Version 1: Release Note 28 November 2014

Remote Party Security Credentials - informative

Download 4.8 Mb.
Size4.8 Mb.
1   ...   144   145   146   147   148   149   150   151   ...   258

Remote Party Security Credentials - informative

This Section 13.1.2 summarises the GBCS requirements in relation to storing, replacing and providing details of Remote Party Security Credentials. The use of such credentials to control access to Device functions is detailed in other sections of the GBCS and in relevant Use Cases.

A Remote Party Security Credential is a Public Key Certificate which securely binds together the Remote Party’s identity with a Public Key along with related information, including what that Public Key can be used for and over what time period it is valid. The corresponding Private Key should be securely controlled solely by the Remote Party and known only to that Remote Party.

The purpose of storing each Remote Party Public Key (and related details) on a Device is so that each Public Key can act as a ‘Trust Anchor’ for the Device. The Device uses these Trust Anchors to check cryptographically whether Remote Party Messages can be trusted or not (and so whether it should act on them or not). Thus, all of a Device’s Trust Anchors must be populated.

Trust Anchors need to be capable of being replaced during a Device’s operational life for a number of reasons including:

  • the Certificate’s expiry (Organisation Certificates will only be valid for a fixed period of time);

  • the Known Party transferring control to a different organisation (for example on Change of Supplier);

  • the cryptographic algorithms, or parameters such as key length, needing to be changed;

  • the Known Party having lost the use of the corresponding Private Key; or

  • there being concerns that someone other than the Known Party has use of, or may have use of, the corresponding Private Key.

Thus, an ‘Update Security Credentials Command’ must be supported by all Devices that rely on Remote Party Security Credentials to act as Trust Anchors. Related, all such Devices need to support a ‘Provide Security Credential Details’ Command, so that Remote Parties can be sure which Devices need to have credentials replaced.

However, if these Trust Anchors could be replaced without proper protections, attackers could take over control of Devices or the Devices could be rendered inoperable. Thus, a Device needs to do thorough checks before applying an Update Security Credentials Command. The checks that the Device can and must do vary dependent on the reasons for the change. Thus, Section 13.2.1 lays out a number of different checks and the circumstances in which corresponding Commands may be issued. Broadly the following checks are carried out by the Device:

  • is the Command properly formed?

  • is the Command for the Device that it has been delivered to, and is the Command one that it has not processed previously?

  • are the Remote Parties apparently authorising the Command allowed to authorise it?

  • was the Command Authorised by the Remote Parties that it appears to be Authorised by?

  • were the Certificates in the payload of the Command issued by properly Authorised parties, specifically by Certification Authorities Authorised (by ‘root’ under the APKI) to issue GB Smart Metering Certificates?

Only when a Device has successfully undertaken all five sets of checks should it action the Update Security Credentials Command.

Other Critical Commands only have to complete the first four categories of check.

      1. Directory: government -> uploads -> system -> uploads -> attachment data -> file
        file -> Remove this if sending to pagerunnerr Page Title Light Rail Security Recommended Best Practice
        file -> 8 Section 1 : Sport
        file -> Notice of exercise of additional powers of seizure under Sections 50 or 51 of the Criminal Justice and Police Act 2001
        file -> Home office circular 004/2014 Powers to search for and seize invalid travel documents in Schedule 8 to the Anti-social Behaviour, Crime and Policing Act 2014
        file -> Consultation on the Royal Parks and Other Open Spaces (Amendment) (No. 2) Regulations 2012
        file -> Crown copyright 2012
        file -> This is the Report to Government by the Film Policy Review Panel The brief
        file -> Impact Assessment (IA)
        file -> Dcms/Wolfson Museums and Galleries Improvement Fund a public-Private Partnership (2002-2010)

        Share with your friends:
1   ...   144   145   146   147   148   149   150   151   ...   258

The database is protected by copyright © 2020
send message

    Main page