Options
Tauber, Markus
Loading...
Official Name
Tauber, Markus
Akademische Titel
Ehemaliger FH Mitarbeiter
Web Site
Scopus Author ID
37058207900
Status
exstaff
Research Outputs
Now showing 1 - 10 of 58
- PublicationTowards Taxonomy based Software Security Standard and Tool Selection for Critical Infrastructure IT in the Cloud(2014)
;Paudel, S.; Brandic, I.98 1 - PublicationApplication System Design - High Security(CRC Press, 2017)
;Aldrian, Andreas ;Priller, Peter ;Schmittner, Christoph ;Plosz, Sandor; ;Wagner, Christian ;Hein, Daniel ;Ebner, Thomas ;Maritsch, Martin ;Ruprechter, ThomasLesjak, Christian165 1 - PublicationOn the Cost of Security Compliance in Information Systems(International Institute of Informatics and Systemics, 2019)
; ; ; ;Aldrian, AndreasThe onward development of information and communication technology has led to a new industrial revolution called Industry 4.0. This revolution involves Cyber-Physical Production Systems (CPPS), which consist of intelligent Cyber-Physical Systems that may be able to adapt themselves autonomously in a production environment. At the moment, machines in industrial environments are often not connected to the internet, which thus needs a point-to-point connection to access the device if necessary. Through Industry 4.0, these devices should enable remote access for smart maintenance through a connection to the outside world. However, this connection opens the gate for possible cyber-attacks and thus raises the question about providing security for these environments. Therefore, this paper used an adapted approach based on SixSigma to solve this security problem by investigating security standards. Security requirements were gathered and mapped to controls from well known security standards, formed into a catalog. This catalog includes assessment information to check how secure a solution for a use case is and also includes a link to an estimation method for implementation cost. Thus this paper’s outcome shows how to make Industry 4.0 use cases secure by fulfilling security standard controls and how to estimate the resulting implementation costs.571 2827 - PublicationAutonomic Management of Client Concurrency in a Distributed Storage Service(2011)
; ;Kirby, G. N. C.Dearle, A.142 1 - PublicationSecurity Threats and Risk Analysis of an IoT Web Service for a Smart Vineyard(ERCIM EEIG, 2018-04)
;Borrelli, Massimo ;Coric, Vanes; ; 529 778 - PublicationTowards continuous Cloud Service Assurance for Critical Infrastructure IT(2014-08-27)
;Hudic, A. ;Mauthe, A. ;Caceres, S. ;Hecht, T.The momentum behind Cloud Computing has revolutionized how ICT services are provided, adopted and delivered. Features such as high scalability, fast provisioning, on demand resource availability makes it an attractive proposition for deploying complex and demanding systems. Clouds are also very suitable for deploying systems with unpredictable load patterns including Critical infrastructure services. Though, the major obstacle in hosting Critical infrastructures is often a lack of assurance. The transparency and flexibility offered by the Cloud, abstracts per definition over e.g. data placement, hardware, service migration. This makes it very hard to assure security properties. We present an investigation of assurance approaches, an analysis of their suitability for Critical Infrastructure Services being deployed in the Cloud and presents our approach.119 1Scopus© Citations 8 - PublicationSecurity standard compliance and continuous verification for Industrial Internet of ThingsDue to globalization and digitalization of industrial systems, standard compliance is gaining more attention. In order to stay competitive and remain in business, different sectors within industry are required to comply with multiple regulations. Compliance aims to fulfill regulations by including all measures imposed by laws and standards. Every device, application, or service implements several technologies at many levels, and standards support interoperability across them. They help to create global markets for industries and enable networked development in order to be successful and sustainable. This work highlights the importance of standard compliance and continuous verification in industrial Internet of Things and implements an automatic monitoring and standard compliance verification framework. In this work, we focus on security, safety, and organizational aspects of industrial Internet of Things. We identify a number of standards and best practice guidelines, which are used to extract security, safety, and organizational measurable indicator points. In addition, a metric model is provided that forms the basis for the necessary information needed for compliance verification, including requirements, standards, and metrics. Also, we present the prototype of the monitoring and standard compliance verification framework used to show the security compliance of an industrial Internet of Things use case.
122 1450Scopus© Citations 11 - PublicationOperations security evaluation of IaaS-cloud backend for industry 4.0(SCITEPRESS, 2018-03)
; ; ; ; ; The fast growing number of cloud based Infrastructure-as-a-Service instances raises the question, how the operations security depending on the underlying cloud computing infrastructure can be sustained and guaranteed. Security standards provide guidelines for information security controls applicable to the provision and use of the cloud services. The objectives of operations security are to support planning and sustaining of day-to-day processes that are critical with respect to security of information environments. In this work we provide a detailed analysis of ISO 27017 standard regarding security controls and investigate how well popular cloud platforms can cater for them. The resulting gap of support for individual security controls is furthermore compared with outcomes of recent cloud security research projects. Hence the contribution is twofold, first we identify a set of topics that still require research and development and secondly, as a practical output, we provide a comparison of popular industrial and open-source platforms focusing on private cloud environments, which are important for Industry 4.0 use cases.206 2Scopus© Citations 1