Home Short Bio Research Publications Services Teaching
My current research interest is the security and privacy in the smart grid networks, cyber security and cyber-physical smart grid security. My profile appears at 9th position here.
RESEARCH PROJECTS
Integrated Distributed Authentication Protocol for Smart Grid Communications
Brief Description: Two-way communications in the SG enable instant interaction between different SG entities and help to improve the overall efficiency of the SG system. According to the NIST report, one of the main security issues in the SG system is that existing authentication mechanisms do not sufficiently authenticate devices or exposes authentication keys. Without proper authentications, the system resources and entities can be compromised that may result in financial losses and performance degradation. Centrally control authentications in a decentralized environment are required for the centralized security management in terms of event logging/analysis and authentication. A fast and lightweight protocol is needed to support frequent authentications repeated many times among billions of devices. In sum, an integrated, distributed, fast, and lightweight authentication protocol will provide mutual authentication between the various entities of the SG system. An integrated distributed protocol can help to maximize the utilization of shared resources with low overhead. Furthermore, the security protocol of the SG system must defend against the known security attacks, including man-in-the-middle (MITM) and denial-of-service (DoS) attacks.
State of the Art Authentication, Access Control, and Secure Integration in Smart Grid;
Brief Description: The smart grid is a promising platform for providing more reliable, efficient, and cost effective electricity to the consumers in a secure manner. Numerous initiatives across the globe are taken by both industry and academia in order to compile various security issues in the smart grid network. Unfortunately, there is no impactful survey paper available in the literature on authentications in the smart grid network that addresses the required objectives of an authentication protocol in the smart grid network along with the focus on mutual authentication, access control, and secure integration among different SG components. We review the existing authentication protocols, and analyze mutual authentication, privacy, trust, integrity, and confidentiality of communicating information in the smart grid network. We review authentications between the communicated entities in the smart grid, such as smart appliance, smart meter, energy provider, control center, and home/building/neighborhood area network gateways.
Authentication and Authorization Scheme for Various User-Roles and Devices in Smart Grid
Brief Description: The smart grid, as the next generation of the power grid, is characterized by employing many different types of intelligent devices, such as intelligent electronic devices located at substations, smart meters positioned in the home area network, and outdoor field equipment deployed in the fields. Also, there are various users in the smart grid network, including customers, operators, maintenance personnel, and etc., who use these devices for various purposes. According to the NIST report, one of the crucial challenges in the future smart grid is to authenticate and authorize users (such as maintenance personnel) whenever they access IED/SM/OFE located at substations/homes/fields in such a way that the resource access is specific to a user, the user specific authentication information is not shared among users, e.g., identity and password, and the control of authentication and authorization is hierarchically managed by substations and the utility’s central station. This ensures that only authenticated users can perform the assigned authorized actions onto the intended devices in a controlled and scalable manner. Therefore, mutual authentications between the user and the substation’s server to access different devices with a specific user-role authorization is needed to mitigate insider attacks in the SG network.