Secure Tele-operation Protocol for the firewall in the control system (Japanese)

In: Transactions of the Information Processing Society of Japan   ;  43 ,  8  ;  2552-2561  ;  2002
  • ISSN:
  • Article (Journal)  /  Print

How to get this document?

This research is related to a secure tele-operation protocol for plant control systems via IP networks. We propose the access control mechanism for the control system by using the concept of "operation privilege." In the fusion of information systems and control systems, it has been possible to have access to the control systems from IP networks with high usability. At the same time, however, the control systems have been exposed to various threats of the IT security. Especially in the case of operations, whose information is inbound flow for the control system, the command must be inspected in the application layer to ensure the security. In this research, the firewall for the control systems with capabilities of operation privilege management is considered, and the Secure Tele-operation Protocol (STP) is designed to communicate with the firewall, which behaves as the STP server. The agents inside the firewall manage the operator authentication, access control, and operation privileges. The proposed protocol realizes the exclusive operation with operation privilege management, even though the privileges can be transferred to another operator after negotiation. Experimental results show the feasibility of the proposed protocol. Additionally, the vulnerability analysis shows the practical security against the supposed threats for STP.

Table of contents – Volume 43, Issue 8

Show all volumes and issues

The tables of contents are generated automatically and are based on the data records of the individual contributions available in the index of the TIB portal. The display of the Tables of Contents may therefore be incomplete.

2372
Digital security token and its derivatives
Matsuura, K. | 2002
2394
Biometric personal authentication using DNA data
Itakura, Y. / Nagashima, T. / Tsujii, S. | 2002
2435
Consideration on combinatorial optimization of illegal copy countermeasures
Sasaki, R. / Yoshiura, H. / Itoh, S. | 2002
2467
Virus extermination method using vaccine with chase ability
Nakaya, N. / Koui, Y. / Suzuki, M. | 2002
2529
Maintaining image quality in motion picture watermarking based on motion detection
Echizen, I. / Yoshiura, H. / Taguchi, J. / Nakano, K. / Sasaki, R. | 2002
2542
Implementation and evaluation of remote patrol system for Web server
Takemori, K. / Tanaka, T. / Nakao, K. / Ohigashi, T. / Miyake, T. / Shiraishi, Y. / Morii, M. | 2002
2552
Secure Tele-operation Protocol for the firewall in the control system
Kato, H. / Tamano, M. / Furuya, M. / Miyao, T. | 2002
2562
A privacy-enhanced SSL access control with authorization certificates
Umesawa, K. / Saito, T. / Okuno, H.G. | 2002
2610
Implementation and evaluation of certificate management mechanism for HTTPS
Wakayama, K. / Takasu, T. / Murase, S. / Suzuki, S. / Iwata, A. | 2002
2674
Object-oriented framework development method based on a three-view model
Hayase, T. / Matsumoto, K. | 2002
2687
Numerical simulation of dialysate flow in a hollow-fiber dialyzer
Osuga, T. / Ikehira, H. / Obata, T. / Homma, K. / Yamane, S. / Naito, H. | 2002
2697
A QoS-control method on video distribution by means of RTP
Shimotsuma, Y. / Fukuda, K. / Okumura, S. / Takatori, N. / Ohno, T. / Mizuno, T. | 2002
2728
A synthesis of structural adaptive learning algorithm in neural network based on the theory of evolution
Oeda, S. / Ichimura, T. / Terauchi, M. / Takahama, T. / Isomichi, Y. | 2002
2764
A study of learning support system for integrative study
Obayashi, F. / Yamamoto, A. / Ito, K. / Shimoda, H. / Yoshikawa, H. | 2002
2774
Representation of volumetric data with immersive image and haptics
Hashimoto, W. / Iwata, H. | 2002
2821
"e-office", a communication support system for distributed workers using media space
Sakakibara, K. / Kato, M. / Tadokoro, Y. / Miyasaki, T. | 2002
Feedback