Manualshelf

User Manual

ManualsBrandsSilver Spring Networks ManualsElectronicsGateway/Telco
12345678910
8
It shall be possible to configure access permission for an external
utility on a meter by meter basis. It shall be possible to configure which
alarms may be distributed to or configured by an external utility on an
alarm by alarm and meter by meter basis. If an external utility has been
granted configuration permission for a particular alarm on a particular
meter, then the utility that grants that permission will no longer be able
to configure or receive that alarm for that meter. Note that the owner
utility will still need to keep track of the alarms that have been
configured by an external utility, in case the meters associated with the
external utility or the gateways associated with those meters are
physically modified, reconfigured or replaced.
Both the hosting and receiving ENICS servers shall keep track of
the number and types of data sent/received to/from the remote
distribution server for billing purposes.
3.7 Security
Security considerations for the ENICS system fall into the following
four areas:
Authentication (is the user or utility really who he, she or it
says they are)
Authorization (is the user or utility allowed to perform the
operation they are requesting)
Confidentiality (prevent an outside observer from viewing data
that the utility doesn’t want them to view)
Auditing (leave a trail so that attempts to compromise the
system are tracked for later analysis)
The other two areas that are often of concern for browser users in
a networked environment, containment and nonrepudiation, are not of
much concern to users who may run ENICS applets or applications since
all such applets, applications and servers come from a trusted source.
Authentication is a concern in two areas. The first is that only
people authorized by the utility run the ENICS applets/applications,
such as the interactive meter reader, the field service application or the
network configuration manager. The second is that data distributed to
an outside utility is sent only to systems that have been explicitly
authorized to receive such data.
Authentication in the ENICS system consists of two elements. The
first is password authentication. All users shall be required to enter a
password before using any ENICS application/applet with a user
interface. Passwords shall be stored internally in a form that is
cryptographically secure. The second is host identification. It shall be
possible for system administrators to allow access to the ENICS system
from an application/applet or a third party using the external data
distribution capability only from some designated set of hosts. Thus a