A PoV on the IIC Industrial Internet Reference Architecture
3.2
Cross-Cutting Concerns – Security & Trust
The IIRA recommends a deep analysis of the following security concerns – Endpoint Security,
Communication Security, Management & Monitoring of Security, Data Distribution and Secure
Storage. Important security concerns are listed below:
Security Concern Area
Requirements in an IIS
Endpoint Security
Endpoint devices must have necessary hardware
mechanisms and software security agents deployed to
ensure secure operations and resilience to attacks. Key
elements of endpoint security include a secure boot
sequence, application authorization, secure storage of keys
and certificates, centralized management of security policies,
secure network connections, use of hardened operating
systems and regular security patch updates of endpoint
devices.
Communication Security
This includes use of encrypted transport, mutual
authentication
of
communicating
parties,
user
authentication and authorization.
Security Management
The IIS must have necessary security management tools and
processes. Key requirements are Identity Management,
Security Policy Management, Credential Management and
Platform Monitoring.
Data Security
The data producer may optionally encrypt data s ѽɕ