A Systematic Approach To Data Security For Unattended And Remote Monitoring Systems

In the past, each equipment developer has developed their own approach for meeting the IAEA’s security requirements, leading to the use of various standards. The resulting data incompatibility precludes the use of common processing by the Agency and complicates the deployment of a single key management approach. This paper provides a brief review of the threats and requirements for the protection of data collected by unattended monitoring systems. An analysis of these threats and requirements leads to the selection of specific widely accepted industry standards to provide end-toend integrity protection and an approach for the confidentiality protection of data when carried over data networks or while at rest. A systematic approach to the provision of integrity protection using the Cryptographic Message Syntax (CMS) standard is proposed and justified. Due to the range of equipment used by the IAEA, the approach must be flexible. For instance, low power devices may have limited public key encryption capabilities and thus symmetric encryption is accommodated. The building blocks for such a system are described and application examples identified.