Trends like Industry 4.0 will pose new challenges for future industrial networks. Greater interconnectedness, higher data volumes as well as new requirements for speeds as well as security will make new approaches necessary. Performanceoptimized networking techniques will be demanded to implement new use cases, like network separation and isolation, in a secure fashion. A new and highly efficient protocol, that will be vital for that purpose, is MACsec. It is a Layer 2 encryption protocol that was previously extended specifically for industrial environments. Yet, it lacks the ability to bridge local networks. Therefore, in this work, we propose a secure and efficient Layer 3 tunneling scheme for MACsec. We design and implement two approaches, that are equally secure and considerably outperform comparable state-of-the-art techniques.
翻译:工业4.0等趋势将为未来的工业网络带来新的挑战。更大的相互关联性、更高的数据量以及对速度和安全性的新要求将需要采取新的办法。要求采用优化的联网技术,以便以安全的方式实施新的使用案例,如网络分离和隔离。一个对此至关重要的高效的新协议是MACsec。它是一个第2层加密协议,以前专门针对工业环境。然而,它缺乏连接当地网络的能力。因此,我们在此工作中为MACsec提出一个安全高效的第三层隧道计划。我们设计和实施两种同样安全且相当落后于最先进技术的方法。