IIoT’s Risk Odyssey: Navigating the Risk Propagation of Illegal Information Flows
Industrial Internet of Things (IIoT) refers to a broad network of low-cost, interconnected devices, including actuators, programmable logic controllers (PLCs), and sensors. Such environments are characterized by the vast amount of data exchanged among a wide range of devices, applications, and servi...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10945353/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1850185109054947328 |
|---|---|
| author | Argiro Anagnostopoulou Ioannis Mavridis Michael Athanasopoulos Alexios Mylonas Dimitris Gritzalis |
| author_facet | Argiro Anagnostopoulou Ioannis Mavridis Michael Athanasopoulos Alexios Mylonas Dimitris Gritzalis |
| author_sort | Argiro Anagnostopoulou |
| collection | DOAJ |
| description | Industrial Internet of Things (IIoT) refers to a broad network of low-cost, interconnected devices, including actuators, programmable logic controllers (PLCs), and sensors. Such environments are characterized by the vast amount of data exchanged among a wide range of devices, applications, and services. The scalability and decentralized nature of IIoT introduces considerable challenges for traditional security mechanisms. As a result, it is crucial to establish more robust security measures, enforce more effective access control policies, and efficiently manage information flows within business processes. In our prior research, we introduced a methodology for the assessment of information flows in IIoT environments and the detection of the illegal ones. Specifically, we utilized a risk-based methodology to model complex business processes as directed graphs. This approach enabled us to thoroughly analyze the interdependencies among participating objects. Through this analysis, we aimed to identify objects that are susceptible to initiating or being influenced by illegal information flows. In our current study, we investigate the propagation of the risk of illegal information flows within and across business processes. Finally, we apply centrality metrics to identify critical objects that require more efficient access control rules and policies in order to mitigate illegal information flows within the IIoT network. To the best of our knowledge, no previous research has explored the concept of risk-based detection of illegal information flows and examined potential propagation of risk in industrial environments. |
| format | Article |
| id | doaj-art-bf2b730015f042cb9c8dfcdca7b7a9ed |
| institution | OA Journals |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-bf2b730015f042cb9c8dfcdca7b7a9ed2025-08-20T02:16:49ZengIEEEIEEE Access2169-35362025-01-0113594225944510.1109/ACCESS.2025.355587310945353IIoT’s Risk Odyssey: Navigating the Risk Propagation of Illegal Information FlowsArgiro Anagnostopoulou0https://orcid.org/0000-0003-4199-6257Ioannis Mavridis1Michael Athanasopoulos2Alexios Mylonas3Dimitris Gritzalis4https://orcid.org/0000-0002-7793-6128Department of Informatics, Athens University of Economics and Business, Athens, GreeceDepartment of Applied Informatics, University of Macedonia, Thessaloniki, GreeceDepartment of Informatics, Athens University of Economics and Business, Athens, GreeceCybersecurity and Computing Systems Research Group, Department of Computer Science, University of Hertfordshire, Hatfield, U.K.Department of Informatics, Athens University of Economics and Business, Athens, GreeceIndustrial Internet of Things (IIoT) refers to a broad network of low-cost, interconnected devices, including actuators, programmable logic controllers (PLCs), and sensors. Such environments are characterized by the vast amount of data exchanged among a wide range of devices, applications, and services. The scalability and decentralized nature of IIoT introduces considerable challenges for traditional security mechanisms. As a result, it is crucial to establish more robust security measures, enforce more effective access control policies, and efficiently manage information flows within business processes. In our prior research, we introduced a methodology for the assessment of information flows in IIoT environments and the detection of the illegal ones. Specifically, we utilized a risk-based methodology to model complex business processes as directed graphs. This approach enabled us to thoroughly analyze the interdependencies among participating objects. Through this analysis, we aimed to identify objects that are susceptible to initiating or being influenced by illegal information flows. In our current study, we investigate the propagation of the risk of illegal information flows within and across business processes. Finally, we apply centrality metrics to identify critical objects that require more efficient access control rules and policies in order to mitigate illegal information flows within the IIoT network. To the best of our knowledge, no previous research has explored the concept of risk-based detection of illegal information flows and examined potential propagation of risk in industrial environments.https://ieeexplore.ieee.org/document/10945353/Access controldependency chain analysisgraph centralityindustry 4.0information flow controlinformation security |
| spellingShingle | Argiro Anagnostopoulou Ioannis Mavridis Michael Athanasopoulos Alexios Mylonas Dimitris Gritzalis IIoT’s Risk Odyssey: Navigating the Risk Propagation of Illegal Information Flows IEEE Access Access control dependency chain analysis graph centrality industry 4.0 information flow control information security |
| title | IIoT’s Risk Odyssey: Navigating the Risk Propagation of Illegal Information Flows |
| title_full | IIoT’s Risk Odyssey: Navigating the Risk Propagation of Illegal Information Flows |
| title_fullStr | IIoT’s Risk Odyssey: Navigating the Risk Propagation of Illegal Information Flows |
| title_full_unstemmed | IIoT’s Risk Odyssey: Navigating the Risk Propagation of Illegal Information Flows |
| title_short | IIoT’s Risk Odyssey: Navigating the Risk Propagation of Illegal Information Flows |
| title_sort | iiot x2019 s risk odyssey navigating the risk propagation of illegal information flows |
| topic | Access control dependency chain analysis graph centrality industry 4.0 information flow control information security |
| url | https://ieeexplore.ieee.org/document/10945353/ |
| work_keys_str_mv | AT argiroanagnostopoulou iiotx2019sriskodysseynavigatingtheriskpropagationofillegalinformationflows AT ioannismavridis iiotx2019sriskodysseynavigatingtheriskpropagationofillegalinformationflows AT michaelathanasopoulos iiotx2019sriskodysseynavigatingtheriskpropagationofillegalinformationflows AT alexiosmylonas iiotx2019sriskodysseynavigatingtheriskpropagationofillegalinformationflows AT dimitrisgritzalis iiotx2019sriskodysseynavigatingtheriskpropagationofillegalinformationflows |