Beyond Compliance: Advanced SmartGrid Authentication Paul Miller Uniloc.

Slides:



Advertisements
Similar presentations
The Whole/Hole of Security Public (DoD) v. Corporate Carl Bourland US Army Judge Advocate Generals Corps.
Advertisements

3SKey 3SKey.
Identify risks with mobile devices: Portable data storage Wireless connections 3 rd party applications Data integrity Data availability 2.
EMERGING TOPICS IN DATA, APPLICATION AND INFRASTRUCTURE PROTECTION Taher Elgamal ITU
A responsibility based model EDG CA Managers Meeting June 13, 2003.
1 MIS 2000 Class 22 System Security Update: Winter 2015.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Biometric Authentication Andrea Blanco Binglin Li Brian Connelly.
How secure are b Wireless Networks? By Ilian Emmons University of San Diego.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Authentication choices! Vincent van Kooten: Business Sales Manager Benelux Distributed by -
Defense-in-Depth Against Malicious Software Jeff Alexander IT Pro Evangelist Microsoft Australia
Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
Sanjay Goel, School of Business/Center for Information Forensics and Assurance University at Albany Proprietary Information 1 Unit Outline Information.
Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.
Network Infrastructure Security. LAN Security Local area networks facilitate the storage and retrieval of programs and data used by a group of people.
Information Security. Information security  All measures taken to prevent unauthorized use of electronic data –unauthorized use includes disclosure,
Certificate and Key Storage Tokens and Software
Securing a Wireless Network
1 Chapter 8 Securing Information Systems. Outline Security Threats (External: malware, spoofing/phishing, sniffing, & data theft: Internal: unauthorized.
RSA Security Validating Users and Devices to Protect Network Assets Endpoint Solutions for Cisco Environments.
PROJECT PAPER ON BLUEFIRE MOBILE SECURITY. BY PONNURU VENKATA DINESH KUMAR STUDENT ID # A0815 PROFESSOR – VICKY HSU CS-426.
WIRELESS LAN SECURITY Using
© NeoAccel, Inc. TWO FACTOR AUTHENTICATION Corporate Presentation.
World Bank Integrator Unit Electronic Security and Payment Systems: Some New Challenges Tom Glaessner Thomas Kellermann Valerie McNevin The World Bank.
BUSINESS B1 Information Security.
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill/Irwin Business Plug-In B6 Information Security.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
Lecture 7 Page 1 CS 236, Spring 2008 Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know.
. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.
CSCE 522 Identification and Authentication. CSCE Farkas2Reading Reading for this lecture: Required: – Pfleeger: Ch. 4.5, Ch. 4.3 Kerberos – An Introduction.
Enforcing Cyber security in Mobile Applications – Public Sector Use Case SAPHINA MCHOME, VIOLA RUKIZA TANZANIA REVENUE AUTHORITY INFORMATION AND COMMUNICATION.
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
Ingredients of Information Security. - Who has access the asset? - Is the asset correct? - Is the asset accessible? …uncorrupted? …authentic?
COEN 350: Network Security Authentication. Between human and machine Between machine and machine.
IT Security. What is Information Security? Information security describes efforts to protect computer and non computer equipment, facilities, data, and.
Identification Authentication. 2 Authentication Allows an entity (a user or a system) to prove its identity to another entity Typically, the entity whose.
Quality of Information System (IS) reflecting local correctness and reliability of the operating system; the logical completeness of the hardware and software.
DICOMwebTM 2015 Conference & Hands-on Workshop University of Pennsylvania, Philadelphia, PA September 10-11, 2015 Keeping it Safe – Securing DICOM Robert.
Marin Frankovic Datacenter TSP
13LECTURE NET301 11/23/2015Lect13 NET THE PROBLEM OF NETWORK SECURITY The Internet allows an attacker to attack from anywhere in the world from.
Ingredients of Security
Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.
Need for Security Control access to servicesControl access to services Ensure confidentialityEnsure confidentiality Guard against attacksGuard against.
Authentication What you know? What you have? What you are?
Computer Security and Cryptography Partha Dasgupta, Arizona State University.
CSCI 530 Lab Authentication. Authentication is verifying the identity of a particular person Example: Logging into a system Example: PGP – Digital Signature.
Information Security Measures Confidentiality IntegrityAccessibility Information cannot be available or disclosed to unauthorized persons, entities or.
Physical security By Ola Abd el-latif Abbass Hassan.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
CPT 123 Internet Skills Class Notes Internet Security Session B.
Lecture 7 Page 1 CS 236 Online Challenge/Response Authentication Authentication by what questions you can answer correctly –Again, by what you know The.
Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.
Syo-401 Question Answer. QUESTION 1 An achievement in providing worldwide Internet security was the signing of certificates associated with which of the.
Definition s a set of actions taken to prevent or minimize adverse consequences to assets an entity of importance a weakness in the security system to.
ASHRAY PATEL Protection Mechanisms. Roadmap Access Control Four access control processes Managing access control Firewalls Scanning and Analysis tools.
Information Systems Design and Development Security Precautions Computing Science.
Information Management System Ali Saeed Khan 29 th April, 2016.
Challenge/Response Authentication
Koji Nakao, Dai Arisue NICT, Japan
Challenge/Response Authentication
State of e-Authentication in Higher Education Bernie Gleason
Security in Networking
Net301 LECTURE 11 11/23/2015 Lect13 NET301.
Security in mobile technologies
Chapter Goals Discuss the CIA triad
COEN 351 Authentication.
Digitization complicates visibility Market demands have taken the network beyond your perimeter Threats are more numerous and complex Threats are using.
Presentation transcript:

Beyond Compliance: Advanced SmartGrid Authentication Paul Miller Uniloc

UNILOC INTEGRITY AT THE NETS EDGE Paul Miller SVP Marketing

Agenda n SmartGrid authentication vulnerability n Beyond compliance advanced authentication n White List Authentication and the Trusted SmartGrid Network n Best practices and techniques

SmartGrid Authentication Vulnerability n Vulnerability: weak / compromised authentication mechanisms l Users n Passwords: can be easily cracked n Tokens: lost/stolen/broken n Digital certificates: management, key gen/storage n Attack: Device and or User spoofing l Rogue access to SmartGrid devices l Malware insertion to disrupt SmartGrid network availability n Result: Rogue user access to SmartGrid network.

Authentication Comparison

Beyond Compliance n Compliance good start n Control the edge with white-list authentication l Block all else n Strong authentication: Device Fingerprint l Machine to machine authentication n Hardware device fingerprint ensures device is genuine l Two factor authentication for edge users n User Password n Hardware device fingerprint Transparent/easy to use second factor for user

SmartGrid Device White List Maintain SmartGrid availability by only allowing SmartGrid users, their machines, and authorized devices access to SmartGrid network SmartGrid User Devices Smart Grid Device

SmartGrid Device White List Unauthorized Access Attempt ? SmartGrid User Devices Maintain SmartGrid availability by only allowing SmartGrid users, their machines and authorized devices access to SmartGrid network and block all other machines/devices Smart Grid Device Edge ID Appliance

Best Practices n Use device fingerprints to control edge device integrity l White-list machine to machine authentication l Device fingerprint is transparent second factor user authentication n Insure edge devices are clean of malware n Maintain perimeter security n Monitor network for abnormal traffic n Routinely assess & mitigate network vulnerabilities

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.