Data exchange among value chain partners provides them with a competitive advantage, but the risk of exposing sensitive data is ever-increasing. Information must be protected in storage and transmission to reduce this risk, so only the data producer and the final consumer can access or modify it. End-to-end (E2E) security mechanisms address this challenge, protecting companies from data breaches resulting from value chain attacks. Moreover, value chain particularities must also be considered. Multiple entities are involved in dynamic environments like these, both in data generation and consumption. Hence, a flexible generation of access policies is required to ensure that they can be updated whenever needed. This paper presents a CP-ABE-reliant data exchange system for value chains with E2E security. It considers the most relevant security and industrial requirements for value chains. The proposed solution can protect data according to access policies and update those policies without breaking E2E security or overloading field devices. In most cases, field devices are IIoT devices, limited in terms of processing and memory capabilities. The experimental evaluation has shown the proposed solution's feasibility for IIoT platforms.
翻译:价值链伙伴之间的数据交换为它们提供了竞争优势,但暴露敏感数据的风险不断增加。信息必须在储存和传输中得到保护,以减少这一风险,因此只有数据生产者和最终消费者才能获取或修改这一风险。端对端安全机制应对这一挑战,保护公司免受价值链袭击造成的数据破坏。此外,还必须考虑价值链的特殊性。多个实体都参与了此类动态环境,如数据生成和消费。因此,需要灵活生成访问政策,以确保在需要时更新这些政策。本文件为具有E2E安全的价值链提供了一个依赖CP-ABE的数据交换系统。该文件考虑了价值链中最相关的安全和工业要求。拟议解决方案可以根据访问政策保护数据,更新这些政策,而不会破坏E2E安全或超载实地装置。在大多数情况下,实地装置是IIoT装置,在处理和记忆能力方面受到限制。实验性评估显示拟议的解决方案对IIoT平台的可行性。