[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: RE: [smartgrid-discuss] more thoughts (2 parts)
-------- Original Message --------
Subject: Re: [smartgrid-discuss] more thoughts (2 parts)
From: Arshad Noor <arshad.noor@strongauth.com>
Date: Wed, December 10, 2008 10:37 pm
To: smartgrid-discuss@lists.oasis-open.org
I don't disagree that the solution can range widely in complexity,
David. What I'm trying to get a handle on are the requirements.
Are they explicitly defined anywhere, or are they yet to be defined?
Thanks.
Arshad Noor
StrongAuth, Inc.
David RR Webber (XML) wrote:
> Arshad,
>
> You can make this insanely complex or really simple. I'd want my home
> to talk only to devices and systems I had authorized it to - so I
> maintain control. Avoiding complexity on the network end. Using
> certificates I can authenticate who and what I'm talking to. That seems
> simplest, yes? I can have partner agreements determining what they are
> allowed to do with information they receive from my system(s).
>
> Thanks, DW
> -------- Original Message --------
> Subject: Re: [smartgrid-discuss] more thoughts
> From: Arshad Noor <arshad.noor@strongauth.com>
> Date: Wed, December 10, 2008 9:58 pm
> To: smartgrid-discuss@lists.oasis-open.org
>
> As I am somewhat new to this list - and to this sector - I am a
> little in the dark about how things are today and how things are
> being designed for the future. I trust the forum will be patient
> with some of my questions in the short-term.
>
> Since the smart grid forum is discussing potential new standards
> for messages, and since so much of our economy is based on the use
> of computers and networks, is there an articulation of the security
> goals for this bold future (other than "it must be secure") when
> its business will be conducted using computers & networks?
>
> I am specifically interested in business-level requirements for
> securing messages between players in this industry for:
>
> 1) Message Authenticity;
> 2) Message Integrity; and
> 3) Data Confidentiality.
>
> I'm not specifically interested in these attributes when messages
> are traversing the networks, but when they are in a database of
> a 24/7 application on servers, or when they're on a flash-based
> EEPROM of some "smart-meter" where the homeowner or business-owner
> has pre-configured rules for demand reduction. How will these
> "messages" be protected from attack and being compromised at the
> source and destination?
>
> Do such requirements exist somewhere, where one can read them and
> come upto speed?
>
> Thanks.
---------------------------------------------------------------------
To unsubscribe, e-mail: smartgrid-discuss-unsubscribe@lists.oasis-open.org
For additional commands, e-mail: smartgrid-discuss-help@lists.oasis-open.org
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]