Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Implementation of RBAC with RADIUS

IP.com Disclosure Number: IPCOM000249166D
Publication Date: 2017-Feb-08
Document File: 5 page(s) / 278K

Publishing Venue

The IP.com Prior Art Database

Related People

Fernando Alvarez: INVENTOR [+3]

Abstract

This invention specifies a method in which already deployed RADIUS (client) devices and applications can transparently continue their normal functioning when their environments become IEC 62351-8 complainant, without requiring any configuration changes.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 37% of the total text.

ABB Switzerland Ltd 1KHL508xxx Invention Disclosure: Implementation of RBAC with RADIUS Revision-Index: -Date: 1.0 2017-02-03 Department resp.: Created: Approved: Distribution: Language: Page: 2017-02-03 EN 1/5 Effective for: Derived from: Replaces: Classification: ABB File : CH-1522601

- - Invention Disclosure: Implementation of RBAC with RADIUS

We reserve all rights in this document and in the information contained therein. Reproduction, use or disclosure to third parties without express authority is strictly forbidden.

© Copyright 2008 ABB (2008-09-24)

Table of Contents 1 SUBJECT 2

2 ABBREVIATIONS AND DEFINITIONS 2

3 BACKGROUND 3 4 SUBJECT 4

5 ADVANTAGES 4

5.1 Competitor situation Error! Bookmark not defined.

6 INVENTION 4

7 INNOVATION 5

8 RELEVANCE TO ABB 5 9 ANSWERING POTENTIAL QUESTION OF REVIEWERS (MORE BACKGROUND) 5

9.1 Is this not part of the standards? (IEC 62351-8) 5

9.2 Why is this method not been used already? Or is already in use? 5 9.3 Is this patentable? Where is the invention? Error! Bookmark not defined.

9.4 What if we do not patent? Error! Bookmark not defined. 10 REFERENCES 5

11 DOCUMENT HISTORY ERROR! BOOKMARK NOT DEFINED.

Invention Disclosure: Implementation of RBAC with RADIUS

Revision: 1.0

page: 2/5 1KHL508xxx

1 Subject

This document describes an invention concept to support of RBAC with RADIUS.

2 Abbreviations and Definitions

IEC International Electro-technical Commission IEEE Institute of Electrical and Electronics Engineers IEC 62351-8 IEC standard for Role Based Access Control (RBAC)

This specification defines role-based access control (RBAC) for enterprise-wide use in power systems.

RBAC Role Based Access Control RADIUS Remote Authentication Dial-In User Service

Invention Disclosure: Implementation of RBAC with RADIUS

Revision: 1.0

page: 3/5 1KHL508xxx

3 Background

Cyber security requirements for utilities and for the so-called “Smart Grid” are becoming imperative in our ABB markets. Cyber security standard IEC 62351-8 has become especially important to utilities. IEC 62351-8 is about deploying Central User Account Management supporting RBAC (Role-Based- Access-Control) in power systems and in industrial environments. RBAC is a requirement found in NERC- CIP, IEC 62443 and other mandatory cyber security requirements for many industries. RADIUS is also an important standard for Authentication and Authorisation of users which is widely deployed and used. There are a lot of network equipment already deployed supporting and making use of RADIUS. The challenge is to provide a solution for our customers that transparently supports both RADIUS devices (clients) and IEC62351-8 devices (clients) to authenticate central managed users and provide the right Authorization to these users on the basis of user Roles (RBAC). This invention disclosure provides a solution for this challenge. Figure 1 below shows the basics of this invention:

RADIUS server

1 2

RADIUS auth request

Radius Attributes

3

5 4

LDAP Server

LDAP auth request ...