KIT Career ServiceStudierendeAbschlussarbeiten

Learning-Based Strategies for the Evaluation & Enforcement of Attribute-Based Access Control Policies in Smart Grids

Forschungsthema/Bereich
Cybersecurity & Machine Learning
Typ der Abschlussarbeit
Master
Startzeitpunkt
-
Bewerbungsschluss
30.06.2026
Dauer der Arbeit
6 Months

Beschreibung

Attribute-based access control (ABAC) facilitates the implementation of highly flexible and expressive access control policies. However, the utilization of ABAC policies may impede the requirements of operational technology (OT), industrial control systems (ICS), and the Internet of Things (IoT) due to constrained resources and time-critical communication [1, 2].

This research topic explores novel strategies for caching attributes, precomputing policy evaluations, and enforcing cached access decisions by classifying the system’s state and predicting the system’s behavior with the help of machine learning. The goal of these strategies is to either minimize the performance requirements, memory utilization, or response time of a system under observation.

This thesis involves designing and implementing a novel class of learning-based strategies for ABAC. These strategies shall be evaluated using OT devices to demonstrate their applicability in smart grids. To assist with the evaluation, we are providing access to our industrial OT devices at the KASTEL Security Lab Energy [3] at KIT Campus North. Our lab includes intelligent electronic devices (IEDs) and merging units (MUs) from Siemens, General Electric, SEL, and Hitachi ABB.

Does this sound exciting? Then get in touch with us!

We are happy to answer any questions you might have. If you are interested,
please send us an email including your current transcript of records and academic CV.

Language(s):
English, German

References
[1] Hu et al. 2014. Guide to Attribute Based Access Control (ABAC) Definition and Considerations. NIST Special Publication 800-162. doi:10.6028/nist.sp.800-162

[2] Stouffer et al. 2023. Guide to Operational Technology (OT) Security. NIST Special Publication 800-82. doi:10.6028/nist.sp.800-82r3

[3] https://www.elab.kit.edu/english/cybersec.php

Voraussetzung

Voraussetzungen an Studierende
  • Studies in computer science / engineering or related fields
  • Experience with programming in either Python, Rust, Java, or C++
  • Experience with or interested in machine learning
  • Familiar or motivated to work with OT devices
  • Familiar or motivated to work with low-latency network communication protocols

Studiengangsbereiche
  • Ingenieurwissenschaften
    Informatik


Betreuung

Titel, Vorname, Name
Moritz, Gstür
Organisationseinheit
Institute for Automation and Applied Informatics (IAI)
E-Mail Adresse
moritz.gstuer@kit.edu
Link zur eigenen Homepage/Personenseite
Website

Bewerbung per E-Mail

Bewerbungsunterlagen
  • Lebenslauf
  • Notenauszug

E-Mail Adresse für die Bewerbung
Senden Sie die oben genannten Bewerbungsunterlagen bitte per Mail an moritz.gstuer@kit.edu


Zurück