Privacy and Security in Smart Grids
|
|
- Olivia Lamb
- 6 years ago
- Views:
Transcription
1 Faculty of Computer Science, Institute of Systems Architecture, Chair for Privacy and Data Security Privacy and Security in Smart Grids The German Approach Sebastian Clauß, Stefan Köpsell Dresden,
2 Outline General regulations regarding privacy and security Protection Profiles German Approach to Smart Metering (v0.5) Smart Grids: German Approach 2
3 Laws & Regulations German Energy Act (in German: Energiewirtschaftsgesetz, EnWG) first version: 13th December 1935 current version: 7th July 2005 last revision: 16th January 2012 main act with respect to energy/gas supply German Renewable Energy Act (in German: Erneuerbare-Energien-Gesetz, EEG) date: 25 October 2008 last revision: 22nd December 2011 special focus on renewable energy: wind, water, solar bio gas, landfill gas, sewer gas geothermy Note: both laws allow to regulate many details by means of regulations hard to get an comprehensive overview 3
4 German Energy Act 21c Installation of Measurement Systems Smart Meters have to be installed (if available): new buildings larger renovations if consumption > 6000 kw/year if newly installed renewable energy production >7 kw Smart Meters have to be installed anywhere, if economically acceptable economically acceptable : - not more expensive than current meters - can be declared by regulation Customers have to accept Smart Meters Smart Grids: German Approach 4
5 German Energy Act 21d Measurement System is a measurement facility connected to a communication network measures the consumption of electricity 21e, f General Requirements on Measurement Systems for Electricity / Gas Consumption Measurement Systems must fulfil the requirements of a Protection Profile must fulfil the Interoperability requirements must use state-of-the-art techniques for protecting security and privacy must be certified Measurement Systems according to 21 d, e, f can be seen as Smart Meters Smart Grids: German Approach 5
6 German Energy Act 21g Inquiring, processing and using of personal data regulates who is allowed to process which data for which purposes data has to be anonymised or pseudonymised if possible remote measurement and remote control: consumer must be informed consumer must give consent consumer must have control Smart Grids: German Approach 6
7 Basic Architecture Smart Grids: German Approach
8 Common Criteria Protection Profiles Protection Profile for the Gateway of a Smart Metering System Gateway/schutzprofil_smart_meter_gateway_node.html status: final draft version: date: 26th August 2011 Protection Profile for the Security Module of a Smart Metering System Security/security_module_node.html status: draft version: date: 25th November Smart Grids: German Approach 8
9 Protection Profile for the Gateway of a Smart Metering System defined security functionality / goal: protection of confidentiality, authenticity, integrity of data information flow control protection of privacy of consumers preservation of privacy of the consumer is an essential aspect Gateway shall provide the consumer with transparent information about the information flows reliable billing process protection of Smart Grid infrastructure not addressed: availability rationale: Smart Grid has to function properly even if Smart Meter Gateway fails fail-safe design that specifically ensures that any malfunction can not impact the delivery of a commodity, e.g. energy, gas or water Smart Grids: German Approach 9
10 Protection Profile for the Gateway of a Smart Metering System Access Control Policies: stored within the Gateway specify: how Meter Data must be processed, which processed Meter Data must be sent in which intervals, to which component or external entity, signed using which key material, encrypted using which key material, whether processed Meter Data shall be pseudonymized or not, and which pseudonym shall be used to send the data Smart Grids: German Approach 10
11 Technical Guideline TR (version 0.50) Title: (unofficial) SMART ENERGY responsible: German Federal Office for Information Security (BSI) [German: Bundesamt für Sicherheit in der Informationstechnik] current status: Draft version: 0.50 date: 25 th May tml [BSI 0.5] Smart Grids: German Approach 11
12 Technical Guideline TR (version 0.50) Drafts available Part 1: Requirements on Interoperability of the communication unit of an intelligent metering system: functional and security requirements related protocols and techniques Part 2: Requirements on Interoperability of the Security Module Part 3: Cryptographic requirements on the Infrastructure of Measurement Systems elliptic curves, AES, SHA-2 hash functions Part 4: Public Key Infrastructure for Smart Meter Gateways based on X.509, max. certificate chain length: 3 [BSI 0.5] Smart Grids: German Approach 12
13 Technical Guideline TR (version 0.50) Major updates/enhancements compared to prior public draft 0.2 (2011) Detailed specification of the major processes to be executed with respect to the Smart meter Gateway Installation and Initialization Measurement Process Data Transmission Administration Calibration Specification of Protocol Stacks for Communication between Gateway and WAN Network layer: TCP/IP (optional, other protocols possible) Application layer: Web Services using XML data structures Specification of Evaluation Profiles: Tariff Profiles Status Data Profiles Communication Profiles Smart Grids: German Approach 13
14 Basic Architecture Smart Grids: German Approach
15 Local Metrological Network Gateway: acquires measured values timestamps those values appends current tariff rate stores the resulting record v 0.50 Communication wired or wireless Network layer: Meter-BUS (M-BUS, EN13757) TCP/IP Application layer: Open Metering System Specification (OMS), Part 2, Chapter 4 Security: TCP/IP Transport Layer Security (TLS 1.2) M-BUS symmetric encryption & MAC counter to prevent replay attacks Otherwise: Physical Security in case of plain communication
16 LMN Protocol Stack - Details v 0.50 Application Presentation Session Transport Network Link Physical [BSI 0.5] Smart Grids: German Approach 16
17 Basic Architecture Smart Grids: German Approach
18 Home Area Network Gateway: allows access to measured consumption data support communication of controllable local systems (CLS) with each other with WAN entities v 0.50 Communication Network layer TCP/IP Application layer: HTTP (for access to measured consumption data) Security: TLS mutual authentication using certificates or username/password Controllable Local Systems (CLS) are considered to be evil physical separation of communication interface with respect to WAN, LMN, HAN resistance against DoS or other attacks by CLS - restriction of resources (CPU, RAM) for CLS communication
19 HAN Display for Consumers Display must show: v 0.50 Data relevant for calibration Current energy consumption Energy consumption per tariff Additional tariff information (last days, week, month, year etc.) Log of communications with external participants Fine-granular consumption data Information shown must be correct Detailed specification by XML Schemas Smart Grids: German Approach 19
20 Basic Architecture Smart Grids: German Approach
21 WAN / Internet Gateway: allows access to: measured consumption data network status data (frequency, usage, etc.) allows administration: software updates policy updates tariff rate updates controlling of CLS time synchronisation Wake-Up-Service v 0.50 Communication Network layer TCP/IP (optional, other protocols possible) Application layer: Web Services using XML data structures Data modelling according to specified Interface Classes - COSEM Smart Grids: German Approach 21
22 WAN Protocol Stack - Details v 0.50 Application Presentation Session Transport Network Link [BSI 0.5] Physical
23 WAN / Internet Security: TLS mutual authentication based on certificates direct trust, i.e. certificates preinstalled on the device v 0.50 Gateway is invisible from the WAN / Internet no way to establish connections from WAN to Gateway Administrator can request connection by sending Wake-Up packets Administrator can disable Wake-Up Service Application data: symmetric encrypted MAC digital signed Smart Grids: German Approach 23
24 WAN / Internet Wake-Up Packet: contains: header (packet type, version) recipient id - prevents spoofing timestamp - validity: 15s - prevents replay v 0.50 digital signed by administrator signature verification rate is limited - prevents DoS attacks no reaction to faulty Wake-Up packets prevents probing for Gateway makes some attacks (e.g. timing attacks) harder valid Wake-Up packet TLS connection to preconfigured Gateway administrator no additional reaction 24
25 WAN / Internet Pseudonymisation of measured data: done if required by policy data sent to third parties quite simple approach: substitution of meter ID with pseudonym different static pseudonym for each third party data is sent using measurement operator as proxy end-to-end encrypted no end-to-end integrity protection v kw xyz: 3 kw xyz: 3 kw Meter ID Recipient Pseudonym 123 ANEEL xyz Policy 25
26 WAN / Internet Firewall-like rules are specified in an Evaluation Profile, detailed by Tariff Profiles XML-Specification governs aggregation and transmission of accounting-relevant data v 0.50 Status Data Profiles XML-Specification governs aggregation and transmission of SMGW status data Communication Profiles Specifies, for which purpose a given WAN participant may be contacted in which way Specifies keys and certificates to be used XML specifications currently under work Smart Grids: German Approach 26
27 Technical Guideline TR (version 0.50) Major updates/enhancements compared to prior public draft 0.2 Detailed specification of the major processes to be executed with respect to the Smart meter Gateway Installation and Initialization Measurement Process Data Transmission Administration Calibration Specification of Protocol Stacks for Communication between Gateway and WAN Network layer: TCP/IP (optional, other protocols possible) Application layer: Web Services using XML data structures Specification of Evaluation Profiles: Tariff Profiles Status Data Profiles Communication Profiles Smart Grids: German Approach 27
28 Process: SMGW Initialization SMGW has no initial configuration (but Security Module knows initial root certificate) v 0.50 Installation Service uses HAN interface to load preliminary configuration: Initial administrator WAN-address keys and certificates needed for TLS connection to administrator On first boot: SMGW opens TLS connection to administrator and gets first working configuration Working Configuration consists of Mandatory: Addresses, keys and certificates, communication profiles for further communication with the administrator Optional: evaluation, tariff, status data profiles and additional communication profiles SMGW Reset to initial values enables a new first boot Keys and Certificates for getting working configuration can be updated (i.e. are not reset on an SMGW Reset to initial values ) Smart Grids: German Approach 28
29 General Requirements Gateway device offers some physical protection, e.g. sealed v 0.50 physically separated interfaces for different networks stored data which is no longer needed has to be securely erased management of the Gateway shall only be possible from the WAN logging: especially for transparency for the costumer events: security relevant incidents WAN connections WAN data transmissions modification of policies modification of configuration / software involved entities timestamp Smart Grids: German Approach 29
30 Comments & Questions
josef A Java-Based Open-Source Smart Meter Gateway Experimentation Framework
Kommunikationsnetze josef A Java-Based Open-Source Smart Meter Gateway Experimentation Framework Michael Höfling, Florian Heimgärtner, Daniel Fuchs, Michael Menth http://kn.inf.uni-tuebingen.de Background
More informationSmart Gas Metering in Germany.
Smart Gas Metering in Germany. New OMS Standard for Germany. New security standard. 10 th October 2012, Metering Billing/CRM Europe 2012, Amsterdam Andreas Bolder, Deutsche Telekom Technischer Service
More informationSMARTMETER. A technological overview of the German roll-out. Peter Hasse. 28. Dec 2012
SMARTMETER A technological overview of the German roll-out Peter Hasse 28. Dec 2012 1 / 42 Outline 1 Motivation German laws Organizations 2 Protection profile Technical guideline Overview Smart Meter 3
More informationProtection Profile for the Gateway of a Smart Metering System Combining privacy protection with security for the grid
Protection Profile for the Gateway of a Smart Metering System Combining privacy protection with security for the grid Dr. Helge (BSI) 12th ICC, 29.9.2011 A Possible Smart Grid 2 Introduction Smart Meter
More informationIDACCS Wireless Integrity protection in a smart grid environment for wireless access of smart meters
IDACCS Wireless 2014 Integrity protection in a smart grid environment for wireless access of smart meters Prof- Dr.-Ing. Kai-Oliver Detken DECOIT GmbH Fahrenheitstraße 9 D-28359 Bremen URL: http://www.decoit.de
More informationMarkus Bartsch. German Smart Metering and European Privacy Needs
Markus Bartsch German Smart Metering and European Privacy Needs Smart Grid (and Metering) Customer Satisfaction 3 Years 3 10 Years Identity Management Asset Management Feeder Automation Smart Meters Privacy
More informationNew Security Features in DLMS/COSEM
New Security Features in DLMS/COSEM A comparison to the Smart Meter Gateway Workshop on Power Line Communications 2015 (HRW), Robin Massink (DNV GL), Gerd Bumiller (HRW) 21.09.2015 21.09.2015 1 Initiated
More informationRegulatory Issues of Smart Grids
Regulatory Issues of Smart Grids T. Bräuchle, E. Weis EIT ICT Labs Smart Energy Systems Summer School 2012 Institut für Informations- und Wirtschaftsrecht (IIWR) Zentrum für Angewandte Rechtswissenschaft
More informationLegal Regulations and Vulnerability Analysis
Legal Regulations and Vulnerability Analysis Bundesamt für Sicherheit in der Informationstechnik (BSI) (Federal Office for Information Security) Germany Introduction of the BSI National Authority for Information
More informationThe German IT Security Certification Scheme. Joachim Weber
The German IT Security Certification Scheme Joachim Weber The German IT Security Certification Scheme 1. The role of the BSI 2. The German IT Certificate Scheme 3. Certification procedures in detail 4.
More informationCommunication Concept for Smart Metering, Smart Grid and Home Automation
Communication Concept for Metering, Grid and Home Automation Thomas Kessler (TKessler@telekom.de), Deutsche Telekom AG ETSI M2M Workshop, 26-27 October 2011, Sophia Antipolis, France 26/10/2011 1 Outline.
More informationCryptographic Mechanisms: Recommendations and Key Lengths
Technical Guideline TR-02102-4 Cryptographic Mechanisms: Recommendations and Key Lengths Part 4 Use of Secure Shell (SSH) (Version 2018-01) Federal Office for Information Security P.O.B. 20 03 63 D-53133
More informationBSI-CC-PP for
for Protection Profile for the Security Module of a Smart Meter Mini-HSM (Mini-HSM Security Module PP) - Schutzprofil für das Sicherheitsmodul des Smart Meter Mini-HSM, V1.0 developed by Federal Office
More informationRID IETF Draft Update
RID IETF Draft Update Kathleen M. Moriarty INCH Working Group 5 August 2004 This work was sponsored by the Air Force under Air Force Contract Number F19628-00-C-0002. "Opinions, interpretations, conclusions,
More informationVerwendung der sicheren BSI Smart Metering Infrastruktur für Anwendungen aus der Wohnungswirtschaft und gewerbliche Liegenschaften
Verwendung der sicheren BSI Smart Metering Infrastruktur für Anwendungen aus der Wohnungswirtschaft und gewerbliche Liegenschaften Christian Freudenmann, Dominik Henneke PPC, 09.11.2017, Smart Energy 2017,
More informationSecurity analysis of Dutch smart metering systems
Sander Keemink and Bart Roos July 2, 2008 1 / 19 1 Smart metering introduction 2 Theoretical research 3 Practical research 4 Recommendations 5 Conclusion 2 / 19 Smart metering introduction Smart Metering
More informationGerman Smart Metering System
German Smart Metering System Smart Systems and Cyber Security Detlef Einacker Detlef.einacker@neuhaus.de www.neuhaus.de Phone: +49 (0) 40 55304 1490 Mobile: +49 (0) 160 367 2324 1.1 / 09.2017 Sagemcom
More informationAssurance Continuity Maintenance Report
IFX_CCI_000003h, IFX_CCI_000005h, IFX_CCI_000008h, IFX_CCI_00000Ch, IFX_CCI_000013h, IFX_CCI_000014h, IFX_CCI_000015h, IFX_CCI_00001Ch and IFX_CCI_00001Dh design step H13 including optional software libraries
More informationSecurity Architecture of Smart Metering Systems
Security Architecture of Smart Metering Systems Natasa Zivic and Christoph Ruland University of Siegen, Institute for Data Communications Systems, Hoelderlinstrasse 3, 57076 Siegen, Germany {Natasa.Zivic,Christoph.Ruland}@uni-siegen.de
More informationDigitalization in the Energy Market Test Technology for the Electricity Market 2.0
ANALYZING LOGGING testing MEASURING Digitalization in the Energy Market Test Technology for the Electricity Market 2.0 Do you have any questions or wishes? Feel free to contact us. ZERA GmbH Hauptstraße
More informationTechnical Guideline TR eid-server. Part 2: Security Framework for eid-server operations
Technical Guideline TR-03130 eid-server Part 2: Security Framework for eid-server operations Version 2.1.2 October 25, 2017 Document history Version Date Description 0.4 Draft August 20, 2013 Initial External
More informationBCA III Network security and Cryptography Examination-2016 Model Paper 1
Time: 3hrs BCA III Network security and Cryptography Examination-2016 Model Paper 1 M.M:50 The question paper contains 40 multiple choice questions with four choices and student will have to pick the correct
More informationIntelligent measuring systems Smart Meter Gateway CONEXA
Intelligent measuring systems Smart Meter Gateway CONEXA CONEXA Smart Meter Gateway for more intelligent networks and greater energy efficiency As a municipal energy supplier or distributor, you are not
More informationSmart Meter Security. Martin Klimke, Principle of Technical Marketing Infineon Chip Card and Security
Smart Meter Security Martin Klimke, Principle of Technical Marketing Infineon Chip Card and Security Smart Grids: Advanced power control, intelligence and communications New Business models and Services
More information29th Feb 2012, Embedded World Conference 2012, Nuremberg, Germany. Communication Solutions for Smart Gas Meters and Energy Efficient Embedded Services
Communication Solutions for Smart Gas Meters and Energy Efficient Embedded Services (ME³GAS) Prof. Dr.-Ing. Axel Sikora, Dipl.-Ing. Dipl. Wirt.-Ing. Offenburg University of Applied Sciences, Germany Dipl.-Ing.
More informationBSI-CC-PP for. FIDO Universal Second Factor (U2F) Authenticator, Version 1.0. developed by. Federal Office for Information Security
for FIDO Universal Second Factor (U2F) Authenticator, Version 1.0 developed by Federal Office for Information Security Federal Office for Information Security (BSI), Postfach 20 03 63, 53133 Bonn, Germany
More informationArchitecture and Development of Secure Communication Solutions for Smart Grid Applications
Architecture and Development of Secure Communication Solutions for Smart Grid Applications Axel Sikora University of Applied Sciences Offenburg, D77652 Offenburg, Germany Email: axel.sikora@hs-offenburg.de
More informationLesson 13 Securing Web Services (WS-Security, SAML)
Lesson 13 Securing Web Services (WS-Security, SAML) Service Oriented Architectures Module 2 - WS Security Unit 1 Auxiliary Protocols Ernesto Damiani Università di Milano element This element
More informationBut where'd that extra "s" come from, and what does it mean?
SSL/TLS While browsing Internet, some URLs start with "http://" while others start with "https://"? Perhaps the extra "s" when browsing websites that require giving over sensitive information, like paying
More informationEconomic and Social Council
United Nations Economic and Social Council ECE/TRANS/WP.29/2017/46 Distr.: General 23 December 2016 Original: English Economic Commission for Europe Inland Transport Committee World Forum for Harmonization
More informationOverview. SSL Cryptography Overview CHAPTER 1
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet. SSL ensures the secure transmission of data between a client and a server through
More informationKNX Secure. KNX Position Paper on Data Security and Privacy
KNX Secure KNX Position Paper on Data Security and Privacy KNX Secure Position Paper This paper is intended as a guide for both installers as well as KNX manufacturers to learn about the current measures
More information2 Electronic Passports and Identity Cards
2 Picture source: www.bundesdruckerei.de Paper based Passport Radio Frequency (RF) Chip Electronic Passport (E Pass) Biographic data Human readable Partially machine readable (optically) Conventional
More informationEvolving Standards in Security. Michael Garrison Stuber
Evolving Standards in Security Michael Garrison Stuber Sad but true... Cartoon courtesy of xkcd.com Trends & Responses Evolution from unsecure to secure Acceptance of ECC Struggling with certificates Demand
More informationConnecting Securely to the Cloud
Connecting Securely to the Cloud Security Primer Presented by Enrico Gregoratto Andrew Marsh Agenda 2 Presentation Speaker Trusting The Connection Transport Layer Security Connecting to the Cloud Enrico
More informationAcronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector
Acronyms 3DES AES AH ANSI CBC CESG CFB CMAC CRT DoS DEA DES DoS DSA DSS ECB ECC ECDSA ESP FIPS IAB IETF IP IPsec ISO ITU ITU-T Triple DES Advanced Encryption Standard Authentication Header American National
More informationChapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010
Cryptography Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction
More informationWAP Security. Helsinki University of Technology S Security of Communication Protocols
WAP Security Helsinki University of Technology S-38.153 Security of Communication Protocols Mikko.Kerava@iki.fi 15.4.2003 Contents 1. Introduction to WAP 2. Wireless Transport Layer Security 3. Other WAP
More informationKey Lifecycle Security Requirements. Version 1.0.2
Key Lifecycle Security Requirements Version 1.0.2 Federal Office for Information Security Post Box 20 03 63 D-53133 Bonn Phone: +49 22899 9582-0 E-Mail: eid@bsi.bund.de Internet: https://www.bsi.bund.de
More informationSmart Meter Rollout Germany Schedule and Regulatory framework. Joachim Gruber EnBW AG 3. November 2015
Smart Meter Rollout Germany Schedule and Regulatory framework Joachim Gruber EnBW AG 3. November 2015 Digitization of the Energiewende 1 Background and Objectives 2 Schedule Rollout 3 Content of the draft
More informationInternet Engineering Task Force (IETF) Category: Informational ISSN: October 2013
Internet Engineering Task Force (IETF) J. Merkle Request for Comments: 7027 secunet Security Networks Updates: 4492 M. Lochter Category: Informational BSI ISSN: 2070-1721 October 2013 Abstract Elliptic
More informationCSCE 715: Network Systems Security
CSCE 715: Network Systems Security Chin-Tser Huang huangct@cse.sc.edu University of South Carolina Security in Network Layer Implementing security in application layer provides flexibility in security
More informationThe SafeNet Security System Version 3 Overview
The SafeNet Security System Version 3 Overview Version 3 Overview Abstract This document provides a description of Information Resource Engineering s SafeNet version 3 products. SafeNet version 3 products
More informationRID IETF Draft Update
RID IETF Draft Update Kathleen M. Moriarty INCH Working Group 29 March 2005 This work was sponsored by the Air Force under Air Force Contract Number F19628-00-C-0002. "Opinions, interpretations, conclusions,
More informationChapter 8 Web Security
Chapter 8 Web Security Web security includes three parts: security of server, security of client, and network traffic security between a browser and a server. Security of server and security of client
More informationWireless LAN Security. Gabriel Clothier
Wireless LAN Security Gabriel Clothier Timeline 1997: 802.11 standard released 1999: 802.11b released, WEP proposed [1] 2003: WiFi alliance certifies for WPA 2004: 802.11i released 2005: 802.11w task group
More informationChapter 8. Network Security. Need for Security. An Introduction to Cryptography. Transposition Ciphers One-Time Pads
Cryptography p y Chapter 8 Network Security Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic Principles Need for Security An Introduction
More informationSecure by design: An approach for a virtual power plant
Secure by design: An approach for a virtual power plant M.Sc. Stefan Siegl, Assoc. Prof. Nils Ulltveit-Moe SEMIAH - Scalable Energy Management Infrastructure for Aggregation of Households Starting date:
More informationSecure Communications on VoIP Networks
Mediatrix Multi-service Gateways v. 2.0.41.762 2017-12-21 Table of Contents Table of Contents Internet Telephony Network Security 4 Authentication 4 X-509 Certificates 4 Transport Layer Security (TLS)
More informationTRESCCA Trustworthy Embedded Systems for Secure Cloud Computing
TRESCCA Trustworthy Embedded Systems for Secure Cloud Computing IoT Week 2014, 2014 06 17 Ignacio García Wellness Telecom Outline Welcome Motivation Objectives TRESCCA client platform SW framework for
More informationA SIMPLE INTRODUCTION TO TOR
A SIMPLE INTRODUCTION TO TOR The Onion Router Fabrizio d'amore May 2015 Tor 2 Privacy on Public Networks Internet is designed as a public network Wi-Fi access points, network routers see all traffic that
More informationREGISTRATION DATA INTERFACE SPECIFICATION
REGISTRATION DATA INTERFACE SPECIFICATION DEFINITIONS Data Transfer Catalogue DCC Status DCC Status File Electricity Registration Data Provider FTP FTPS Gas Registration Data Provider Hot Standby Router
More information8. Network Layer Contents
Contents 1 / 43 * Earlier Work * IETF IP sec Working Group * IP Security Protocol * Security Associations * Authentication Header * Encapsulation Security Payload * Internet Key Management Protocol * Modular
More informationInteroperable, flexible, sustainable CONEXA Smart Meter Gateway
Interoperable, flexible, sustainable CONEXA Smart Meter Gateway CONEXA Smart Meter Gateway Advantages at a glance Sustainable interoperability Maximum data security Our CONEXA 3.0 Smart Meter Gateway supports
More informationAvygdor Moise, Ph.D. Future DOS Research & Development Inc. Enablers of plug & play AMI solutions that work
Integration of the ANSI standard in the SmartGrid system design Presented by Avygdor Moise, Ph.D. Future DOS Research & Development Inc. Enablers of plug & play AMI solutions that work 303-6707 Elbow Drive
More informationChapter 6: Security of higher layers. (network security)
Chapter 6: Security of higher layers (network security) Outline TLS SET 1. TLS History of TLS SSL = Secure Socket Layer defined by Netscape normalized as TLS TLS = Transport Layer Security between TCP
More informationOpenWay by Itron Security Overview
Itron White Paper OpenWay by Itron OpenWay by Itron Security Overview Kip Gering / R. Eric Robinson Itron Marketing / Itron Engineering 2009, Itron Inc. All rights reserved. 1 Executive Summary 3 Intent
More informationNetworking interview questions
Networking interview questions What is LAN? LAN is a computer network that spans a relatively small area. Most LANs are confined to a single building or group of buildings. However, one LAN can be connected
More informationETSI TS V6.1.0 ( )
TS 102 224 V6.1.0 (2004-12) Technical Specification Smart cards; Security mechanisms for UICC based Applications - Functional requirements (Release 6) 2 TS 102 224 V6.1.0 (2004-12) Reference RTS/SCP-R0282r1
More informationHP Instant Support Enterprise Edition (ISEE) Security overview
HP Instant Support Enterprise Edition (ISEE) Security overview Advanced Configuration A.03.50 Mike Brandon Interex 03 / 30, 2004 2003 Hewlett-Packard Development Company, L.P. The information contained
More informationXenApp 5 Security Standards and Deployment Scenarios
XenApp 5 Security Standards and Deployment Scenarios 2015-03-04 20:22:07 UTC 2015 Citrix Systems, Inc. All rights reserved. Terms of Use Trademarks Privacy Statement Contents XenApp 5 Security Standards
More informationCryptography and Network Security Chapter 16. Fourth Edition by William Stallings
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Chapter 16 IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death,
More informationControlled Document Page 1 of 6. Effective Date: 6/19/13. Approved by: CAB/F. Approved on: 6/19/13. Version Supersedes:
Page 1 of 6 I. Common Principles and Approaches to Privacy A. A Modern History of Privacy a. Descriptions, definitions and classes b. Historical and social origins B. Types of Information a. Personal information
More informationAutokey Version 2 Specification
Autokey Version 2 Specification draft-sibold-autokey-00 Authors: Dr. D. Sibold PTB, Stephen Röttger IETF 85, Atlanta, USA, November 4 9, 2012 Introduction Scope: Autokey V2 shall provide Authenticity of
More informationPretty Good Privacy (PGP
PGP - S/MIME - Internet Firewalls for Trusted System: Roles of Firewalls Firewall related terminology- Types of Firewalls - Firewall designs - SET for E-Commerce Transactions. Pretty Good Privacy (PGP
More informationComputer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ
Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ Chapter 8 Network Security Computer Networking: A Top Down Approach, 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, April 2009.
More informationBSI-CC-PP for. Java Card Protection Profile - Open Configuration, Version December developed by. Oracle Corporation
BSI-CC-PP-0099-2017 for Java Card Protection Profile - Open Configuration, Version 3.0.5 December 2017 developed by Oracle Corporation Federal Office for Information Security (BSI), Postfach 20 03 63,
More informationTransport Level Security
2 Transport Level Security : Security and Cryptography Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 28 October 2013 css322y13s2l12, Steve/Courses/2013/s2/css322/lectures/transport.tex,
More informationREGISTRATION DATA INTERFACE SPECIFICATION
REGISTRATION DATA INTERFACE SPECIFICATION DEFINITIONS Data Transfer Catalogue DCC Status DCC Status File Electricity Registration Data Provider Gas Registration Data Provider Hot Standby Router Protocol
More informationSecurity analysis of OpenID, followed by a reference implementation of an npabased OpenID provider
Security analysis of OpenID, followed by a reference implementation of an npabased OpenID provider Sebastian Feld, Norbert Pohlmann Institute for Internet-Security, if(is) Gelsenkirchen University of Applied
More informationSecurity+ SY0-501 Study Guide Table of Contents
Security+ SY0-501 Study Guide Table of Contents Course Introduction Table of Contents About This Course About CompTIA Certifications Module 1 / Threats, Attacks, and Vulnerabilities Module 1 / Unit 1 Indicators
More informationLecture 33. Firewalls. Firewall Locations in the Network. Castle and Moat Analogy. Firewall Types. Firewall: Illustration. Security April 15, 2005
Firewalls Lecture 33 Security April 15, 2005 Idea: separate local network from the Internet Trusted hosts and networks Intranet Firewall DMZ Router Demilitarized Zone: publicly accessible servers and networks
More informationTinySec: A Link Layer Security Architecture for Wireless Sensor Networks. Presented by Paul Ruggieri
TinySec: A Link Layer Security Architecture for Wireless Sensor Networks Chris Karlof, Naveen Sastry,, David Wagner Presented by Paul Ruggieri 1 Introduction What is TinySec? Link-layer security architecture
More informationTechnical Trust Policy
Technical Trust Policy Version 1.2 Last Updated: May 20, 2016 Introduction Carequality creates a community of trusted exchange partners who rely on each organization s adherence to the terms of the Carequality
More informationDoD Wireless Smartphone Security Requirements Matrix Version January 2011
DoD Wireless Smartphone Security s Matrix Version 3.5 21 January 2011 1 This matrix was developed by Defense Information Systems Agency Field Security Operations (DISA FSO) and is an unofficial compilation
More informationAnnex No. 1 as of April 30, to the certification report. T-Systems-DSZ-ITSEC as of September 24, 2002
Annex No. 1 as of April 30, 2004 to the certification report T-Systems-DSZ-ITSEC-04084-2002 as of September 24, 2002 1 Scope of this annex 1 This annex describes - all changes applied by the vendor to
More informationPublic Key Cryptography Options for Trusted Host Identities in HIP
Public Key Cryptography Options for Trusted Host Identities in HIP Harri Forsgren and Timo Karvi University of Helsinki, Department of Computer Science Kaj Grahn and Göran Pulkkis Arcada University of
More information6.857 L17. Secure Processors. Srini Devadas
6.857 L17 Secure Processors Srini Devadas 1 Distributed Computation Example: Distributed Computation on the Internet (SETI@home, etc.) Job Dispatcher Internet DistComp() { x = Receive(); result = Func(x);
More informationVolume I, Appendix B References Table of Contents
Volume I, Appendix B References Table of Contents B Appendix - References... B-1 B.1 Documents Incorporated in the Guidelines... B-1 B.2 Other Documents Used in Developing the Guidelines... B-3 B.3 Additional
More informationHolistic view on security as foundation for trust and innovation in new energy markets
Smart Energy Demand Coalition Holistic view on security as foundation for trust and innovation in new energy markets CEER workshop on Meter Data Management Brussels, 19 April 2012 Thomas Weisshaupt UPLOAD
More informationNetwork Security and Cryptography. 2 September Marking Scheme
Network Security and Cryptography 2 September 2015 Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers to the questions,
More informationSecurity Architecture of Smart Metering Systems
Security Architecture of Smart Metering Systems Natasa Zivic, Christoph Ruland To cite this version: Natasa Zivic, Christoph Ruland. Security Architecture of Smart Metering Systems. Wojciech Cellary; Elsa
More informationKey Management Interoperability Protocol Crypto Profile Version 1.0
Key Management Interoperability Protocol Crypto Profile Version 1.0 Working Draft 0708 25 7 NovemberOctober 2012 Technical Committee: OASIS Key Management Interoperability Protocol (KMIP) TC Chairs: Robert
More informationSándor Szőke, Dr. Microsec Ltd. Migration of national PKI Services to eidas conformant Trust Services case study in Hungary
Sándor Szőke, Dr. Microsec Ltd. Migration of national PKI Services to eidas conformant Trust Services case study in Hungary Introduction Private Hungarian IT company since 1984 Custom specific IT system
More informationTest plan for eid and esign compliant smart card readers with integrated EACv2
Technical Guideline BSI TR-03105 Part 5.2 Test plan for eid and esign compliant smart card readers with integrated EACv2 Version: 2.0 Date: 2015-05-22 Bundesamt für Sicherheit in der Informationstechnik
More informationUNCLASSIFIED INFORMATION TECHNOLOGY SECURITY GUIDANCE
INFORMATION TECHNOLOGY SECURITY GUIDANCE CRYPTOGRAPHIC ALGORITHMS FOR UNCLASSIFIED, PROTECTED A, AND PROTECTED B INFORMATION ITSP.40.111 August 2016 FOREWORD The Cryptographic Algorithms for UNCLASSIFIED,
More informationECHONET Lite SPECIFICATION. ECHONET Lite System Design Guidelines 2011 (2012) ECHONET CONSORTIUM ALL RIGHTS RESERVED
Part V ECHONET Lite System Design Guidelines i 2011 (2012) ALL RIGHTS RESERVED The specifications published by the ECHONET Consortium are established without regard to industrial property rights (e.g.,
More informationCisco VPN Internal Service Module for Cisco ISR G2
Data Sheet Cisco VPN Internal Service Module for Cisco ISR G2 Compact Versatile High-Performance VPN Module The Cisco VPN Internal Service Module (VPN ISM) is a module for the Cisco Integrated Services
More informationAPNIC elearning: Cryptography Basics
APNIC elearning: Cryptography Basics 27 MAY 2015 03:00 PM AEST Brisbane (UTC+10) Issue Date: Revision: Introduction Presenter Sheryl Hermoso Training Officer sheryl@apnic.net Specialties: Network Security
More informationPaul A. Karger
Privacy and Security Threat Analysis of the Federal Employee Personal Identity Verification (PIV) Program Paul A. Karger karger@watson.ibm.com Outline Identify specific problem with FIPS 201 Problem of
More informationLecture 9a: Secure Sockets Layer (SSL) March, 2004
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu Security Achieved by
More informationeidas Interoperability Architecture Version November 2015
eidas Interoperability Architecture Version 1.00 6. November 2015 1 Introduction This document specifies the interoperability components of the eidas-network, i.e. the components necessary to achieve interoperability
More informationIPSec. Slides by Vitaly Shmatikov UT Austin. slide 1
IPSec Slides by Vitaly Shmatikov UT Austin slide 1 TCP/IP Example slide 2 IP Security Issues Eavesdropping Modification of packets in transit Identity spoofing (forged source IP addresses) Denial of service
More informationNetwork Security and Cryptography. December Sample Exam Marking Scheme
Network Security and Cryptography December 2015 Sample Exam Marking Scheme This marking scheme has been prepared as a guide only to markers. This is not a set of model answers, or the exclusive answers
More informationComputer Networks. Wenzhong Li. Nanjing University
Computer Networks Wenzhong Li Nanjing University 1 Chapter 7. Network Security Network Attacks Cryptographic Technologies Message Integrity and Authentication Key Distribution Firewalls Transport Layer
More informationIPSec. Overview. Overview. Levente Buttyán
IPSec - brief overview - security associations (SAs) - Authentication Header (AH) protocol - Encapsulated Security Payload () protocol - combining SAs (examples) Overview Overview IPSec is an Internet
More informationCOMMUNICATION SERVER INTEGRAL 55 LX
IP Telephony Contact Centers Mobility Services OVERVIEW COMMUNICATION SERVER INTEGRAL 55 LX As a leading supplier of communication systems and services, Avaya designs, builds and manages communication
More informationOctober 4, 2000 Expires in six months. SMTP Service Extension for Secure SMTP over TLS. Status of this Memo
Internet Draft draft-hoffman-rfc2487bis-04.txt October 4, 2000 Expires in six months Paul Hoffman Internet Mail Consortium Status of this Memo SMTP Service Extension for Secure SMTP over TLS This document
More informationOracle Fusion Middleware
Oracle Fusion Middleware Interoperability Guide for Oracle Web Services Manager 11g Release 1 (11.1.1) E16098-01 October 2009 This document describes how to implement the most common Oracle WSM interoperability
More informationCRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK
CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK UNIT-1 1. Answer the following: a. What is Non-repudiation b. Distinguish between stream and block ciphers c. List out the problems of one time pad d. Define
More information