{"id":"https://openalex.org/W7138154456","doi":"https://doi.org/10.1109/access.2026.3674966","title":"Implementation Guide for Secure RESTful Asset Management APIs Under IEC 62443-4-2: A Redfish Case Study","display_name":"Implementation Guide for Secure RESTful Asset Management APIs Under IEC 62443-4-2: A Redfish Case Study","publication_year":2026,"publication_date":"2026-01-01","ids":{"openalex":"https://openalex.org/W7138154456","doi":"https://doi.org/10.1109/access.2026.3674966"},"language":"en","primary_location":{"id":"doi:10.1109/access.2026.3674966","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2026.3674966","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2026.3674966","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5129645748","display_name":"Douglas S. Almeida","orcid":null},"institutions":[{"id":"https://openalex.org/I41455075","display_name":"Universidade Federal de Campina Grande","ror":"https://ror.org/00eftnx64","country_code":"BR","type":"education","lineage":["https://openalex.org/I41455075"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"Douglas S. Almeida","raw_affiliation_strings":["Federal University of Campina Grande (UFCG), Campina Grande, Brazil"],"raw_orcid":"https://orcid.org/0009-0007-7493-1077","affiliations":[{"raw_affiliation_string":"Federal University of Campina Grande (UFCG), Campina Grande, Brazil","institution_ids":["https://openalex.org/I41455075"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5053733726","display_name":"P\u00e9ricles R. Barros","orcid":"https://orcid.org/0000-0003-0829-0295"},"institutions":[{"id":"https://openalex.org/I41455075","display_name":"Universidade Federal de Campina Grande","ror":"https://ror.org/00eftnx64","country_code":"BR","type":"education","lineage":["https://openalex.org/I41455075"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"P\u00e9ricles Rezende Barros","raw_affiliation_strings":["Federal University of Campina Grande (UFCG), Campina Grande, Brazil"],"raw_orcid":"https://orcid.org/0000-0003-0829-0295","affiliations":[{"raw_affiliation_string":"Federal University of Campina Grande (UFCG), Campina Grande, Brazil","institution_ids":["https://openalex.org/I41455075"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5000842846","display_name":"George Acioli J\u00fanior","orcid":"https://orcid.org/0000-0002-7116-434X"},"institutions":[{"id":"https://openalex.org/I41455075","display_name":"Universidade Federal de Campina Grande","ror":"https://ror.org/00eftnx64","country_code":"BR","type":"education","lineage":["https://openalex.org/I41455075"]}],"countries":["BR"],"is_corresponding":false,"raw_author_name":"George Acioli J\u00fanior","raw_affiliation_strings":["Federal University of Campina Grande (UFCG), Campina Grande, Brazil"],"raw_orcid":"https://orcid.org/0000-0002-7116-434X","affiliations":[{"raw_affiliation_string":"Federal University of Campina Grande (UFCG), Campina Grande, Brazil","institution_ids":["https://openalex.org/I41455075"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5018889425","display_name":"Thiago A. M. Euz\u00e9bio","orcid":"https://orcid.org/0000-0003-2974-8621"},"institutions":[{"id":"https://openalex.org/I2799978770","display_name":"X-Fab (Germany)","ror":"https://ror.org/030bh9196","country_code":"DE","type":"company","lineage":["https://openalex.org/I2799978770"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Thiago A. M. Euz\u00e9bio","raw_affiliation_strings":["Programa de P&#x00F3;s-Gradua&#x00E7;&#x00E3;o em Instrumenta&#x00E7;&#x00E3;o, Controle e Automa&#x00E7;&#x00E3;o de Processos de Minera&#x00E7;&#x00E3;o (PROFICAM), Instituto Tecnol&#x00F3;gico Vale, Universidade Federal de Ouro Preto, Ouro Preto, Minas Gerais, Brazil"],"raw_orcid":"https://orcid.org/0000-0003-2974-8621","affiliations":[{"raw_affiliation_string":"Programa de P&#x00F3;s-Gradua&#x00E7;&#x00E3;o em Instrumenta&#x00E7;&#x00E3;o, Controle e Automa&#x00E7;&#x00E3;o de Processos de Minera&#x00E7;&#x00E3;o (PROFICAM), Instituto Tecnol&#x00F3;gico Vale, Universidade Federal de Ouro Preto, Ouro Preto, Minas Gerais, Brazil","institution_ids":["https://openalex.org/I2799978770"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.36202987,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"14","issue":null,"first_page":"42015","last_page":"42038"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.5045999884605408,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10917","display_name":"Smart Grid Security and Resilience","score":0.5045999884605408,"subfield":{"id":"https://openalex.org/subfields/2207","display_name":"Control and Systems Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12737","display_name":"Electrical Fault Detection and Protection","score":0.05849999934434891,"subfield":{"id":"https://openalex.org/subfields/2208","display_name":"Electrical and Electronic Engineering"},"field":{"id":"https://openalex.org/fields/22","display_name":"Engineering"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12034","display_name":"Digital and Cyber Forensics","score":0.02459999918937683,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/asset-management","display_name":"Asset management","score":0.3529999852180481},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.3447999954223633},{"id":"https://openalex.org/keywords/asset","display_name":"Asset (computer security)","score":0.3246999979019165},{"id":"https://openalex.org/keywords/security-management","display_name":"Security management","score":0.25870001316070557}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7382000088691711},{"id":"https://openalex.org/C115903868","wikidata":"https://www.wikidata.org/wiki/Q80993","display_name":"Software engineering","level":1,"score":0.40470001101493835},{"id":"https://openalex.org/C2776517139","wikidata":"https://www.wikidata.org/wiki/Q873442","display_name":"Asset management","level":2,"score":0.3529999852180481},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.3447999954223633},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.33219999074935913},{"id":"https://openalex.org/C76178495","wikidata":"https://www.wikidata.org/wiki/Q4808784","display_name":"Asset (computer security)","level":2,"score":0.3246999979019165},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.28850001096725464},{"id":"https://openalex.org/C77088390","wikidata":"https://www.wikidata.org/wiki/Q8513","display_name":"Database","level":1,"score":0.28630000352859497},{"id":"https://openalex.org/C83163435","wikidata":"https://www.wikidata.org/wiki/Q3954104","display_name":"Security management","level":2,"score":0.25870001316070557},{"id":"https://openalex.org/C2777675914","wikidata":"https://www.wikidata.org/wiki/Q6043351","display_name":"Integrity management","level":3,"score":0.2531000077724457},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.25099998712539673},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.25049999356269836}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2026.3674966","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2026.3674966","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:8c2037c0199a4dc69a59230fbf844410","is_oa":true,"landing_page_url":"https://doaj.org/article/8c2037c0199a4dc69a59230fbf844410","pdf_url":null,"source":{"id":"https://openalex.org/S4306401280","display_name":"DOAJ (DOAJ: Directory of Open Access Journals)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by-sa","license_id":"https://openalex.org/licenses/cc-by-sa","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 14, Pp 42015-42038 (2026)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2026.3674966","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2026.3674966","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[{"id":"https://openalex.org/G5589195372","display_name":null,"funder_award_id":"0050.0126772.24.9","funder_id":"https://openalex.org/F4320322468","funder_display_name":"Petrobras"}],"funders":[{"id":"https://openalex.org/F4320321091","display_name":"Coordena\u00e7\u00e3o de Aperfei\u00e7oamento de Pessoal de N\u00edvel Superior","ror":"https://ror.org/00x0ma614"},{"id":"https://openalex.org/F4320322468","display_name":"Petrobras","ror":"https://ror.org/0235kyq22"}],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"The":[0],"use":[1],"of":[2,101],"RESTful":[3],"APIs":[4,91],"for":[5,61,88,139],"asset":[6],"management":[7],"has":[8,25],"become":[9],"a":[10,113,136],"standard":[11,78],"practice":[12],"in":[13],"IT":[14],"environments":[15],"due":[16],"to":[17,27,39],"its":[18],"interoperability":[19],"and":[20,65,79,109],"flexibility.":[21],"Recently,":[22],"this":[23,45],"paradigm":[24],"extended":[26],"Operational":[28],"Technology":[29],"(OT)":[30],"networks,":[31],"where":[32],"protocols":[33],"like":[34],"Redfish":[35,90],"are":[36],"increasingly":[37],"adopted":[38],"manage":[40],"industrial":[41,120,141],"automation":[42],"devices.":[43],"However,":[44],"convergence":[46],"necessitates":[47],"rigorous":[48],"cybersecurity":[49],"compliance,":[50],"with":[51],"the":[52,58,72,75,99,125],"IEC":[53,76],"62443":[54],"series":[55],"serving":[56],"as":[57],"dominant":[59],"framework":[60],"securing":[62,89],"Industrial":[63],"Automation":[64],"Control":[66,107],"Systems":[67],"(IACS).":[68],"This":[69],"paper":[70],"bridges":[71],"gap":[73],"between":[74],"62443-4-2":[77],"practical":[80],"software":[81],"engineering":[82],"by":[83],"presenting":[84],"an":[85],"implementation":[86],"guide":[87],"at":[92],"Security":[93],"Level":[94],"2":[95],"(SL2).":[96],"We":[97],"detail":[98],"integration":[100],"critical":[102],"controls,":[103],"including":[104],"Role-Based":[105],"Access":[106],"(RBAC)":[108],"DoS":[110],"protection,":[111],"into":[112],"Python-based":[114],"server.":[115],"Experimental":[116],"validation":[117],"conducted":[118],"on":[119],"distributed":[121],"control":[122],"nodes":[123],"demonstrates":[124],"system\u2019s":[126],"resilience":[127],"against":[128],"common":[129],"threats":[130],"while":[131],"maintaining":[132],"telemetry":[133],"availability,":[134],"providing":[135],"verified":[137],"reference":[138],"secure":[140],"component":[142],"development.":[143]},"counts_by_year":[],"updated_date":"2026-06-11T09:08:48.828518","created_date":"2026-03-18T00:00:00"}