CN116155543A - Industrial control system access control method based on rights and blockchain - Google Patents

Industrial control system access control method based on rights and blockchain Download PDF

Info

Publication number
CN116155543A
CN116155543A CN202211640601.XA CN202211640601A CN116155543A CN 116155543 A CN116155543 A CN 116155543A CN 202211640601 A CN202211640601 A CN 202211640601A CN 116155543 A CN116155543 A CN 116155543A
Authority
CN
China
Prior art keywords
token
capability
revoked
node
subject
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202211640601.XA
Other languages
Chinese (zh)
Inventor
兰镇宇
陈良银
梁冰
王盛圩
吴迪智
冯康慧
陈是澎
刘宜珈
高尚华
袁道华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan University
Original Assignee
Sichuan University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan University filed Critical Sichuan University
Priority to CN202211640601.XA priority Critical patent/CN116155543A/en
Publication of CN116155543A publication Critical patent/CN116155543A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0807Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/104Peer-to-peer [P2P] networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to an industrial control system access control method based on capability and blockchain, which specifically comprises the following steps: optimizing the performance model: the structure and the creation mode of the token are specified in detail, the grant rule of the token is specified in detail, the flexible and standard grant process is ensured, the revocation speed of the token is improved by using a to-be-revoked list, and finally the token is subjected to dimension integrity and correctness verification, so that the token is ensured to be correct; constructing an access control system: the various modules of the access control architecture and their functions are first described in detail, and then the definition and writing of the relevant interfaces of the smart contracts, which are deployed in the service domain of the system for user and blockchain data interactions, is completed. The access control method of the industrial control system based on the rights and the blockchain can safely, flexibly and finely finish the access control of the resources maintained by the industrial control system, and improve the safety of the system.

Description

Industrial control system access control method based on rights and blockchain
Technical Field
The invention relates to access control of an industrial control system, in particular to the field of access control, and specifically relates to an industrial control system access control method based on rights and blockchains.
Background
The access control technology is used as a key security protection technology and is widely applied to almost all systems, and an access control system with excellent design can effectively prevent illegal users from accessing protected resources and ensure that legal users smoothly access system resources within the authority regulations. The traditional industrial control system deploys an access control center based on a cloud server or a local server, and the access control center authorizes and authenticates the access of all users, so that the expansibility is poor, and a single point problem exists. And with the deep convergence of industrialization and informatization, the number of users and access devices is continuously increasing, and the industrial control system also starts to put higher demands on flexibility, expansibility and safety. Access control based on blockchain implementations may well address the above challenges. The blockchain ensures the security of transaction data through technical means such as cryptography and the like, and has the characteristics of decentralization, tamper resistance, traceability and the like. And, the user can write the intelligent contract according to the business requirement and arrange the intelligent contract in the blockchain, so that the access request can be ensured to be executed strictly according to the control logic of the intelligent contract. The access control scheme realized by the block chain can effectively solve the problem of single-point failure and ensure the expansibility and usability.
In recent years, students have implemented the proposed access control method through blockchains. Liu et al propose an access control scheme Fabric-iot suitable for the scene of the Internet of things by combining an ABAC model with a blockchain, and the scheme effectively solves the problem of centralization of the traditional ABAC model, and can provide decentralization and dynamic access control in the Internet of things. But the scheme performance may decrease with increasing attribute sets and the access granularity may not be fine enough. Xu et al combine the CapBAC model with the blockchain to implement a distributed access control scheme BlendCAC that supports rights registration, granting and revocation. A logical structure named authorization tree is defined in this scheme to dynamically expose the grant and revocation process of capabilities. However, once each subject joins the authorization tree of the object as a node, the owned capability of the subject cannot be modified any more, and in addition, when the authorization tree node is revoked, the capability of all nodes of the authorization subtree rooted at the node needs to be revoked in a recursive manner, which aggravates the time for the capability revocation. The access control scheme iot-cacc proposed by Bouras et al uses a blockchain-based database to reduce wear on storage and to ensure data security. iot-cacc, which reduces the time loss of the grant and revocation of the capability tokens, is not in compliance with the capability minimum allocation rule, and is not a fine-grained access control scheme. In addition, the token of the right is transmitted in a plaintext form, so that potential safety hazard exists. In summary, although the existing blockchain-based access control scheme solves the problem of centralization of the traditional scheme, the situation that the granularity of access control is not fine enough and rights granting, revocation and verification are inflexible and unsafe still exists. Moreover, the existing research is more directed at the scene of the Internet of things, and the access control scheme of the industrial control system is less researched. Therefore, in the industrial control system scene, how to ensure fine-grained, flexible and safe access control is still a problem to be solved.
Disclosure of Invention
The invention aims to provide an industrial control system access control method based on capabilities and blockchains. The scheme takes a certain operation authority of the object as the minimum unit allocated to the subject's authority, has an explicit authority grant rule, and avoids the problem of confusion of the authorized subject in the authority grant process on the basis of meeting the requirement of the authority minimum grant granularity. And the body obtains the encrypted token ciphertext instead of the plaintext, so that the token can be effectively prevented from being tampered and abused. In addition, the access requirements of the industrial control system on the host and guest are strict, the management of the host and guest information is realized on the basis of the rights management, and the host and guest accessed to the access control system are ensured to be effective entities.
The aim of the invention is achieved in that:
a capability model is presented that supports flexible authorization and fast revocation of rights. The structure and creation process of the capability tokens in the model are described in detail. The granting rule of the token of the capability is defined, so that the dynamic modification of the token content can be ensured and the problem of confusion of an authorized body does not occur. And, the fast revocation of the capability token is achieved by using the data structure of the to-be-revoked list. Finally, the generated token is encrypted and then transmitted to the user, and the token verification process is strict, so that the security of access control is ensured. A fine-grained flexible access control scheme based on the proposed weight model and the blockchain is designed, and intelligent contracts deployed in the blockchain are described in detail. The scheme not only supports flexible grant and security verification of the capability, but also can manage the host and client information, has the characteristics of being expandable, high in flexibility, strong in security, fine in access control granularity and the like, and can be applied to a more complex industrial control system.
The specific mode is as follows:
a multi-user computing unloading method based on Lyapunov optimization comprises the following steps:
and 1, defining the structure of the token. Only the principal possessing the right token can interact with the access object;
and 2, defining a rule for granting the right token, wherein the grant operation of the right token takes a certain operation authority of the object as a unit, and a subject with the operation authority can grant the operation authority to other subjects.
And step 3, defining a token revocation rule. The revocation time is shortened using the to-be-revoked list.
Obtaining the execution cost of the mobile equipment under a single time slot, and constructing the problem of minimizing the average execution cost of the mobile equipment;
and 4, verifying the token, and verifying the correctness and the integrity of the token in a multi-dimensional manner.
Step 5, constructing a distributed access control system with flexible fine granularity;
and 6, writing an intelligent contract, and deploying the intelligent contract in a blockchain network in the access control system.
Further, the capability tokens owned by the subject in step 1 are divided into two types, one is the ownership-based capability token OCap, and the other is the granted capability token ACap. The OCap indicates that the subject is the owner of the object in question, possessing access rights for all operations of the object. The ACap is granted by other principals with access to some or all of the guest's operations, and can be forcibly revoked by the principal granted ownership or the principal owning the guest's OCap;
further, the granting rule of the token in the step 2 is as follows: the principal owning the OCap of guest O may authorize any other principal; the subject without any rights of the object O can be authorized by any other subject with the rights of the object O; after the main body is authorized, adding the child node serving as the authorization main body capability token into an authorization tree by the ACap obtained by the authorized main body; if subject A were to modify subject B's rights to object O, subject A's ACap would have to be lower in the depth of the authorization tree than subject B's ACap parent, i.e., dep A <dep B -1. After the host A modifies the authority of the host B for the object O, the ACap of the host B can be promoted to be a child node of the ACap of the host A, and related information of all nodes in an authorized subtree taking the ACap of the host B as a root node is recursively modified. The grant rule of the capability token follows the principle that the root node has the highest authority in the grant tree, and the upper node has higher authority than the lower node.
Further, the revocation of the capability in the step 3 is divided into two types according to the revocation subject, and one type is that the subject having the OCap can revoke any node under the authorization tree at will. A principal that owns an ACap can only revoke its child nodes, but cannot revoke child nodes of the same depth ACap across branches. In either way, the revoked capability token is revoked, and the descendant nodes of the revoked node are also iterated, i.e., the entire authorized subtree with the revoked capability token as the root node is deleted. However, when there are many offspring nodes of the revoked node, a large number of write operations are required at the time of revocation, which severely increases the computational burden. To achieve a fast revocation of capability tokens, a data structure of a to-be-revoked list is defined herein. The to-be-revoked list is a dynamic list, each of which has a to-be-revoked list in which the vids of the revoked but unmodified rights token owners are recorded. When the revoked node is revoked, the vid of the node and the vid of all its children and descendants will be put in the to-be-revoked list, indicating that the subject has lost the token of the capability for the specified object. When the vid attempts to acquire a capability at the body of the revocation list, it is immediately rejected. When the main body with OAcap token clears the expired token, the token with the vid in the main body in the to-be-revoked list is cleared, and the tokens are deleted on the data. Note that if a principal has its vid in the to-be-revoked list when granted a right, it needs to be deleted from the to-be-revoked list. The use of the to-be-revoked list may enable a fast revocation of the capability token, especially in cases where there are numerous descendant nodes of the revoked node.
Further, in the step 4, in the one access request, the main body applies for the token, the obtained token is an encrypted character string, that is, the token ciphertext, and the encrypted information includes OCap or ACap, the time for obtaining the token ciphertext and the time for obtaining the token ciphertext. After receiving the access request with the token ciphertext, the accessed object starts to verify, and the verification process respectively comprises the following steps: verifying whether the token ciphertext is tampered with, verifying whether the token ciphertext is within a validity period, verifying whether the token ciphertext is accessed frequently, verifying whether the token capability is within the validity period, and verifying whether the token capability has relevant rights.
Further, the system architecture in the step 5 includes four modules of a service domain, an application domain, an administrator and a user. The characteristics of distributed, expandable and strong safety are maintained.
Further, in the step 6, the blockchain network in the service domain is implemented through a Hyperledger fabric blockchain framework. The host-guest interacts with the smart contracts deployed in the blockchain. Users or devices can only access the blockchain network through intelligent contracts, and will be uploaded and deployed into the blockchain network by an administrator. The intelligent contracts (My Capability Contract, MYCC) written and deployed in the scheme can be divided into three parts according to the management content: principal management contracts (Subject Management Contract, SMC), resource management contracts (Resource Management Contract, RMC), and capability management contracts (Capability Management Contract, CMC). In actual deployment, the three are combined into MYCC for deployment.
The invention has the positive effects that:
the invention can meet the requirements of distributed control, fine access granularity and smooth cross-domain access of an industrial control system. Aiming at the problems of inflexible modification of the existing model capability and large calculation consumption of capability revocation, a capability model with flexible and changeable capability and supporting quick revocation is provided. In addition, aiming at the problem of poor security of the plaintext transmission of the token, an encryption algorithm is used for encrypting the token, and the ciphertext of the token is subjected to multidimensional verification. Finally, a simulation system based on the super ledger block chain is constructed, and the scheme feasibility and performances in all aspects are verified and tested. The final result shows that the access control mechanism provided by the chapter can provide access control with safe and effective granularity, and is better in functional integrity and security than the existing scheme.
Drawings
FIG. 1 is an exemplary diagram of a token definition.
Fig. 2 is a schematic diagram of a rights token granting process.
Fig. 3 is a comparison graph of token revocation.
Fig. 4 is a flow chart of a token verification process.
Fig. 5 is a diagram of the proposed access control method architecture.
Detailed Description
The following describes the embodiments of the present invention in further detail with reference to the drawings.
As shown in fig. 1, the capability tokens owned by the principals are divided into two types, one being the ownership-based capability token OCap and the other being the granted capability token ACap. The OCap indicates that the subject is the owner of the object in question, possessing access rights for all operations of the object. The ACap is granted by other principals with access to some or all of the guest's operations, and can be forcibly revoked by the principal granted ownership or the principal owning the guest's OCap;
and 2, the grant of the right token in the step 2 follows the principle that the root node has the highest right in the authorization tree, and the upper node has higher right than the lower node. As shown in fig. two, the subject a (vid= 700456636954841088) grants partial rights of the object O (vid= 700456636954841087) to the subject B (vid= 700456636954841089). The subject B does not obtain any rights of the object O before the subject B is authorized, partial operation authorization of the object is obtained, which is granted by the subject A, the corresponding ACap is obtained, the authorization operation comprises reading and writing, and the token is 1 in the depth of the authorization tree. The host C (vid= 700456636954841090) requests the host B for the read operation authority of the object O, and after the host B examines, determines that the host B owns the read authority of the object O, and in response to the request of C, the host C obtains the read authority of the object O, and the obtained token has a depth of 2 in the authorization tree, where the authorization tree is shown in the left side of fig. 2. The main body C continues to request the mobile authority after obtaining the read authority, the main body B finds that the main body B does not meet the condition after examining, the main body A transmits the request upwards, the main body A authorizes after responding, and the related information of the ACap of the main body B is modified. Subject C obtains the vidp, dep, and op in the post-authorization modification token from a, at which point the authorization tree for object O is shown on the right side of fig. 2.
And 3, revocation of the capability tokens, as shown in fig. 3, the capability tokens of the main body D and the main body F are revoked, and when the to-be-revoked list is not used, the capability tokens corresponding to the main body B, C, D, F, H, I, G, K need to be modified respectively, and 8 writing operations are required. After the to-be-revoked list is used, only the capability token of the main body B, C and the to-be-revoked list need to be modified, and the writing operation is performed for 3 times, and the rest writing operation will occur in idle time.
And step 4, verifying the token of the right comprises ciphertext verification, ciphertext validity verification, frequent access verification, token validity verification and operation right verification.
And 5, building a system architecture, wherein the specific structure comprises a service domain, an application domain, an administrator and a user as shown in fig. 5.

Claims (7)

1. A method for access control of an industrial control system based on capabilities and blockchains, the method comprising the steps of:
step 1, defining the structure of a right token, wherein only a main body with the right token can interact with an access object;
step 2, defining a rule for granting the right token, wherein the grant operation of the right token takes a certain operation authority of an object as a unit, and a subject with the operation authority can grant the operation authority to other subjects;
step 3, defining a right token revocation rule, shortening revocation time by using a to-be-revoked list, obtaining the execution cost of the mobile equipment under a single time slot, and constructing an average execution cost minimization problem of the mobile equipment;
step 4, verifying the token, namely verifying the correctness and the integrity of the token in a multi-dimensional manner;
step 5, constructing a distributed access control system with flexible fine granularity;
and 6, writing an intelligent contract, and deploying the intelligent contract in a blockchain network in the access control system.
2. The access control method for an industrial control system for a capability and blockchain according to claim 1, wherein the capability tokens owned by the subject in step 1 are divided into two types, one is a ownership-based capability token OCap, and the other is a granted capability token OCap, which indicates that the subject is the owner of the object in question, has access rights for all operations of the object, is granted by other subjects, has access rights for some or all operations of the object, and can be forcibly revoked by the subject who granted ownership or the subject who owns the OCap of the object.
3. The access control method for the industrial control system based on the capability and the blockchain as in claim 1, wherein the grant rule of the capability token in the step 2 is as follows: the principal owning the OCap of guest O may authorize any other principal; the subject without any rights of the object O can be authorized by any other subject with the rights of the object O; after the main body is authorized, adding the child node serving as the authorization main body capability token into an authorization tree by the ACap obtained by the authorized main body; if subject A were to modify subject B's rights to object O, subject A's ACap would have to be lower in the depth of the authorization tree than subject B's ACap parent, i.e., dep A <dep B After the host a modifies the authority of the host B to the object O, the ACap of the host B may be promoted to be a child node of the ACap of the host a, and recursively modify the related information of all nodes in the authorized subtree with the ACap of the host B as the root node, where the rule of granting the capability token follows the principle that the root node has the highest authority and the upper node has higher authority than the lower node.
4. According to claim 1, an access control method for an industrial control system based on a capability and a blockchain is characterized in that, in the step 3, the revocation of the capability is divided into two types according to the difference of revocation subjects, one type is any node under a revocation authority tree, the subject having the OCap can only revoke its child node but cannot revoke the child node of the same depth across branches, in either way, the capability token is revoked while being revoked, the offspring node of the revoked node is iterated, namely, the offspring node of the revoked node is revoked, but when the number of offspring nodes of the revoked node is large, the computing burden is greatly increased, the data structure of the capability token is realized for the subtree, the revocation list is defined herein, each of the authorization trees has a to be revoked, the node records the capability of being revoked but not being modified on the data, the node is revoked, when the node is revoked is required to be revoked, the node is required to be revoked is required to be immediately when the subject is deleted, the node is required to be revoked, the data is required to be revoked for the subtree is defined for realizing the fast revocation of the capability token, the use of the to-be-revoked list may enable a fast revocation of the capability token, especially in cases where there are numerous descendant nodes of the revoked node.
5. The access control method for industrial control system based on the capability and the blockchain according to claim 1, wherein in the step 4, in an access request, a subject applies for a capability token, the obtained capability token is an encrypted character string, that is, a capability token ciphertext, the encrypted information includes OCap or ACap, a time for obtaining the capability token ciphertext, and a time for valid the capability token ciphertext, and the accessed object starts to verify after receiving the access request with the capability token ciphertext, and the verification process includes: verifying whether the token ciphertext is tampered with, verifying whether the token ciphertext is within a validity period, verifying whether the token ciphertext is accessed frequently, verifying whether the token capability is within the validity period, and verifying whether the token capability has relevant rights.
6. The access control method for the industrial control system based on the capability and the blockchain as in claim 1, wherein the system architecture in the step 5 comprises four modules of a service domain, an application domain, an administrator and a user, and the characteristics of distributed, expandable and strong security are maintained.
7. The access control method for the industrial control system based on the capabilities and the blockchains according to claim 1, wherein in the step 6, the blockchain network in the service domain is implemented through a Hyperledger fabric blockchain framework, the host and the guest interact by means of intelligent contracts deployed in the blockchain, the user or the device can only access the blockchain network through the intelligent contracts, and the intelligent contracts (My Capability Contract, MYCC) written and deployed in the scheme can be divided into three parts according to the management contents: the principal management contracts (Subject Management Contract, SMC), resource management contracts (Resource Management Contract, RMC) and capability management contracts (Capability Management Contract, CMC) are combined into a MYCC for deployment at the time of actual deployment.
CN202211640601.XA 2022-12-20 2022-12-20 Industrial control system access control method based on rights and blockchain Pending CN116155543A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211640601.XA CN116155543A (en) 2022-12-20 2022-12-20 Industrial control system access control method based on rights and blockchain

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211640601.XA CN116155543A (en) 2022-12-20 2022-12-20 Industrial control system access control method based on rights and blockchain

Publications (1)

Publication Number Publication Date
CN116155543A true CN116155543A (en) 2023-05-23

Family

ID=86349906

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211640601.XA Pending CN116155543A (en) 2022-12-20 2022-12-20 Industrial control system access control method based on rights and blockchain

Country Status (1)

Country Link
CN (1) CN116155543A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117972791A (en) * 2024-03-25 2024-05-03 中国人民解放军国防科技大学 Method for revoking capability in operating system

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117972791A (en) * 2024-03-25 2024-05-03 中国人民解放军国防科技大学 Method for revoking capability in operating system

Similar Documents

Publication Publication Date Title
CN110032865B (en) Authority management method, device and storage medium
US10785167B2 (en) Method for controlling access to a shared resource
US11762970B2 (en) Fine-grained structured data store access using federated identity management
Xu et al. An efficient privacy‐enhanced attribute‐based access control mechanism
CN103701801B (en) Resource access control method
US9460271B2 (en) DRM system
US7103784B1 (en) Group types for administration of networks
US20150193603A1 (en) Method and system to support dynamic rights and resources sharing
CN109886675B (en) Resource access token distribution and resource use monitoring method based on block chain
US20080066147A1 (en) Composable Security Policies
US20160335118A1 (en) Mapping tenat groups to identity management classes
CN110809006A (en) Block chain-based Internet of things access control architecture and method
US20080066158A1 (en) Authorization Decisions with Principal Attributes
Wang et al. Ubiquitous computing environments and its usage access control
CN102857488A (en) Network access control model as well as method and terminal thereof
CN109918926A (en) Data staging classification method for authenticating, node and block catenary system based on block chain
Xue et al. A blockchain based user subscription data management and access control scheme in mobile communication networks
CN100574210C (en) A kind of based on the access control method that shines upon between the off grade role
Chai et al. BHE-AC: A blockchain-based high-efficiency access control framework for Internet of Things
CN116842573A (en) Hierarchical encryption privacy protection method based on blockchain
CN116155543A (en) Industrial control system access control method based on rights and blockchain
Yan et al. Access control scheme based on blockchain and attribute-based searchable encryption in cloud environment
CN109903046A (en) User data management and device based on block chain
Chen et al. Capability and Blockchain-Based Fine-Grained and Flexible Access Control Model
Bouchaala et al. I4AS-cloud: Identification, authentication and authorization as A service cloud computing

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination