Already a subscriber? 

MADCAD.com Free Trial
Sign up for a 3 day free trial to explore the MADCAD.com interface, PLUS access the
2009 International Building Code to see how it all works.
If you like to setup a quick demo, let us know at support@madcad.com
or +1 800.798.9296 and we will be happy to schedule a webinar for you.
Security check
Please login to your personal account to use this feature.
Please login to your authorized staff account to use this feature.
Are you sure you want to empty the cart?

23/30470491 DC BS ISO/IEC 15045-3-1. Information technology. Home Electronic System (HES) gateway - Part 3-1. Introduction to privacy, security, and safety, 2023
- JTC1-SC25_3142e_CD.pdf [Go to Page]
- FOREWORD
- INTRODUCTION
- 1 Scope
- 2 Normative references
- 3 Terms, definitions, abbreviated terms and conventions [Go to Page]
- 3.1 Terms and definitions
- 3.2 Abbreviations
- 4 Conformance
- 5 Concepts, principles, structure, and guidelines [Go to Page]
- 5.1 Privacy, security and safety concepts and principles in the HES gateway
- 5.2 Structure of the HES gateway system
- 5.3 Basic HES gateway concepts, principles and practices [Go to Page]
- 5.3.1 Key concepts, principles and practices
- 5.3.2 HES concept
- 5.3.3 HES gateway concept
- 5.3.4 Interface module concept
- 5.3.5 Service module concept
- 5.3.6 Application platform concept
- 5.3.7 Internal communication bus concept
- 5.3.8 DSS principle and practice
- 5.4 Theory of operation
- 5.5 Risk management [Go to Page]
- 5.5.1 Introduction
- 5.5.2 Risk assessment [Go to Page]
- 5.5.2.1 Overview of risk assessment
- 5.5.2.2 Threats [Go to Page]
- 5.5.2.2.1 Overview of threats
- 5.5.2.2.2 HAN Masquerade and replay
- 5.5.2.2.3 WAN Masquerade and replay
- 5.5.2.2.4 HAN Interception: eavesdropping and modification
- 5.5.2.2.5 WAN Interception: eavesdropping and modification
- 5.5.2.2.6 HAN Denial-of-service and resource-exhaustion attack
- 5.5.2.2.7 WAN Denial-of-service and resource-exhaustion attack
- 5.5.2.2.8 Software and configuration security: Trojan horses, worms, viruses
- 5.5.2.2.9 Spyware/data leakage
- 5.5.2.2.10 Risks of commerce over the Internet
- 5.5.2.2.11 Unintentional network to network interconnect
- 5.5.2.2.12 Communications internal to the HES Gateway (HES-CLIP)
- 5.5.2.3 Vulnerabilities, conditions and controls
- 5.5.2.4 Risk levels; HAN, WAN, data
- 5.5.3 Risk treatment
- 5.6 Privacy, security, and safety guidelines and requirements [Go to Page]
- 5.6.1 Privacy-by-design approach
- 5.6.2 External services non-reliance principle and practice
- 5.6.3 Use of wireless or shared media principle and practice
- 5.6.4 Privacy best practice
- 5.6.5 Privacy next best practice
- 5.6.6 Online update vulnerability principle
- 5.6.7 Online OS update vulnerability principle
- 5.6.8 “Social Engineering” vulnerability principle
- 5.6.9 Privacy by design principle and practice
- 5.6.10 User priority principle
- 5.6.11 Fail-safe principle
- 5.6.12 Precautionary principle
- 5.6.13 Normal accident principle
- 5.6.14 Privacy principles
- 5.6.15 Watchdog practice
- 5.6.16 Redundancy principle
- 6 Common services [Go to Page]
- 6.1 Common services
- 6.2 Binding map
- 6.3 HES Gateway unique ID service module
- 6.4 Cryptographic services
- 6.5 Authorization and authentication service
- 6.6 Time service
- Annex A (informative) Privacy protection principles and sources [Go to Page]
- A.1 Privacy protection Principles
- A.2 Sources
- Annex B (informative) [Go to Page]
- Guidance to developers
- B.1 General protection
- B.2 Privacy protection
- B.3 Security protection
- B.4 Safety protection
- References
- Bibliography [Go to Page]