APPARATUS, METHODS, AND SYSTEM FOR ROLE-BASED ACCESS IN AN INTELLIGENT ELECTRONIC DEVICE
First Claim
1. A method, comprising:
- generating a role for a user of an intelligent electronic device (“
IED”
);
generating a user assignment;
generating a site assignment; and
generating a user security key and an associated security file based on data output from at least one of the steps of generating a role, generating a user assignment, and generating a site assignment.
2 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure describes apparatus, methods, and system for secure access control of an intelligent electronic device (“IED”) by multiple personnel. Within the IED a set of basic permissions is defined. A software program allows a security administrator create specific roles from the basic permissions. The software program can then be used to assign to a user a specific role for one or more specific IEDs. This action creates a set of unique security keys for the user and a unique security file for each IED. When a user accesses an IED the system identifies the user from the security key and determines his/her permissions using the security file. The security key may take the form of a password inputted into the IED, an access device incorporated within the IED, and/or a remote access device positioned proximate the IED or removably positioned in the IED.
58 Citations
20 Claims
-
1. A method, comprising:
-
generating a role for a user of an intelligent electronic device (“
IED”
);generating a user assignment; generating a site assignment; and generating a user security key and an associated security file based on data output from at least one of the steps of generating a role, generating a user assignment, and generating a site assignment. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method of operating an IED, comprising:
-
receiving an action request; checking a received user key against a security file; executing an action if permission is granted as a result of the checking step; and generating an unauthorized access alarm if permission is denied as a result of the checking step. - View Dependent Claims (9)
-
-
10. An apparatus, comprising:
-
a microprocessor; a circuit managed by the microprocessor and configured to control operation of substation equipment; a memory coupled with the microprocessor; and a role-based access control (“
RBAC”
) mechanism configured to be executed by the microprocessor. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system, comprising:
-
an intelligent electronic device (“
IED”
) configured to allow role-based access to a user of the IED;a network; and a remote computer coupled to the IED via the network, wherein the remote computer is configured to transmit an IED security file to the IED, wherein the IED security file comprises one or more unique security code/passwords, each of which is associated with a role comprised of one or more permissions.
-
Specification