By Topic

A layered encryption mechanism for networked critical infrastructures

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

4 Author(s)
Huayang Cao ; National University of Defense Technology, China ; Peidong Zhu ; Xicheng Lu ; Andrei Gurtov

Networked critical infrastructures improve our lives, but they are attractive targets for adversaries. In such infrastructures, to secure sensitive data is vital, as the information system is a foundation of today¿s critical infrastructures, and data security is a main concern in such systems. Cryptography is an approach for data security, but this method should be altered according to various features of infrastructure networks. Since complex and distributed critical infrastructures usually spread over large geographic areas, different parts of those infrastructures have different levels of perimeter defense. Devices in weakly protected zones are more likely to be captured than those in well protected zones. If an adversary captures devices, s/he can bypass cyber security measures and obtain secret information directly. Such a threat requires a layered security mechanism that can prevent adversaries from invading the whole infrastructure network from these weak zones. In this article, we propose a layered encryption mechanism based on hash chain technology for protecting sensitive data. Besides showing the layered defense, the mechanism is also lightweight and has convenient key management. It can be used independently or as a supplement to existing security measures. We evaluate performance of the proposed mechanism over different kinds of devices.

Published in:

IEEE Network  (Volume:27 ,  Issue: 1 )