Communication Security. Modern secure communication between two remote peers is established using Transport Layer Security (TLS). In many cases, like IEEE 2030.5, the establishment of a TLS session requires mutual authentication using X.509v3 public key certificates. A DER Client will connect to a DER Server, such as a utility server, to receive a command or retrieve status information using the IEEE 2030.5 protocol. When setting up a secure TLS session, the DER Client and DER Server will perform mutual authentication using X.509 public key certificates for authentication as defined in the TLS protocol. The DER Server and DER Client have to be provisioned with certificates, as described in the use case within Section 5.4.3. The DER Client receives the DER Server’s certificate and can validate the certificate’s signature and trust chain. The DER Server receives the DER Client’s certificate and can then validate the certificate’s signature and trust chain. These validations do not provide information on the trustworthiness of the DER Client or DER Server’s cryptographic environment. For example, the DER Server will not be able to distinguish a DER Client whose private key is stored in plain text readable to everybody, from a DER Client whose private key is securely contained within a hardware protected environment like a SE or TPM. The Blockchain described within the present document allows DER Servers to independently validate the cyber- security properties of the DER Client, as described within this use case. There are three relevant actors in this use case- the Certificate Authority, the DER Client, and the DER Server, as shown in Figure 11. DER Client DER Server Certificate Authority
Appears in 1 contract
Sources: License Agreement
Communication Security. Modern secure communication between two remote peers is established using Transport Layer Security (TLS). In many cases, like IEEE 2030.5, the establishment of a TLS session requires mutual authentication using X.509v3 public key certificates. A DER Client will connect to a DER Server, such as a utility server, to receive a command or retrieve status information using the IEEE 2030.5 protocol. When setting up a secure TLS session, the DER Client and DER Server will perform mutual authentication using X.509 public key certificates for authentication as defined in the TLS protocol. The DER Server and DER Client have to be provisioned with certificates, as described in the use case within Section 5.4.3. The DER Client receives the DER Server’s certificate and can validate the certificate’s signature and trust chain. The DER Server receives the DER Client’s certificate and can then validate the certificate’s signature and trust chain. These validations do not provide information on the trustworthiness of the DER Client or DER Server’s cryptographic environment. For example, the DER Server will not be able to distinguish a DER Client whose private key is stored in plain text readable to everybody, from a DER Client whose private key is securely contained within a hardware protected environment like a SE or TPM. The Blockchain described within the present document allows DER Servers to independently validate the cyber- security properties of the DER Client, as described within this use case. There are three relevant actors in this use case- the Certificate Authority, the DER Client, and the DER Server, as shown in Figure 11. DER Client Install Certificate DER Server Communication Security Certificate Authority
Appears in 1 contract
Sources: License Agreement