Skip to Main Content
The IEC 61400-25 standard has defined mapping of power plant information model to Web services. How to ensure the security of Web services-based communication for wind power plants is a unsolved problem. WS-Security is a standard used to deal with the security requirement in application of Web services, while username/password and X.509 certificates are security tokens most commonly used in electric power utility. We propose a security mechanism that deal with the requirements of authentication, integrity, non-reputation, and confidentiality across the communication process based on WS-Security and the two security token. The security mechanism is implemented by extension of SOAP message, design of security agent, and the related security message processing algorithm. An instance is modeling based on IEC 61400-25 to demonstrate the security enhanced remote control of wind power plants. The result support the usefulness of the security mechanism for Web Services-based wind power plants communication.