Abstract
The adoption of industrial internet of things (IIoT) greatly improves the efficiency of industrial facilities by providing more accurate and rich information and increasing automation. The benefits are further amplified when IIoT is integrated with cloud for collaboration and data analytic capability. Modern IIoT systems are highly dynamic and usually owned by multiple parties that need to collaborate with each other. These features make it harder to manage the system, and previous protection mechanisms such as physical separation and network isolation are not applicable any more. To mitigate the security risks without sacrificing the benefits of IIoT, we propose DL-DP, the decentralized ledger defined perimeter for IIoT. DL-DP introduces the concept of perimeter for IIoT resources management and isolation, and utilizes a novel hierarchy structure of decentralized ledger to effectively support a large number of IIoT devices and related cloud services. DL-DP provides a rich set of security functions including access control, denial-of-service mitigation and auditability. We also evaluate the performance with a prototype of DL-DP to demonstrate its practicability.
