- Industrial Control Systems Cybersecurity
PKI eliminates the need for pre-shared keys
PKI provides IoT devices and services with trusted identities based on certificates. This allows N-to-N point-to-point authenticated and encrypted communication without pre-shared cryptographic keys.
PKI also supports the use of authorization certificates that authorize the certificate holder (a device or a service) to access a certain resource or to belong to a specific infrastructure domain (such as a building). Authorization certificates can thus replace other types of central authorization services, such as OAuth and OpenID Connect, and can enable anonymity.
How to design the processes –a summary
Make sure to automate the issuance of manufacturer-specific or context-specific certificates, as well as the renewal, revocation, retirement and replacement of these certificates – automation of these processes is key to the security and economy of the IoT solution.
https://www.nist.gov/industry-impacts/industrial-control-systems-cybersecurity
No comments:
Post a Comment