The vision of Industry 4.0 is characterized by the amalgamation of cyber-physical systems and industrial Internet of Things. Such a complex ecosystem urges for the requirement of novel security protocol and mechanisms for access control so as to allow the smart devices to authorize external entities and granting them access rights without depending on centralized authentication entities. The work proposed in this article aims to utilize a community-based hierarchical approach to define the procedure for obtaining access rights in the Industry 4.0 ecosystem. The proposed scheme considers a hierarchy of authorizing devices that work in collaboration for providing access control of the smart end devices to the users. The adoption of hierarchical structure ensures that the access rights are eventually given to only those users that have passed multiple levels of successful authorization. The proposed scheme also combats any infringement of users identity since the authorizing entities involved in the proposed system work in close collaboration for user authentication. The proposed user authentication scheme has been validated using burrows-abadi-needham (BAN)-logic and is proved to be secure against a variety of security attacks.

中文翻译：

---

面向工业 4.0 的基于社区的分层用户认证方案

工业 4.0 愿景的特点是信息物理系统和工业物联网的融合。如此复杂的生态系统迫切需要新颖的安全协议和访问控制机制，以允许智能设备授权外部实体并授予它们访问权限，而不依赖于集中式身份验证实体。本文提出的工作旨在利用基于社区的分层方法来定义在工业 4.0 生态系统中获取访问权限的程序。所提出的方案考虑了授权设备的层次结构，这些授权设备协同工作，为用户提供智能终端设备的访问控制。分层结构的采用确保了访问权限最终只授予通过多级成功授权的用户。提议的方案还打击了对用户身份的任何侵犯，因为参与提议的系统的授权实体密切合作以进行用户身份验证。所提出的用户身份验证方案已使用 burrows-abadi-needham (BAN)-logic 进行了验证，并被证明可以抵御各种安全攻击。