Security Analysis of VPN Configurations in Industrial Control Environments
نویسندگان
چکیده
Virtual private networks (VPNs) are widely recommended to protect otherwise insecure industrial control protocols. VPNs provide confidentiality, integrity and availability, and are often considered to be secure. However, implementation vulnerabilities and protocol flaws expose VPN weaknesses in many deployments. This paper uses a probabilistic model to evaluate and quantify the security of VPN configurations. Simulations of the VPN model are conducted to investigate the trade-offs and parameter dependence in various VPN configurations. The experimental results provide recommendations for securing VPN deployments in industrial control environments.
منابع مشابه
Quantitative Evaluation of Virtual Private Networks and its Implications for Communication Security in Industrial Protocols
Virtual Private Networks (VPNs) are widely recommended to provide security for otherwise unsecured industrial and SCADA communication protocols. VPNs provide confidentiality, integrity, and availability and are often considered secure. However, implementation vulnerabilities and protocol flaws have exposed VPN weaknesses in many deployments. In this work, we use probabilistic modeling to evalua...
متن کاملSecure VPNs for Trusted Computing Environments
Virtual Private Networks are a popular mechanism for building complex network infrastructures. Such infrastructures are usually accompanied by strict administrative restrictions on all VPN endpoints to protect the perimeter of the VPN. However, enforcement of such restrictions becomes difficult if these endpoints are personal computers used for remote VPN access. Commonly employed measures like...
متن کاملA Survey on Secure and Resilient Session Schemes: Technical Comparison and Assessment
Cyber threats become more and more pervasive on the Internet and on distributed/decentralized systems. In order to secure communication over these infrastructures and respond to mobility constraint, a new class of Virtual Private Networks (VPN), which support both security and mobility, has emerged in the course of last years. Mobile Virtual Private Networks, called mobile VPN, provide not only...
متن کاملPerformance Analysis of IP Security VPN
Internet Protocol Security (IPSec) is a protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a data stream. . IPSec architecture requires the host to provide confidentiality using Encapsulating Security Payload and data integrity using either Authentication Header or Encapsulating Security Payload and anti-replay protection. IPSec ...
متن کاملA 10 Giga VPN Accelerator Board for Trust Channel Security System
This paper proposes a VPN Accelerator Board (VPN-AB), a virtual private network (VPN) protocol designed for trust channel security system (TCSS). TCSS supports safety communication channel between security nodes in internet. It furnishes authentication, confidentiality, integrity, and access control to security node to transmit data packets with IPsec protocol. TCSS consists of internet key exc...
متن کامل