Towards a Security Baseline for IaaS-Cloud Back-Ends in Industry 4.0
This work addresses security issues for Industry 4.0 applications using private cloud back-ends, but it is incremental as it builds on existing guidelines and platforms.
The paper tackled the security concerns in IaaS cloud back-ends for Industry 4.0 by evaluating ENISA guidelines to extract security parameters and assessing their applicability in VMware and OpenStack platforms, serving as initial work to identify a security baseline and research needs.
The popularity of cloud based Infrastructure-as-a- Service (IaaS) solutions is becoming increasingly popular. However, since IaaS providers and customers interact in a flexible and scalable environment, security remains a serious concern. To handle such security issues, defining a set of security parameters in the service level agreements (SLA) between both, IaaS provider and customer, is of utmost importance. In this paper, the European Network and Information Security Agency (ENISA) guidelines are evaluated to extract a set of security parameters for IaaS. Furthermore, the level of applicability and implementation of this set is used to assess popular industrial and open-source IaaS cloud platforms, respectively VMware and OpenStack. Both platforms provide private clouds, used as backend infrastructures in Industry 4.0 application scenarios. The results serve as initial work to identify a security baseline and research needs for creating secure cloud environments for Industry 4.0.