IEC 62351-11 pdf free download
IEC 62351-11 pdf free download.Power systems management and associated information exchange – Data and communications security – Part 11: Security for XML documents.
4 Security issues addressed by this document
4.1 General
Within the industry and the IEC, XML document exchange is becoming more prevalent. Within the scope of the IEC, exchanges of XML documents are used for IEC 61970 as well as IEC 61850. Within other standards, such as IEEE 1815 and IEEE C37.111 (COMTRADE), XML is also utilized. For these standards and other XML-based documentss, the information contained in thedocument may:
1) be sensitive to inadvertant or malicious modifications of its contents that could result in mis-operation/misinterpretation if the exchanged information is used (e.g. a tamper security vulnerability);
2) contain confidential or private data;
3) contain subsets of information that may be considered sensitive by the document creation entity.
This part of IEC 62351 proposes to standardize mechanisms to protect the document contents from tampering/disclosure when the document is being exchanged (e.g. in transit). Additionally, this part of IEC 62351 proposes to standardize a mechanism to aid in the protection of the information when in transition (e.g. entity A trusts entity B; B trusts A and C, and B needs to exchange information with C. but A does not know of or trust C).
Although this document is intended to secure XML documents used within the scope of the IEC, the mechanism/methodologies specified within this document can be applied to any XML document.
4.2 Security threats countered
See IEC TS 62351-1 for a discussion of security threats and attack methods.
If encryption is not employed, then the specific threats countered in this part of IEC 62351 include:
• unauthorized modification (tampering) of information through XML document level authentication.
If encryption is employed, then the specific threats countered in this part of IEC 62351 include:
• unauthorized access to information through XML document level authentication and encryption of the documents;
• unauthorized modification (tampering) of information through XML document level authentication regardless if encryption is utilized.
4.3 Attack methods countered
The following security attack methods are intended to be countered through the appropriate implementation of the specification/recommendations found within this document:
• man-in-the-middle: this threat will be countered through the use of a Message Authentication Code (e.g. Signature) mechanism specified within this document;
• message tampering: These threats will be countered through the algorithm used to create the authentication mechanism as specified within this document.
5 XML Documents
In order to provide adequate security, there needs to be an understanding of the environment of use that this specification is addressing:
• Documents at rest: When XML documents are stored (e.g. at rest), tamper detection is a minimum requirement. If the document contains sensitive information, then the confidentiality of that information needs to be protected through the use of authenticated encryption. In order to accomplish both objectives, this means that the un-encrypted document needs a signature and the encrypted document also needs its own signature/integrity protection. The protection of XML documents at rest is out-of-scope of this standard and should be implemented through local means.
• Documents in transit: The protection of documents in transit requires tamper detection and authentication as minimum requirements. If the document contains sensitive information, then the confidentiality of that information needs to be protected through the use of authenticated encryption. In order to accomplish both objectives, this means that the un-encrypted document needs a signature and the encrypted document also needs its own signature/integrity protection.
• Documents in transition: In the domain of the IEC, the recipients of XML documents typically decrypt and parse the information from those documents into a database. The information from the database can then be re-exported to a third actor, in any form (including another XML document). If sensitive or confidential information was provided in the initial document, there is no technological mechanism to prevent the application from exporting that information and defining access controls.
A real example use case is the transfer of power system topology information through the use of IEC 61970-552.IEC 62351-11 pdf download.