How to Enhance the Sharing of Cyber Incident Information via Fine-Grained Access Control

Industry 4.0 and the ongoing digital transformation along with a large number interconnected machines anddevices increase the role of cybersecurity, cyber incident handling and incident response in the factories of the future (FoF). Cyber incident information sharing plays a major role when we need to formulate situational pictures about FoF operations and environment, and respond to cybersecurity threats related to e.g. the implementation of novel technologies. Sharing of incident information has a major drawback since it may reveal too much about the attack target, e.g. in the case of legacy systems and therefore restrictions may apply. We have developed a proof-of-concept service that combines access control and encryption of data at high granularity and a mechanism for requesting access to restricted cyber incident information. Theobjective was to demonstrate how access to restricted incident data fields could be managed in a fine-grained manner to enhance information sharing.