Download PDFOpen PDF in browserZero-Trust Security Implementation to Industrial NetworksEasyChair Preprint 151566 pages•Date: September 28, 2024AbstractThe use of new network technologies has been required at every layer of production. Thus, the data been trransmitted, even in the lower levels of the industry, has increased. However, this advace in the technology also brings a higher vulnerability for the sytems against cibernetic attacks. In this work it is adressed the problem in which an attacker has the objective to compromise the information confidentiality of industrial networks. Several strategies have been proposed in order to defend the system against outside intrusers, such as cryptography and opacity. However few papers have addressed the problem if the network is compromised internally. Considering this, in this work it is proposed a new defense strategy, considering inside attackers, i.e., if an attacker has compromised a legitm entity of the network. in This article it will be evaluated the effectiveness of applying the RSA cryptographic to ensure secure communication between Programmable Logic Controllers (PLCs) in a SCADA system, where we consider that any PLC can be compromised (zero-trust network ), and therefore a information is only transmitted if it is validaded by every entity on the network. The objective is to perform encryption, validation, and secure data transmission. The implementation of these mechanisms ensures secure data traffic throughout the plant, preventing lateral movement by potential attackers. Keyphrases: Cryptography, Cybersecurity, RSA, SCADA, Zero Trust
|