As one of core technologies of smart grid, demand response (DR) helps improving electricity efficiency and optimizing power consumption way. In addition to having advanced technologies and applications of communication and computing infrastructures, the security of DR is still an issue deserving research to defend against evolving cyber attacks. In this paper, a security mechanism for DR is proposed to solve the security problem using Role Based Access Control (RBAC)and Publish/subscribe (Pub/sub). Different from traditional security schemes in DR, not only real existed entities such as the electricity suppliers and users but also logical subjects such as DR event are taken into consideration. It realizes the logical separation of users and permissions and grants role with secure analysis based on Support Vector Machines (SVM). A Pub/sub based communication scheme acquires greater network scalability and a more dynamic network topology with the help of group key distribution algorithm.