Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI 2010. All rights reserved.

Slides:

Advertisements

Similar presentations

M2M Architecture Inge Grønbæk, Telenor R&I ETSI Workshop on RFID and The Internet Of Things, 3rd and 4th December 2007.

Advertisements

World Class Standards Security challenges in an Internet of Things RFID and beyond, RFID03_07 Scott CADZOW C3L © C3L All rights reserved Workshop.

World Class Standards Smart Grids Roadmap for work in ETSI: introduction Emmanuel Darmois © ETSI All rights reserved Scoping Meeting, June 14 th.

Fostering worldwide interoperabilityGeneva, July 2009 Overview of Security work in ETSI Presenter: Mike Sharpe, VP ETSI ESP Source: Charles Brookson,

Tony Rutkowski Yaana Technologies Georgia Tech Q.4/17 Rapporteur

Trust Management of Services in Cloud Environments:

Overview Network security involves protecting a host (or a group of hosts) connected to a network Many of the same problems as with stand-alone computer.

Whats New in Microsoft Office 365 Module 01 | Daniel Sierra | Account Technology Strategist Microsoft Education México.

World Class Standards Summary of NGN LI requirements Fitting standards together Scott CADZOW.

OOI-CI–Ragouzis– Ocean Observatories Initiative Cyberinfrastructure Component CI Design Workshop October 2007.

1 Programa de Engenharia Elétrica - PEE/COPPE/UFRJ Universidade Federal do Rio de Janeiro A Review of Anomalies Detection Schemes for Smart Grids Andrés.

NIST Big Data Public Working Group Security and Privacy Subgroup Presentation September 30, 2013 Arnab Roy, Fujitsu Akhil Manchanda, GE Nancy Landreville,

Developments in the ETSI NFV Security Expert Group

Secure Communication Architectures.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Geneva, Switzerland, September 2014 ETSI TC Cyber Charles Brookson Chairman ETSI TC Cyber Zeata Security Ltd and Azenby Ltd ITU.

World Class Standards ANFOV - Milano, 14 November 2007 – Paolo DE LUTIIS ANFOV - Milano, 14 November 2007 Autore:Paolo DE LUTIIS Telecom Italia Security.

The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.

Page: October 2006 © 2006 VIVACE Consortium Members. All rights reserved VIVACE FORUM (0) {mkamel, benzekri, barrere, nasser}

Using Cryptographic ICs For Security and Product Management Misconceptions about security Network and system security Key Management The Business of Security.

1 ITC242 – Introduction to Data Communications Week 12 Topic 18 Chapter 19 Network Management.

Geneva, Switzerland, 4 December 2014 ITU-T Study Group 17 activities in the context of digital financial services and inclusion: Security and Identity.

Stephen S. Yau CSE , Fall Security Strategies.

Web services security I

DOCUMENT #: GSC15-GTSC8-02 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.1 CONTACT(S): Wayne Zeuch ATIS:

Report of ETSI NGN IPTV activities Rainer Münch, TISPAN Chairman Presenter: Ian Spiers DOCUMENT #:GSC13-PLEN-56 FOR:Presentation SOURCE:Rainer Münch, Ian.

IOT5_ GISFI # 05, June 20 – 22, 2011, Hyderabad, India 1 Privacy Requirements of User Data in Smart Grids Jaydip Sen Tata Consultancy Services Ltd.

Storage Security and Management: Security Framework

Security and LI; ETSI’s role in standards

PRESENTATION OF ETSI © ETSI All rights reserved Sophia Antipolis, 22 May 2014 Luis Jorge Romero Director General, ETSI.

DOCUMENT #:GSC15-CL-04 FOR:Presentation SOURCE:CCSA AGENDA ITEM:Closing Plenary, 2.3 GTSC-8 Summary Report Duo Liu GTSC-8.

Applying FI-WARE Generic Enablers to Smart Grid Management: Electric Car Charging Scenario Dr. Steven Davy Mobile, Middleware, TSSG Mas2tering.

WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ WHEN TITLE IS NOT A QUESTION N O ‘WE CAN’ Identity and Privacy: the.

Center of Excellence for IT at Bellevue College. Cyber security and information assurance refer to measures for protecting computer systems, networks,

Privacy of Home Energy Usage Data Jim Williams June 26, 2012 Jim Williams June 26, 2012.

© Synergetics Portfolio Security Aspecten.

DOCUMENT #: GSC15-GTSC8-06 FOR: Presentation SOURCE: ATIS AGENDA ITEM: GTSC8; 4.2 CONTACT(S): Art Reilly ATIS Cybersecurity.

Geneva, Switzerland, September 2014 Identity Based Attestation and Open Exchange Protocol (IBOPS) Scott Streit Chief Scientist.

HIT Policy Committee NHIN Workgroup Recommendations Phase 2 David Lansky, Chair Pacific Business Group on Health Danny Weitzner, Co-Chair Department of.

Privacy Communication Privacy Confidentiality Access Policies Systems Crypto Enforced Computing on Encrypted Data Searching and Reporting Fully Homomorphic.

Distributed Authentication in Wireless Mesh Networks Through Kerberos Tickets draft-moustafa-krb-wg-mesh-nw-00.txt Hassnaa Moustafa

Identity Management: A Technical Perspective Richard Cissée DAI-Labor; Technische Universität Berlin

Definitions of Business, E- Business, and Risk  Business: An organization involved in trade of goods and/or services to the consumers  E-Business: Application.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

. 1. Computer Security Concepts 2. The OSI Security Architecture 3. Security Attacks 4. Security Services 5. Security Mechanisms 6. A Model for Network.

Future ICT Landscapes – Security and Privacy Challenges & Requirements Simone Fischer-Hübner IVA Workshop, Stockholm 24th May 2012.

NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.

ENISA efforts for securing European Internet Infrastructure

Security, Accounting, and Assurance Mahdi N. Bojnordi 2004

On Requirements for Mobile Commerce By Aj.Pongthep Termsnguanwong.

World Class Standards Common IMS in TISPAN SA3LITISPANWG7_08_02 Scott CADZOW.

HIT Policy Committee NHIN Workgroup HIE Trust Framework: HIE Trust Framework: Essential Components for Trust April 21, 2010 David Lansky, Chair Farzad.

The 6th CJK IT Standards Meeting April 10 ~ 12, 2006, Hangzhou, China CJK IT Standards Meeting (Collaboration of Security Activity between CJK On NGN and.

Update on ETSI Security work Charles Brookson OCG Security Chairman DOCUMENT #:GSC13-PLEN-57 FOR:Information SOURCE:Charles Brookson AGENDA ITEM:6.3

APEC Engineers Workshop Legal Considerations - Central Register Sept 2015 Angela Frawley, General Counsel.

 Copyright 2005 Digital Enterprise Research Institute. All rights reserved. SOA-RM Overview and relation with SEE Adrian Mocan

Sicherheitsaspekte beim Betrieb von IT-Systemen Christian Leichtfried, BDE Smart Energy IBM Austria December 2011.

1 Network Security Maaz bin ahmad.. 2 Outline Attacks, services and mechanisms Security attacks Security services Security Mechanisms A model for Internetwork.

COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.

Digital Security Focus Area & Critical Infrastructure Protection in H2020 SC7 WP Aristotelis Tzafalias Trust and Security Unit DG Communications.

IoT R&I on IoT integration and platforms INTERNET OF THINGS

Security Activities in ETSI

Federated Identity Management for Scientific Collaborations

CONFIDENTIALITY, INTEGRITY, LEGAL INTERCEPTION

Security Activities in ETSI

ETSI role in Identity Management and Identification Systems

IoTSec Taxonomy Proposal

Martin Euchner, Advisor, ITU-T Study Group 17

Presentation transcript:

Potential Smart Grid standardisation work in ETSI Security and privacy aspects Carmine Rizzo on behalf of Scott CADZOW, C3L © ETSI All rights reserved

Contents Coordinating security and privacy in smart grids Role of TISPAN Role of M2M Role of others Understanding of risk in smart grids From attack both accidental and malicious Understanding of personal data and privacy in smart grids Preservation of consumer privacy Resilience modelling Support to utility infrastructure Support to communications infrastructure 2 Smart Grids Workshop 14 June ETSI

Coordinating security for smart grids in ETSI? TISPAN Ensuring the NGN is protected from, and provides protection for, services and applications crossing or hosted in core NGNs Maintenance and guidance of the design for assurance paradigm Maintenance and guidance of the privacy by design paradigm Role of M2M and others Use cases, deployment modelling, protocol identification, validation of core security and privacy models Extension to non-NGN and non-Core functionality consistent with NGN and core functionality for local devices and their interfaces. 3 Smart Grids Workshop 14 June ETSI

The NGN as a collection of provider entities 4 Smart Grids Workshop 14 June ETSI IP network IMS plane Service content (www)

Security protection measures CIA paradigm Confidentiality Is information exchanged across the network only visible to those authorised to see it? Covers encryption and separation technologies Integrity Has the information exchanged been altered in transit? Has the system itself been altered? Availability Covers a number of topics: Identification (and validation of identity through authentication) Authorisation (is Ann allowed to perform that function?) Reliability Resilience 5 Smart Grids Workshop 14 June ETSI

Privacy protection measures ISO (Common Criteria) identifies 4 key attributes that relate to privacy and which are undergoing assessment for application in the NGN Anonymity Can a party transact anonymously? Pseudonymity Can a user mask themselves with an alias? Un-Linkability Does one provider need to know if another provider is offering services to the same person? Un-Observability Does the provider need to ensure that a user may use a resource or service without others, especially third parties, being able to observe that the resource or service is being used? 6 Smart Grids Workshop 14 June ETSI

Trust in the NGN How does the service trust the network? How does the content provider trust the service platform? Proposal being considered in TISPAN for the NGN Keyed authorisation framework Variant of X.509 based Privilege Management Infrastructure (PMI) Elements of Kerberos ticket granting service too Will fully support the LI requirements in the Dynamic Triggering area May allow greater trust from users of the core network May act as a deterrent to SPAM, DDoS and other attacks 7 Smart Grids Workshop 14 June ETSI

Explicit authorisation model Assertions Content providers require QoS, GoS guarantees Network resource is finite Detection and prevention of law breaking aids society Considerations Service providers want customer retention Users want privacy Users want freedom of expression Identification and authentication are not sufficient by themselves in the NGN and our e-world Authorisation and privacy protection have to be added Smart Grids Workshop 14 June ETSI 8

Standardisation of authorisation frameworks TISPAN and ETSI Expand the models developed in TS TISPAN; NGN Security; Identity protection (Protection Profile) and apply them to generic and specific NGN models Mandate them for the NGN core ENISA? Promotion and encouragement of development Others? For discussion – but everyone has a role they can play Smart Grids Workshop 14 June ETSI 9

Thanks! Available for your ?