IEC 62351-11-2016 pdf free download – Power systems management and associated information exchange – Data and communications security – Part 11: Security for XML documents.
4security issues addressed by this document4.1General
Within the industry and the lEC,XML document exchange is becoming more prevalent. Withinthe scope of the lEC，exchanges of XML documents are used for EC 61970 as well asIEC 61850. Within other standards，such as IEEE1815 and lEEE C37.111 (COMTRADE),XML is also utilized.For these standards and other XML-based documentss, the informationcontained in thedocument may:
1) be sensitive to inadvertant or malicious modifications of its contents that could result inmis-operation/misinterpretation if the exchanged information is used (e.g. a tampersecurity vulnerability);
2) contain confidential or private data;
3) contain subsets of information that may be considered sensitive by the document creation
entity.
This part of lEC 62351 proposes to standardize mechanisms to protect the document contentsfrom’ tamperingldisclosure when the document is being exchanged (e.g. in transit).Additionally，this part of IEC 62351 proposes to standardize a mechanism to aid in theprotection of the information when in transition (e.g.entity A trusts entity B; B trusts A and c,and B needs to exchange information with C. but A does not know of or trust C).
Although this document is intended to secure XML documents used within the scope of theIEC, the mechanism/methodologies specified within this document can be applied to any XMLdocument.
4.2security threats countered
See lEC TS 62351-1 for a discussion of security threats and attack methods.
lf encryption is not employed,then the specific threats countered in this part of IEC 62351include:
. unauthorized modification(tampering) of information through XML document level
authentication.
lf encryption is employed，then the specific threats countered in this part of IEC 62351include:
unauthorized access to information through XML document level authentication andencryption of the documents;
unauthorized modification(tampering) of information through XML document levelauthentication regardless if encryption is utilized.
4.3Attack methods countered
The following security attack methods are intended to be countered through the appropriateimplementation of the specification/recommendations found within this document:
man-in-the-middle: this threat will be countered through the use of a MessageAuthentication Code (e.g.Signature) mechanism specified within this document;
message tampering: These threats will be countered through the algorithm used to createthe authentication mechanism as specified within this document.
5 XML Documents
In order to provide adequate security, there needs to be an understanding of the environment of use that this specification is addressing:
• Documents at rest: When XML documents are stored (e.g. at rest), tamper detection is a minimum requirement. If the document contains sensitive information, then the confidentiality of that information needs to be protected through the use of authenticated encryption. In order to accomplish both objectives, this means that the un-encrypted document needs a signature and the encrypted document also needs its own signature/integrity protection. The protection of XML documents at rest is out-of-scope of this standard and should be implemented through local means.
• Documents in transit: The protection of documents in transit requires tamper detection and authentication as minimum requirements. If the document contains sensitive information, then the confidentiality of that information needs to be protected through the use of authenticated encryption. In order to accomplish both objectives, this means that the un-encrypted document needs a signature and the encrypted document also needs its own signature/integrity protection.
• Documents in transition: In the domain of the IEC, the recipients of XML documents typically decrypt and parse the information from those documents into a database. The information from the database can then be re-exported to a third actor, in any form (including another XML document). If sensitive or confidential information was provided in the initial document, there is no technological mechanism to prevent the application from exporting that information and defining access controls. A real example use case is the transfer of power system topology information through the use of IEC 61 970-552.IEC 62351-11 pdf download.