Digitalization in seaports dovetails the IT infrastructure of various actors (e.g., shipping companies, terminals, customs, port authorities) to process complex workflows for shipping containers. The security of these workflows relies not only on the security of each individual actor but actors must also provide additional guarantees to other actors like, for instance, respecting obligations related to received data or checking the integrity of workflows observed so far. This paper analyses global security requirements (e.g., accountability, confidentiality) of the workflows and decomposes them - according to the way workflow data is stored and distributed - into requirements and obligations for the individual actors. Security mechanisms are presented to satisfy the resulting requirements, which together with the guarantees of all individual actors will guarantee the security of the overall workflow.
翻译:海港的数字化使各行为体(例如航运公司、码头、海关、港务局)的信息技术基础设施与处理集装箱复杂工作流程的各种行为体(例如航运公司、码头、海关、港务局)的信息技术基础设施相匹配,这些工作流程的安全不仅取决于每个行为体的安全,而且还必须为其他行为体提供额外的保障,例如遵守与接收数据有关的义务或检查迄今观察到的工作流程的完整性,本文件分析了工作流程的全球安全要求(例如问责制、保密性),并根据工作流程数据的储存和分配方式,将其分解为个别行为体的要求和义务,并提出了安全机制以满足由此产生的要求,与所有个体行为体的保障一起,将保证整个工作流程的安全。
相关内容
微信扫码咨询专知VIP会员