本文選題：信息安全交互 + 遠(yuǎn)程證明��； 參考：《華北電力大學(xué)(北京)》2014年博士論文

【摘要】：互動(dòng)化是智能電網(wǎng)有別于傳統(tǒng)電網(wǎng)的本質(zhì)特征,而互動(dòng)化的本質(zhì)是信息的交互。所以,信息交互是智能電網(wǎng)基礎(chǔ)功能實(shí)現(xiàn)的重要前提。一方面,外部智能終端與內(nèi)部業(yè)務(wù)系統(tǒng)之間的縱向信息交互,可以實(shí)現(xiàn)信息的實(shí)時(shí)采集和電網(wǎng)運(yùn)行狀態(tài)的及時(shí)調(diào)整；另一方面,不同業(yè)務(wù)系統(tǒng)之間的橫向信息交互,更有利于信息的及時(shí)共享,為科學(xué)決策提供依據(jù)。信息交互使得智能電網(wǎng)的信息網(wǎng)絡(luò)和電力網(wǎng)絡(luò)融為一體。信息網(wǎng)絡(luò)的安全直接關(guān)系智能電網(wǎng)的安全保障。此外,由于網(wǎng)絡(luò)隔離措施的存在,內(nèi)部業(yè)務(wù)系統(tǒng)如何與外部終端建立通信關(guān)系,如何防止非法的外部終端進(jìn)行非授權(quán)的訪(fǎng)問(wèn),以及如何與不同安全等級(jí)的業(yè)務(wù)系統(tǒng)進(jìn)行信息共享等直接影響業(yè)務(wù)系統(tǒng)的可用性。所以,信息的安全交互是業(yè)務(wù)系統(tǒng)正常運(yùn)行的前提,保障信息的安全交互是智能電網(wǎng)建設(shè)的重要課題。本文以堅(jiān)強(qiáng)智能電網(wǎng)為研究背景,在總結(jié)智能電網(wǎng)信息交互模式,以及分析智能電網(wǎng)安全需求的基礎(chǔ)上,研究了智能電網(wǎng)信息安全交互模型和實(shí)現(xiàn)智能電網(wǎng)信息安全交互的關(guān)鍵技術(shù),并以電力用戶(hù)用電信息采集系統(tǒng)為實(shí)例,描述了信息安全交互體系的構(gòu)建方法。論文的研究工作及取得的主要成果體現(xiàn)在以下四個(gè)方面：(1)從縱向和橫向兩個(gè)層面分析智能電網(wǎng)的層次結(jié)構(gòu),總結(jié)出智能電網(wǎng)中存在兩種信息交互模式：即外部終端與內(nèi)部業(yè)務(wù)系統(tǒng)之間的縱向信息交互和不同安全等級(jí)的業(yè)務(wù)系統(tǒng)之間的橫向信息交互,并分析了兩種模式的安全要求。通過(guò)確保終端安全、傳輸通道安全和業(yè)務(wù)系統(tǒng)安全實(shí)現(xiàn)外部終端與內(nèi)部業(yè)務(wù)系統(tǒng)之間的雙向信息安全交互,通過(guò)劃分安全等級(jí)和制定單向規(guī)則,實(shí)現(xiàn)安全等級(jí)不同的業(yè)務(wù)系統(tǒng)之間,以及位于不同物理網(wǎng)絡(luò)中的安全等級(jí)相同的業(yè)務(wù)系統(tǒng)之間的單向信息交互。(2)構(gòu)建了TISEM雙向信息安全交互模型(Two-way Information Secure Exchange Model)解決外部終端與內(nèi)部業(yè)務(wù)系統(tǒng)之間的信息交互安全問(wèn)題,OISEM單向信息安全交互模型(One-way Information Secure Exchange Model)解決不同業(yè)務(wù)系統(tǒng)之間的信息交互安全問(wèn)題,并給出了模型的形式化描述、安全規(guī)則和安全特性。(3)對(duì)TISEM和OISEM兩種信息安全交互模型進(jìn)行實(shí)現(xiàn),并研究相關(guān)技術(shù)。針對(duì)TISEM模型提出的技術(shù)要點(diǎn),以可信理論為基礎(chǔ),以終端、數(shù)據(jù)傳輸通道、控制指令以及數(shù)據(jù)包等為研究對(duì)象,進(jìn)行安全技術(shù)的研究。首先,以國(guó)產(chǎn)可信密碼模塊TCM (Trusted Cryptography Module)為可信根,構(gòu)建了可信終端,保證終端的身份可信和運(yùn)行環(huán)境可信。其次,研究了終端的遠(yuǎn)程證明技術(shù),提出了證明方主導(dǎo)的遠(yuǎn)程證明模型RAMSA (Remote Attestation Model Sponsored by Attestor),并設(shè)計(jì)了遠(yuǎn)程證明協(xié)議。通過(guò)遠(yuǎn)程證明,將終端可信擴(kuò)展到網(wǎng)絡(luò)中,保證數(shù)據(jù)傳輸?shù)目尚�。再�?基于強(qiáng)制硬件確認(rèn)技術(shù),研究了控制指令的可信問(wèn)題,并給出了控制指令可信度的數(shù)學(xué)表達(dá)。最后,研究了d-Left Counter Bloom Filter算法,并基于該算法構(gòu)建了DCBF_DPIM (Deep Packet Inspection Model based on d-Left Counting Bloom Filter)深度包檢測(cè)模型。該模型只允許終端上傳符合既定規(guī)則的數(shù)據(jù),防止惡意數(shù)據(jù)對(duì)業(yè)務(wù)系統(tǒng)和信息內(nèi)網(wǎng)造成破壞。針對(duì)OISEM模型“上不讀下,下不寫(xiě)上；上可寫(xiě)下,下可讀上”的信息流單向傳輸原則,研究了基于網(wǎng)絡(luò)二極管的數(shù)據(jù)單向傳輸技術(shù)。(4)以電力用戶(hù)用電信息采集系統(tǒng)為研究對(duì)象,應(yīng)用TISEM模型和OISEM模型及關(guān)鍵技術(shù)的研究成果,設(shè)計(jì)了用電信息采集系統(tǒng)信息安全交互體系,對(duì)智能電網(wǎng)中有相似安全需求業(yè)務(wù)系統(tǒng)的信息安全體系的構(gòu)建具有指導(dǎo)性的意義。
[Abstract]:The interaction is the essential feature of the smart grid, which is different from the traditional power grid, and the nature of the interaction is the interaction of information. Therefore, information interaction is an important prerequisite for the realization of the basic function of the smart grid. On the one hand, the vertical information interaction between the external intelligent terminal and the internal business system can realize the real-time collection of information and the operation of the power grid. On the other hand, the cross information interaction between different business systems is more conducive to the timely sharing of information and the basis for scientific decision-making. Information interaction makes the information network of the smart grid and the power network integrated. The security of the information network is directly related to the security of the smart grid. In addition, the network is separated by the network. In the presence of measures, how does the internal business system establish communication relations with the external terminal, how to prevent unauthorized external terminals from unauthorized access, and how to share information with different security level business systems directly affect the availability of the business system. So the security interaction of information is the normal operation of the business system. In this paper, based on the summary of intelligent power grid information interaction mode and the analysis of the security demand of smart grid, the key technology of information security interaction model and the information security interaction of smart grid is studied on the basis of the strong smart grid as the research background. This paper describes the construction method of the information security interaction system. The research work and the main achievements of this paper are embodied in the following four aspects: (1) analyze the hierarchical structure of the smart grid from the vertical and horizontal two levels, and sum up two kinds of information interaction modes in the smart grid. Type: the vertical information interaction between the external terminal and the internal business system and the transversal information interaction between the different security level business systems, and the security requirements of the two modes are analyzed. The two-way information between the external terminal and the internal business system is realized by ensuring terminal security, transmission channel security and business system security. Security interaction, by dividing the security level and formulating the one-way rules, realizing the one-way information interaction between different security level business systems and the same security level business systems in different physical networks. (2) a TISEM bidirectional information security interaction model (Two-way Information Secure Exchange Model) is constructed. The information interaction security problem between the external terminal and the internal business system, the OISEM one-way information security interaction model (One-way Information Secure Exchange Model) solves the information interaction security problem between different business systems, and gives the formal description of the model, the security rules and the security characteristics. (3) two information to TISEM and OISEM. The security interaction model is implemented and the related technology is studied. Aiming at the technical points proposed by the TISEM model, the security technology is studied on the basis of the trusted theory, the terminal, the data transmission channel, the control instruction and the data packet. First, the homemade TCM (Trusted Cryptography Module) is a trusted root. The trusted terminal is built to ensure the identity of the terminal and the reliable running environment. Secondly, the remote authentication technology of the terminal is studied, and the remote proof model RAMSA (Remote Attestation Model Sponsored by Attestor) is proposed by the proving party, and the remote authentication protocol is designed. In addition, based on the mandatory hardware confirmation technology, the reliability of control instructions is studied and the mathematical expression of the reliability of the control instruction is given. Finally, the d-Left Counter Bloom Filter algorithm is studied, and the DCBF_DPIM (Deep Packet Inspection Model based on d-Left) is constructed based on the algorithm. M Filter) depth packet detection model. This model only allows the terminal to upload data that conforms to the established rules to prevent malicious data from causing damage to the business system and the intranet. A data flow based on the network diode is studied for the principle of one-way transmission of information flow in the OISEM model, "no reading, down write down, up write down, lower readable" information flow. (4) (4) taking electric power user information acquisition system as the research object, applying the research results of TISEM model and OISEM model and key technology, the information security interaction system of the power information acquisition system is designed, which is of guiding significance to the construction of information security system with similar security demand service system in the smart grid.
【學(xué)位授予單位】：華北電力大學(xué)(北京)
【學(xué)位級(jí)別】：博士
【學(xué)位授予年份】：2014
【分類(lèi)號(hào)】：TP309;TM76

【相似文獻(xiàn)】

相關(guān)期刊論文 前10條

1 ;業(yè)內(nèi)人士談信息安全發(fā)展的兩大趨勢(shì)[J];機(jī)械工業(yè)信息與網(wǎng)絡(luò);2005年04期

2 ;信息安全:戰(zhàn)略為先細(xì)節(jié)制勝 創(chuàng)新是關(guān)鍵[J];中國(guó)勘察設(shè)計(jì);2006年06期

3 陸e，

本文編號(hào)：2099451