Systems and Methods for Securing Industrial Data Streams with a Fog Root of Trust
First Claim
1. A method for security of industrial data streams arising from industrial applications and devices, comprising:
- provisioning a fogNode that is communicatively coupled with a fog cloud manager through a forwarder of the fogNode;
providing a fogLet within the fogNode, the fogLet communicating with a plurality of operational technology devices;
providing fogLet identification information using a root of trust of the fogNode, the root of trust of the fogNode being located in the fogNode;
providing fogLet encryption information using the root of trust of the fogNode;
communicating the fogLet identification information and the fogLet encryption information to the fog cloud manager;
transferring the fogLet identification information and the fogLet encryption information to a third party cloud application for validation of industrial data streams from the plurality of operational technology devices;
receiving operational device authentication information from a third party tenant application, the third party tenant application communicating with the plurality of operational technology devices;
providing the operational device authentication information with fogLet identification information using the root of trust of the fogNode; and
communicating the operational device authentication information with the fogLet identification information to the third party tenant application, the third party tenant application communicating the operational device authentication information with the fogLet identification information to the third party cloud application, the third party cloud application validating the industrial data streams from the plurality of operational technology devices using the operational device authentication information and the fogLet identification information.
3 Assignments
0 Petitions
Accused Products
Abstract
Systems and methods for security of industrial data streams are provided herein. Methods according to various embodiments include provisioning a fogNode that is communicatively coupled with a fog cloud manager through a forwarder of the fogNode and providing a fogLet within the fogNode, the fogLet communicating with a plurality of operational technology devices. Embodiments include providing fogLet identification information using hardware root of trust of the fogNode, the hardware root of trust of the fogNode being a Trusted Platform Module (TPM) of the fogNode. Embodiments further comprise communicating operational device authentication information with fogLet identification information to a third party tenant application, the third party tenant application validating industrial data streams from the operational technology devices by communicating the operational device authentication information with the fogLet identification information to a third party cloud application.
-
Citations
20 Claims
-
1. A method for security of industrial data streams arising from industrial applications and devices, comprising:
-
provisioning a fogNode that is communicatively coupled with a fog cloud manager through a forwarder of the fogNode; providing a fogLet within the fogNode, the fogLet communicating with a plurality of operational technology devices; providing fogLet identification information using a root of trust of the fogNode, the root of trust of the fogNode being located in the fogNode; providing fogLet encryption information using the root of trust of the fogNode; communicating the fogLet identification information and the fogLet encryption information to the fog cloud manager; transferring the fogLet identification information and the fogLet encryption information to a third party cloud application for validation of industrial data streams from the plurality of operational technology devices; receiving operational device authentication information from a third party tenant application, the third party tenant application communicating with the plurality of operational technology devices; providing the operational device authentication information with fogLet identification information using the root of trust of the fogNode; and communicating the operational device authentication information with the fogLet identification information to the third party tenant application, the third party tenant application communicating the operational device authentication information with the fogLet identification information to the third party cloud application, the third party cloud application validating the industrial data streams from the plurality of operational technology devices using the operational device authentication information and the fogLet identification information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A system for security of industrial data streams arising from industrial applications and devices, comprising:
-
a fog federation comprising at least one fogNode, the at least one fogNode comprising at least one fogLet, the at least one fogLet coupled, using a network, with one or more edge devices, the one or more edge devices generating industrial data streams; and a fog system manager coupled, using a network, with the fog federation, the fog system manager validating the industrial data streams of the one or more edge devices using a root of trust of the fog federation, the root of trust of the fog federation being located in the fog federation. - View Dependent Claims (16, 17)
-
-
18. A system for security of industrial data streams arising from industrial applications and devices, comprising:
-
a fogNode comprising at least one fogLet, the at least one fogLet coupled, using a network, with one or more operational technology devices, the one or more operational technology devices generating industrial data streams; and a fog system manager coupled, using a network, with the a fogNode, the fog system manager validating the industrial data streams of the one or more operational technology devices using a root of trust of the fogNode, the root of trust of the fogNode being located in the fogNode. - View Dependent Claims (19, 20)
-
Specification