{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T17:10:07Z","timestamp":1755882607447,"version":"3.44.0"},"publisher-location":"New York, NY, USA","reference-count":32,"publisher":"ACM","license":[{"start":{"date-parts":[[2024,7,30]],"date-time":"2024-07-30T00:00:00Z","timestamp":1722297600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Cyber Security Cooperative Research Centre (CSCRC), Australia"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2024,7,30]]},"DOI":"10.1145\/3664476.3671411","type":"proceedings-article","created":{"date-parts":[[2024,7,25]],"date-time":"2024-07-25T12:35:50Z","timestamp":1721910950000},"page":"1-11","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":0,"title":["Towards Availability of Strong Authentication in Remote and Disruption-Prone Operational Technology Environments"],"prefix":"10.1145","author":[{"ORCID":"https:\/\/orcid.org\/0000-0001-6959-0975","authenticated-orcid":false,"given":"Mohammad Reza","family":"Nosouhi","sequence":"first","affiliation":[{"name":"Deakin Cyber Research and Innovation Centre, Deakin University, Australia and Cyber Security Cooperative Research Centre (CSCRC), Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-9245-2703","authenticated-orcid":false,"given":"Zubair","family":"Baig","sequence":"additional","affiliation":[{"name":"Deakin Cyber Research and Innovation Centre, Deakin University, Australia and Cyber Security Cooperative Research Centre (CSCRC), Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-6143-6850","authenticated-orcid":false,"given":"Robin","family":"Doss","sequence":"additional","affiliation":[{"name":"Deakin Cyber Research and Innovation Centre, Deakin University, Australia and Cyber Security Cooperative Research Centre (CSCRC), Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-0235-6110","authenticated-orcid":false,"given":"Divyans","family":"Mahansaria","sequence":"additional","affiliation":[{"name":"Tata Consultancy Services (TCS) Ltd., India"}]},{"ORCID":"https:\/\/orcid.org\/0009-0006-6824-7706","authenticated-orcid":false,"given":"Debi","family":"Prasad Pati","sequence":"additional","affiliation":[{"name":"Tata Consultancy Services (TCS) Ltd., India"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-9135-2930","authenticated-orcid":false,"given":"Praveen","family":"Gauravaram","sequence":"additional","affiliation":[{"name":"Tata Consultancy Services (TCS) Ltd., Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-4691-8330","authenticated-orcid":false,"given":"Lei","family":"Pan","sequence":"additional","affiliation":[{"name":"Deakin Cyber Research and Innovation Centre, Deakin University, Australia and Cyber Security Cooperative Research Centre (CSCRC), Australia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2127-1438","authenticated-orcid":false,"given":"Keshav","family":"Sood","sequence":"additional","affiliation":[{"name":"Deakin Cyber Research and Innovation Centre, Deakin University, Australia and Cyber Security Cooperative Research Centre (CSCRC), Australia"}]}],"member":"320","published-online":{"date-parts":[[2024,7,30]]},"reference":[{"volume-title":"d.]. Yubico Developers. Retrieved","year":"2023","key":"e_1_3_2_1_1_1","unstructured":"[n. d.]. Yubico Developers. Retrieved Oct 3, 2023 from https:\/\/developers.yubico.com\/java-webauthn-server\/"},{"key":"e_1_3_2_1_2_1","volume-title":"d.]. FIDO Authentication. Retrieved","author":"Alliance FIDO","year":"2023","unstructured":"FIDO Alliance. [n. d.]. FIDO Authentication. Retrieved Sep 18, 2023 from https:\/\/fidoalliance.org\/fido2\/"},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/3600160.3600174"},{"key":"e_1_3_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1109\/MSEC.2022.3154689"},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1145\/3243734.3243846"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP40001.2021.00037"},{"volume-title":"Retrieved","year":"2021","key":"e_1_3_2_1_7_1","unstructured":"Bloomberg. 2021. Colonial Pipeline Cyber Attack: Hackers Used Compromised Password. Retrieved Feb 12, 2024 from https:\/\/www.bloomberg.com\/news\/articles\/2021-06-04\/hackers-breached-colonial-pipeline-using-compromised-password?leadSource=uverify%20wall"},{"key":"e_1_3_2_1_8_1","volume-title":"Today!Retrieved","author":"Bonnett Dovell","year":"2023","unstructured":"Dovell Bonnett. [n. d.]. How to Convince Corporate America to Adopt Multi-Factor Authentication, Today!Retrieved Sep 18, 2023 from https:\/\/www.access-smart.com\/wp-content\/uploads\/2020\/11\/How-to-Convince-Corp-America-on-MFA-Today.pdf"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/COMST.2021.3094360"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2016.35"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.3390\/app12136520"},{"key":"e_1_3_2_1_12_1","volume-title":"[n. d.]. Tamarin Prover. Retrieved","author":"David\u00a0Basin","year":"2023","unstructured":"David\u00a0Basin et al.[n. d.]. Tamarin Prover. Retrieved Sep 28, 2023 from https:\/\/tamarin-prover.github.io\/"},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.5555\/3620237.3620352"},{"key":"e_1_3_2_1_14_1","volume-title":"The OAuth 2.0 authorization framework. Internet Engineering Task Force (IETF)","author":"Hardt Dick","year":"2012","unstructured":"Dick Hardt. 2012. The OAuth 2.0 authorization framework. Internet Engineering Task Force (IETF) (2012)."},{"volume-title":"SAGE Business Cases","author":"Hobbs Allegra","key":"e_1_3_2_1_15_1","unstructured":"Allegra Hobbs. 2021. The colonial pipeline hack. In SAGE Business Cases. SAGE Publications."},{"key":"e_1_3_2_1_16_1","unstructured":"Jeff Hodges\u00a0et al.[n. d.]. Web Authentication: An API for accessing Public Key Credentials-Level 3. https:\/\/www.w3.org\/TR\/webauthn-3\/"},{"volume-title":"d.]. Javadoc hosting for open source projects. Retrieved","year":"2023","key":"e_1_3_2_1_17_1","unstructured":"Javadoc. [n. d.]. Javadoc hosting for open source projects. Retrieved Oct 3, 2023 from https:\/\/www.javadoc.io\/doc\/com.nimbusds\/"},{"key":"e_1_3_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC7519"},{"key":"e_1_3_2_1_19_1","first-page":"17","article-title":"Implementing a zero trust architecture","volume":"2020","author":"Kerman Alper","year":"2020","unstructured":"Alper Kerman, Oliver Borchert, Scott Rose, and Allen Tan. 2020. Implementing a zero trust architecture. National Institute of Standards and Technology 2020 (2020), 17\u201317.","journal-title":"National Institute of Standards and Technology"},{"volume-title":"d.]. Open Source Identity and Access Management. Retrieved","year":"2023","key":"e_1_3_2_1_20_1","unstructured":"Keycloak. [n. d.]. Open Source Identity and Access Management. Retrieved Oct 3, 2023 from https:\/\/www.keycloak.org\/"},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACCESS.2021.3133348"},{"key":"e_1_3_2_1_22_1","volume-title":"Identity and access management. NIST Special Publication","author":"McCarthy Jim","year":"2018","unstructured":"Jim McCarthy, Don Faatz, Harry Perper, Chris Peloquin, and John Wiltberger. 2018. Identity and access management. NIST Special Publication (2018)."},{"key":"e_1_3_2_1_23_1","volume-title":"Identity and Access Management for Electric Utilities. NIST Special Publication","author":"McCarthy J","year":"2018","unstructured":"James\u00a0J McCarthy. 2018. Identity and Access Management for Electric Utilities. NIST Special Publication (2018)."},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.17487\/RFC8017"},{"key":"e_1_3_2_1_25_1","volume-title":"d.]. Identity-First Security. Retrieved","author":"IAM.","year":"2023","unstructured":"OpenIAM. [n. d.]. Identity-First Security. Retrieved Oct 3, 2023 from https:\/\/www.openiam.com\/"},{"key":"e_1_3_2_1_26_1","volume-title":"Retrieved","author":"RISI.","year":"2024","unstructured":"RISI. 2024. The Repository of Industrial Security Incidents. Retrieved Feb 12, 2024 from https:\/\/www.risidata.com\/"},{"key":"e_1_3_2_1_27_1","volume-title":"d.]. Apache Syncope. Retrieved","author":"Foundation Apache Software","year":"2023","unstructured":"Apache Software Foundation. [n. d.]. Apache Syncope. Retrieved Oct 3, 2023 from https:\/\/syncope.apache.org\/"},{"key":"e_1_3_2_1_28_1","volume-title":"Zero trust architecture. NIST special publication 800","author":"Stafford VA","year":"2020","unstructured":"VA Stafford. 2020. Zero trust architecture. NIST special publication 800 (2020), 207."},{"key":"e_1_3_2_1_29_1","volume-title":"Tamarin User Manual. Retrieved","author":"Team The Tamarin","year":"2023","unstructured":"The Tamarin Team. 2024. Tamarin User Manual. Retrieved Oct 6, 2023 from https:\/\/tamarin-prover.github.io\/manual\/index.html"},{"volume-title":"d.]. Colonial Pipeline hack explained: Everything you need to know. https:\/\/www.techtarget.com\/whatis\/feature\/Colonial-Pipeline-hack-explained-Everything-you-need-to-know Accessed: 13th","year":"2023","key":"e_1_3_2_1_30_1","unstructured":"TechTarget. [n. d.]. Colonial Pipeline hack explained: Everything you need to know. https:\/\/www.techtarget.com\/whatis\/feature\/Colonial-Pipeline-hack-explained-Everything-you-need-to-know Accessed: 13th Sep 2023."},{"key":"e_1_3_2_1_31_1","doi-asserted-by":"publisher","DOI":"10.1016\/0166-3615(94)90017-5"},{"volume-title":"WSO2 Identity Server: The Leading Open Source IAM Solution. Retrieved","year":"2023","key":"e_1_3_2_1_32_1","unstructured":"WSO2. 2024. WSO2 Identity Server: The Leading Open Source IAM Solution. Retrieved Oct 3, 2023 from https:\/\/wso2.com\/identity-server\/"}],"event":{"name":"ARES 2024: The 19th International Conference on Availability, Reliability and Security","acronym":"ARES 2024","location":"Vienna Austria"},"container-title":["Proceedings of the 19th International Conference on Availability, Reliability and Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3671411","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3664476.3671411","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,8,22]],"date-time":"2025-08-22T16:52:44Z","timestamp":1755881564000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3664476.3671411"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2024,7,30]]},"references-count":32,"alternative-id":["10.1145\/3664476.3671411","10.1145\/3664476"],"URL":"https:\/\/doi.org\/10.1145\/3664476.3671411","relation":{},"subject":[],"published":{"date-parts":[[2024,7,30]]},"assertion":[{"value":"2024-07-30","order":3,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}