Cargando…
Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported
The Zero Trust concept is being adopted in information technology (IT) deployments, while human users remain to be the main risk for operational technology (OT) deployments. This article proposes to enhance the new Modbus/TCP Security protocol with authentication and authorization functions that gua...
| Autores principales: | , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2022
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9607043/ https://www.ncbi.nlm.nih.gov/pubmed/36298371 http://dx.doi.org/10.3390/s22208024 |
| _version_ | 1784818442672537600 |
|---|---|
| author | Martins, Tiago Oliveira, Sergio Vidal Garcia |
| author_facet | Martins, Tiago Oliveira, Sergio Vidal Garcia |
| author_sort | Martins, Tiago |
| collection | PubMed |
| description | The Zero Trust concept is being adopted in information technology (IT) deployments, while human users remain to be the main risk for operational technology (OT) deployments. This article proposes to enhance the new Modbus/TCP Security protocol with authentication and authorization functions that guarantee security against intentional unauthorized access. It aims to comply with the principle of never trusting the person who is accessing the network before carrying out a security check. Two functions are tested and used in order to build an access control method that is based on a username and a password for human users with knowledge of industrial automation control systems (IACS), using simple means, low motivation, and few resources. A man-in-the-middle (MITM) component was added in order to intermediate the client and the server communication and to validate these functions. The proposed scenario was implemented using the Node-RED programming platform. The tests implementing the functions and the access control method through the Node-RED software have proven their potential and their applicability. |
| format | Online Article Text |
| id | pubmed-9607043 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2022 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-96070432022-10-28 Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported Martins, Tiago Oliveira, Sergio Vidal Garcia Sensors (Basel) Article The Zero Trust concept is being adopted in information technology (IT) deployments, while human users remain to be the main risk for operational technology (OT) deployments. This article proposes to enhance the new Modbus/TCP Security protocol with authentication and authorization functions that guarantee security against intentional unauthorized access. It aims to comply with the principle of never trusting the person who is accessing the network before carrying out a security check. Two functions are tested and used in order to build an access control method that is based on a username and a password for human users with knowledge of industrial automation control systems (IACS), using simple means, low motivation, and few resources. A man-in-the-middle (MITM) component was added in order to intermediate the client and the server communication and to validate these functions. The proposed scenario was implemented using the Node-RED programming platform. The tests implementing the functions and the access control method through the Node-RED software have proven their potential and their applicability. MDPI 2022-10-20 /pmc/articles/PMC9607043/ /pubmed/36298371 http://dx.doi.org/10.3390/s22208024 Text en © 2022 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Martins, Tiago Oliveira, Sergio Vidal Garcia Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title | Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title_full | Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title_fullStr | Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title_full_unstemmed | Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title_short | Enhanced Modbus/TCP Security Protocol: Authentication and Authorization Functions Supported |
| title_sort | enhanced modbus/tcp security protocol: authentication and authorization functions supported |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9607043/ https://www.ncbi.nlm.nih.gov/pubmed/36298371 http://dx.doi.org/10.3390/s22208024 |
| work_keys_str_mv | AT martinstiago enhancedmodbustcpsecurityprotocolauthenticationandauthorizationfunctionssupported AT oliveirasergiovidalgarcia enhancedmodbustcpsecurityprotocolauthenticationandauthorizationfunctionssupported |