News

suac3i

Suac3i Project Starts

Welcome to SUAC3I!  We are proud to announce the beginning of this project today. SUAC3I stands for Secure User Authentication in Control Centers for Critical Infrastructures, that’s our aim, to…

SAUC3I workshop

SUAC3I WORKSHOP

  • September 21, 2015
  • By

SUAC3I's consortium would like to announce an official call for a project results dissemination workshop included on SUAC3I's official planning. This workshop will take place on October 29th in GMV's…

 

Project

 

 

Control Centres for Critical Infrastructures have stringent and opposed availability and access control requirements. On the one hand, workstation screens need to be visible on a 24×7 basis to continuously monitor the infrastructure. This has huge implications in terms of access control. First, screens cannot be locked at any point in time so traditional authentication solutions, which keep the workstation locked until a user authenticates are not valid. Second, the user session is always the same one since rebooting or logouts are not possible. On the other hand, the correct operation of infrastructures has a huge economic and social impact. Therefore, access to the control centres has to be carefully controlled. Only authorized employees shall be allowed to access.

 

As current workstation access control solutions are not valid for control centres because they lock the workstation until a user authenticates, the authentication problem has been shifted traditionally to physical security: the access to the room where the control centre is located has been protected.
This approach presents several drawbacks, piggybacking and social engineering attacks are simple to execute to get access to the control centre even if not authorized. Additionally, several people are working at the control centre at the same time. Not having user authentication at the workstation level forbids having traceability of who has done what inside the control centre workstations.

The Secure User Authentication in Control Centres for Critical Infrastructures objectives are to define, design, develop, implement and validate a prototype which overcomes current limitations in existing solutions by moving back user authentication and traceability to the workstation while keeping the 24×7 visibility requirements in workstation screens and guaranteeing security requirements with strong biometric authentication mechanisms.

 

This project has been funded with the support from the European Commission. This publication reflects the views only of the author, and the European Commission cannot be held responsible for any use which may be made of the information contained therein.

flag_yellow_low

Co-funded by the Prevention, Preparedness and Consequence Management of Terrorism and other Security-related Risks Programme of the European Union

 


Consortium

logo_urv

GMV

Our goal is to support our client's processes by dint of technologically advanced solutions, providing integrated systems, specialized products and services covering the whole life cycle. These range from consultancy and engineering services up to the development of software and hardware, the integration of turnkey systems and operational backup.

Website

logo_urv

URV

The URV was created in 1991 by the Parliament of Catalonia from the already existing university faculties and schools. In this way the Tarragona University of the 16th century was restored. From the very first day its aim has been very clear: to place knowledge at the service of society so as to contribute to the social and economic development of its environment, which has gradually transformed over time.

Website

eutelsat

EUTELSAT

Eutelsat is one of the leading satellite operators in the world, with capacity commercialised on 37 satellites serving users in 150 countries in Europe, Africa, Asia and the Americas.

Website

logo suac3i
girl with pc