RIZZO - Security - Docbox
Download
Report
Transcript RIZZO - Security - Docbox
Potential Smart Grid
standardisation work in ETSI
Security and privacy aspects
Carmine Rizzo on behalf of
Scott CADZOW, C3L
© ETSI 2010. All rights reserved
Contents
Coordinating security and privacy in smart grids
Role of TISPAN
Role of M2M
Role of others
Understanding of risk in smart grids
From attack both accidental and malicious
Understanding of personal data and privacy in smart grids
Preservation of consumer privacy
Resilience modelling
Support to utility infrastructure
Support to communications infrastructure
Smart Grids Workshop 14 June 2010 - ETSI
2
Coordinating security for smart grids in ETSI?
TISPAN
Ensuring the NGN is protected from, and provides protection for,
services and applications crossing or hosted in core NGNs
Maintenance and guidance of the “design for assurance” paradigm
Maintenance and guidance of the “privacy by design” paradigm
Role of M2M and others
Use cases, deployment modelling, protocol identification, validation
of core security and privacy models
Extension to non-NGN and non-Core functionality consistent with
NGN and core functionality for local devices and their interfaces.
Smart Grids Workshop 14 June 2010 - ETSI
3
The NGN as a collection of provider entities
Service
content
(www)
IMS plane
IP network
Smart Grids Workshop 14 June 2010 - ETSI
4
Security protection measures
CIA paradigm
Confidentiality
• Is information exchanged across the network only visible to those
authorised to see it?
• Covers encryption and separation technologies
Integrity
• Has the information exchanged been altered in transit?
• Has the system itself been altered?
Availability
• Covers a number of topics:
•
•
•
•
Identification (and validation of identity through authentication)
Authorisation (is Ann allowed to perform that function?)
Reliability
Resilience
Smart Grids Workshop 14 June 2010 - ETSI
5
Privacy protection measures
ISO 15408-2 (Common Criteria) identifies 4 key attributes that
relate to privacy and which are undergoing assessment for
application in the NGN
Anonymity
• Can a party transact anonymously?
Pseudonymity
• Can a user mask themselves with an alias?
Un-Linkability
• Does one provider need to know if another provider is offering services to
the same person?
Un-Observability
• Does the provider need to ensure that a user may use a resource or
service without others, especially third parties, being able to observe that
the resource or service is being used?
Smart Grids Workshop 14 June 2010 - ETSI
6
Trust in the NGN
How does the service trust the network?
How does the content provider trust the service platform?
Proposal being considered in TISPAN for the NGN
Keyed authorisation framework
• Variant of X.509 based Privilege Management Infrastructure (PMI)
• Elements of Kerberos ticket granting service too
Will fully support the LI requirements in the “Dynamic Triggering”
area
May allow greater trust from users of the core network
May act as a deterrent to SPAM, DDoS and other attacks
Smart Grids Workshop 14 June 2010 - ETSI
7
Explicit authorisation model
Assertions
Content providers require QoS, GoS guarantees
Network resource is finite
Detection and prevention of law breaking aids society
Considerations
Service providers want customer retention
Users want privacy
Users want freedom of expression
Identification and authentication are not sufficient by themselves
in the NGN and our e-world
Authorisation and privacy protection have to be added
Smart Grids Workshop 14 June 2010 - ETSI
8
Standardisation of authorisation frameworks
TISPAN and ETSI
Expand the models developed in TS 187 016 “TISPAN; NGN Security;
Identity protection (Protection Profile)” and apply them to generic and
specific NGN models
Mandate them for the NGN core
ENISA?
Promotion and encouragement of development
Others?
For discussion – but everyone has a role they can play
Smart Grids Workshop 14 June 2010 - ETSI
9
Thanks!
Available for your
?
[email protected]
[email protected]