This technical specification covers the access control of users and automated agents \u2013 in the following subjects \u2013 to data objects in power systems by means of role-based access control (RBAC). RBAC is not a new concept used by many operating systems to control access to system resources. RBAC is an alternative to the all-or-nothing super-user model. RBAC is in keeping with the security principle of least privilege, which states that no subject should be given more rights than necessary for performing that subject\u2019s job. RBAC enables an organization to separate super-user capabilities and package them into special user accounts termed roles for assignment to specific individuals according to their job needs. This enables a variety of security policies, networking, firewall, back-ups, and system operation. A site that prefers a single strong administrator but wants to let more sophisticated users fix portions of their own system can set up an advanced-user role. RBAC is not confined to users however, it applies equally well to automated computer agents, i.e., software parts operating independent of user interactions. The following interactions are covered by the scope of this technical specification:<\/p>\n
local (direct wired) access to the object by a human user;<\/p>\n<\/li>\n
local (direct wired) access to the object by a local and automated computer agent, e.g. another object at the substation;<\/p>\n<\/li>\n
direct access by a user to the object using the objects\u2019 built-in HMI or panel;<\/p>\n<\/li>\n
remote (via dial-up or wireless media) access to the object by a human user;<\/p>\n<\/li>\n
remote (via dial-up or wireless media) access to the object by a remote automated computer agent, e.g. another object at another substation, or a control centre application.<\/p>\n<\/li>\n<\/ul>\n
As in many aspects of security, RBAC is not just a technology; it is a way of running a business. As subject names change more frequently than role names and as role names change more frequently than the rights of a data model (e.g. IEC 61850), it is advisable to store the frequently changing entities (i.e. the subjects names) outside the object. Less frequently changing role names and rights are stored inside the object.<\/p>\n
RBAC thus provides a means of reallocating system controls as defined by the organization policy.<\/p>\n
The scope of this specification covers everything that is needed for interoperability between systems from different vendors. The purpose of this specification is therefore:<\/p>\n
firstly, to introduce \u2018subjects-roles-rights\u2019 as authorization concept;<\/p>\n<\/li>\n
secondly, to promote role-based access control for the entire pyramid in power system management; and<\/p>\n<\/li>\n
thirdly, to enable interoperability in the multi-vendor environment of substation automation and beyond.<\/p>\n<\/li>\n<\/ul>\n
Out of scope for this specification are all topics which are not directly related to the definition of roles and access tokens for local and remote access, especially administrative or organizational tasks, such as:<\/p>\n
user names and password definitions\/policies;<\/p>\n<\/li>\n
management of keys and\/or key exchange;<\/p>\n<\/li>\n
engineering of roles;<\/p>\n<\/li>\n
assignment of roles;<\/p>\n<\/li>\n
aselection of trusted certificate authorities issuing credentials (access tokens);<\/p>\n<\/li>\n
defining the tasks of a security officer;<\/p>\n<\/li>\n
integrating local policies in RBAC.<\/p>\n<\/li>\n<\/ul>\n
\nNOTE These issues will be addressed in IEC\/TS 62351-91<\/sup>.<\/p>\n<\/blockquote>\n
The IEC 62351 series specifies end-to-end security in power systems so that secure connections are established between applications. RBAC is recognized as a potentially efficient and safe means to control access to data objects.<\/p>\n
Existing standards (see [ANSI INCITS 359-2004], [IEC 62443], and [IEEE 802.1X-2004]) in the process control industry and access control ([RFC2904] and [RFC2905]) are not sufficient as none of them specify either the exact role name and associated rights, the format of the access tokens or the detailed mechanism by which access tokens are transferred to and authenticated by the target system \u2013 however, all this information is needed though for interoperability.<\/p>\n
PDF Catalog<\/h4>\n
\n
\n PDF Pages<\/th>\n PDF Title<\/th>\n<\/tr>\n \n 4<\/td>\n CONTENTS <\/td>\n<\/tr>\n \n 7<\/td>\n FOREWORD <\/td>\n<\/tr>\n \n 9<\/td>\n INTRODUCTION <\/td>\n<\/tr>\n \n 10<\/td>\n 1 Scope <\/td>\n<\/tr>\n \n 11<\/td>\n 2 Normative references <\/td>\n<\/tr>\n \n 12<\/td>\n 3 Terms, definitions and abbreviations
3.1 Terms and definitions <\/td>\n<\/tr>\n\n 14<\/td>\n 3.2 Abbreviations <\/td>\n<\/tr>\n \n 15<\/td>\n 4 RBAC process model
4.1 General
Figures
\n
Figure 1 \u2013 Generic framework for access control <\/td>\n<\/tr>\n\n 16<\/td>\n 4.2 Separation of subjects, roles, and rights
Figure 2 \u2013 Diagram of RBAC with static and dynamic separation of duty according to (ANSI INCITS 359-2004) <\/td>\n<\/tr>\n\n 17<\/td>\n Figure 3 \u2013 User, roles, rights and operations <\/td>\n<\/tr>\n \n 18<\/td>\n 4.3 Criteria for defining roles <\/td>\n<\/tr>\n \n 19<\/td>\n 5 Definition of roles
5.1 Role-to-right assignment inside the object in general
5.2 Role-to-right assignment with respect to power systems <\/td>\n<\/tr>\n\n 20<\/td>\n Tables
\n
Table 1 \u2013 List of pre-defined role-to-right assignment <\/td>\n<\/tr>\n\n 21<\/td>\n Table 2 \u2013 List of mandatory pre-defined rights <\/td>\n<\/tr>\n \n 22<\/td>\n Table 3 \u2013 Pre-defined roles <\/td>\n<\/tr>\n \n 23<\/td>\n Table 4 \u2013 Mandatory role-to-right mapping for service access control
Table 5 \u2013 The ALLOW right
Table 6 \u2013 The DENY right <\/td>\n<\/tr>\n\n 24<\/td>\n Table 7 \u2013 VIEW right and associated ACSI services <\/td>\n<\/tr>\n \n 25<\/td>\n 5.3 Role-to-right assignment with respect to other non-power system domains (e.g. industrial process control)
6 General architecture for the PUSH model
6.1 General <\/td>\n<\/tr>\n\n 26<\/td>\n 6.2 Secure access to the LDAP-enabled service
7 General architecture for the PULL model
7.1 General
Figure 4 \u2013 Schematic view of authorization mechanism based on RBAC <\/td>\n<\/tr>\n\n 27<\/td>\n Figure 5 \u2013 Schematic view of authorization mechanism based on RBAC PULL model <\/td>\n<\/tr>\n \n 28<\/td>\n 7.2 Secure access to the LDAP-enabled service
7.3 LDAP directory organization
8 General application of RBAC access token
8.1 General <\/td>\n<\/tr>\n\n 29<\/td>\n 8.2 Session based approach <\/td>\n<\/tr>\n \n 30<\/td>\n 8.3 Message based approach
9 Definition of access tokens
9.1 General
Figure 6 \u2013 Session based RBAC approach <\/td>\n<\/tr>\n\n 31<\/td>\n 9.2 Supported profiles
9.3 Identification of access token
9.4 General structure of the access tokens <\/td>\n<\/tr>\n\n 34<\/td>\n 9.5 Specific structure of the access tokens <\/td>\n<\/tr>\n \n 38<\/td>\n Table 8 \u2013 Mapping between ID and attribute certificate <\/td>\n<\/tr>\n \n 39<\/td>\n 9.6 Distribution of the access tokens <\/td>\n<\/tr>\n \n 40<\/td>\n 10 Transport profiles
10.1 Usage in TCP-based protocols
10.2 Usage in non-Ethernet based protocols
11 Verification of access tokens
11.1 Normative part <\/td>\n<\/tr>\n\n 41<\/td>\n 11.2 Optional part
11.3 Revocation methods <\/td>\n<\/tr>\n\n 42<\/td>\n 12 Interoperability
12.1 General
12.2 Supported access tokens
12.3 How to ensure backward compatibility <\/td>\n<\/tr>\n\n 43<\/td>\n 12.4 How to extend the list of roles and rights
12.5 How to map this specification to specific authorization mechanisms <\/td>\n<\/tr>\n\n 44<\/td>\n Bibliography <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":" Power systems management and associated information exchange. Data and communications security – Role-based access control<\/b><\/p>\n
\n\n
\n Published By<\/td>\n Publication Date<\/td>\n Number of Pages<\/td>\n<\/tr>\n \n BSI<\/b><\/a><\/td>\n 2011<\/td>\n 47<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":416960,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[2641],"product_tag":[],"class_list":{"0":"post-416949","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-bsi","8":"first","9":"instock","10":"sold-individually","11":"shipping-taxable","12":"purchasable","13":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/416949","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/416960"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=416949"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=416949"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=416949"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}