Resource Centric Security to Protect Customer Energy Information in the Smart Grid
From the customer domain perspective, interoperation implies that external systems are able to control customer's energy resources as well as to read energy-related information. These two types of accesses to an energy resource affect the operation of the customer domain differently. However, most existing security mechanisms were designed at individual resource level and cannot efficiently handle such fine-grained access. To resolve the issue of fine granularity, this paper proposes a new security mechanism, Resource Centric Security, that leverages the concept of a file-system Access Control List. Three privileges of read, write, and execute are defined on each energy resource, and a set of attributes is assigned to each privilege.