Zusammenfassung
In Industrie 4.0 in Deutschland verschwinden die Grenzen zwischen den vormals getrennten Informations- und Kommunikationstechnik-Bereichen (IKT) der Produktions- IT und der Business-IT. Diese werden vernetzt, wodurch IT-Systeme mit ganz unterschiedlichen Sicherheitsanforderungen verbunden werden. Daraus ergeben sich neue Verwundbarkeiten und den Angreifern eröffnen sich neue Möglichkeiten, in Systeme einzudringen und Schäden auch in der physischen Welt zu verursachen. So können sich beispielsweise Computer-Viren, die man von Desktop-PCs kennt, auf Produktionsanlagen ausbreiten, oder Maschinen werden zur Fernwartung freigegeben, ohne diese Zugänge ausreichend abzusichern.
This is a preview of subscription content, log in via an institution.
Preview
Unable to display preview. Download preview PDF.
Literatur
Kritische Sicherheitslücke ermöglicht Fremdzugriff auf Systemregler des Vaillant ecoPOWER 1.0, April 2013.
BENCSÁTH, BOLDIZSÁR, GÁBOR PÉK, LEVENTE BUTTYÁN MÁRK FÉLEGYHÁZI: Duqu: A Stuxnet-like malware found in the wild., Laboratory of Cryptography and System Security (CrySyS), Budapest University of Technology and Economics, Department of Telecommunications, October 2011.
BONEH, D., G. DI CRESCENZO, R. OSTROVSKY G. PERSIANO: Public Key Encryption with Keyword Search. Advances in Cryptology-Eurocrypt 2004, 506–522. Springer, 2004.
BOWERS, KEVIN D, ARI JUELS ALINA OPREA: HAIL: A High-Availability and Integrity Layer for Cloud Storage . Proceed of the 16th ACM Conference on Computer and Communications Security, 187–206, New York, New York, USA, 2009. ACM Press.
BOWERS, KEVIN D, ARI JUELS ALINA OPREA: Proofs of Retrievability: Theory and Implementation. ACM Cloud Computing Security Workshop, 43–54, 2009.
CANETTI, RAN: Security and Composition of Multi-party Cryptographic Protocols. Journal of Cryptology, 13(1):143–202, January 2000.
CRYPTOGRAPHY, LABORATORY OF SYSTEM SECURITY (CRYSYS): W32.Duqu - The precursor to the next Stuxnet., Symantec, November 2011.
ECKERT, CLAUDIA: IT – Sicherheit – Konzepte, Verfahren, Protokolle. Oldenbourg, 8th, 2013.
FILIPOVIC, BARTOL OLIVER SCHIMMEL: Schutz eingebetteter Systeme vor Produktpiraterie: Technologischer Hintergrund und Vorbeugemaßnahmen. AISEC Studie, 2012.
FORSCHUNGSUNION: Umsetzungsempfehlungen für das Industrieprojekt 4.0, April 2013.
INTELLITRENDS: Measuring the Impact of Technology Performance: A Global Perspective – 2013., Compuware, 2013.
JUELS, ARI BURTON S KALISKI JR: PORs: Proofs of Retrievability for Large Files. Proceedings of the Seventh ACM Conference on Computer and Communication Security CCS, 2007.
JUELS, ARI ALINA OPREA: New Approaches to Security and Availability for Cloud Data. Communications of the ACM, 56(2):64–73, 2013.
KATZ, J., A. SAHAI B. WATERS: Predicate encryption supporting disjunctions, polynomial equations, and inner products. Advances in Cryptology–EUROCRYPT 2008, 146–162, 2008.
KIENING, ALEXANDER, CHRISTOPH KRAUß CLAUDIA ECKERT: Verifiable Trust between Electronic Control Units based on a single Trust Anchor. 11th Embedded Security in Cars (escar), 2013.
KRAUß, CHRISTOPH VOLKER FUSENIG: Using Trusted Platform Modules for Location Assurance in Cloud Networking. Proceedings of the 7th International Conference on Network and System Security (NSS 2013), Lecture Notes in Computer Science. Springer, 2013.
LINDELL, YEHUDA BENNY PINKAS: Secure Multiparty Computation for Privacy- Preserving Data Mining. May 2008.
MERLI, DOMINIK GEORG SIGL: Physical Unclonable Functions - Identitäten für eingebettete Systeme. Datenschutz und Datensicherheit, 12, 2012.
NYANCHAMA, MATUNDA SYLVIA OSBORN: Role-based Security: Pros, Cons, & some Research Directions. SIGSAC Rev., 11(2):11–17, 1993.
PARK, D., K. KIM P. LEE: Public Key Encryption with Conjunctive Field Keyword Search. Information Security Applications, 73–86, 2005.
PIRRETTI, M., P. TRAYNOR, P. MCDANIEL B. WATERS: Secure Attribute-Based Systems. Proceedings of the 13th ACM conference on Computer and communications security (CCS ’06), 99–112, 2006.
SAHAI, A. B. WATERS: Fuzzy identity-based encryption. Advances in Cryptology– EUROCRYPT 2005, 557–557, 2005.
SONG, D.X., D. WAGNER A. PERRIG: Practical techniques for searches on encrypted data. Security and Privacy, 2000. S & P 2000. Proceedings. 2000 IEEE Symposium on, 44–55. IEEE, 2000.
SPATH, DIETER, OLIVER GANSCHAR, STEFAN GERLACH, MORITZ HÄMMERLE, TOBIAS KRAUSE SEBASTIAN SCHLUND: Produktionsarbeit der Zukunft – Industrie 4.0., Fraunhofer- Institut für Arbeitswirtschaft und Organisation IAO, 2013.
STEFANOV, EMIL, MARTEN VAN DIJK, ALINA OPREA ARI JUELS: Iris: A Scalable Cloud File System with Efficient Integrity Checks. 1–33, 2012.
STEFFEN, ANDREAS: The Linux Integrity Measurement Architecture and TPM-Based Network Endpoint Assessment. 2012.
TRUSTED COMPUTING GROUP: Trusted Platform Module (TPM) Summary. http://www.trustedcomputinggroup.org/resources/trusted_platform_module_tpm_summary.
TSVIHUN, IRYNA GERD STEFAN BROST: Cloud Security – Sicherheit in der Wolke. ISIS Cloud & SaaS Report, 10–11, 2011.
TSVIHUN, IRYNA NIELS FALLENBECK: Cloud-Leitstand: Die Schaltzentrale für die Cloud. ISIS Cloud & SaaS Report, 1, 2012.
VELTEN, MICHAEL, SASCHA WESSEL, FREDERIC STUMPF CLAUDIA ECKERT: Active File Integrity Monitoring using Paravirtualized Filesystems. Proceedings of the 5th International Conference on Trusted Systems (InTrust 2013), LNCS, Graz, 2013. Springer.
WAGNER, STEFFEN, CHRISTOPH KRAUSS CLAUDIA ECKERT: Lightweight Attestation and Secure Code Update for Multiple Separated Microkernel Tasks. Proceedings of the ISC 2013: The 16th Information Security Conference, LNCS, Dallas, Texas, USA, 2013. Springer.
WESSEL, SASCHA, FREDERIC STUMPF, ILJA HERDT CLAUDIA ECKERT: Improving Mobile Device Security with Operating System-level Virtualization. 28th IFIP International Information Security and Privacy Conference (SEC 2013), 2013.
YAO, ANDREW C.: Protocols for Secure Computations. Annual IEEE Symposium on Foundations of Computer Science, 160–164, 1982.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer Fachmedien Wiesbaden
About this chapter
Cite this chapter
Fallenbeck, N., Eckert, C. (2014). IT-Sicherheit und Cloud Computing. In: Bauernhansl, T., ten Hompel, M., Vogel-Heuser, B. (eds) Industrie 4.0 in Produktion, Automatisierung und Logistik. Springer Vieweg, Wiesbaden. https://doi.org/10.1007/978-3-658-04682-8_20
Download citation
DOI: https://doi.org/10.1007/978-3-658-04682-8_20
Published:
Publisher Name: Springer Vieweg, Wiesbaden
Print ISBN: 978-3-658-04681-1
Online ISBN: 978-3-658-04682-8
eBook Packages: Computer Science and Engineering (German Language)