What is a PKI and Why Do We Need One?
|
|
- Darlene Shelton
- 3 years ago
- Views:
Transcription
1 NAESB RMQ Executive Committee October 19, 2015
2 Trade Secret This document and attachments contain confidential and proprietary information of Open Access Technology International, Inc. This information is not to be used, disseminated, distributed, or otherwise transferred without the expressed written permission of Open Access Technology International, Inc. Proprietary Notice All OATI products and services listed are trademarks and service marks of Open Access Technology International, Inc. All rights reserved. Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 2
3 Are the Electric Grids Secure? Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 3
4 Are the Electric Grids Secure? Yes, but don t want to make it a challenge Most reliable grids in the world North American Electric Grid is highly interconnected and resilient Requires Physical Security and Cyber Security New Technologies present new challenges Wholesale and Retail are becoming less distinct Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 4
5 What is PKI? PKI stands for Private Key Infrastructure Cyber (electronic) security element Authenticates holders of digital certificates as trusted entities Encrypts data/information transfers Private Key and Public Key Used with a variety of transactions Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 5
6 Why are PKI Digital Certificates Used? Authenticate a digital certificate holder Encrypt data transmissions Prevent unauthorized entrant into transactions Protect data during transmission Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 6
7 How Do PKI Digital Certificates Work? Let s assume that Patrick has a digital certificate and wants to go to a web-based software application such as OASIS. 1. Patrick goes to website that hosts the web-based OASIS application 2. The website asks for Patrick s certificate 3. Patrick & the website verify each other s certificates 4. The website s public key encrypts data. The website s private key decrypts the data 5. After Patrick is authenticated, Patrick now has access to the web-based OASIS application 6. Now the web-based OASIS application decides what Patrick can do (Authorizations/ Roles/Permissions) Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 7
8 History of PKI in the WEQ FERC Order 889 mandated Open Access Same Time Information System (OASIS) user security and access controls Regional OASIS implementations used proprietary electronic certificate security infrastructure. No uniform standards OASIS Standards Collaborative (OSC) formed to further OASIS technical standards NERC Transaction Information Systems Working Group adopted companion standards for the exchange of information related to the scheduling of transmission service arranged on OASIS or Electronic Tagging. Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 8
9 History of PKI in the WEQ-Continued Common security infrastructure draft for OASIS and Electronic Tagging to implement an open, interoperable, multi-vendor PKI standard OATI launches webcares PKI to secure access and authentication into all OATI software services including OASIS and Electronic Tagging NERC implementation of PKI All standards development activity for PKI and OASIS and Electronic Tagging security requirements passes to NAESB. Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 9
10 History of PKI in the WEQ-Continued NAESB WEQ-012 PKI Standards ratified FERC Adopts NAESB Version 1.0 Standards in Order 676-C/D, including PKI Standards WEQ NAESB ACA program adopted NAESB Electric Industry Registry (EIR) rollout and NAESB ratification of use of ACA certs for OASIS and e-tagging FERC Order 676-H requires use of WEQ-012 certs for OASIS and e-tagging software applications. Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 10
11 PKI in the RMQ Issues Authentication and Encryption are important at the distribution grid level Data transmissions coming from potentially millions of meters and other distributed endpoints Trends show that these data will be used by utilities and integrated at the wholesale transaction level Security issues at software and hardware are important Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 11
12 PKI in the RMQ - Continued Can RMQ leverage WEQ PKI work? Software Applications at the utility level Demand Response/CVR/Load Control/etc. Database/registry of participants ACA certificates Commercial & Industrial (C&I) Integrity of Building Management Systems/generators/etc. software and hardware Effect of Aggregation Customer Customer Engagement Portal requirements Ease of Use and adoption are considerations Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 12
13 PKI in the RMQ - Continued Distinct needs of hardware vs software Location of manufacture Installation/removal of certificates Industry Initiatives Smart Grid Security Innovation Alliance Security Fabric based on NIST IR 7628 Guidelines (DOE/NSA/etc) John Reynolds and Chuck Speicher renowned authorities in security Incorporates industry operational expertise Proprietary and confidential. Do not copy or distribute without permission from OATI Open Access Technology International, Inc. 13
14 Thank You
BEFORE THE PUBLIC UTILITIES COMMISSION OF THE STATE OF CALIFORNIA ) ) ) ) ) )
BEFORE THE PUBLIC UTILITIES COMMISSION OF THE STATE OF CALIFORNIA Order Instituting Rulemaking on the Commission s Own Motion to Improve Distribution Level Interconnection Rules and Regulations for Certain
More informationOATI webcdms Digital Certificate Registration Process. Krystal LaFlamme, Project Manager/Business Analyst Compliance
OATI webcdms Digital Certificate Registration Process Krystal LaFlamme, Project Manager/Business Analyst Compliance Trade Secret This document and attachments contain confidential and proprietary information
More informationCyber Security and Privacy - Program 183
Program Program Overview Cyber/physical security and data privacy have become critical priorities for electric utilities. The evolving electric sector is increasingly dependent on information technology
More information124 FERC 61,317 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION. Communication Protocols for Public Utilities ORDER NO.
124 FERC 61,317 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Before Commissioners: Joseph T. Kelliher, Chairman; Suedeen G. Kelly, Marc Spitzer, Philip D. Moeller, and Jon Wellinghoff.
More informationNetwork Security 101 Multiple Tactics for Multi-layered Security
Security and Resilience for Utility Network Communications White Paper Communications networks represent a partial paradox. The very openness and ubiquity that make them powerful can also present a weakness.
More informationAlliance AES Key Management
Alliance AES Key Management Solution Brief www.patownsend.com Patrick Townsend Security Solutions Criteria for selecting a key management solution for the System i Key Management is as important to your
More informationIntroduction. Along with consulting, I previously. developing regulatory policy initiatives
1 Customer Data Privacy in AMI Applications Will McNamara Sr. Manager, Energy & Utilities West Monroe Partners 2 Introduction Will McNamara, Senior Manager, and Lead for WMP s Regulatory Support & Stakeholder
More informationOffice of Inspector General
INFORMATION TECHNOLOGY: The Bureau of the Public Debt s Certificate Policy Statement Should Be Updated OIG-03-009 October 24, 2002 Office of Inspector General ******* The Department of the Treasury Contents
More informationConsulting International
NIST Cyber Security Working Group (CSWG) NISTIR 7628: NIST Guidelines for Smart Grid Cyber Security Frances Cleveland Xanthus Consulting International Xanthus Consulting International fcleve@xanthus-consulting.com
More informationEFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013
EFFECTIVE APPROACHES TO CYBERSECURITY FOR UTILITIES TERRY M. JARRETT HEALY & HEALY ATTORNEYS AT LAW, LLC OCTOBER 24, 2013 1 AGENDA Why Cybersecurity? A Few Helpful Cybersecurity Concepts Developing Expertise:
More informationThe Electric Reliability Council of Texas (ERCOT) manages the flow of electric power to approximately 22 million Texas customers representing 85
The Electric Reliability Council of Texas (ERCOT) manages the flow of electric power to approximately 22 million Texas customers representing 85 percent of the state s electric load and 75 percent of the
More informationSavitribai Phule Pune University
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
More informationMs. Rae McQuade President & COO, North American Energy Standards Board
NORTH AMERICAN ENERGY STANDARDS BOARD 801 Travis, Suite 1675 Houston, Texas 77002 Phone: (713) 356-0060 Fax: (713) 356-0067 email: naesb@naesb.org Web Site Address: www.naesb.org The Honorable Kimberly
More informationTransactive Energy Framework for Bilateral Energy Imbalance Management
Transactive Energy Framework for Bilateral Energy Imbalance Management Farrokh Rahimi, Ph.D. Vice President Market Design and Consulting GridWise Architectural Council Meeting Westminster, CA December
More informationThis chapter provides an overview of cyber security issues and activities by state and federal organizations Cyber security is an ongoing, high
This chapter provides an overview of cyber security issues and activities by state and federal organizations Cyber security is an ongoing, high priority, active initiative within the utility industry.
More informationNo additional requirements to use the PIV I card for physical facility access have been identified.
1. The RFI request document regarding Driver Authentication states that "any one or more of the following methods" will be required: Personal Identification Number (PIN) Non Federal Personal Identity Verification
More informationEnabling the SmartGrid through Cloud Computing
Enabling the SmartGrid through Cloud Computing April 2012 Creating Value, Delivering Results 2012 eglobaltech Incorporated. Tech, Inc. All rights reserved. 1 Overall Objective To deliver electricity from
More informationManaging SSL Security in Multi-Server Environments
Managing SSL Security in Multi-Server Environments VeriSign s Easy-to-Use Web-Based Services Speed SSL Certificate Management and Cuts Total Cost of Security CONTENTS + A Smart Strategy for Managing SSL
More informationDistributed Energy Resource Services and Pricing Caltech Resnick Ins;tute Grid 2020 Seminar
Distributed Energy Resource Services and Pricing Caltech Resnick Ins;tute Grid 2020 Seminar Ali Ipakchi VP, Smart Grid and Green Power February 21, 2013 Trade Secret This document and attachments contain
More informationSecuring Distribution Automation
Securing Distribution Automation Jacques Benoit, Cooper Power Systems Serge Gagnon, Hydro-Québec Luc Tétreault, Hydro-Québec Western Power Delivery Automation Conference Spokane, Washington April 2010
More informationUtility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security
Boeing Defense, Space & Security Ventures Utility-Scale Applications of Microgrids: Moving Beyond Pilots Cyber Security Tristan Glenwright - Boeing BOEING is a trademark of Boeing Management Company. The
More informationfuture data and infrastructure
White Paper Smart Grid Security: Preparing for the Standards-Based Future without Neglecting the Needs of Today Are you prepared for future data and infrastructure security challenges? Steve Chasko Principal
More informationNorth American Energy Standards Board
February 22, 2010 TO: NAESB Members, Related Energy Associations and Organizations and Posting CC: Lynn Costantini, NERC RE: Request for Proposals on Electric Industry Registry Administrator DATE: February
More informationWilliam Hery (whery@poly.edu) Research Professor, Computer Science and Engineering NYU-Poly
William Hery (whery@poly.edu) Research Professor, Computer Science and Engineering NYU-Poly Ramesh Karri (rkarri@poly.edu) Associate Professor, Electrical and Computer Engineering NYU-Poly Why is cyber
More informationHow encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
More information2015 Project Schedule Milestone Update
2015 Schedule Milestone Update Robb Pike Director, & Product Management New York Independent System Operator Ryan Smith Senior Manager, Enterprise Product & Management New York Independent System Operator
More informationWeb Service Security Vulnerabilities and Threats in the Context of WS-Security
Web Service Security Vulnerabilities and Threats in the Context of WS-Security Jesper Holgersson Eva Söderström University of Skoevde, Sweden SIIT 2005, ITU, Geneva, September 2005 Outline of presentation
More informationGE Measurement & Control. Top 10 Cyber Vulnerabilities for Control Systems
GE Measurement & Control Top 10 Cyber Vulnerabilities for Control Systems GE Proprietary Information: This document contains proprietary information of the General Electric Company and may not be used
More informationALTERNATIVE ELECTRIC SUPPLIER APPLICATION FOR THE MICHIGAN PUBLIC SERVICE COMMISSION RETAIL ACCESS PARTICIPATION AGREEMENT
ALTERNATIVE ELECTRIC SUPPLIER APPLICATION FOR THE MICHIGAN PUBLIC SERVICE COMMISSION RETAIL ACCESS PARTICIPATION AGREEMENT Michigan law, PA 286 of 2008, Section 10a(1)(a), provides that the Michigan Public
More informationOpen Data Center Alliance Usage: Provider Assurance Rev. 1.1
sm Open Data Center Alliance Usage: Provider Assurance Rev. 1.1 Legal Notice This Open Data Center Alliance SM Usage:Provider Assurance is proprietary to the Open Data Center Alliance, Inc. NOTICE TO USERS
More informationNavigate Your Way to NERC Compliance
Navigate Your Way to NERC Compliance NERC, the North American Electric Reliability Corporation, is tasked with ensuring the reliability and safety of the bulk power system in North America. As of 2010,
More informationWhat s it all about? SAFE-BioPharma Association
What s it all about? SAFE-BioPharma Association Topics! ONC HIT Standards Committee! ASTM Standards 2 SAFE-BioPharma Association ONC HIT Standards Committee! Oct 21 st meeting Security & Privacy Consumer
More informationNIST Coordination and Acceleration of Smart Grid Standards. Tom Nelson National Institute of Standards and Technology 8 December, 2010
NIST Coordination and Acceleration of Smart Grid Standards Tom Nelson National Institute of Standards and Technology 8 December, 2010 The Electric Grid One of the largest, most complex infrastructures
More informationCryptoNET: Security Management Protocols
CryptoNET: Security Management Protocols ABDUL GHAFOOR ABBASI, SEAD MUFTIC CoS, School of Information and Communication Technology Royal Institute of Technology Borgarfjordsgatan 15, SE-164 40, Kista,
More informationInformation Bulletin
Public Policy Division Impact of NIST Guidelines for Cybersecurity Prepared by UTC Staff 1. Introduction... 3 2. Cybersecurity Landscape... 3 3. One Likely Scenario... 5 4. Draft NISTIR 7628, Guidelines
More informationRedefining MDM for a Smart Grid Enabled
Redefining MDM for a Smart Grid Enabled Enterprise Florida Power and Light Radha Swaminathan Director, AMI Information Technology, MDM and its future in a smart grid enabled enterprise A key component
More informationX-Road. egovernment interoperability framework
X-Road egovernment interoperability framework Serving e-nation over 10 years Backbone of the Estonian egovernment 12 years of active duty, no downtime Over 2000 connected e-services More than 900 connected
More informationConcept of Electronic Approvals
E-Lock Technologies Contact info@elock.com Table of Contents 1 INTRODUCTION 3 2 WHAT ARE ELECTRONIC APPROVALS? 3 3 HOW DO INDIVIDUALS IDENTIFY THEMSELVES IN THE ELECTRONIC WORLD? 3 4 WHAT IS THE TECHNOLOGY
More informationThe Importance of Cybersecurity Monitoring for Utilities
The Importance of Cybersecurity Monitoring for Utilities www.n-dimension.com Cybersecurity threats against energy companies, including utilities, have been increasing at an alarming rate. A comprehensive
More informationCyber Security. BDS PhantomWorks. Boeing Energy. Copyright 2011 Boeing. All rights reserved.
Cyber Security Automation of energy systems provides attack surfaces that previously did not exist Cyber attacks have matured from teenage hackers to organized crime to nation states Centralized control
More informationDemand Response, Dynamic Pricing, and the Smart Grid in New York
Demand Response, Dynamic Pricing, and the Smart Grid in New York James T. Gallagher Sr. Manager for Strategic Planning New York Independent System Operator jgallagher@nyiso.com Consumer Advisory Council
More informationComparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software
WHITE PAPER: COMPARING TCO: SYMANTEC MANAGED PKI SERVICE........ VS..... ON-PREMISE........... SOFTWARE................. Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software
More informationNational Institute of Standards and Technology Smart Grid Cybersecurity
National Institute of Standards and Technology Smart Grid Cybersecurity Vicky Yan Pillitteri Advisor for Information Systems Security SGIP SGCC Chair Victoria.yan@nist.gov 1 The National Institute of Standards
More informationIntroduction to the Cyber Security Working Group
Introduction to the Cyber Security Working Group Marianne Swanson, Chair Cyber Security Working Group Computer Security Division Information Technology Laboratory National Institute of Standards and Technology
More informationThe Role of Identity Enabled Web Services in Cloud Computing
The Role of Identity Enabled Web Services in Cloud Computing April 20, 2009 Patrick Harding CTO Agenda Web Services and the Cloud Identity Enabled Web Services Some Use Cases and Case Studies Questions
More informationStrategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security
Strategic Compliance & Securing the Cloud Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security Complexity and Challenges 2 Complexity and Challenges Compliance Regulatory entities
More informationDevelopment of a Conceptual Reference Model for Micro Energy Grid
Development of a Conceptual Reference Model for Micro Energy Grid 1 Taein Hwang, 2 Shinyuk Kang, 3 Ilwoo Lee 1, First Author, Corresponding author Electronics and Telecommunications Research Institute,
More informationMore Expenses. Only this time the Telegraph will have to pay them after their recent data breech
More Expenses Only this time the Telegraph will have to pay them after their recent data breech What is an Identity? Wiki Definition Digital identity refers to the aspect of digital technology that is
More informationThe main difference between environments is the level of accountability for individual user actions.
All users identified / authenticated Stronger document security Complete audit logs ENVIRONMENT A All users identified / authenticated Normal document security Exception / violation logging ENVIRONMENT
More informationIBM Tivoli Access Manager and VeriSign Managed Strong Authentication Services. Combine resources for one complete online business security solution.
IBM Tivoli Access Manager and VeriSign Managed Strong Authentication Services Combine resources for one complete online business security solution. Big e-business opportunities demand security to match
More informationACH fraud: The problem Why ACH? Why now? Security evolution How to protect ACH. Combating the Newest Attack Method ACH Fraud Webinar agenda
Combating the Newest Attack Method ACH Fraud Webinar agenda ACH fraud: The problem Why ACH? Attack methods Dynamics of ACH Why now? Action taken Weakness exposed Security evolution How to protect ACH Webinar:
More informationItem 8.1: Third Quarter 2013KPIs Update
Item 8.1: Third Quarter 2013KPIs Update Paula Feuerbacher Strategic Projects Senior Advisor Human Resources and Governance Committee ERCOT Public November 18, 2013 2013 3rd Quarter Reporting Period YTD
More information1. Cyber Security. White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network
WP 1004HE Part 5 1. Cyber Security White Paper Data Communication in Substation Automation System (SAS) Cyber security in substation communication network Table of Contents 1. Cyber Security... 1 1.1 What
More information151 FERC 61,046 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION
151 FERC 61,046 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Before Commissioners: Norman C. Bay, Chairman; Philip D. Moeller, Cheryl A. LaFleur, Tony Clark, and Colette D. Honorable.
More informationState of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008
State of Arkansas Policy Statement on the Use of Electronic Signatures by State Agencies June 2008 Background In the last ten years Arkansas has enacted several laws to facilitate electronic transactions
More informationUsing Demand Response Programs to Benefit the. PtikJ Patrick J. Oshie, Ohi Commissioner Washington Utilities & Transportation Commission
Using Demand Response Programs to Benefit the Customer and the Utility PtikJ Patrick J. Oshie, Ohi Commissioner i Washington Utilities & Transportation Commission i 1 What is Demand Response? Changes in
More informationSecure communications via IdentaDefense
Secure communications via IdentaDefense How vulnerable is sensitive data? Communication is the least secure area of digital information. The many benefits of sending information electronically in a digital
More informationUNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION
UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Technical Conference on Critical Infrastructure Protection Issues Identified in Order No. 791 Prepared Statement of Melanie Seader, Senior
More informationCisco Smart Grid Powering End-to-End Communications. Rick Geiger Executive Director, Utilities & Smart Grid Business Transformation
Cisco Smart Grid Powering End-to-End Communications Rick Geiger Executive Director, Utilities & Smart Grid Business Transformation Cisco Connected Grid Vision Transform energy production, distribution
More informationSafeguarding Data Using Encryption. Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST
Safeguarding Data Using Encryption Matthew Scholl & Andrew Regenscheid Computer Security Division, ITL, NIST What is Cryptography? Cryptography: The discipline that embodies principles, means, and methods
More informationSecuring Your Software for the Mobile Application Market
WHITE PAPER: SECURING YOUR SOFTWARE FOR THE MOBILE APPLICATION MARKET White Paper Securing Your Software for the Mobile Application Market The Latest Code Signing Technology Securing Your Software for
More informationEgyptian Best Practices Securing E-Services
Egyptian Best Practices Securing E-Services Dr. Sherif Hazem Nour El-Din Information Security Systems Consultant Root CA Manager, ITIDA Agenda Security Measures for E-Services Examples of E- Services Threats
More informationBloombase StoreSafe Security Best Practice
Bloombase StoreSafe Security Best Practice How to Harden Bloombase StoreSafe and Get the Most from Bloombase Next-Generation Data At-Rest Security B E S T P R A C T I C E Bloombase - Next Generation Data
More informationSMART ENERGY SMART GRID. More than 140 Utilities companies worldwide make use of Indra Solutions. indracompany.com
SMART GRID Solutions More than 140 Utilities companies worldwide make use of Indra Solutions indracompany.com SMARt ENERGY SMART GRID Solutions Integrated Solutions for Smart Grid Management Electrical
More informationRisk Management, Equipment Protection, Monitoring and Incidence Response, Policy/Planning, and Access/Audit
Page 1 of 10 Events Partners Careers Contact Facebook Twitter LinkedIn Pike Research Search search... Home About Research Consulting Blog Newsroom Media My Pike Logout Overview Smart Energy Clean Transportation
More informationTechnical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and
Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and procedures to govern who has access to electronic protected
More informationNIST Cyber Security Activities
NIST Cyber Security Activities Dr. Alicia Clay Deputy Chief, Computer Security Division NIST Information Technology Laboratory U.S. Department of Commerce September 29, 2004 1 Computer Security Division
More informationOATH FAQ February 20, 2004
February 20, 2004 1. What is OATH? Due to identify theft, proliferation of IP devices and myriad of other trends in digital identity management the need for ubiquitous strong authentication is clear. Open
More informationHow Much Cyber Security is Enough?
How Much Cyber Security is Enough? Business Drivers of Cyber Security Common Challenges and Vulnerabilities Cyber Security Maturity Model Cyber Security Assessments September 30, 2010 Business in the Right
More informationNES Patagonia Security
NES Patagonia Security Networked Energy Services Corporation (NES) November 2014 www.networkedenergy.com Executive Summary With NES Patagonia, our newly announced next generation platform, the security
More informationDirect Secure Messaging: Improving the Secure and Interoperable Exchange of Health Information
Direct Secure Messaging: Improving the Secure and Interoperable Exchange of Health Information Within the healthcare industry, the exchange of protected health information (PHI) is governed by regulations
More informationIntroducing Federated Identities to One-Stop-Shop e-government Environments: The Greek Case
echallenges e-2009 Conference Proceedings Paul Cunningham and Miriam Cunningham (Eds) IIMC International Information Management Corporation, 2009 ISBN: 978-1-905824-13-7 Introducing Federated Identities
More informationBUSINESS GUIDE SECURING YOUR SOFTWARE FOR THE MOBILE APPLICATION MARKET THE LATEST CODE SIGNING TECHNOLOGY
SECURING YOUR SOFTWARE FOR THE MOBILE APPLICATION MARKET THE LATEST CODE SIGNING TECHNOLOGY Now from CONTENTS 1 THE CHALLENGE 1 A BRIEF REVIEW OF CODE SIGNING 2 THE SOLUTION 2 HOW THE CODE SIGNING PORTAL
More informationBrad Smith, General Counsel & Executive Vice President, Legal and Corporate Affairs, Microsoft
Brad Smith, General Counsel & Executive Vice President, Legal and Corporate Affairs, Microsoft 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows and other product names are or may be
More informationAn Introduction to Cryptography as Applied to the Smart Grid
An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > Introduction > Symmetric
More informationCyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown
Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available
More informationNew York State of the Market System - NYISO Success Project
Auxiliary Market Products Additional Capacity Zones The NYISO and stakeholders are developing the rationale in 2010 for creating additional capacity zones, identified as a recommendation in the 2009 State
More informationSymphony Plus Cyber security for the power and water industries
Symphony Plus Cyber security for the power and water industries Symphony Plus Cyber Security_3BUS095402_(Oct12)US Letter.indd 1 01/10/12 10:15 Symphony Plus Cyber security for the power and water industries
More informationIBM Internet Security Systems. The IBM Internet Security Systems approach for Health Insurance Portability and Accountability Act compliance overview
IBM Internet Security Systems The IBM Internet Security Systems approach for Health Insurance Portability and Accountability Act compliance overview Health Insurance Portability and Accountability Act
More informationOX Guard Product Guide v1.0 V1.0
OX Guard Product Guide v1.0 V1.0 2014 Copyright Open-Xchange Inc. This document is the intellectual property of Open-Xchange Inc. The document may be copied in whole or in part, provided that each copy
More informationRecommended 802.11 Wireless Local Area Network Architecture
NATIONAL SECURITY AGENCY Ft. George G. Meade, MD I332-008R-2005 Dated: 23 September 2005 Network Hardware Analysis and Evaluation Division Systems and Network Attack Center Recommended 802.11 Wireless
More informationWHITE PAPER. HIPPA Compliance and Secure Online Data Backup and Disaster Recovery
WHITE PAPER HIPPA Compliance and Secure Online Data Backup and Disaster Recovery January 2006 HIPAA Compliance and the IT Portfolio Online Backup Service Introduction October 2004 In 1996, Congress passed
More informationOpportunities to Overcome Key Challenges
The Electricity Transmission System Opportunities to Overcome Key Challenges Summary Results of Breakout Group Discussions Electricity Transmission Workshop Double Tree Crystal City, Arlington, Virginia
More informationUsing etoken for SSL Web Authentication. SSL V3.0 Overview
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
More informationSample Management System For a Network Marketing Scheme
Annex 3 Information Required to be Submitted on Application for Approval to Issue Multi-purpose Stored Value Cards The structure of the Scheme 1. Which company is the issuer of the card? 2. What is the
More informationMyKey is the digital signature software governed by Malaysia s Digital Signature Act 1997 & is accepted by the courts of law in Malaysia.
About Digital Signature using MyKey Purpose MyKey is the digital signature software governed by Malaysia s Digital Signature Act 1997 & is accepted by the courts of law in Malaysia. A document digitally
More informationThe DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions
The DoD Public Key Infrastructure And Public Key-Enabling Frequently Asked Questions May 3, 2004 TABLE OF CONTENTS GENERAL PKI QUESTIONS... 1 1. What is PKI?...1 2. What functionality is provided by a
More informationThe standards landscape in cloud
The standards landscape in cloud PRESENTATION computing TITLE GOES HERE Vincent Franceschini CTO Distributed Architectures, Hitachi Data System Chairman Emeritus, SNIA Governing Board Member, SNIA Cloud
More informationSecurity and Resilience for Utility Network Communications WP-200. Ensuring reliable end-to-end communications and data integrity for AMI networks
Security and Resilience for Utility Network Communications WP-200 White Paper Ensuring reliable end-to-end communications and data integrity for AMI networks Communications networks represent a partial
More informationGuide for Securing E-mail With WISeKey CertifyID Personal Digital Certificate (Personal eid)
The World Internet Security Company Solutions for Security Guide for Securing E-mail With WISeKey CertifyID Personal Digital Certificate (Personal eid) Wherever Security relies on Identity, WISeKey has
More informationTRANSMISSION OPERATIONS (August 5, 2010)
TRANSMISSION OPERATIONS (August 5, 2010) Managing Director Transmission Operations: Paul B. Johnson The Managing Director - Transmission Operations is responsible for the safe, reliable, costeffective,
More information146 FERC 61,166 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION
146 FERC 61,166 UNITED STATES OF AMERICA FEDERAL ENERGY REGULATORY COMMISSION Before Commissioners: Cheryl A. LaFleur, Acting Chairman; Philip D. Moeller, John R. Norris, and Tony Clark. Reliability Standards
More informationINFORMATION FOR ALTERNATIVE ELECTRIC SUPPLIERS
On June 5, 2000, new legislation entitled the Customer Choice and Electricity Reliability Act, 2000 PA 141 (Act 141) and 2000 PA 142, became effective. Section 10a (2) of the act provides that the Michigan
More informationThe IDA Catalogue. of GENERIC SERVICES. Interchange of Data between Administrations
Interchange of Data between Administrations EUROPEAN COMMISSION ENTERPRISE DIRECTORATE- GENERAL INTERCHANGE OF DATA BETWEEN ADMINISTRATIONS PROGRAMME Interchange of Data between Administrations 2 of Generic
More informationDCML - The Standard that Enables ITIL Compliance
oasis-open.org DCML - The Standard that Enables ITIL Compliance white paper The Data Center Markup Language is the emerging standard that will enable IT organizations worldwide to successfully adopt and
More informationCloud Computing, and REST-based Architectures Reid Holmes
Material and some slide content from: - Software Architecture: Foundations, Theory, and Practice - Krzysztof Czarnecki Cloud Computing, and REST-based Architectures Reid Holmes Cloud precursors Grid Computing:
More informationTestimony of Patrick D. Gallagher, Ph.D. Deputy Director
Testimony of Patrick D. Gallagher, Ph.D. Deputy Director National Institute of Standards and Technology United States Department of Commerce Before the Committee on Energy and Natural Resources United
More informationKey Management Best Practices
White Paper Key Management Best Practices Data encryption is a fundamental component of strategies to address security threats and satisfy regulatory mandates. While encryption is not in itself difficult
More informationSTATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE
STATEMENT OF PATRICIA HOFFMAN ACTING ASSISTANT SECRETARY FOR ELECTRICITY DELIVERY AND ENERGY RELIABILITY U.S. DEPARTMENT OF ENERGY BEFORE THE COMMITTEE ON ENERGY AND NATURAL RESOURCES UNITED STATES SENATE
More informationISO/RTO Council Comments on National Institute of Standards and Technology Proposed Smart Grid Interoperability Standards
ISO/RTO Council Comments on National Institute of Standards and Technology Proposed Smart Grid Interoperability Standards Pursuant to the Notice posted in the Federal Register on June 9, 2009, the ISO/RTO
More information