A Security Mechanism of Web Services-Based Communication for Wind Power Plants

The IEC 61400-25 standard has defined the mapping of wind power-plant information model to Web services (WS). Ensuring the security of WS-based communication for wind power plants is an unsolved problem. WS-security is a standard used to deal with the security requirements in applications of Web services, while the username/password and X.509 certificates are security tokens most commonly used in electric power utilities. We propose a security mechanism that deals with the requirements of authentication, integrity, nonreputation, and confidentiality across the communication process based on WS-Security and the two security tokens. The security mechanism is implemented by an extension of simple object-access protocol message, design of the security agent, and the related security message-processing algorithm. An instance is modeling based on IEC 61400-25 to demonstrate the security-enhanced remote control of wind power plants. The result supports the usefulness of the security mechanism for WS-based wind power plants communication.