[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [smartgrid-discuss] more thoughts (2 parts)
I don't disagree that the solution can range widely in complexity, David. What I'm trying to get a handle on are the requirements. Are they explicitly defined anywhere, or are they yet to be defined? Thanks. Arshad Noor StrongAuth, Inc. David RR Webber (XML) wrote: > Arshad, > > You can make this insanely complex or really simple. I'd want my home > to talk only to devices and systems I had authorized it to - so I > maintain control. Avoiding complexity on the network end. Using > certificates I can authenticate who and what I'm talking to. That seems > simplest, yes? I can have partner agreements determining what they are > allowed to do with information they receive from my system(s). > > Thanks, DW > -------- Original Message -------- > Subject: Re: [smartgrid-discuss] more thoughts > From: Arshad Noor <arshad.noor@strongauth.com> > Date: Wed, December 10, 2008 9:58 pm > To: smartgrid-discuss@lists.oasis-open.org > > As I am somewhat new to this list - and to this sector - I am a > little in the dark about how things are today and how things are > being designed for the future. I trust the forum will be patient > with some of my questions in the short-term. > > Since the smart grid forum is discussing potential new standards > for messages, and since so much of our economy is based on the use > of computers and networks, is there an articulation of the security > goals for this bold future (other than "it must be secure") when > its business will be conducted using computers & networks? > > I am specifically interested in business-level requirements for > securing messages between players in this industry for: > > 1) Message Authenticity; > 2) Message Integrity; and > 3) Data Confidentiality. > > I'm not specifically interested in these attributes when messages > are traversing the networks, but when they are in a database of > a 24/7 application on servers, or when they're on a flash-based > EEPROM of some "smart-meter" where the homeowner or business-owner > has pre-configured rules for demand reduction. How will these > "messages" be protected from attack and being compromised at the > source and destination? > > Do such requirements exist somewhere, where one can read them and > come upto speed? > > Thanks.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]