Volume 12, Number 07, April 2022
How to Enhance the Sharing of Cyber Incident Information via Fine-Grained Access Control
Authors
Jarno Salonen1, Tatu Niskanen2 and Pia Raitio3, 1VTT Technical Research Centre of Finland, Finland, 2University of Jyväskylä, Finland, 3Finnish Transport Infrastructure Agency, Finland
Abstract
Industry 4.0 and the ongoing digital transformation along with a large number interconnected machines anddevices increase the role of cybersecurity, cyber incident handling and incident response in the factories of the future (FoF). Cyber incident information sharing plays a major role when we need to formulate situational pictures about FoF operations and environment, and respond to cybersecurity threats related to e.g. the implementation of novel technologies. Sharing of incident information has a major drawback since it may reveal too much about the attack target, e.g. in the case of legacy systems and therefore restrictions may apply. We have developed a proof-of-concept service that combines access control and encryption of data at high granularity and a mechanism for requesting access to restricted cyber incident information. Theobjective was to demonstrate how access to restricted incident data fields could be managed in a fine-grained manner to enhance information sharing.
Keywords
Incident Management, Visualisation, Cybersecurity, Information Sharing.