BS/EN 62351-11-2017 pdf download

07-30-2021 comment

BS/EN 62351-11-2017 pdf download.Power systems management and associated information exchange Data and communications security Part 11: Security for XML documents.
4.1 General
Within the industry and the IEC. XML document exchange is becoming more prevalent. Within the scope of the IEC. exchanges of XML documents are used for IEC 61970 as well as IEC 61850. Within other standards, such as IEEE 1815 and IEEE C37.111 (COMTRADE), XML is also utilized. For these standards and other XML-based documentss, the information contained in thedocument may:
1) be sensitive to inadvertant or malicious modifications of its contents that could result in mis-operation/misinterpretation if the exchanged information is used (e.g. a tamper security vulnerability);
2) contain confidential or private data:
3) contain subsets of information that may be considered sensitive by the document creation entity.
This part of IEC 62351 proposes to standardize mechanisms to protect the document contents from tampering/disclosure when the document is being exchanged (e.g. in transit). Additionally, this part of IEC 62351 proposes to standardize a mechanism to aid in the protection of the information when in transition (e.g. entity A trusts entity B: B trusts A and C, and B needs to exchange information with C. but A does not know of or trust C).
Although this document is intended to secure XML documents used within the scope of the EC. the mechanism/methodologies specified within this document can be applied to any XML document.
4.2 SecurIty threats countered
See IEC TS 62351-1 for a discussion of security threats and attack methods.
If encryption is not employed, then the specific threats countered in this part of IEC 62351 include:
• unauthorized modification (tampering) of information through XML document level authentication.
If encryption Is employed, then the specific threats countered in this part of PEC 62351 include:
• unauthorized access to information through XML document level authentication and encryption of the documents;
• unauthorized modification (tampering) of information through XML document level authentication regardless if encryption is utilized.
4.3 Attack methods countered
• man-in-the-middle: this threat will be countered through the use of a Message Authentication Code (e.g. Signature) mechanism specified within this document;
• message tampering: These threats will be countered through the algorithm used to create the authentication mechanism as specified within this document.
5 XML Documents
In order to provide adequate security, there needs to be an understanding of the environment of use that this specification is addressing:
BS EN 62351-11:2017
IEC 62351-11:2016 © IEC 2016 —9—
• Documents at rest: When XML documents are stored (e.g. at rest), tamper detection is a minimum requirement. If the document contains sensitive information, then the confidentiality of that information needs to be protected through the use of authenticated encryption. In order to accomplish both objectives, this means that the un-encrypted document needs a signature and the encrypted document also needs its own signature/integrity protection. The protection of XML documents at rest is out-of-scope of this standard and should be implemented through local means.
• Documents in transit: The protection of documents in transit requires tamper detection and authentication as minimum requirements. If the document contains sensitive information, then the confidentiality of that information needs to be protected through the use of authenticated encryption. In order to accomplish both objectives, this means that the un-encrypted document needs a signature and the encrypted document also needs its own signature/integrity protection.
• Documents in transition: In the domain of the IEC. the recipients of XML documents typically decrypt and parse the information from those documents into a database, The information from the database can then be re-exported to a third actor, in any form (including another XML document). If sensitive or confidential information was provided in the initial document, there is no technological mechanism to prevent the application from exporting that information and defining access controls.
A real example use case is the transfer of power system topology information through the
use of IEC 61970-552.BS/EN 62351-11-2017 pdf download.

facebookShare on Facebook
TwitterPost on X
FollowFollow us
PinterestSave
                                           Related Information                                             Download
PS:Thank you for your support!
BS EN 12607-3-2000 pdf download BS Standards

BS EN 12607-3-2000 pdf download

BS EN 12607-3-2000 pdf download.Methods of test for petroleum and its products — BS 2000-460.3: Bitumen and bituminous binders — Determination of the resistance to hardening under the influence of heat and air — Part 3: RFT...
08-15
Read More
EN 12329-2000 pdf download BS Standards

EN 12329-2000 pdf download

BS EN 12329-2000 pdf download.Corrosion protection of metals — Electrodeposited coatings of zinc with supplementary treatment on iron or steel. This BS EN 12329 specifies requirements for electrodeposited coatings of zinc on iron or steel witt supplementary...
08-15
Read More
BS EN 1430-2000 pdf download BS Standards

BS EN 1430-2000 pdf download

BS EN 1430-2000 pdf download.Methods of test for petroleum and its products — BS 2000-292:Bitumen and bituminous binders — Determination of particle polarity of bitumen emulsions (Identical with IP 292-2000). This BS EN 1430 specifies a method...
08-15
Read More

LEAVE A REPLY

Anonymous netizen Fill in information