电力信息系统安全关键技术分析与研究
|
摘要
基于我国电力企业中面临的安全问题,考虑电力信息安全系统在运行时,容易受到外部或者内部的损害。从三个方面着手,分析并设计了与之相关的关键技术,提出了防范对策,确保电力信息安全系统高可靠性和高安全性。其中主要关键技术包括,针对电力系统的分布式的特点,以及时间上的不连续性,研究了一种基于角色的访问控制技术,建立一个控制模型用以验证该技术的实用性与正确性。对于非法用户的登录,研究了一种基于口令的身份验证机制,满足电力信息安全系统中网络操作与安全登录的需求。防火墙是整体系统安全保障的基础,防火墙技术不但可以正确区分非法入侵信息和可靠的传输信息,并且可以对入侵信息进行报警,提醒用户网络中出现威胁隐患。
Based on the security problems faced by Chinese power system, the power information security system is easy to suffer external or internal damage when it is running. The key technologies related to it is analyzed and designed in three aspects.And then the countermeasure are put forward to ensure high reliability and high security of the power information security system. research Some key technologies is researched about it. In view of the distributed characteristics of the power system and the timing discontinuity, a role is researched based access control technology. At the same time, a control model is established to verify the practicability and correctness of the technology. A password based authentication mechanism is studied to meet the requirement of the network operation for the login of illegal users. It also satisfies secure login in the power information security system. The technology of firewall is the foundation of the overall system security, firewall technology can not only correctly distinguish between illegal intrusion information and reliable transmission information, but also can remind the users of threats by alarming in the network.
Based on the security problems faced by Chinese power system, the power information security system is easy to suffer external or internal damage when it is running. The key technologies related to it is analyzed and designed in three aspects.And then the countermeasure are put forward to ensure high reliability and high security of the power information security system. research Some key technologies is researched about it. In view of the distributed characteristics of the power system and the timing discontinuity, a role is researched based access control technology. At the same time, a control model is established to verify the practicability and correctness of the technology. A password based authentication mechanism is studied to meet the requirement of the network operation for the login of illegal users. It also satisfies secure login in the power information security system. The technology of firewall is the foundation of the overall system security, firewall technology can not only correctly distinguish between illegal intrusion information and reliable transmission information, but also can remind the users of threats by alarming in the network.
引文
[1]李天鹏,周莹.电力企业网络信息安全的管理策略[J].电子技术与软件工程,2018,(5):212.
[2]张彤.电力可信网络体系及关键技术的研究[D].北京:华北电力大学(北京)华北电力大学,2013.
[3]陈胜,刘晓放,张承模等.基于云存储的电力系统访问控制方案设计[J].计算机测量与控制,2017,25(10):240-243.
[4]王正友.电力信息安全系统的设计与研究[D].成都:电子科技大学,2012.
[5]王于丁,杨家海.一种基于角色和属性的云计算数据访问控制模型[J].清华大学学报:自然科学版,2017,(11):1150-1158.
[6]李红霞.云计算中身份认证与访问控制管理系统的实现策略研究[D].北京:北京邮电大学.
[7]丁勇,戴朝清.智能电网的信息化技术[J].电子技术与软件工程,2018,(2):259-260.
[8]ZHOU L,VARADHARAJAN V,HITCHENS M.Achieving Secure Role-Based Access Control on Encrypted Data in Cloud Storage[J].IEEE Transactions on Information Forensics&Security,2013,8(12):1947-1960.
[9]孙力.电力企业信息安全管理研究[D].南京:南京邮电大学,2014.
[10]张春平,马志程,张琦等.一种电力企业分布式文件系统身份认证解决方案[J].自动化技术与应用,2017,36(3):23-26.
[11]张明智,张立卓,王抒阅.基于电力企业的网络信息安全的研究[J].信息安全与技术,2016,7(4):82-83.
[12]陈晓婷.计算机技术在智能电网信息安全保障中的运用[J].通信电源技术,2018,(3):186-188.
[13]CHEN G,DONG Z Y,HILL D J,et al.Exploring Reliable Strategies for Defending Power Systems Against Targeted Attacks[J].IEEE Transactions on Power Systems,2011,26(3):1000-1009.
[14]张恩超.智能电网信息安全防御体系架构与关键技术研究[D].北京:华北电力大学(北京),2016.
[15]王凯令.电力信息管理系统中统一身份认证技术研究及应用[D].上海:上海交通大学,2010.
[16]郭佳鑫,黄晓芳,徐蕾.基于FIDO协议的双向动态口令认证方案[J].计算机工程与设计,2017,(11):2919-2924.
[17]张少敏,赵乙桥,王保义.智能电网下保护用户隐私的无证书环签密方案[J].电力系统自动化,2018,(3):118-123.
[18]张少敏,孙婕,王保义.基于Storm的智能电网广域测量系统数据实时加密[J].电力系统自动化,2016,40(21):123-127.
[19]王保义,邱素改,张少敏.电力调度自动化系统中基于可信度的访问控制模型[J].电力系统自动化,2012,36(12):76-81.
[20]李玉,范叶平,金在全等.电网核心业务可信身份认证框架体系研究[J].微型电脑应用,2018,(4):37-41.
[2]张彤.电力可信网络体系及关键技术的研究[D].北京:华北电力大学(北京)华北电力大学,2013.
[3]陈胜,刘晓放,张承模等.基于云存储的电力系统访问控制方案设计[J].计算机测量与控制,2017,25(10):240-243.
[4]王正友.电力信息安全系统的设计与研究[D].成都:电子科技大学,2012.
[5]王于丁,杨家海.一种基于角色和属性的云计算数据访问控制模型[J].清华大学学报:自然科学版,2017,(11):1150-1158.
[6]李红霞.云计算中身份认证与访问控制管理系统的实现策略研究[D].北京:北京邮电大学.
[7]丁勇,戴朝清.智能电网的信息化技术[J].电子技术与软件工程,2018,(2):259-260.
[8]ZHOU L,VARADHARAJAN V,HITCHENS M.Achieving Secure Role-Based Access Control on Encrypted Data in Cloud Storage[J].IEEE Transactions on Information Forensics&Security,2013,8(12):1947-1960.
[9]孙力.电力企业信息安全管理研究[D].南京:南京邮电大学,2014.
[10]张春平,马志程,张琦等.一种电力企业分布式文件系统身份认证解决方案[J].自动化技术与应用,2017,36(3):23-26.
[11]张明智,张立卓,王抒阅.基于电力企业的网络信息安全的研究[J].信息安全与技术,2016,7(4):82-83.
[12]陈晓婷.计算机技术在智能电网信息安全保障中的运用[J].通信电源技术,2018,(3):186-188.
[13]CHEN G,DONG Z Y,HILL D J,et al.Exploring Reliable Strategies for Defending Power Systems Against Targeted Attacks[J].IEEE Transactions on Power Systems,2011,26(3):1000-1009.
[14]张恩超.智能电网信息安全防御体系架构与关键技术研究[D].北京:华北电力大学(北京),2016.
[15]王凯令.电力信息管理系统中统一身份认证技术研究及应用[D].上海:上海交通大学,2010.
[16]郭佳鑫,黄晓芳,徐蕾.基于FIDO协议的双向动态口令认证方案[J].计算机工程与设计,2017,(11):2919-2924.
[17]张少敏,赵乙桥,王保义.智能电网下保护用户隐私的无证书环签密方案[J].电力系统自动化,2018,(3):118-123.
[18]张少敏,孙婕,王保义.基于Storm的智能电网广域测量系统数据实时加密[J].电力系统自动化,2016,40(21):123-127.
[19]王保义,邱素改,张少敏.电力调度自动化系统中基于可信度的访问控制模型[J].电力系统自动化,2012,36(12):76-81.
[20]李玉,范叶平,金在全等.电网核心业务可信身份认证框架体系研究[J].微型电脑应用,2018,(4):37-41.