IIC Journal of Innovation | Page 82

A PoV on the IIC Industrial Internet Reference Architecture 3.2 Cross-Cutting Concerns – Security & Trust The IIRA recommends a deep analysis of the following security concerns – Endpoint Security, Communication Security, Management & Monitoring of Security, Data Distribution and Secure Storage. Important security concerns are listed below: Security Concern Area Requirements in an IIS Endpoint Security Endpoint devices must have necessary hardware mechanisms and software security agents deployed to ensure secure operations and resilience to attacks. Key elements of endpoint security include a secure boot sequence, application authorization, secure storage of keys and certificates, centralized management of security policies, secure network connections, use of hardened operating systems and regular security patch updates of endpoint devices. Communication Security This includes use of encrypted transport, mutual authentication of communicating parties, user authentication and authorization. Security Management The IIS must have necessary security management tools and processes. Key requirements are Identity Management, Security Policy Management, Credential Management and Platform Monitoring. Data Security The data producer may optionally encrypt data s ѽɕ