{"id":"https://openalex.org/W2903123120","doi":"https://doi.org/10.1109/iotsms.2018.8554805","title":"Using RBAC to Enforce the Principle of Least Privilege in Industrial Remote Maintenance Sessions","display_name":"Using RBAC to Enforce the Principle of Least Privilege in Industrial Remote Maintenance Sessions","publication_year":2018,"publication_date":"2018-10-01","ids":{"openalex":"https://openalex.org/W2903123120","doi":"https://doi.org/10.1109/iotsms.2018.8554805","mag":"2903123120"},"language":"en","primary_location":{"id":"doi:10.1109/iotsms.2018.8554805","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iotsms.2018.8554805","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 Fifth International Conference on Internet of Things: Systems, Management and Security","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5044089767","display_name":"Alexander Kern","orcid":"https://orcid.org/0000-0003-3502-6318"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technical University of Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":true,"raw_author_name":"Alexander Kern","raw_affiliation_strings":["Department of Computer Integrated Systems (DiK), Technical University of Darmstadt, Darmstadt, Germany"],"affiliations":[{"raw_affiliation_string":"Department of Computer Integrated Systems (DiK), Technical University of Darmstadt, Darmstadt, Germany","institution_ids":["https://openalex.org/I31512782"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5091870818","display_name":"Reiner Anderl","orcid":"https://orcid.org/0000-0001-7681-2118"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technical University of Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Reiner Anderl","raw_affiliation_strings":["Department of Computer Integrated Systems (DiK), Technical University of Darmstadt, Darmstadt, Germany"],"affiliations":[{"raw_affiliation_string":"Department of Computer Integrated Systems (DiK), Technical University of Darmstadt, Darmstadt, Germany","institution_ids":["https://openalex.org/I31512782"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5044089767"],"corresponding_institution_ids":["https://openalex.org/I31512782"],"apc_list":null,"apc_paid":null,"fwci":1.1915,"has_fulltext":false,"cited_by_count":5,"citation_normalized_percentile":{"value":0.87250976,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":90,"max":96},"biblio":{"volume":null,"issue":null,"first_page":"107","last_page":"114"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9979000091552734,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10237","display_name":"Cryptography and Data Security","score":0.9976999759674072,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/downtime","display_name":"Downtime","score":0.8468505144119263},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.7896465063095093},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6551209688186646},{"id":"https://openalex.org/keywords/privilege","display_name":"Privilege (computing)","score":0.605807900428772},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.4591059684753418},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.4427708387374878},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.4105425477027893},{"id":"https://openalex.org/keywords/risk-analysis","display_name":"Risk analysis (engineering)","score":0.3977024257183075},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.3433402180671692},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.327477365732193},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.24004819989204407},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.17060095071792603},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.16197681427001953}],"concepts":[{"id":"https://openalex.org/C180591934","wikidata":"https://www.wikidata.org/wiki/Q1253369","display_name":"Downtime","level":2,"score":0.8468505144119263},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7896465063095093},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6551209688186646},{"id":"https://openalex.org/C2780138299","wikidata":"https://www.wikidata.org/wiki/Q3404265","display_name":"Privilege (computing)","level":2,"score":0.605807900428772},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.4591059684753418},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.4427708387374878},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.4105425477027893},{"id":"https://openalex.org/C112930515","wikidata":"https://www.wikidata.org/wiki/Q4389547","display_name":"Risk analysis (engineering)","level":1,"score":0.3977024257183075},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.3433402180671692},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.327477365732193},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.24004819989204407},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.17060095071792603},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.16197681427001953},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.0}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.1109/iotsms.2018.8554805","is_oa":false,"landing_page_url":"https://doi.org/10.1109/iotsms.2018.8554805","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"2018 Fifth International Conference on Internet of Things: Systems, Management and Security","raw_type":"proceedings-article"},{"id":"pmh:oai:tubiblio.ulb.tu-darmstadt.de:111325","is_oa":false,"landing_page_url":null,"pdf_url":null,"source":{"id":"https://openalex.org/S4377196390","display_name":"TUbilio (Technical University of Darmstadt)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I31512782","host_organization_name":"Technische Universit\u00e4t Darmstadt","host_organization_lineage":["https://openalex.org/I31512782"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"acceptedVersion","is_accepted":true,"is_published":false,"raw_source_name":"","raw_type":"Buchkapitel"},{"id":"pmh:oai:tubiblio.ulb.tu-darmstadt.de:111417","is_oa":false,"landing_page_url":"https://ieeexplore.ieee.org/document/8554805","pdf_url":null,"source":{"id":"https://openalex.org/S4377196390","display_name":"TUbilio (Technical University of Darmstadt)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I31512782","host_organization_name":"Technische Universit\u00e4t Darmstadt","host_organization_lineage":["https://openalex.org/I31512782"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"","raw_type":"Buchkapitel"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.5799999833106995,"display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":false},"content_urls":null,"referenced_works_count":24,"referenced_works":["https://openalex.org/W200177223","https://openalex.org/W1516432943","https://openalex.org/W1683061488","https://openalex.org/W1905595836","https://openalex.org/W1991895580","https://openalex.org/W2003676537","https://openalex.org/W2014204110","https://openalex.org/W2037312963","https://openalex.org/W2040445999","https://openalex.org/W2053741629","https://openalex.org/W2081186654","https://openalex.org/W2097171586","https://openalex.org/W2131185877","https://openalex.org/W2148952798","https://openalex.org/W2150858564","https://openalex.org/W2166602595","https://openalex.org/W2167405861","https://openalex.org/W2169239645","https://openalex.org/W2269884114","https://openalex.org/W2510222096","https://openalex.org/W2612115671","https://openalex.org/W2626643089","https://openalex.org/W3017312168","https://openalex.org/W6630914723"],"related_works":["https://openalex.org/W2745157681","https://openalex.org/W2345270111","https://openalex.org/W2165898552","https://openalex.org/W2397931496","https://openalex.org/W2299494954","https://openalex.org/W3189065608","https://openalex.org/W2008985775","https://openalex.org/W2062411488","https://openalex.org/W2030343105","https://openalex.org/W2055319964"],"abstract_inverted_index":{"In":[0,63,89],"recent":[1],"years,":[2],"digitalization":[3],"is":[4,18,30,193],"having":[5],"a":[6,43,200],"great":[7,25,97],"impact":[8],"on":[9,129,157,207,219],"industry.":[10],"Especially":[11],"the":[12,84,100,107,114,141,151,165,194,203,217],"rising":[13],"degree":[14],"of":[15,47,87,91,143,160,167,181,199,205],"cross-linked":[16],"machines":[17,55,65,162],"resulting":[19],"in":[20,80,99],"new":[21,60],"business":[22],"models":[23],"and":[24,38,132,163,175,184,197],"economic":[26],"advantages.":[27],"One":[28],"example":[29],"remote":[31,92,108,120,220],"maintenance.":[32],"It":[33],"leads":[34],"to":[35,42,56,83,105,149,172,210],"less":[36],"downtime":[37,78],"gained":[39],"efficiency":[40],"due":[41],"quicker":[44],"response":[45],"time":[46],"highly":[48],"qualified":[49],"maintenance":[50,102,121,221],"technicians.":[51],"However,":[52,124],"connecting":[53],"industrial":[54,161],"WANs":[57],"opens":[58],"up":[59],"attack":[61],"surfaces.":[62],"particular,":[64],"with":[66,216],"long":[67],"lifetimes":[68],"are":[69],"often":[70],"severely":[71],"outdated":[72],"since":[73],"updates":[74],"that":[75],"might":[76],"cause":[77],"stand":[79],"direct":[81],"conflict":[82],"central":[85],"objective":[86],"availability.":[88],"case":[90],"maintenance,":[93],"it":[94],"additionally":[95],"requires":[96],"trust":[98],"external":[101],"technician":[103],"not":[104],"use":[106,166],"connection":[109],"for":[110,118,202],"wrong":[111,185],"doing.":[112],"On":[113],"market":[115],"multiple":[116],"solutions":[117,126],"securing":[119],"sessions":[122],"exist.":[123],"these":[125],"mainly":[127],"focus":[128,218],"network":[130],"security":[131,135,159,182,214],"disregard":[133],"system":[134,152,158,208,213],"entirely.":[136],"Security":[137],"doctrines":[138],"such":[139],"as":[140],"principle":[142],"least":[144],"privilege":[145],"should":[146],"be":[147,188],"used":[148],"enhance":[150],"security.":[153],"This":[154,178],"paper":[155],"focuses":[156],"proposes":[164],"role":[168],"based":[169],"access":[170],"control":[171],"confine":[173],"users":[174],"attackers":[176],"alike.":[177],"way,":[179],"consequences":[180],"breaches":[183],"doing":[186],"can":[187],"minimized.":[189],"The":[190],"scientific":[191],"contribution":[192],"development,":[195],"implementation":[196],"assessment":[198],"concept":[201],"usage":[204],"RBAC":[206],"level":[209],"solve":[211],"current":[212],"issues,":[215],"sessions.":[222]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1},{"year":2019,"cited_by_count":2}],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}