Research Area:  Internet of Things
The supervisory control and data acquisition (SCADA) system is widely used in industrial control and the contemporary Industrial Internet of Things (IIoT). Unfortunately, due to its relatively weak design in terms of data security and access control, SCADA systems are becoming a favorite target for attackers. End-to-end encryption, such as SSL/TLS protocol, is used to protect the data transmission, but it cannot guarantee security in third-party cloud platforms. In this article, we propose a secure revocable fine-grained access control and data sharing scheme. This scheme not only ensures the confidentiality of the data but also enhances the access control of the SCADA system. Our scheme is based on three key observations. The common communication architecture of SCADA systems cannot protect data security itself. The security supports provided by industrial control protocols are limited. Moreover, the third-party cloud platforms are semitrusted. In addition, we have introduced digital signature technology to assure the integrity of the data in the SCADA system. We prove that our scheme is secure. This scheme has been experimentally evaluated to introduce negligible performance losses while improving data security in the SCADA system.
Keywords:  
Cloud security
Data security
Fine-grained data transmission
Supervisory control and data acquisition (SCADA) system
Author(s) Name:   Weiting Zhang; Hanyi Zhang; Liming Fang; Zhe Liu; Chunpeng Ge
Journal name:  IEEE Internet of Things Journal
Conferrence name:  
Publisher name:  IEEE
DOI:  10.1109/JIOT.2021.3091760
Volume Information:  ( Volume: 9, Issue: 3, 01 February 2022)
Paper Link:   https://ieeexplore.ieee.org/abstract/document/9469009