Skip to main content

IT-Sicherheit und Cloud Computing

Zusammenfassung

In Industrie 4.0 in Deutschland verschwinden die Grenzen zwischen den vormals getrennten Informations- und Kommunikationstechnik-Bereichen (IKT) der Produktions- IT und der Business-IT. Diese werden vernetzt, wodurch IT-Systeme mit ganz unterschiedlichen Sicherheitsanforderungen verbunden werden. Daraus ergeben sich neue Verwundbarkeiten und den Angreifern eröffnen sich neue Möglichkeiten, in Systeme einzudringen und Schäden auch in der physischen Welt zu verursachen. So können sich beispielsweise Computer-Viren, die man von Desktop-PCs kennt, auf Produktionsanlagen ausbreiten, oder Maschinen werden zur Fernwartung freigegeben, ohne diese Zugänge ausreichend abzusichern.

This is a preview of subscription content, access via your institution.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Literatur

  1. Kritische Sicherheitslücke ermöglicht Fremdzugriff auf Systemregler des Vaillant ecoPOWER 1.0, April 2013.

    Google Scholar 

  2. BENCSÁTH, BOLDIZSÁR, GÁBOR PÉK, LEVENTE BUTTYÁN MÁRK FÉLEGYHÁZI: Duqu: A Stuxnet-like malware found in the wild., Laboratory of Cryptography and System Security (CrySyS), Budapest University of Technology and Economics, Department of Telecommunications, October 2011.

    Google Scholar 

  3. BONEH, D., G. DI CRESCENZO, R. OSTROVSKY G. PERSIANO: Public Key Encryption with Keyword Search. Advances in Cryptology-Eurocrypt 2004, 506–522. Springer, 2004.

    Google Scholar 

  4. BOWERS, KEVIN D, ARI JUELS ALINA OPREA: HAIL: A High-Availability and Integrity Layer for Cloud Storage . Proceed of the 16th ACM Conference on Computer and Communications Security, 187–206, New York, New York, USA, 2009. ACM Press.

    Google Scholar 

  5. BOWERS, KEVIN D, ARI JUELS ALINA OPREA: Proofs of Retrievability: Theory and Implementation. ACM Cloud Computing Security Workshop, 43–54, 2009.

    Google Scholar 

  6. CANETTI, RAN: Security and Composition of Multi-party Cryptographic Protocols. Journal of Cryptology, 13(1):143–202, January 2000.

    CrossRef  MATH  MathSciNet  Google Scholar 

  7. CRYPTOGRAPHY, LABORATORY OF SYSTEM SECURITY (CRYSYS): W32.Duqu - The precursor to the next Stuxnet., Symantec, November 2011.

    Google Scholar 

  8. ECKERT, CLAUDIA: IT – Sicherheit – Konzepte, Verfahren, Protokolle. Oldenbourg, 8th, 2013.

    Google Scholar 

  9. FILIPOVIC, BARTOL OLIVER SCHIMMEL: Schutz eingebetteter Systeme vor Produktpiraterie: Technologischer Hintergrund und Vorbeugemaßnahmen. AISEC Studie, 2012.

    Google Scholar 

  10. FORSCHUNGSUNION: Umsetzungsempfehlungen für das Industrieprojekt 4.0, April 2013.

    Google Scholar 

  11. INTELLITRENDS: Measuring the Impact of Technology Performance: A Global Perspective – 2013., Compuware, 2013.

    Google Scholar 

  12. JUELS, ARI BURTON S KALISKI JR: PORs: Proofs of Retrievability for Large Files. Proceedings of the Seventh ACM Conference on Computer and Communication Security CCS, 2007.

    Google Scholar 

  13. JUELS, ARI ALINA OPREA: New Approaches to Security and Availability for Cloud Data. Communications of the ACM, 56(2):64–73, 2013.

    CrossRef  Google Scholar 

  14. KATZ, J., A. SAHAI B. WATERS: Predicate encryption supporting disjunctions, polynomial equations, and inner products. Advances in Cryptology–EUROCRYPT 2008, 146–162, 2008.

    Google Scholar 

  15. KIENING, ALEXANDER, CHRISTOPH KRAUß CLAUDIA ECKERT: Verifiable Trust between Electronic Control Units based on a single Trust Anchor. 11th Embedded Security in Cars (escar), 2013.

    Google Scholar 

  16. KRAUß, CHRISTOPH VOLKER FUSENIG: Using Trusted Platform Modules for Location Assurance in Cloud Networking. Proceedings of the 7th International Conference on Network and System Security (NSS 2013), Lecture Notes in Computer Science. Springer, 2013.

    Google Scholar 

  17. LINDELL, YEHUDA BENNY PINKAS: Secure Multiparty Computation for Privacy- Preserving Data Mining. May 2008.

    Google Scholar 

  18. MERLI, DOMINIK GEORG SIGL: Physical Unclonable Functions - Identitäten für eingebettete Systeme. Datenschutz und Datensicherheit, 12, 2012.

    Google Scholar 

  19. NYANCHAMA, MATUNDA SYLVIA OSBORN: Role-based Security: Pros, Cons, & some Research Directions. SIGSAC Rev., 11(2):11–17, 1993.

    CrossRef  Google Scholar 

  20. PARK, D., K. KIM P. LEE: Public Key Encryption with Conjunctive Field Keyword Search. Information Security Applications, 73–86, 2005.

    Google Scholar 

  21. PIRRETTI, M., P. TRAYNOR, P. MCDANIEL B. WATERS: Secure Attribute-Based Systems. Proceedings of the 13th ACM conference on Computer and communications security (CCS ’06), 99–112, 2006.

    Google Scholar 

  22. SAHAI, A. B. WATERS: Fuzzy identity-based encryption. Advances in Cryptology– EUROCRYPT 2005, 557–557, 2005.

    Google Scholar 

  23. SONG, D.X., D. WAGNER A. PERRIG: Practical techniques for searches on encrypted data. Security and Privacy, 2000. S & P 2000. Proceedings. 2000 IEEE Symposium on, 44–55. IEEE, 2000.

    Google Scholar 

  24. SPATH, DIETER, OLIVER GANSCHAR, STEFAN GERLACH, MORITZ HÄMMERLE, TOBIAS KRAUSE SEBASTIAN SCHLUND: Produktionsarbeit der Zukunft – Industrie 4.0., Fraunhofer- Institut für Arbeitswirtschaft und Organisation IAO, 2013.

    Google Scholar 

  25. STEFANOV, EMIL, MARTEN VAN DIJK, ALINA OPREA ARI JUELS: Iris: A Scalable Cloud File System with Efficient Integrity Checks. 1–33, 2012.

    Google Scholar 

  26. STEFFEN, ANDREAS: The Linux Integrity Measurement Architecture and TPM-Based Network Endpoint Assessment. 2012.

    Google Scholar 

  27. TRUSTED COMPUTING GROUP: Trusted Platform Module (TPM) Summary. http://www.trustedcomputinggroup.org/resources/trusted_platform_module_tpm_summary.

  28. TSVIHUN, IRYNA GERD STEFAN BROST: Cloud Security – Sicherheit in der Wolke. ISIS Cloud & SaaS Report, 10–11, 2011.

    Google Scholar 

  29. TSVIHUN, IRYNA NIELS FALLENBECK: Cloud-Leitstand: Die Schaltzentrale für die Cloud. ISIS Cloud & SaaS Report, 1, 2012.

    Google Scholar 

  30. VELTEN, MICHAEL, SASCHA WESSEL, FREDERIC STUMPF CLAUDIA ECKERT: Active File Integrity Monitoring using Paravirtualized Filesystems. Proceedings of the 5th International Conference on Trusted Systems (InTrust 2013), LNCS, Graz, 2013. Springer.

    Google Scholar 

  31. WAGNER, STEFFEN, CHRISTOPH KRAUSS CLAUDIA ECKERT: Lightweight Attestation and Secure Code Update for Multiple Separated Microkernel Tasks. Proceedings of the ISC 2013: The 16th Information Security Conference, LNCS, Dallas, Texas, USA, 2013. Springer.

    Google Scholar 

  32. WESSEL, SASCHA, FREDERIC STUMPF, ILJA HERDT CLAUDIA ECKERT: Improving Mobile Device Security with Operating System-level Virtualization. 28th IFIP International Information Security and Privacy Conference (SEC 2013), 2013.

    Google Scholar 

  33. YAO, ANDREW C.: Protocols for Secure Computations. Annual IEEE Symposium on Foundations of Computer Science, 160–164, 1982.

    Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Niels Fallenbeck .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2014 Springer Fachmedien Wiesbaden

About this chapter

Cite this chapter

Fallenbeck, N., Eckert, C. (2014). IT-Sicherheit und Cloud Computing. In: Bauernhansl, T., ten Hompel, M., Vogel-Heuser, B. (eds) Industrie 4.0 in Produktion, Automatisierung und Logistik. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-04682-8_20

Download citation