This is a potential security issue, you are being redirected to https://csrc.nist.gov
Special Publications (SPs)
Security & Privacy
Laws & Regulations
Activities & Products
Computer Security Division
Applied Cybersecurity Division
Date Published: November 5, 2013
National Institute of Standards and Technology
In order to protect power generation, transmission and distribution, energy companies need to be able to control physical and logical access to their resources, including buildings, equipment, information technology and industrial control systems (ICS). They must be able to authenticate the individuals and systems to which they are giving access rights with a high degree of certainty, whether they are employees, contractors, vendors, or partners. In addition, energy companies must be able to enforce access control policies (e.g. allow, deny, inquire further) consistently, uniformly and in a timely way across all of their resources.
This document describes a use case of an energy company technician attempting to enter a substation, and then accessing equipment and systems necessary for doing her job.
Project Homepage (other)
Related NIST Publications:
SP 1800-2 (DRAFT)
Security and Privacyidentity & access management
Applicationsindustrial control systems