1403/01/10
پیام محمودی نصر

پیام محمودی نصر

مرتبه علمی: دانشیار
ارکید: https://orcid.org/0000-0003-1421-3712
تحصیلات: دکترای تخصصی
اسکاپوس: https://www.scopus.com/authid/detail.uri?authorId=56483175500
دانشکده: دانشکده مهندسی و فناوری
نشانی: گروه مهندسی کامپیوتر
تلفن: 011-35305109

مشخصات پژوهش

عنوان
An Alarm Based Access Control Model for SCADA System
نوع پژوهش
Presentation
کلیدواژه‌ها
Access control, trust, insider attack, RBAC, SCADA
سال
2015
پژوهشگران Payam Mahmoudi-nasr ، ali yazdian varjani

چکیده

Insider attacks are one of the most dangerous threats on security of critical infrastructures. An insider attack occurs when an authorized operator misuses the permissions, and brings catastrophic damages by sending legitimate control commands. Providing too many permissions may backfire, when operators wrongly or deliberately abuse their privileges. Therefore, an access control model is required to provide necessary permissions and prevent malicious usage. This paper proposes a new access control model in Supervisory Control and Data Acquisition (SCADA) system. Proposed model extends the Role Based Access Control (RBAC) model by incorporating an operator trust assessment process. The operator trust is calculated periodically or when an insider attack is detected. The simulation results illustrate that the proposed model is effective, and the access of attacker or unskilled operator will be limited as the access of skilled operator will be increased.