Federal Office for Information Security. (2017). OPC UA Security Analysis. Retrieved fromhttps://opcfoundation.org/wp-content/uploads/2017/04/OPC_UA_security_analysis-OPC-F-Responses-2017_04_21.pdf.

      [10] OWASP. (2017). OWASP Top 10 - 2017.Retrieved fromhttps://www.owasp.org/images/7/72/OWASP_Top_10-2017_%28en%29.pdf.pdf.




Article ID: 18111
DOI: 10.14419/ijet.v7i2.33.18111

Copyright © 2012-2015 Science Publishing Corporation Inc. All rights reserved.