A Secure Revocable Fine-Grained Access Control and Data Sharing Scheme for SCADA in IIoT Systems

Abstract

The supervisory control and data acquisition (SCADA) system is widely used in industrial control and the contemporary Industrial Internet of Things (IIoT). Unfortunately, due to its relatively weak design in terms of data security and access control, SCADA systems are becoming a favorite target for attackers. End-to-end encryption, such as SSL/TLS protocol, is used to protect the data transmission, but it cannot guarantee security in third-party cloud platforms. In this article, we propose a secure revocable fine-grained access control and data sharing scheme. This scheme not only ensures the confidentiality of the data but also enhances the access control of the SCADA system. Our scheme is based on three key observations. The common communication architecture of SCADA systems cannot protect data security itself. The security supports provided by industrial control protocols are limited. Moreover, the third-party cloud platforms are semitrusted. In addition, we have introduced digital signature technology to assure the integrity of the data in the SCADA system. We prove that our scheme is secure. This scheme has been experimentally evaluated to introduce negligible performance losses while improving data security in the SCADA system.