一种基于PKI的能源信息系统多渠道统一身份认证方法
|
摘要
能源信息系统存在用户体验差、管理不统一、有安全隐患问题,迫切需要从源头研究各种电子渠道之间的统一身份认证问题,实现对多个电子服务信道的统一管理及对各种电子信道的服务监督。提出了一种基于PKI证书的多维电子信道统一认证方法,用于能源信息系统。用户可以通过所提出的方法直接访问每个应用系统,并在没有多个认证过程的情况下在应用系统之间执行快速且安全的切换。该方法可以为用户提供从事复杂业务管理活动的便利性和安全性。
There are problems of poor user experience, inconsistent management, and potential security risks in energy information system. It is urgent to study the issue of unified identity authentication between various electronic channels from the source to achieve unified management of multiple electronic service channels and service supervision of various electronic channels. A multi-dimensional electronic channel unified authentication method based on PKI certification was proposed for energy information system. Users could directly access each application system through the proposed method and perform fast and secure switching between application systems without multiple authentication processes. The approach provided users with the convenience and security of engaging in complex business management activities.
There are problems of poor user experience, inconsistent management, and potential security risks in energy information system. It is urgent to study the issue of unified identity authentication between various electronic channels from the source to achieve unified management of multiple electronic service channels and service supervision of various electronic channels. A multi-dimensional electronic channel unified authentication method based on PKI certification was proposed for energy information system. Users could directly access each application system through the proposed method and perform fast and secure switching between application systems without multiple authentication processes. The approach provided users with the convenience and security of engaging in complex business management activities.
引文
[1]刘林,张运洲,王雪,等.能源互联网目标下电力信息物理系统深度融合发展研究[J].中国电力,2019,52(1):1-9.LIU L,ZHANG Y Z,WANG X,et al.Research on deep integration of power cyber physical system under energy internet goals[J].Electric Power,2019,52(1):1-9.
[2]王继业,孟坤,曹军威,等.能源互联网信息技术研究综述[J].计算机研究与发展,2015,52(3):1-18.WANG J Y,MENG K,CAO J W,et al.Research on information technology for energy internet:a survey[J].Journal of Computer Research and Development,2015,52(3):1-18.
[3]陈国慧,谭海波,吕波,等.基于CAS和Liferay门户的统一身份认证系统[J].计算机技术与发展,2018(12):106-110.CHEN G H,TAN H B,LV B,et al.Unified identity authentication system based on CAS and Liferay portal[J].Computer Technology and Development,2018(12):106-110.
[4]王栋,陈传鹏,颜佳,等.新一代电力信息网络安全架构的思考[J].电力系统自动化,2016,40(2):6-11.WANG D,CHEN C P,YAN J,et al.Pondering a new-generation security architecture model for power information network[J].Automation of Electric Power Systems,2016,40(2):6-11.
[5]WANG Z Z,WANG Y.Research and design of campus network unified identity authentication system based on Kerberos[J].Advanced Materials Research,2012(4):546-547.
[6]FENG F,LI X,WANG L.Design and implementation of identity authentication system based on fingerprint recognition and cryptography[C]//IEEE International Conference on Computer&Communications,August 11-13,2017,Chengdu,China.Piscataway:IEEE Press,2017.
[7]KIM N Y,PARK K Y,PARK J H.DOTP-AaaS:dynamic one time password matching-based authentication as a service[Z].2017.
[8]LI N,LIU D,NEPAL S.Lightweight mutual authentication for IoT and its applications[J].IEEE Transactions on Sustainable Computing,2017(2):359-370.
[9]BURROWS M,ABADI M,NEEDHAM R.A logic of authentication[J].ACM Transactions on Computer Systems,1989,23(5):1-13.
[10]黄飞飞.基于SOA架构的企业统一用户身份认证平台研究[J].中国管理信息化,2016,19(19):56-58.HUANG F F.Research on enterprise unified user identity authentication platform based on SOA architecture[J].China Management Informatization,2016,19(19):56-58.
[11]DANIEL E,VASANTHI N A.LDAP:a lightweight deduplication and auditing protocol for secure data storage in cloud environment[J].Cluster Computing,2017(4):1-12.
[12]ZENG K,GOVINDAN K,MOHAPATRA P.Non-cryptographic authentication and identification in wireless networks[J].IEEE Wireless Communications,2010,17(5):56-62.
[13]钱亚冠,关晓惠,吴淑慧,等.一种基于贪心算法的SVM扰动攻击方法[J].电信科学,2019,35(1):81-89.QIAN Y G,GUAN X H,WU S H,et al.A SVM perturbation attack method based on greedy algorithm[J].Telecommunications Science,2019,35(1):81-89.
[14]陈铁明,项彬彬,吕明琪,等.基于字节码图像和深度学习的Android恶意应用检测[J].电信科学,2019,35(1):9-17.CHEN T M,XIANG B B,LV M Q,et al.Android malicious application detection based on bytecode image and deep learning[J].Telecommunications Science,2019,35(1):9-17.
[2]王继业,孟坤,曹军威,等.能源互联网信息技术研究综述[J].计算机研究与发展,2015,52(3):1-18.WANG J Y,MENG K,CAO J W,et al.Research on information technology for energy internet:a survey[J].Journal of Computer Research and Development,2015,52(3):1-18.
[3]陈国慧,谭海波,吕波,等.基于CAS和Liferay门户的统一身份认证系统[J].计算机技术与发展,2018(12):106-110.CHEN G H,TAN H B,LV B,et al.Unified identity authentication system based on CAS and Liferay portal[J].Computer Technology and Development,2018(12):106-110.
[4]王栋,陈传鹏,颜佳,等.新一代电力信息网络安全架构的思考[J].电力系统自动化,2016,40(2):6-11.WANG D,CHEN C P,YAN J,et al.Pondering a new-generation security architecture model for power information network[J].Automation of Electric Power Systems,2016,40(2):6-11.
[5]WANG Z Z,WANG Y.Research and design of campus network unified identity authentication system based on Kerberos[J].Advanced Materials Research,2012(4):546-547.
[6]FENG F,LI X,WANG L.Design and implementation of identity authentication system based on fingerprint recognition and cryptography[C]//IEEE International Conference on Computer&Communications,August 11-13,2017,Chengdu,China.Piscataway:IEEE Press,2017.
[7]KIM N Y,PARK K Y,PARK J H.DOTP-AaaS:dynamic one time password matching-based authentication as a service[Z].2017.
[8]LI N,LIU D,NEPAL S.Lightweight mutual authentication for IoT and its applications[J].IEEE Transactions on Sustainable Computing,2017(2):359-370.
[9]BURROWS M,ABADI M,NEEDHAM R.A logic of authentication[J].ACM Transactions on Computer Systems,1989,23(5):1-13.
[10]黄飞飞.基于SOA架构的企业统一用户身份认证平台研究[J].中国管理信息化,2016,19(19):56-58.HUANG F F.Research on enterprise unified user identity authentication platform based on SOA architecture[J].China Management Informatization,2016,19(19):56-58.
[11]DANIEL E,VASANTHI N A.LDAP:a lightweight deduplication and auditing protocol for secure data storage in cloud environment[J].Cluster Computing,2017(4):1-12.
[12]ZENG K,GOVINDAN K,MOHAPATRA P.Non-cryptographic authentication and identification in wireless networks[J].IEEE Wireless Communications,2010,17(5):56-62.
[13]钱亚冠,关晓惠,吴淑慧,等.一种基于贪心算法的SVM扰动攻击方法[J].电信科学,2019,35(1):81-89.QIAN Y G,GUAN X H,WU S H,et al.A SVM perturbation attack method based on greedy algorithm[J].Telecommunications Science,2019,35(1):81-89.
[14]陈铁明,项彬彬,吕明琪,等.基于字节码图像和深度学习的Android恶意应用检测[J].电信科学,2019,35(1):9-17.CHEN T M,XIANG B B,LV M Q,et al.Android malicious application detection based on bytecode image and deep learning[J].Telecommunications Science,2019,35(1):9-17.