Post on 27-Mar-2015
Potential Smart Grid standardisation work in ETSI
Security and privacy aspects
Carmine Rizzo on behalf of Scott CADZOW, C3L
© ETSI 2010. All rights reserved
Contents
Coordinating security and privacy in smart grids Role of TISPAN Role of M2M Role of others
Understanding of risk in smart grids From attack both accidental and malicious
Understanding of personal data and privacy in smart grids Preservation of consumer privacy
Resilience modelling Support to utility infrastructure Support to communications infrastructure
2Smart Grids Workshop 14 June 2010 - ETSI
Coordinating security for smart grids in ETSI?
TISPAN Ensuring the NGN is protected from, and provides protection for,
services and applications crossing or hosted in core NGNs Maintenance and guidance of the “design for assurance” paradigm Maintenance and guidance of the “privacy by design” paradigm
Role of M2M and others Use cases, deployment modelling, protocol identification, validation
of core security and privacy models Extension to non-NGN and non-Core functionality consistent with
NGN and core functionality for local devices and their interfaces.
3Smart Grids Workshop 14 June 2010 - ETSI
The NGN as a collection of provider entities
4Smart Grids Workshop 14 June 2010 - ETSI
IP network
IMS plane
Service content (www)
Security protection measures
CIA paradigm Confidentiality
• Is information exchanged across the network only visible to those authorised to see it?
• Covers encryption and separation technologies
Integrity• Has the information exchanged been altered in transit?• Has the system itself been altered?
Availability• Covers a number of topics:
• Identification (and validation of identity through authentication)• Authorisation (is Ann allowed to perform that function?)• Reliability• Resilience
5Smart Grids Workshop 14 June 2010 - ETSI
Privacy protection measures
ISO 15408‑2 (Common Criteria) identifies 4 key attributes that relate to privacy and which are undergoing assessment for application in the NGN Anonymity
• Can a party transact anonymously?
Pseudonymity• Can a user mask themselves with an alias?
Un-Linkability• Does one provider need to know if another provider is offering services to
the same person?
Un-Observability• Does the provider need to ensure that a user may use a resource or
service without others, especially third parties, being able to observe that the resource or service is being used?
6Smart Grids Workshop 14 June 2010 - ETSI
Trust in the NGN
How does the service trust the network?
How does the content provider trust the service platform?
Proposal being considered in TISPAN for the NGN Keyed authorisation framework
• Variant of X.509 based Privilege Management Infrastructure (PMI)• Elements of Kerberos ticket granting service too
Will fully support the LI requirements in the “Dynamic Triggering” area
May allow greater trust from users of the core network May act as a deterrent to SPAM, DDoS and other attacks
7Smart Grids Workshop 14 June 2010 - ETSI
Explicit authorisation model
Assertions Content providers require QoS, GoS guarantees Network resource is finite Detection and prevention of law breaking aids society
Considerations Service providers want customer retention Users want privacy Users want freedom of expression
Identification and authentication are not sufficient by themselves in the NGN and our e-world Authorisation and privacy protection have to be added
Smart Grids Workshop 14 June 2010 - ETSI 8
Standardisation of authorisation frameworks
TISPAN and ETSI Expand the models developed in TS 187 016 “TISPAN; NGN Security;
Identity protection (Protection Profile)” and apply them to generic and specific NGN models
Mandate them for the NGN core
ENISA? Promotion and encouragement of development
Others? For discussion – but everyone has a role they can play
Smart Grids Workshop 14 June 2010 - ETSI 9
Thanks!
Available for your ?
scott@cadzow.comcarmine.rizzo@etsi.org