This file was created by the TYPO3 extension
bib
--- Timezone: CET
Creation date: 2023-12-05
Creation time: 23-56-08
--- Number of references
4
inproceedings
2020_pennekamp_benchmarking
Revisiting the Privacy Needs of Real-World Applicable Company Benchmarking
2020
12
15
31-44
Benchmarking the performance of companies is essential to identify improvement potentials in various industries. Due to a competitive environment, this process imposes strong privacy needs, as leaked business secrets can have devastating effects on participating companies. Consequently, related work proposes to protect sensitive input data of companies using secure multi-party computation or homomorphic encryption. However, related work so far does not consider that also the benchmarking algorithm, used in today's applied real-world scenarios to compute all relevant statistics, itself contains significant intellectual property, and thus needs to be protected. Addressing this issue, we present PCB — a practical design for Privacy-preserving Company Benchmarking that utilizes homomorphic encryption and a privacy proxy — which is specifically tailored for realistic real-world applications in which we protect companies' sensitive input data and the valuable algorithms used to compute underlying key performance indicators. We evaluate PCB's performance using synthetic measurements and showcase its applicability alongside an actual company benchmarking performed in the domain of injection molding, covering 48 distinct key performance indicators calculated out of hundreds of different input values. By protecting the privacy of all participants, we enable them to fully profit from the benefits of company benchmarking.
practical encrypted computing; homomorphic encryption; algorithm confidentiality; benchmarking; key performance indicators; industrial application; Internet of Production
internet-of-production
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-pennekamp-company-benchmarking.pdf
https://eprint.iacr.org/2020/1512
HomomorphicEncryption.org
Proceedings of the 8th Workshop on Encrypted Computing & Applied Homomorphic Cryptography (WAHC '20), December 15, 2020, Virtual Event
Virtual Event
December 15, 2020
978-3-00-067798-4
10.25835/0072999
1
JanPennekamp
PatrickSapel
Ina BereniceFink
SimonWagner
SebastianReuter
ChristianHopmann
KlausWehrle
MartinHenze
proceedings
fink-lcn-demons-2020
Extending MUD to Smartphones
2020
11
15
nerd-nrw
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-fink-lcn-mud-smartphone.pdf
IEEE
online
Sydney, Australia
45th IEEE Conference on Local Computer Networks (LCN)
November 16-19, 2020
10.1109/LCN48667.2020.9314782
1
Ina BereniceFink
MartinSerror
KlausWehrle
inproceedings
2020-dahlmanns-imc-opcua
Easing the Conscience with OPC UA: An Internet-Wide Study on Insecure Deployments
2020
10
27
101-110
Due to increasing digitalization, formerly isolated industrial networks, e.g., for factory and process automation, move closer and closer to the Internet, mandating secure communication. However, securely setting up OPC UA, the prime candidate for secure industrial communication, is challenging due to a large variety of insecure options. To study whether Internet-facing OPC UA appliances are configured securely, we actively scan the IPv4 address space for publicly reachable OPC UA systems and assess the security of their configurations. We observe problematic security configurations such as missing access control (on 24% of hosts), disabled security functionality (24%), or use of deprecated cryptographic primitives (25%) on in total 92% of the reachable deployments. Furthermore, we discover several hundred devices in multiple autonomous systems sharing the same security certificate, opening the door for impersonation attacks. Overall, in this paper, we highlight commonly found security misconfigurations and underline the importance of appropriate configuration for security-featuring protocols.
industrial communication; network security; security configuration
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-dahlmanns-imc-opcua.pdf
ACM
Proceedings of the Internet Measurement Conference (IMC '20), October 27-29, 2020, Pittsburgh, PA, USA
Pittsburgh, PA, USA
ACM Internet Measurement Conference 2020
October 27-29, 2020
978-1-4503-8138-3/20/10
10.1145/3419394.3423666
1
MarkusDahlmanns
JohannesLohmöller
Ina BereniceFink
JanPennekamp
KlausWehrle
MartinHenze
inproceedings
2020_roepert_opcua
Assessing the Security of OPC UA Deployments
2020
4
2
To address the increasing security demands of industrial deployments, OPC UA is one of the first industrial protocols explicitly designed with security in mind. However, deploying it securely requires a thorough configuration of a wide range of options. Thus, assessing the security of OPC UA deployments and their configuration is necessary to ensure secure operation, most importantly confidentiality and integrity of industrial processes. In this work, we present extensions to the popular Metasploit Framework to ease network-based security assessments of OPC UA deployments. To this end, we discuss methods to discover OPC UA servers, test their authentication, obtain their configuration, and check for vulnerabilities. Ultimately, our work enables operators to verify the (security) configuration of their systems and identify potential attack vectors.
internet-of-production, rfc
https://www.comsys.rwth-aachen.de/fileadmin/papers/2020/2020-roepert-opcua-security.pdf
en
University of Tübingen
Proceedings of the 1st ITG Workshop on IT Security (ITSec '20), April 2-3, 2020, Tübingen, Germany
Tübingen, Germany
April 2-3, 2020
10.15496/publikation-41813
1
LinusRoepert
MarkusDahlmanns
Ina BereniceFink
JanPennekamp
MartinHenze