This file was created by the TYPO3 extension
bib
--- Timezone: CEST
Creation date: 2024-07-03
Creation time: 05-38-51
--- Number of references
8
inproceedings
2024-wagner-madtls
Madtls: Fine-grained Middlebox-aware End-to-end Security for Industrial Communication
2024
7
1
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-wagner-madtls.pdf
ACM
19th ACM ASIA Conference on Computer and Communications Security (ACM AsiaCCS '24), Singapur
Singapur
ACM ASIA Conference on Computer and Communications Security (AsiaCCS)
July 1-5, 2024
10.1145/3634737.3637640
1
EricWagner
DavidHeye
MartinSerror
IkeKunze
KlausWehrle
MartinHenze
inproceedings
2024-kunze-spintrap
SpinTrap: Catching Speeding QUIC Flows
2024
5
7
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-kunze-spintrap.pdf
IEEE/IFIP
Proceedings of the 2024 IEEE/IFIP Network Operations and Management Symposium (NOMS '24)
2024 IEEE/IFIP Network Operations and Management Symposium
accepted
1
IkeKunze
ConstantinSander
LarsTissen
BenediktBode
KlausWehrle
article
2024_lohmoeller_sovereignty-survey
The Unresolved Need for Dependable Guarantees on Security, Sovereignty, and Trust in Data Ecosystems
Data & Knowledge Engineering
2024
5
1
151
Data ecosystems emerged as a new paradigm to facilitate the automated and massive exchange of data from heterogeneous information sources between different stakeholders. However, the corresponding benefits come with unforeseen risks as sensitive information is potentially exposed, questioning their reliability. Consequently, data security is of utmost importance and, thus, a central requirement for successfully realizing data ecosystems. Academia has recognized this requirement, and current initiatives foster sovereign participation via a federated infrastructure where participants retain local control over what data they offer to whom. However, recent proposals place significant trust in remote infrastructure by implementing organizational security measures such as certification processes before the admission of a participant. At the same time, the data sensitivity incentivizes participants to bypass the organizational security measures to maximize their benefit. This issue significantly weakens security, sovereignty, and trust guarantees and highlights that organizational security measures are insufficient in this context. In this paper, we argue that data ecosystems must be extended with technical means to (re)establish dependable guarantees. We underpin this need with three representative use cases for data ecosystems, which cover personal, economic, and governmental data, and systematically map the lack of dependable guarantees in related work. To this end, we identify three enablers of dependable guarantees, namely trusted remote policy enforcement, verifiable data tracking, and integration of resource-constrained participants. These enablers are critical for securely implementing data ecosystems in data-sensitive contexts.
Data sharing; Confidentiality; Integrity protection; Data Markets; Distributed databases
internet-of-production; coat-ers; vesitrust
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-lohmoeller-data-sovereignty-survey.pdf
Elsevier
0169-023X
10.1016/j.datak.2024.102301
1
JohannesLohmöller
JanPennekamp
RomanMatzutt
Carolin VictoriaSchneider
EduardVlad
ChristianTrautwein
KlausWehrle
inproceedings
2024-kunze-civic
In-Situ Model Validation for Continuous Processes Using In-Network Computing
2024
5
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-kunze-civic.pdf
Proceedings of the 7th IEEE International Conference on Industrial Cyber-Physical Systems (ICPS '24)
accepted
1
IkeKunze
DominikScheurenberg
LiamTirpitz
SandraGeisler
KlausWehrle
inproceedings
2024-wagner-acns-aggregate
When and How to Aggregate Message Authentication Codes on Lossy Channels?
2024
3
5
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-wagner-mac-aggregation.pdf
22nd International Conference on Applied Cryptography and Network Security (ACNS '24), Abu Dhabi, UAE
Abu Dhabi, UAE
International Conference on Applied Cryptography and Network Security (ACNS)
March 5-9, 2024
accepted
1
EricWagner
MartinSerror
KlausWehrle
MartinHenze
article
2024_pennekamp_supply-chain-survey
An Interdisciplinary Survey on Information Flows in Supply Chains
ACM Computing Surveys
2024
2
1
56
2
Supply chains form the backbone of modern economies and therefore require reliable information flows. In practice, however, supply chains face severe technical challenges, especially regarding security and privacy. In this work, we consolidate studies from supply chain management, information systems, and computer science from 2010--2021 in an interdisciplinary meta-survey to make this topic holistically accessible to interdisciplinary research. In particular, we identify a significant potential for computer scientists to remedy technical challenges and improve the robustness of information flows. We subsequently present a concise information flow-focused taxonomy for supply chains before discussing future research directions to provide possible entry points.
information flows; data communication; supply chain management; data security; data sharing; systematic literature review
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-supply-chain-survey.pdf
ACM
0360-0300
10.1145/3606693
1
JanPennekamp
RomanMatzutt
ChristopherKlinkmüller
LennartBader
MartinSerror
EricWagner
SidraMalik
MariaSpiß
JessicaRahn
TanGürpinar
EduardVlad
Sander J. J.Leemans
Salil S.Kanhere
VolkerStich
KlausWehrle
article
2024_pennekamp_supply-chain-sensing
Securing Sensing in Supply Chains: Opportunities, Building Blocks, and Designs
IEEE Access
2024
1
8
12
9350-9368
Supply chains increasingly develop toward complex networks, both technically in terms of devices and connectivity, and also anthropogenic with a growing number of actors. The lack of mutual trust in such networks results in challenges that are exacerbated by stringent requirements for shipping conditions or quality, and where actors may attempt to reduce costs or cover up incidents. In this paper, we develop and comprehensively study four scenarios that eventually lead to end-to-end-secured sensing in complex IoT-based supply chains with many mutually distrusting actors, while highlighting relevant pitfalls and challenges—details that are still missing in related work. Our designs ensure that sensed data is securely transmitted and stored, and can be verified by all parties. To prove practical feasibility, we evaluate the most elaborate design with regard to performance, cost, deployment, and also trust implications on the basis of prevalent (mis)use cases. Our work enables a notion of secure end-to-end sensing with minimal trust across the system stack, even for complex and opaque supply chain networks.
blockchain technology; reliability; security; trust management; trusted computing; trusted execution environments
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2024/2024-pennekamp-secure-sensing.pdf
2169-3536
10.1109/ACCESS.2024.3350778
1
JanPennekamp
FritzAlder
LennartBader
GianlucaScopelliti
KlausWehrle
Jan TobiasMühlberg
inproceedings
2024-dahlmanns-cired
Reliable and Secure Control Center to Station Device Communication
2024
The increasing demands on the power grid require intelligent and flexible solutions that ensure the grid's stability. Many of these measures involve sophisticated communication between the control center and the stations that is not efficiently realizable using traditional protocols, e.g., IEC 60870-5-104. To this end, IEC 61850 introduces data models which allow flexible communication. Still, the specification leaves open how DSOs should interconnect their stations to realize resilient communication between the control center and station devices. However, DSOs require such communication to adapt modern solutions increasing the grid's capacity, e.g., adaptive protection systems.
In this paper, we present our envisioned network and communication concept for future DSO's ICT infrastructures that enables the control center to resiliently and flexibly communicate with station devices. For resilience, we suggest interconnecting each station with two distinct communication paths to the control center, use MPLS-TP and MPTCP for fast failovers when a single link fails, and mTLS to protect the communication possibilities against misuse. Additionally, in accordance with IEC 61850, we envision the control center to communicate with the station devices using MMS by using the station RTU as a proxy.
ven2us
Proceedings of the CIRED workshop on Increasing Distribution Network Hosting Capacity 2024, June 19-20, 2024, Vienna, Austria
Vienna
CIRED workshop on Increasing Distribution Network Hosting Capacity 2024
June 19-20, 2024
1
MarkusDahlmanns
Ina BereniceFink
GerritErichsen
GuosongLin
ThomasHammer
BurkhardBorkenhagen
SebastianSchneider
ChristofMaahsen
KlausWehrle