Abstract
The Arrowhead Framework aims to create collaborative automation using networked embedded devices by establishing a service oriented approach to govern them. Various cyber-physical Systems can provide and consume Services from one another in closed automation clouds. These System-of-Systems has been introduced by the Arrowhead framework as Local Clouds. These clouds – being high value targets – can then be subject to an extensive amount of threats. This paper is dedicated towards revising the Arrowhead framework to further enhance its security solutions. A certificate-based architecture is presented to solve authentication and authorization tasks not just within, but in-between Local Clouds by using a token concept applied for services. This schema also allows the integration of resource constrained devices in coexistence with different levels of security.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Alonso, G., Casati, F., Kuno, H., Machiraju, V.: Web Services. Springer, Heidelberg (2004)
Blomstedt, F., Ferreira, L.L., Klisics, M., Chrysoulas, C., de Soria, I.M., Morin, B., Zabasta, A., Eliasson, J., Johansson, M., Varga, P.: The arrowhead approach for soa application development and documentation. In: IECON 2014–40th Annual Conference of the IEEE Industrial Electronics Society, pp. 2631–2637, October 2014
Hegedus, C., Daniel Kozma, G.S.P.V.: Enhancements of the arrowhead framework to refine inter-cloud service interactions. IEEE IECON 2016 (2016)
Erl, T.: SOA Principles of Service Design (The Prentice Hall Service-Oriented Computing Series from Thomas Erl). Prentice Hall PTR, Upper Saddle River (2007)
International Telecommunication Union, Telecommunication Standardization Sector (ITU-T), X.509: Information technology Open Systems Interconnection The Directory: Public-key and attribute certificate frameworks. Recommendation 509, October 2012. http://www.itu.int/rec/T-REC-X.509-201210-I/en
Carlsson, O., Csaba Hegedus, J.D.P.V.: Organizing iot systems-of-systems from standardized engineering data. IEEE IECON 2016 (2016)
Pereira, P.P., Eliasson, J., Delsing, J.: An authentication and access control framework for coap-based internet of things. In: IECON 2014–40th Annual Conference of the IEEE Industrial Electronics Society, pp. 5293–5299, October 2014
Plosz, S., Farshad, A., Tauber, M., Lesjak, C., Ruprechter, T., Pereira, N.: Security vulnerabilities and risks in industrial usage of wireless communication. In: Proceedings of the 2014 IEEE Emerging Technology and Factory Automation (ETFA), pp. 1–8, September 2014
Plósz, S., Tauber, M., Varga, P.: Information assurance system in the arrowhead project. ERCIM News 2014(97), 29 (2014). http://ercim-news.ercim.eu/en97/special/information-assurance-system-in-the-arrowhead-project
Ravi, S., Raghunathan, A., Kocher, P., Hattangady, S.: Security in embedded systems: design challenges. ACM Trans. Embed. Comput. Syst. 3(3), 461–491 (2004). http://doi.acm.org/10.1145/1015047.1015049
Roman, R., Zhou, J., Lopez, J.: On the features and challenges of security and privacy in distributed internet of things. Comput. Netw. 57, 2266–2279 (2013). http://www.sciencedirect.com/science/article/pii/S1389128613000054
Varga, P., Blomstedt, F., Lino Ferreira, L., Eliasson, J., Johansson, M., Delsing, J., Martinez de Soria, I.: Making system of systems interoperable - the core components of the arrowhead technology framework. J. Netw. Comput. Appl. (2016)
Varga, P., Hegedus, C.: Service interaction through gateways for inter-cloud collaboration within the arrowhead framework. In: 5th International Conference on Wireless Communications, Vehicular Technology, Information Theory and Aerospace and Electronic Systems (Wireless VITAE) (2015)
Wiki, T.A.F.: https://forge.soa4d.org/plugins/mediawiki/wiki/arrowhead-f/index.php/
Acknowledgment
This work is supported by the EU ARTEMIS JU funding, within project ARTEMIS/0001/2012, JU grant nr. 332987 (ARROWHEAD). The authors would like to thank all the Arrowhead partners for the discussions, and would also like to acknowledge the efforts of the Hungarian team who participated in this work: from evopro Hungary and from Budapest University of Technology.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer International Publishing Switzerland
About this paper
Cite this paper
Plósz, S., Hegedűs, C., Varga, P. (2016). Advanced Security Considerations in the Arrowhead Framework. In: Skavhaug, A., Guiochet, J., Schoitsch, E., Bitsch, F. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2016. Lecture Notes in Computer Science(), vol 9923. Springer, Cham. https://doi.org/10.1007/978-3-319-45480-1_19
Download citation
DOI: https://doi.org/10.1007/978-3-319-45480-1_19
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-45479-5
Online ISBN: 978-3-319-45480-1
eBook Packages: Computer ScienceComputer Science (R0)