The cyber-physical space is a spatial environment that integrates the cyber and physical worlds to provide an intelligent environment for users to conduct their day-to-day activities. Mobile users and mobile objects a...The cyber-physical space is a spatial environment that integrates the cyber and physical worlds to provide an intelligent environment for users to conduct their day-to-day activities. Mobile users and mobile objects are ubiquitous in this space, thereby exerting tremendous pressure on its security model. This model must ensure that both cyber and physical objects are always handled securely in this dynamic environment. In this paper,we propose a systematic solution to be able to specify security policies of the cyber-physical space and ensure that security requirements hold in these policies. We first formulate a topology configuration model to capture the topology characteristics of the cyber and physical worlds. Then, based on this model, a Topology-Aware CyberPhysical Access Control model(TA-CPAC) is proposed, which can ensure the security of the cyber and physical worlds at the same time by adjusting permission assignment dynamically. Then, the topology configuration and TA-CPAC models are formalized by bigraphs and Bigraph Reactive System(BRS), respectively, allowing us to use model checking to rationalize the consequences of the evolution of topological configurations on the satisfaction of security requirements. Finally, a case study on a building automation access control system is conducted to evaluate the effectiveness of the proposed approach.展开更多
基金supported by the National Natural Science Foundation of China(Nos.61772270,61602262,and 61602237)Jiangsu Natural Science Foundation of China(No.BK20170809)+1 种基金the National High-Tech Research and Development(863)Program of China(No.2015AA015303)Science Foundation of Nanjing Institute of Technology(No.YKJ201420)
文摘The cyber-physical space is a spatial environment that integrates the cyber and physical worlds to provide an intelligent environment for users to conduct their day-to-day activities. Mobile users and mobile objects are ubiquitous in this space, thereby exerting tremendous pressure on its security model. This model must ensure that both cyber and physical objects are always handled securely in this dynamic environment. In this paper,we propose a systematic solution to be able to specify security policies of the cyber-physical space and ensure that security requirements hold in these policies. We first formulate a topology configuration model to capture the topology characteristics of the cyber and physical worlds. Then, based on this model, a Topology-Aware CyberPhysical Access Control model(TA-CPAC) is proposed, which can ensure the security of the cyber and physical worlds at the same time by adjusting permission assignment dynamically. Then, the topology configuration and TA-CPAC models are formalized by bigraphs and Bigraph Reactive System(BRS), respectively, allowing us to use model checking to rationalize the consequences of the evolution of topological configurations on the satisfaction of security requirements. Finally, a case study on a building automation access control system is conducted to evaluate the effectiveness of the proposed approach.
