公开(公告)号：US11546295B2

公开(公告)日：2023-01-03

申请号：US17042736

申请日：2019-03-28

Applicant: Agency for Science, Technology and Research

Inventor： Dong Li ,  Huaqun Guo ,  Jianying Zhou ,  Luying Zhou ,  Jun Wen Wong

IPC: H04L9/40

Abstract: An industrial control system and a method of inspecting one or more communication packets in an industrial control system may be provided, the industrial control system firewall module comprising a packet accessing component configured to access a communication packet of an industrial control system; a firewall rules database, the firewall rules database configured to store one or more firewall rules; an inspection module configured to access the one or more firewall rules based on an industrial protocol associated with the communication packet; and the inspection module is further configured to perform a comprehensive inspection of all header fields and data fields of the communication packet based on the one or more firewall rules accessed based on the industrial protocol associated with the communication packet.

公开(公告)号：US10230532B2

公开(公告)日：2019-03-12

申请号：US15105706

申请日：2014-12-12

Applicant: Agency for Science, Technology and Research

Inventor： Aldar Chun Fai Chan ,  Jun Wen Wong ,  Jianying Zhou ,  Joseph Chee Ming Teo

IPC: H04L9/32

Abstract: There is provided an entity authentication method for a network including a first entity and a second entity, the method including: selecting, at the first entity, one or more pieces of data processed by the first entity to be used for authenticating the second entity; tagging, at the first entity, each of the one or more pieces of data selected with a respective tag generated based on a first secret key of the first entity; sending, from the first entity, a set of authentication data comprising the one or more pieces of data and the respective tags to the second entity; and authenticating, by the first entity, the second entity using a challenge-response authentication technique based on the set of authentication data and the first secret key. There is also provided a corresponding system with entity authentication for a network, and an entity in a network with entity authentication.