Options
Tauber, Markus
Loading...
Official Name
Tauber, Markus
Akademische Titel
Ehemaliger FH Mitarbeiter
Web Site
Scopus Author ID
37058207900
Status
exstaff
Research Outputs
Now showing 1 - 10 of 10
- PublicationSecurity Standard Compliance Verification in System of Systems(2022)
; ; ; ; Jerker Delsing27 - PublicationTowards a Security Baseline for IaaS-Cloud Back-Ends in Industry 4.0(IEEE (UK), 2017-12)
; ; ; ; ; ; 171Scopus© Citations 5 - PublicationMonitoring Industry 4.0 Applications for Security and Safety Standard ComplianceIn Industry 4.0 independent entities shall inter-operate to allow flexible and customized production. To assure the parties that individual components are secured to inter-operate, we investigate automated standard compliance. The standard compliance is defined based on given sets of security and safety requirements from which are derived measurable indicator points. Those reflect configurations of systems recommended by security, safety or legally relevant standards and guidelines, which help to demonstrate the state of compliance. We propose in this paper an initial approach to automate such assessment when components are inter-operating with each other by using a monitoring and standard compliance verification framework. This will assure the parties that services or devices within their organizations operate in a secure and standard compliant way, without compromising the underlying infrastructure.
176 1Scopus© Citations 17 - PublicationTowards Modelling a Cloud Application's Life Cycle(2016-09)
; ; ; ; Wagner, C.149 1Scopus© Citations 2 - PublicationTowards trustworthy end-to-end communication in industry 4.0(IEEE, 2017)
; ; ; ; 173 1Scopus© Citations 13 - PublicationTowards Resilience Metrics for Future Cloud Applications(2016)
; ; An analysis of new technologies can yield insight into the way these technologies will be used. Inevitably, new technologies and their uses are likely to result in new security issues regarding threats, vulnerabilities and attack vectors. In this paper, we investigate and analyse technological and security trends and their potential to become future threats by systematically examining industry reports on existing technologies. Using a cloud computing use case we identify potential resilience metrics that can shed light on the security properties of the system.147 1Scopus© Citations 4 - PublicationHarmonized Monitoring for High Assurance Clouds(IEEE, 2016-04-18)
; ; 165 1Scopus© Citations 8 - PublicationOperations security evaluation of IaaS-cloud backend for industry 4.0(SCITEPRESS, 2018-03)
; ; ; ; ; The fast growing number of cloud based Infrastructure-as-a-Service instances raises the question, how the operations security depending on the underlying cloud computing infrastructure can be sustained and guaranteed. Security standards provide guidelines for information security controls applicable to the provision and use of the cloud services. The objectives of operations security are to support planning and sustaining of day-to-day processes that are critical with respect to security of information environments. In this work we provide a detailed analysis of ISO 27017 standard regarding security controls and investigate how well popular cloud platforms can cater for them. The resulting gap of support for individual security controls is furthermore compared with outcomes of recent cloud security research projects. Hence the contribution is twofold, first we identify a set of topics that still require research and development and secondly, as a practical output, we provide a comparison of popular industrial and open-source platforms focusing on private cloud environments, which are important for Industry 4.0 use cases.206 2Scopus© Citations 1 - PublicationAutomated and Secure Onboarding for System of Systems(IEEE, 2021-08-03)
; ; ; ; ; Delsing, JerkerThe Internet of Things (IoT) is rapidly changing the number of connected devices and the way they interact with each other. This increases the need for an automated and secure onboarding procedure for IoT devices, systems and services. Device manufacturers are entering the market with internet connected devices, ranging from small sensors to production devices, which are subject of security threats specific to IoT. The onboarding procedure is required to introduce a new device in a System of Systems (SoS) without compromising the already onboarded devices and the underlying infrastructure. Onboarding is the process of providing access to the network and registering the components for the first time in an IoT/SoS framework, thus creating a chain of trust from the hardware device to its hosted software systems and their provided services. The large number and diversity of device hardware, software systems and running services raises the challenge to establish a generic onboarding procedure. In this paper, we present an automated and secure onboarding procedure for SoS. We have implemented the onboarding procedure in the Eclipse Arrowhead framework. However, it can be easily adapted for other IoT/SoS frameworks that are based on Service-oriented Architecture (SoA) principles. The automated onboarding procedure ensures a secure and trusted communication between the new IoT devices and the Eclipse Arrowhead framework. We show its application in a smart charging use case and perform a security assessment.154 1Scopus© Citations 7 - PublicationInteracting with the Arrowhead Local Cloud: On-boarding Procedure(IEEE, 2018-05)
; ; ; 179 1Scopus© Citations 28