Article: Unified enterprise modelling language-based interoperability for collaborative access control framework in critical infrastructures Journal: International Journal of Networking and Virtual Organisations (IJNVO) 2020 Vol.22 No.1 pp.75 - 100 Abstract: Due to physical and logical vulnerabilities, a critical infrastructure (CI) can encounter failures of various degrees of severity, and since there are many interdependencies between CIs, simple failures can have dramatic consequences on the whole infrastructure. In this paper, we mainly focus on malicious threats that might affect the communication and information systems (the critical information infrastructure, or CII) dedicated to critical infrastructures. We define a new collaborative access control framework called PolyOrBAC, to address the security problems that are specific of CIIs. This approach offers each organisation taking part in the CII the capacity of collaborating with the other ones, while maintaining a control on its resources and on its internal security policy. The approach is demonstrated on a practical scenario, based on real emergency actions in an electric power grid infrastructure. Inderscience Publishers - linking academia, business and industry through research

Title: Unified enterprise modelling language-based interoperability for collaborative access control framework in critical infrastructures

Authors: Amine Baina; Khalid Benali; Mostafa Bellafkih; Nawal Ait Aali

Addresses: Laboratoire de Systèmes de Télécoms, Réseaux et Services (STRS), Institut National des Postes et Télécommunications (INPT), 2, Avenue Allal El Fassi, Rabat, Morocco ' CNRS, Inria, LORIA, Université de Lorraine, F-54000 Nancy, France ' Laboratoire de Systèmes de Télécoms, Réseaux et Services (STRS), Institut National des Postes et Télécommunications (INPT), 2, Avenue Allal El Fassi, Rabat, Morocco ' Laboratoire de Systèmes de Télécoms, Réseaux et Services (STRS), Institut National des Postes et Télécommunications (INPT), 2, Avenue Allal El Fassi, Rabat, Morocco

Abstract: Due to physical and logical vulnerabilities, a critical infrastructure (CI) can encounter failures of various degrees of severity, and since there are many interdependencies between CIs, simple failures can have dramatic consequences on the whole infrastructure. In this paper, we mainly focus on malicious threats that might affect the communication and information systems (the critical information infrastructure, or CII) dedicated to critical infrastructures. We define a new collaborative access control framework called PolyOrBAC, to address the security problems that are specific of CIIs. This approach offers each organisation taking part in the CII the capacity of collaborating with the other ones, while maintaining a control on its resources and on its internal security policy. The approach is demonstrated on a practical scenario, based on real emergency actions in an electric power grid infrastructure.

Keywords: critical infrastructure; critical information infrastructure; CII; security; access control policies and models; collaboration; interoperability; virtual organisations; collaborative access control; electrical grid; unified enterprise modelling language; UEML.

DOI: 10.1504/IJNVO.2020.104979

International Journal of Networking and Virtual Organisations, 2020 Vol.22 No.1, pp.75 - 100

Received: 05 Sep 2017
Accepted: 09 Mar 2018
Published online: 10 Feb 2020 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Unified enterprise modelling language-based interoperability for collaborative access control framework in critical infrastructures

Keep up-to-date