Towards a Security Baseline for IaaS-Cloud Back-Ends in Industry 4.0
Elisabeth Bauer, Oliver Schluga, Silia Maksuti, Ani Bicaku, David, Hofbauer, Igor Ivkic, Markus Tauber, Alexander W\"ohrer

TL;DR
This paper evaluates ENISA security guidelines to establish a security baseline for IaaS cloud back-ends in Industry 4.0, assessing implementation on VMware and OpenStack platforms.
Contribution
It extracts security parameters from ENISA guidelines and assesses their applicability on industrial IaaS platforms, aiding the development of security standards for Industry 4.0.
Findings
ENISA guidelines can be adapted for IaaS security in Industry 4.0
Assessment shows varying implementation levels on VMware and OpenStack
Initial security baseline identified for industrial cloud environments
Abstract
The popularity of cloud based Infrastructure-as-a- Service (IaaS) solutions is becoming increasingly popular. However, since IaaS providers and customers interact in a flexible and scalable environment, security remains a serious concern. To handle such security issues, defining a set of security parameters in the service level agreements (SLA) between both, IaaS provider and customer, is of utmost importance. In this paper, the European Network and Information Security Agency (ENISA) guidelines are evaluated to extract a set of security parameters for IaaS. Furthermore, the level of applicability and implementation of this set is used to assess popular industrial and open-source IaaS cloud platforms, respectively VMware and OpenStack. Both platforms provide private clouds, used as backend infrastructures in Industry 4.0 application scenarios. The results serve as initial work to…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
