Title: Unified enterprise modelling language-based interoperability for collaborative access control framework in critical infrastructures
Authors: Amine Baina; Khalid Benali; Mostafa Bellafkih; Nawal Ait Aali
Addresses: Laboratoire de Systèmes de Télécoms, Réseaux et Services (STRS), Institut National des Postes et Télécommunications (INPT), 2, Avenue Allal El Fassi, Rabat, Morocco ' CNRS, Inria, LORIA, Université de Lorraine, F-54000 Nancy, France ' Laboratoire de Systèmes de Télécoms, Réseaux et Services (STRS), Institut National des Postes et Télécommunications (INPT), 2, Avenue Allal El Fassi, Rabat, Morocco ' Laboratoire de Systèmes de Télécoms, Réseaux et Services (STRS), Institut National des Postes et Télécommunications (INPT), 2, Avenue Allal El Fassi, Rabat, Morocco
Abstract: Due to physical and logical vulnerabilities, a critical infrastructure (CI) can encounter failures of various degrees of severity, and since there are many interdependencies between CIs, simple failures can have dramatic consequences on the whole infrastructure. In this paper, we mainly focus on malicious threats that might affect the communication and information systems (the critical information infrastructure, or CII) dedicated to critical infrastructures. We define a new collaborative access control framework called PolyOrBAC, to address the security problems that are specific of CIIs. This approach offers each organisation taking part in the CII the capacity of collaborating with the other ones, while maintaining a control on its resources and on its internal security policy. The approach is demonstrated on a practical scenario, based on real emergency actions in an electric power grid infrastructure.
Keywords: critical infrastructure; critical information infrastructure; CII; security; access control policies and models; collaboration; interoperability; virtual organisations; collaborative access control; electrical grid; unified enterprise modelling language; UEML.
DOI: 10.1504/IJNVO.2020.104979
International Journal of Networking and Virtual Organisations, 2020 Vol.22 No.1, pp.75 - 100
Received: 05 Sep 2017
Accepted: 09 Mar 2018
Published online: 10 Feb 2020 *