The irrefutability of information security is important part of information security, which widely affects companies' ability to protect themselves from information security threats. This concept is particularly significant in the production networks of industrial activity (Operational Technology, OT network).

In this article, we discuss what the non-repudiation of information security means, how it relates to the company's operations and how it should be followed in the OT network of a manufacturing company.

Non-repudiation security definition

Non-repudiation is one of the most important principles of information security. It refers to the fact that a certain action is performed or a certain message is sent, leaving proof that cannot be denied. Most commonly, it is related to digital communication and data transfer, such as e-mail communication, online transactions or the collection of log data. In these cases, irrefutability means that there is a trace of the activity that cannot be removed or changed afterwards without a clear sign of this change. For example, the digital signature used in e-mail communication guarantees the irrefutability of the message. It is like a digital seal that confirms the identity of the sender of the message and the authenticity of the message.

How should the non-repudiation principle be followed in the production company's OT network?

The information security of various OT networks, such as production plants or energy production, is particularly important to all of us, because their disturbances can have significant consequences for society as a whole.

Compliance with the principle of non-repudiation in OT networks requires several measures

First, all system events must be logged. Log data should be stored securely so that it is available when needed, but cannot be changed or deleted afterwards. Log data must also be stored in critical environments for, for example, 1-2 years.

Second, OT networks should use strong authentication and cryptography to ensure the identity of users and the correctness of operations. For example, digital certificates or multi-level authentication can help ensure that only authorized individuals can access the system and perform certain functions.

Third, the company should ensure that all employees have appropriate training on information security and the importance of the principle of non-repudiation. This ensures that everyone understands how their activity is recorded in the system and that they understand their responsibilities for data security.

Finally, compliance with the non-repudiation principle also requires constant monitoring and updates. Information security is a constantly changing field, where new threats and challenges appear regularly. The system and its information security practices must be flexible and adaptable to these changes.

Other areas and related concepts related to the indisputability of knowledge

The irrefutability of information security is part of a wider set of information security concepts. These closely related concepts include:

Integrity: Integrity means data or ensuring the originality and correctness of the systems. It means that the data is immutable during transport and that it retains its original state. Integrity and non-repudiation are related, as both aim to prevent data falsification or unauthorized modification.
Confidentiality: Confidentiality means protecting information so that only authorized parties can access it. Confidentiality and non-repudiation are important together, as non-repudiation ensures that only the right parties can access data, and confidentiality keeps that data secure.
Availability: Availability means that systems and information are available when they are needed. Non-repudiation supports availability by helping to prevent unauthorized modification or deletion of data or systems that could prevent their availability.
Accountability: Accountability means the ability to hold individuals or employees accountable for their actions or decisions. Non-repudiation supports accountability, as it provides irrefutable evidence of actions or decisions, enabling accountability.
Identification and verification (Authentication): Identification and authentication means verifying a user's identity before granting access to data or systems. Non-repudiation supports identification and authentication by ensuring that actions can be attributed to a specific user.
Encrypted connections (Encryption): Encrypted connections refer to techniques that protect the data being transferred from tampering or unauthorized reading. Non-repudiation and encryption often go hand in hand, as both technologies offer protection against data forgery.

Give us a call, then let's fix things in the production network

Technologies related to the implementation of non-repudiation

Several technologies are used to implement non-repudiation. Here are some of the most common:

Digital signatures

Digital signatures are one of the most commonly used ways to ensure non-repudiation. They act as a digital seal that confirms both the identity of the sender and the integrity of the message. Digital signatures are based on public key encryption and provide strong proof of the identity of the message sender and the integrity of the message during transmission.

SHA hashes

SHA hashes, or Secure Hash Algorithms, are algorithms used to compress digital information, which are an essential part of implementing non-repudiation. Once a hash has been created for a given piece of information, even a small change in the information will produce a completely different hash. This makes it very difficult to deny messages sent using hashes, because the hash proves the originality and immutability of the message.

SIEM systems

SIEM (Security Information and Event Management) systems collect and analyze the organization's information security events and log data in real time. They enable the monitoring and documentation of events and data traffic, which can help in the verification of non-repudiation. If a security breach or suspicious activity is detected, the information produced by the SIEM system can help prove who performed the activity and when, thereby reducing the possibility of denying the activity that occurred.

Timestamps

Timestamping is the process of adding information about when the information was created or modified to digital information. Timestamps can help ensure non-repudiation by providing evidence of when a particular action took place.

Logs

Logging systems, such as event or security logs, record system operations and events. This log information can serve as irrefutable evidence of what has happened on the system and when.

Email protocols

Email protocols such as DomainKeys Identified Mail (DKIM) and Sender Policy Framework (SPF) help ensure the non-repudiation of email messages. They help to confirm the sender of the message and prevent forgery of the message content.

All these technologies can be used together or separately depending on the needs and the environment in which they are implemented.

Conclusion

The concept of non-repudiation is a key part of the world of information security, and should be strived for in all digital environments. In the digital context, the purpose of non-repudiation is to confirm that the sender cannot deny that he sent a particular message, and the receiver cannot deny that he received it. Understanding this is critical because it provides the foundation for maintaining and protecting the integrity of digital data.

Technologies such as digital signatures, encryption and SHA hashes are key elements in realizing non-repudiation. They ensure that the data originates from the purported sender and that it has not changed along the way. The continuous development and introduction of such technologies into production environments are necessary to maintain the information security of production networks.

For those of us who take care of information security on a daily basis, maintaining irrefutability in organizations is a continuous process. It requires us to constantly study further, be alert and react to various new information security threats, so that we can stay one step ahead of them and ensure the safety of digital data now and in the future.

Does your company know how to take care of the irrefutability of information security?

If the answer is uncertain, book a free production network information security survey, where in a 30-minute meeting we can find out where your workplace is going in terms of production network information security! Make an appointment!