{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,2,21]],"date-time":"2025-02-21T21:25:11Z","timestamp":1740173111442,"version":"3.37.3"},"reference-count":34,"publisher":"Springer Fachmedien Wiesbaden GmbH","license":[{"start":{"date-parts":[[2023,2,9]],"date-time":"2023-02-09T00:00:00Z","timestamp":1675900800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,2,9]],"date-time":"2023-02-09T00:00:00Z","timestamp":1675900800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100020639","name":"Bayerische Staatsministerium f\u00fcr Wirtschaft, Landesentwicklung und Energie","doi-asserted-by":"publisher","id":[{"id":"10.13039\/501100020639","id-type":"DOI","asserted-by":"publisher"}]},{"DOI":"10.13039\/100020618","name":"Universit\u00e4t Bayreuth","doi-asserted-by":"crossref","id":[{"id":"10.13039\/100020618","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["HMD"],"abstract":"<jats:title>Zusammenfassung<\/jats:title><jats:p>Kritische Infrastrukturen \u2013\u00a0wie diejenigen der Sektoren Wasser, Energie und Ern\u00e4hrung\u00a0\u2013 bilden die Grundlage einer funktionierenden, modernen Gesellschaft. Eine Kompromittierung dieser Infrastrukturen kann zu weitreichenden St\u00f6rungen und Gefahren f\u00fcr Leib und Leben f\u00fchren. Der Schutz sowie die Sicherstellung des Betriebs kritischer Infrastrukturen sind deshalb von entscheidender Bedeutung. W\u00e4hrend in der Vergangenheit haupts\u00e4chlich der physische Schutz vor Angriffen im Mittelpunkt stand, entstehen durch die zunehmende Digitalisierung kritischer Infrastrukturen zus\u00e4tzliche Angriffspunkte und Risiken. Im Gegensatz zu herk\u00f6mmlichen Ans\u00e4tzen zur Absicherung kritischer Energieinfrastrukturen kann eine Absicherung mithilfe einer Zero-Trust-Architektur die mit diesen Entwicklungen einhergehenden Anforderungen erf\u00fcllen.<\/jats:p><jats:p>Aufgrund der verh\u00e4ltnism\u00e4\u00dfig geringen Verbreitung von Zero-Trust-Architekturen im kritischen Energieinfrastruktursektor existiert bisher allerdings nur unzureichend praxisrelevante Literatur zur Entwicklung und Implementierung einer solchen Architektur. Diese Arbeit stellt daher sowohl die Erfahrungen aus einem laufenden Entwicklungs- und Implementierungsprojekt als auch die hiervon abgeleiteten technischen und organisationalen Handlungsempfehlungen im Rahmen eines Action-Design-Forschungsansatzes vor und tr\u00e4gt dadurch zur Schlie\u00dfung dieser Forschungsl\u00fccke bei.<\/jats:p>","DOI":"10.1365\/s40702-023-00944-6","type":"journal-article","created":{"date-parts":[[2023,2,10]],"date-time":"2023-02-10T15:18:34Z","timestamp":1676042314000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Cyber-Sicherheit f\u00fcr kritische Energieinfrastrukturen\u00a0\u2013 Handlungsempfehlungen zur Umsetzung einer Zero-Trust-Architektur","Cyber security for critical energy infrastructures\u00a0\u2013 recommended actions for the implementation of a Zero-Trust-Architecture"],"prefix":"10.1365","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-1636-1874","authenticated-orcid":false,"given":"Christoph","family":"Buck","sequence":"first","affiliation":[]},{"given":"Torsten","family":"Eymann","sequence":"additional","affiliation":[]},{"given":"Dennis","family":"Jelito","sequence":"additional","affiliation":[]},{"given":"Vincent","family":"Schlatt","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7176-6666","authenticated-orcid":false,"given":"Andr\u00e9","family":"Schweizer","sequence":"additional","affiliation":[]},{"given":"Jacqueline","family":"Strobel","sequence":"additional","affiliation":[]},{"ORCID":"https:\/\/orcid.org\/0000-0002-5775-7771","authenticated-orcid":false,"given":"Florian","family":"Wei\u00df","sequence":"additional","affiliation":[]}],"member":"93","published-online":{"date-parts":[[2023,2,9]]},"reference":[{"key":"944_CR1","volume-title":"Industrial cybersecurity; efficiently secure critical infrastructure systems","author":"P Ackerman","year":"2017","unstructured":"Ackerman\u00a0P (2017) Industrial cybersecurity; efficiently secure critical infrastructure systems. Packt Publishing, Birmingham"},{"key":"944_CR2","first-page":"1","volume-title":"Proceedings of the international conference on computing advancements","author":"I Ahmed","year":"2020","unstructured":"Ahmed\u00a0I, Nahar\u00a0T, Urmi\u00a0SS, Taher\u00a0KA (2020) Protection of sensitive data in zero trust model. In: Proceedings of the international conference on computing advancements. Association for Computing Machinery, New York, S\u00a01\u20135"},{"key":"944_CR3","doi-asserted-by":"publisher","first-page":"53","DOI":"10.1016\/j.ijcip.2014.12.002","volume":"8","author":"C Alcaraz","year":"2015","unstructured":"Alcaraz\u00a0C, Zeadally\u00a0S (2015) Critical infrastructure protection: requirements and challenges for the 21st century. Int J Crit Infrastructure Prot 8:53\u201366. https:\/\/doi.org\/10.1016\/j.ijcip.2014.12.002","journal-title":"Int J Crit Infrastructure Prot"},{"key":"944_CR4","doi-asserted-by":"publisher","first-page":"491","DOI":"10.1177\/0967010610382687","volume":"41","author":"C Aradau","year":"2010","unstructured":"Aradau\u00a0C (2010) Security that matters: critical infrastructure and objects of protection. Secur Dialogue 41:491\u2013514. https:\/\/doi.org\/10.1177\/0967010610382687","journal-title":"Secur Dialogue"},{"key":"944_CR5","doi-asserted-by":"publisher","first-page":"235","DOI":"10.1007\/978-3-662-44381-1_14","volume-title":"Advances in cryptology\u2014CRYPTO 2014. 34th annual cryptology conference","author":"K Bhargavan","year":"2014","unstructured":"Bhargavan\u00a0K, Fournet\u00a0C, Kohlweiss\u00a0M, Pironti\u00a0A, Strub\u00a0P\u2011Y, Zanella-B\u00e9guelin\u00a0S (2014) Proving the TLS handshake secure (as it is). In: Garay\u00a0JA, Gennaro\u00a0R (Hrsg) Advances in cryptology\u2014CRYPTO 2014. 34th annual cryptology conference. Springer, Berlin, Heidelberg, S 235\u2013255"},{"key":"944_CR6","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1063\/1.4952223","volume":"1738","author":"A Blokus-Roszkowska","year":"2016","unstructured":"Blokus-Roszkowska\u00a0A, Dziula\u00a0P (2016) An approach to identification of critical infrastructure systems. AIP Conf Proc 1738:1\u20134. https:\/\/doi.org\/10.1063\/1.4952223","journal-title":"AIP Conf Proc"},{"key":"944_CR8","volume-title":"Die Lage der IT-Sicherheit in Deutschland 2022","author":"BSI","year":"2022","unstructured":"BSI (2022) Die Lage der IT-Sicherheit in Deutschland 2022. Bundesamt f\u00fcr Sicherheit in der Informationstechnik, Bonn"},{"key":"944_CR7","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.cose.2021.102436","volume":"110","author":"C Buck","year":"2021","unstructured":"Buck\u00a0C, Olenberger\u00a0C, Schweizer\u00a0A, V\u00f6lter\u00a0F, Eymann\u00a0T (2021) Never trust, always verify: a multivocal literature review on current knowledge and research gaps of zero-trust. Comput Secur 110:1\u201326. https:\/\/doi.org\/10.1016\/j.cose.2021.102436","journal-title":"Comput Secur"},{"key":"944_CR9","doi-asserted-by":"publisher","first-page":"238","DOI":"10.1631\/FITEE.1800516","volume":"20","author":"Y Chen","year":"2019","unstructured":"Chen\u00a0Y, Hu\u00a0H, Cheng\u00a0G (2019) Design and implementation of a\u00a0novel enterprise network defense system by maneuvering multi-dimensional network properties. Front Inf Technol Electron Eng 20:238\u2013252. https:\/\/doi.org\/10.1631\/FITEE.1800516","journal-title":"Front Inf Technol Electron Eng"},{"key":"944_CR10","first-page":"464","volume-title":"8th IEEE international conference on cloud computing technology and science","author":"M Compasti\u00e9","year":"2016","unstructured":"Compasti\u00e9\u00a0M, Badonnel\u00a0R, Festor\u00a0O, He\u00a0R, Kassi-Lahlou\u00a0M (2016) A software-defined security strategy for supporting autonomic security enforcement in distributed cloud. In: 8th IEEE international conference on cloud computing technology and science CloudCom 2016, Luxembourg City, Luxembourg, 12\u201315 December 2016 IEEE, Piscataway, S 464\u2013467"},{"key":"944_CR11","first-page":"1","volume-title":"6th international conference for convergence in technology","author":"D D\u2019Silva","year":"2021","unstructured":"D\u2019Silva\u00a0D, Ambawade\u00a0DD (2021) Building a zero trust architecture using kubernetes. In: 6th international conference for convergence in technology Pune, India, Apr. 02-04, 2021 IEEE, Piscataway, S 1\u20138"},{"key":"944_CR12","doi-asserted-by":"publisher","DOI":"10.1515\/9783110563900","volume-title":"IT-Sicherheit; Konzepte \u2013 Verfahren \u2013 Protokolle","author":"C Eckert","year":"2018","unstructured":"Eckert\u00a0C (2018) IT-Sicherheit; Konzepte \u2013 Verfahren \u2013 Protokolle. De Gruyter Oldenbourg, Berlin, Boston"},{"key":"944_CR13","first-page":"288","volume-title":"8th annual ubiquitous computing, electronics and mobile communication conference","author":"D Eidle","year":"2017","unstructured":"Eidle\u00a0D, Ni\u00a0SY, DeCusatis\u00a0C, Sager\u00a0A (2017) Autonomic security for zero trust networks. In: Chakrabarti\u00a0S, Saha\u00a0HN (Hrsg) 8th annual ubiquitous computing, electronics and mobile communication conference. IEEE, Piscataway, S\u00a0288\u2013293"},{"key":"944_CR14","doi-asserted-by":"publisher","first-page":"644","DOI":"10.1109\/ICNSC.2007.372855","volume-title":"2007 IEEE international conference on networking, sensing, and control","author":"J Gadze","year":"2007","unstructured":"Gadze\u00a0J, Pissinou\u00a0N, Makki\u00a0K (2007) Wireless networked\u2014based sensing for protection and decentralized control of critical infrastructures. In: 2007 IEEE international conference on networking, sensing, and control London, United Kingdom, 15\u201317 April 2007 IEEE, Piscataway, S\u00a0644\u2013649"},{"key":"944_CR15","first-page":"580","volume-title":"International conference on systems, man and cybernetics","author":"AV Gheorghe","year":"2006","unstructured":"Gheorghe\u00a0AV, Schlapfer\u00a0M (2006) Ubiquity of digitalization and risks of interdependent critical infrastructures. In: International conference on systems, man and cybernetics. IEEE, Piscataway, S\u00a0580\u2013584"},{"key":"944_CR16","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1155\/2022\/6476274","volume":"2022","author":"Y He","year":"2022","unstructured":"He\u00a0Y, Huang\u00a0D, Chen\u00a0L, Ni\u00a0Y, Ma\u00a0X (2022) A survey on zero trust architecture: challenges and future trends. Wirel Commun Mob Comput 2022:1\u201313. https:\/\/doi.org\/10.1155\/2022\/6476274","journal-title":"Wirel Commun Mob Comput"},{"key":"944_CR17","volume-title":"OSSTMM 3\u2014the open source security testing methodology manual; contemporary security testing and analysis","author":"ISECOM","year":"2010","unstructured":"ISECOM (2010) OSSTMM 3\u2014the open source security testing methodology manual; contemporary security testing and analysis"},{"key":"944_CR18","first-page":"208","volume":"3","author":"PK Isom","year":"2019","unstructured":"Isom\u00a0PK (2019) IT modernisation in the energy sector: preventing cyberthreats to critical infrastructure. Cyber Secur 3:208\u2013219","journal-title":"Cyber Secur"},{"key":"944_CR19","volume-title":"Implementing a\u00a0zero trust architecture; project description","author":"A Kerman","year":"2020","unstructured":"Kerman\u00a0A, Borchert\u00a0O, Rose\u00a0S (2020) Implementing a\u00a0zero trust architecture; project description. National Cybersecurity Center of Excellence, National Institute of Standards and Technology, Rockville, Gaithersburg"},{"key":"944_CR20","volume-title":"Guidelines for performing systematic literature reviews in software engineering; version 2.3","author":"B Kitchenham","year":"2007","unstructured":"Kitchenham\u00a0B, Charters\u00a0SM (2007) Guidelines for performing systematic literature reviews in software engineering; version 2.3. Keele Univesity, University of Durham, Keele, Durham"},{"key":"944_CR21","volume-title":"Space systems: emerging technologies and operations","author":"R McCreight","year":"2022","unstructured":"McCreight\u00a0R (2022) Space based platforms and critical infrastructure vulnerability. In: Nichols\u00a0RK, Carter\u00a0CM, Hood\u00a0JP, Jackson\u00a0MJ, Joseph\u00a0S, Larson\u00a0H, Lonstein\u00a0WD, Mai\u00a0R, McCreight\u00a0R, Mumm\u00a0HC, Oetken\u00a0M, Pritchard\u00a0MJ, Ryan\u00a0JJ, Sincavage\u00a0SM, Slofer\u00a0W (Hrsg) Space systems: emerging technologies and operations. New Prairie Press, Los Angeles"},{"key":"944_CR22","doi-asserted-by":"publisher","first-page":"8021","DOI":"10.1109\/JIOT.2019.2903242","volume":"6","author":"JM Mcginthy","year":"2019","unstructured":"Mcginthy\u00a0JM, Michaels\u00a0AJ (2019) Secure industrial Internet of things critical infrastructure node design. Ieee Internet Things\u00a0J 6:8021\u20138037. https:\/\/doi.org\/10.1109\/JIOT.2019.2903242","journal-title":"Ieee Internet Things J"},{"key":"944_CR23","first-page":"1","volume-title":"2020 international conference on computer communication and Informatics","author":"S Mehraj","year":"2020","unstructured":"Mehraj\u00a0S, Banday\u00a0MT (2020) Establishing a\u00a0zero trust strategy in cloud computing environment. In: 2020 international conference on computer communication and Informatics. IEEE, Piscataway, S\u00a01\u20136"},{"key":"944_CR24","doi-asserted-by":"publisher","first-page":"226","DOI":"10.1109\/MNET.2019.1800324","volume":"33","author":"A Moubayed","year":"2019","unstructured":"Moubayed\u00a0A, Refaey\u00a0A, Shami\u00a0A (2019) Software-defined perimeter (SDP): state of the art secure solution for modern networks. IEEE Netw 33:226\u2013233. https:\/\/doi.org\/10.1109\/MNET.2019.1800324","journal-title":"IEEE Netw"},{"key":"944_CR25","doi-asserted-by":"publisher","first-page":"2","DOI":"10.1016\/j.infoandorg.2006.11.001","volume":"17","author":"MD Myers","year":"2007","unstructured":"Myers\u00a0MD, Newman\u00a0M (2007) The qualitative interview in IS research: examining the craft. Inf Organ 17:2\u201326. https:\/\/doi.org\/10.1016\/j.infoandorg.2006.11.001","journal-title":"Inf Organ"},{"key":"944_CR26","first-page":"1","volume-title":"Proceedings of the 6th international conference on engineering & MIS 2020","author":"RR Omar","year":"2020","unstructured":"Omar\u00a0RR, Abdelaziz\u00a0TM (2020) A comparative study of network access control and software-defined perimeter. In: Uskenbayeva\u00a0R (Hrsg) Proceedings of the 6th international conference on engineering & MIS 2020. Association for Computing Machinery, New York, S 1\u20135"},{"key":"944_CR27","first-page":"29","volume-title":"Proceedings of the 2018 ACM international workshop on security in software defined networks & network function virtualization","author":"J Pan","year":"2018","unstructured":"Pan\u00a0J, Yang\u00a0Z (2018) Cybersecurity challenges and opportunities in the new \u201cedge computing + IoT\u201d world. In: Ahn\u00a0G\u2011J, Gu\u00a0G, Hu\u00a0H, Shin\u00a0S (Hrsg) Proceedings of the 2018 ACM international workshop on security in software defined networks & network function virtualization. Association for Computing Machinery, New York, S 29\u201332"},{"key":"944_CR28","first-page":"1616","volume-title":"15th International Conference on Wirtschaftsinformatik","author":"B Redlich","year":"2020","unstructured":"Redlich\u00a0B, Becker\u00a0F, Lattemann\u00a0C, Robra-Bissantz\u00a0S (2020) Wie Action Design Research und Design Thinking ein Innovationsprojekt zum Erfolg f\u00fchren. In: Gronau\u00a0N, heine\u00a0M, Poustcchi\u00a0K, Krasnova\u00a0H (Hrsg) 15th International Conference on Wirtschaftsinformatik. GITO, Berlin, S 1616\u20131631"},{"key":"944_CR29","unstructured":"Richardson B, Goel P (2022) Enhancing zero trust security with data | NVIDIA technical blog. https:\/\/developer.nvidia.com\/blog\/enhancing-zero-trust-security-with-data\/. Zugegriffen: 12. Dez. 2022"},{"key":"944_CR30","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-207","volume-title":"NIST SP 800-207; zero trust architecture","author":"S Rose","year":"2020","unstructured":"Rose\u00a0S, Borchert\u00a0O, Mitchell\u00a0S, Connelly\u00a0S (2020) NIST SP 800-207; zero trust architecture. National Institute of Standards and Technology, Gaithersburg"},{"key":"944_CR31","doi-asserted-by":"publisher","first-page":"37","DOI":"10.2307\/23043488","volume":"35","author":"MK Sein","year":"2011","unstructured":"Sein\u00a0MK, Henfridsson\u00a0O, Purao\u00a0S, Rossi\u00a0M, Lindgren\u00a0R (2011) Action design research. MISQ 35:37\u201356. https:\/\/doi.org\/10.2307\/23043488","journal-title":"MISQ"},{"key":"944_CR32","doi-asserted-by":"publisher","first-page":"989","DOI":"10.2307\/41409970","volume":"35","author":"HJ Smith","year":"2011","unstructured":"Smith\u00a0HJ, Dinev\u00a0T, Xu\u00a0H (2011) Information privacy research: an interdisciplinary review. MISQ 35:989\u20131015. https:\/\/doi.org\/10.2307\/41409970","journal-title":"MISQ"},{"key":"944_CR33","doi-asserted-by":"publisher","first-page":"6100","DOI":"10.1016\/j.enpol.2011.07.010","volume":"39","author":"JM Yusta","year":"2011","unstructured":"Yusta\u00a0JM, Correa\u00a0GJ, Lacal-Ar\u00e1ntegui\u00a0R (2011) Methodologies and applications for critical infrastructure protection: state-of-the-art. Energy Policy 39:6100\u20136119. https:\/\/doi.org\/10.1016\/j.enpol.2011.07.010","journal-title":"Energy Policy"},{"key":"944_CR34","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1145\/3314148.3314349","volume-title":"Proceedings of the 2019 ACM symposium on SDN research","author":"Z Zaheer","year":"2019","unstructured":"Zaheer\u00a0Z, Chang\u00a0H, Mukherjee\u00a0S, van der Merwe\u00a0J (2019) EZTrust: network-independent zero-trust perimeterization for microservices. In: Proceedings of the 2019 ACM symposium on SDN research. Association for Computing Machinery, New York, S 49\u201361"}],"container-title":["HMD Praxis der Wirtschaftsinformatik"],"original-title":[],"language":"de","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1365\/s40702-023-00944-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1365\/s40702-023-00944-6\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1365\/s40702-023-00944-6.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,7,12]],"date-time":"2024-07-12T08:11:25Z","timestamp":1720771885000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1365\/s40702-023-00944-6"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023,2,9]]},"references-count":34,"alternative-id":["944"],"URL":"https:\/\/doi.org\/10.1365\/s40702-023-00944-6","relation":{},"ISSN":["1436-3011","2198-2775"],"issn-type":[{"type":"print","value":"1436-3011"},{"type":"electronic","value":"2198-2775"}],"subject":[],"published":{"date-parts":[[2023,2,9]]},"assertion":[{"value":"28 June 2022","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"16 January 2023","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"9 February 2023","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}]}}