Uploaded image for project: 'OASIS Energy Interoperation TC'
  1. OASIS Energy Interoperation TC
  2. ENERGYINTEROP-274

189: Loose Integration and Security

    XMLWordPrintable

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Trivial
    • Resolution: Fixed
    • Affects Version/s: csd01 - Public Review Draft
    • Fix Version/s: wd19
    • Component/s: spec
    • Labels:
      None
    • Resolution:
      Hide

      Added to following to the end of the Architectural Background.

      Loose integration using the SOA style assumes careful definition of security requirements between partners. Size of transactions, costs of failure to perform, confidentiality agreements, information stewardship, and even changing regulatory requirements can require similar transactions be expressed within quite different security contexts. It is a feature of the SOA approach that security is composed in to meet the specific and evolving needs of different markets and transactions. Security implementation must be free to evolve over time and to support different needs. Energy Interop allows for this composition, without prescribing any particular security implementation.

      Show
      Added to following to the end of the Architectural Background. Loose integration using the SOA style assumes careful definition of security requirements between partners. Size of transactions, costs of failure to perform, confidentiality agreements, information stewardship, and even changing regulatory requirements can require similar transactions be expressed within quite different security contexts. It is a feature of the SOA approach that security is composed in to meet the specific and evolving needs of different markets and transactions. Security implementation must be free to evolve over time and to support different needs. Energy Interop allows for this composition, without prescribing any particular security implementation.

      Description

      Loose integration in different ownership domains (per the SOA-RA, 2751) needs further clarification pertaining to security to make it clear that that EI can embrace a security model that explicitly covers the IRC's concerns around Confidentiality, Integrity, Availability (per NERC CIP, http://www.nerc.com/page.php?cid=2|20). See IRC model (http://www.oasis-open.org/apps/org/workgroup/energyinterop/download.php/39898/IRC%20Smart%20Grid%20EA%20Models%202010-10-14_Rev1-FinalRelease.zip) for details of how the spec is expected to allow compliance with the NERC CIP standards for Information Protection.

        Attachments

          Activity

            People

            • Assignee:
              toby.considine Toby Considine (Inactive)
              Reporter:
              edgardo.luzcando Edgardo Luzcando (Inactive)
            • Watchers:
              0 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: