CN110099072A - A kind of safety protecting method being directed to industrial data transmission of internet of things - Google Patents

A kind of safety protecting method being directed to industrial data transmission of internet of things Download PDF

Info

Publication number
CN110099072A
CN110099072A CN201910426426.6A CN201910426426A CN110099072A CN 110099072 A CN110099072 A CN 110099072A CN 201910426426 A CN201910426426 A CN 201910426426A CN 110099072 A CN110099072 A CN 110099072A
Authority
CN
China
Prior art keywords
client
server
protocol
encryption
things
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201910426426.6A
Other languages
Chinese (zh)
Inventor
向祉牟
马斌
黄宏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Luoyang Advanced Manufacturing Industry Research And Development Base tianjin Research Institute For Advanced Equipment tsinghua University
Original Assignee
Tianjin Advanced Equipment Research Institute Of Tsinghua University Luoyang Advanced Manufacturing Industry Research And Development Base
Weiyiyun (wuhan) Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tianjin Advanced Equipment Research Institute Of Tsinghua University Luoyang Advanced Manufacturing Industry Research And Development Base, Weiyiyun (wuhan) Technology Co Ltd filed Critical Tianjin Advanced Equipment Research Institute Of Tsinghua University Luoyang Advanced Manufacturing Industry Research And Development Base
Priority to CN201910426426.6A priority Critical patent/CN110099072A/en
Publication of CN110099072A publication Critical patent/CN110099072A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention relates to industrial Internet of Things information security field, specially a kind of safety protecting method for being directed to industrial data transmission of internet of things.The safety protecting method realizes solve the security risk in the data transmission of existing industrial Internet of Things to a certain degree by authentication and communication encryption.The authentication is realized by the communication handshake process of the protocol stack and client and server that encapsulate on existing Internet of Things transport protocol, the characteristics of having fully considered existing industrial data transmission of internet of things, can be on the basis of not changing existing industrial Internet of Things transport protocol, protocol specification needed for authentication can be formed by encapsulation.The communication encryption encrypts the data of transmission by digital certificate and the realization of corresponding digital certificate authentication process, to guarantee the safety of data.

Description

A kind of safety protecting method being directed to industrial data transmission of internet of things
Technical field
The invention belongs to industrial Internet of Things information security fields, and in particular to one kind is directed to industrial data transmission of internet of things Safety protecting method, this method is logical to protect mainly for security risk existing for industrial Internet of things system data transfer layer The visual angle for believing process safety is starting point, i.e., the authentication in communication process between the confidentiality and terminal device of data.It is right In the common communication protocol of industrial Internet of things system, encrypted transmission is carried out to its communication process;Communication between terminal device is adopted With authentication, guarantee that data transfer layer provides safe and accurate data transport service.
Background technique
Internet of Things rapidly develops, and starts to be applied to every field, wherein most fast, the widest in area vertical field of spreading speed Just in industry.The application scenarios of industrial Internet of Things are also extremely abundant, and sensor, robot, automation equipment etc. are more next More equipment link together.Industrial Internet of Things regards the height combination of industrial automation system and Internet of things system as, The technologies such as internet, cloud computing and sensing are introduced in its development process, and complete industrial production system, industrial monitoring The fusion of system and industrial management system, analysis and processing result according to data center to industrial data, can substantially mention High yield quality and industrial production efficiency, and production management cost is effectively reduced.
Control device with industrial technology of Internet of things mechanical floor in the extensive use of industrial circle, industrial control system will lead to The interaction that open network realizes information and data is crossed, and management level can be subjected to seamless merge with the information of market layer.So And more and more open networking connection is so that industrial control system, networked devices and industrial cloud platform are subject to invade, to work Industry environment brings shutdown, production disruption, loss of assets etc. to threaten.
The transport network layer of data transfer layer and general Internet of Things in industrial Internet of Things is consistent, and is a fusion Sensing network, mobile network and internet Open Network, usually build its communication network according to international standard or professional standard Network, such as Wi-Fi, bluetooth, the short-range wireless communication technique of RFID, ZigBee, traditional mobile network, internet, low function It consumes wide area network etc. and MQTT agreement is all kinds of Internet of Things communication protocols of representative, be the data processing of industry spot and distal end Center has erected data transmission channel.
Communication protocol used by industrial Internet of things system does not have special regulation, and the producer being typically different has respective Standard.Different Internet of Things communication protocols have uncertain risk, it is possible to which its encryption measures is more complete, it is also possible to basic With regard to without carrying out any encryption.If the internet of things product used, the communication protocol used is not only simple but also is plaintext transmission, that Attacker once intrudes into Internet of things system local area network, so that it may easily be intercepted using the methods of Network Sniffing very much logical Letter data.Communication protocol does not encrypt, and attacker can easily detect data content, and can distort, data falsification The content of packet, or by way of man-in-the-middle attack, the control instruction of mistake is sent, may cause industrial equipment can not be normal Operating.
It is mainly the safety for ensureing data transmission in communication process for data transfer layer, including communication terminal device Authentication and data confidentiality.To guarantee that data transfer layer provides safe and accurate data transport service, defence data are stolen It takes and man-in-the-middle attack needs to add its communication process for the communication protocol that most of industrial Internet of things system uses Close transmission, and trusted identity certification is carried out to the terminal device for using related protocol to access.Simultaneously in view of industrial Internet of Things host The data shape to be transmitted, a large amount of stream data, under the premise of considering to transmit safety, it is also desirable to guarantee the reality of data transmission Shi Xing.
Summary of the invention
The purpose of the present invention is proposing a kind of safety protecting method for the data transmission security of industrial Internet of Things, for protecting Demonstrate,prove the communication procedure data of equipment and distal end safety in industrial Internet of Things, with solve data theft in data transmission procedure and Man-in-the-middle attack.
To realize the foregoing purpose present invention, the following technical solution is employed:
A kind of safety protecting method being directed to industrial data transmission of internet of things, comprising the following steps:
(1) the tunneling stack on the transport protocol of existing industrial Internet of Things, forms identity authentication protocol specification;
(2) four data interactions are carried out between clients and servers, it is exchanged by client and server agreement Data and algorithm in journey generate identical session code key, carry out the identity validation of both sides, complete between client and server Communication handshake;
(3) after communication handshake success, digital certificate and corresponding digital certificate authentication flow decision client by encryption Whether end is legitimate device.
Further, the protocol stack described in step (1) includes that the encryption encapsulation encapsulated on Transmission Control Protocol and IP agreement is held Handball Association's view, Modify password specification protocol, alarm agreement, marginal layer to cloud transport protocol and encryption encapsulation record protocol.
Further, the encryption encapsulation Handshake Protocol includes but is not limited to the safety of Transport Layer Security and network layer Agreement, and combine Modify password specification protocol, alarm agreement client and server are authenticated, encryption data while Maintaining data integrity.
Further, the marginal layer includes but is not limited to MQTT agreement to cloud transport protocol, for describing work Industry communicates particularity.
Further, four data interactions described in step (2) are respectively client request, server response, client End is responded, server is finally responded,
Client request is that user end to server sends connection request, which is communication encryption request, including client The information such as cryptographic protocol version, Encryption Algorithm external member and the compression method that can be compatible with are held, are determined specifically to adopt by server With the combination of cryptographic protocol and algorithm, while the request further includes the random number that a client generates;
Server response is that server responds the client request of first stage, and server can be sent to client Message has determined the cryptographic protocol version, Encryption Algorithm external member and server digital certificate used within the message, simultaneously should It further include the random number generated by server in message;
It is that client responds the server response of second stage that client, which is responded, and client demonstrate,proves server number Book carry out validity checking, if the digital certificate be not it is legal, client will directly disconnect or to user send out The warning for sending a server not trusted;If certificate has passed through legal verifying, client can generate again one be used for after The continuous random number for generating session code key, and the random number is encrypted using the server public key in server digital certificate, Then message is sent to server, includes that the random number of encryption, coding change notice and client is shaken hands knot in the message Shu Tongzhi;
Server, which is finally responded, responds the client of phase III for server, and server receives client The random number encrypted in the message is decrypted using privacy key after response, is then generated using aforementioned three phases Three generating random number application data transfer phase used in session code key, then to client send message, the message Change confirmation and server handshaking end notification including coding.
Further, the digital certificate described in step (3) includes client public key relevant information, informative abstract and number label Name, client public key relevant information is generated by Hash Encryption Algorithm, while being carried out by certification authorities personal key algorithm Encryption generates digital signature.
Further, the digital certificate authentication process described in step (3) the following steps are included:
(3.1) after communication handshake success, client calculates the Information Ontology for needing to be sent to server using Hash encryption Method generates informative abstract, while client encrypts informative abstract using client private key, generates digital signature;
(3.2) Information Ontology and digital signature are sent jointly to server by client;
(3.3) after server receives message, digital signature is taken out, digital signature is decrypted using client public key, Obtain informative abstract;
(3.4) server obtains informative abstract using Hash Encryption Algorithm to the Information Ontology received again, the letter that will be obtained The informative abstract that breath abstract is obtained with step (3.3) compares, if the two is consistent, determines that the client is legal sets It is standby;If the two is inconsistent, determine that the client is illegality equipment.
Compared with prior art, the invention has the advantages that and technical effect:
(1) safety protecting method for being directed to industrial data transmission of internet of things passes through authentication and communication encryption one Determine degree and solves security risk in the data transmission of existing industrial Internet of Things;
(2) authentication passes through the protocol stack and client and server that encapsulate on existing Internet of Things transport protocol Communication handshake process the characteristics of realizing, having fully considered existing industrial data transmission of internet of things, existing work can not changed On the basis of industry Internet of Things transport protocol, protocol specification needed for authentication can be formed by encapsulation;
(3) communication encryption carries out the data of transmission by digital certificate and corresponding digital certificate authentication process Encryption, to guarantee the safety of data.
The above description is only an overview of the technical scheme of the present invention, in order to better understand the technical means of the present invention, And it can be implemented in accordance with the contents of the specification, and in order to allow above and other objects, features and advantages of the invention can It is clearer and more comprehensible, it is special below to lift preferred embodiment, and cooperate attached drawing, detailed description are as follows.
Detailed description of the invention
Fig. 1 is the protocol stack that the present invention is directed to industrial data transmission of internet of things encryption.
Fig. 2 is the client of communication process of the present invention and the handshake procedure of server.
Fig. 3 is composition of the present invention for the digital certificate of communication encryption.
Fig. 4 is use digital certificate authentication process of the invention.
[appended drawing reference]
11 be encryption encapsulation Handshake Protocol, and 12 be Modify password specification protocol, and 13 be alarm agreement, and 14 be marginal layer to cloud Transport protocol is held, 15 be encryption encapsulation record protocol, and 16 be Transmission Control Protocol, and 17 be IP agreement;
21 be client, and 22 be server, and 23 be client request, and 24 be server response, and 25 respond for client, 26 It is finally responded for server;
31 be digital certificate, and 32 be client public key relevant information, and 33 be informative abstract, and 34 be digital signature, and 35 be Hash Encryption Algorithm, 36 be certification authorities personal key algorithm;
41 be Information Ontology, and 42 be client private key, and 43 be client public key, and 44 be legitimate device, and 45 be illegality equipment.
Specific embodiment
The working principle that present invention be described in more detail with reference to the accompanying drawings and embodiments.
Safety protecting method proposed by the present invention is realized by identification authentication mode and communication encryption mode and is directed to industry The security protection of data transmission of internet of things.
The identification authentication mode is the client and service of the protocol stack and communication process by special transmission encryption The communication handshake process realization of device, specifically: protocol stack shown in FIG. 1 is encapsulated on the transport protocol of existing industrial Internet of Things, Identity authentication protocol specification is formed, then uses four data interactions shown in Fig. 2 between a client and a server, respectively Client request, server response, client are responded, server is finally responded, exchanged by client and server agreement Data and algorithm generate identical session code key in journey, carry out the identity validation of both sides, complete between client and server Communication handshake.
Referring to Fig. 1, being directed to the protocol stack of industrial data transmission of internet of things encryption for the present invention.Existing industry Internet of Things Transport protocol be the transport protocol for depending on TCP as mainstream, can be with by package application layer data on the level of the transport layer On the basis of not modifying bottom transport protocol, guarantee is brought to transport protocol.The protocol stack purport of transmission encryption of the present invention It is effectively encrypted in the transport protocol to existing industrial Internet of Things, is mainly included in Transmission Control Protocol 16 and IP agreement 17 and encapsulates Encryption encapsulation Handshake Protocol 11, Modify password specification protocol 12, alarm agreement 13, marginal layer to cloud transport protocol 14 and Encryption encapsulation record protocol 15.
The encryption encapsulation Handshake Protocol 11 includes but is not limited to the safety association of Transport Layer Security (TLS) and network layer It discusses (IPSec), and Modify password specification protocol 12, alarm agreement 13 is combined to authenticate to user and server, encrypt number According to while maintaining data integrity.The marginal layer describes work to cloud transport protocol 14, including but not limited to MQTT agreement Industry communicates particularity.The encryption encapsulation record protocol 15 is mainly used as encryption encapsulation Handshake Protocol 11, Modify password specification association The record of view 12 and alarm agreement 13, realizes the complete and traceable of cryptographic protocol.The Transmission Control Protocol 16 and IP agreement 17 are Existing conventional TCP and IP agreement.
Referring to Fig. 2, for the client of communication process of the present invention and the handshake procedure of server.In the hand shaking stage, Client 21 issues connection request to server 22 first, and then both sides will do it some information exchanges, and according to these data Identical session code key is generated with algorithm, creates secure connection between client 21 and server 22;After the completion of shaking hands, client Coded communication is carried out using session code key between 21 and server 22, data sender adds information using dialogue code key Close, data receiver is also decrypted ciphertext data with same session code key.The hand shaking stage includes four data Interactive process:
First stage is client request 23, i.e., client 21 sends connection request to server 22, which is communication CIPHERING REQUEST contains the information such as cryptographic protocol version, Encryption Algorithm external member and the compression method that client 21 can be compatible with, The combination for specifically using cryptographic protocol and algorithm is determined by server 22, while the request further includes that a client 21 is raw At random number;
Second stage is server response 24, i.e. server 22 responds the client request of first stage, is serviced Device 22 can send message to client 21, be determined that the protocol version used (should be with the agreement version of client within the message Originally unanimously), Encryption Algorithm external member and server digital certificate, while further including one in the message and being generated by server 22 Random number;
Phase III is that client responds 25, i.e. client 21 responds the server response of second stage, client End can to the digital certificate of server 22 carry out validity checking, if the certificate be not it is legal, client 21 will be direct It disconnects or sends the not trusted warning of a server 22 to user;If certificate has passed through legal verifying, client End 21 can generate one for being subsequently generated the random number of session code key again, and use the server in server digital certificate Public key encrypts the random number, then sends message to server 22, includes random number, the coding of encryption in the message End notification that change notifies and client is shaken hands;
Fourth stage is that server finally responds 26, i.e. server 22 responds the client of phase III, Server 22 receives client and responds 25, the random number encrypted in the message is decrypted using privacy key, then It is generated using three random numbers (being generated in first three stage) using session code key used in data transfer phase, then to client End 21 sends message, which includes that coding changes confirmation and server handshaking end notification.
The communication encryption mode is completed by the digital certificate of encryption and corresponding digital certificate authentication process, thus Guarantee the encrypted transmission of industrial data.
Referring to Fig. 3, the composition for the present invention for the digital certificate of communication encryption, is using signature algorithm in part Hold the digital certificate that can be used to after being digitally signed as trusting relationship intermediary.The digital certificate 31 mainly includes user Public key relevant information 32, informative abstract 33 and digital signature 34, relationship are as follows: client public key relevant information 32 is encrypted by Hash Algorithm 35 generates, while carrying out encryption by certification authorities personal key algorithm 36 and generating digital signature 34.
Referring to Fig. 4, using digital certificate authentication process for of the invention.Client and server is in communication handshake success Later, 21 pairs of the client Information Ontologies 41 for needing to be sent to server 22 use Hash Encryption Algorithm 35, generate informative abstract 33, while client 21 uses client private key 42, encrypts to informative abstract 33, generates digital signature 34;Then client Digital signature 34 and Information Ontology 41 are sent jointly to server 22 by end 21;After server 22 receives message, take out therein Digital signature 34 is decrypted digital signature 34 using client public key 43, obtains the informative abstract 33 of Information Ontology;Service Device 22 again to the Information Ontology 41 received itself use Hash Encryption Algorithm 35, by obtained informative abstract with it is obtained in the previous step Informative abstract compares, if the two is consistent, determines that the client 21 is legitimate device 44, is otherwise illegality equipment 45.
Finally, it is stated that the above examples are only used to illustrate the technical scheme of the present invention and are not limiting, this field is common Other modifications or equivalent replacement that technical staff makes technical solution of the present invention, without departing from technical solution of the present invention Design and range, be intended to be within the scope of the claims of the invention.

Claims (7)

1. a kind of safety protecting method for being directed to industrial data transmission of internet of things, it is characterised in that the following steps are included:
(1) the tunneling stack on the transport protocol of existing industrial Internet of Things, forms identity authentication protocol specification;
(2) four data interactions are carried out between clients and servers, by client and server agreement exchange process Data and algorithm generate identical session code key, carry out the identity validation of both sides, complete logical between client and server Letter is shaken hands;
(3) after communication handshake success, it is by the digital certificate and corresponding digital certificate authentication flow decision client of encryption No is legitimate device.
2. safety protecting method according to claim 1, it is characterised in that the protocol stack described in step (1) is included in The encryption encapsulated on Transmission Control Protocol and IP agreement encapsulates Handshake Protocol, Modify password specification protocol, alarm agreement, marginal layer to cloud Hold transport protocol and encryption encapsulation record protocol.
3. safety protecting method according to claim 2, it is characterised in that encryption encapsulation Handshake Protocol includes but not It is limited to the security protocol of Transport Layer Security and network layer, and combines Modify password specification protocol, alarm agreement to client And server is authenticated, encryption data while maintaining data integrity.
4. safety protecting method according to claim 2, it is characterised in that the marginal layer to cloud transport protocol Including but not limited to MQTT agreement, for describing industrial communication particularity.
5. safety protecting method according to claim 1, it is characterised in that four data interactions described in step (2) point Not Wei client request, server response, client respond, server finally respond,
Client request is that user end to server sends connection request, which is communication encryption request, including client energy Enough information such as compatible cryptographic protocol version, Encryption Algorithm external member and compression method are determined that specific use adds by server The combination of close agreement and algorithm, while the request further includes the random number that a client generates;
Server response is that server responds the client request of first stage, and server can be sent to client to disappear Breath, has determined the cryptographic protocol version, Encryption Algorithm external member and server digital certificate used, while this disappears within the message It further include the random number generated by server in breath;
Client respond be client the server response of second stage is responded, client to server digital certificate into Row validity checking, if the digital certificate be not it is legal, client will directly disconnect or to user send one The not trusted warning of a server;If certificate has passed through legal verifying, client can generate one for subsequent life again The random number is encrypted at the random number of session code key, and using the server public key in server digital certificate, then Message is sent to server, includes that the random number of encryption, coding change notice and client is shaken hands terminates to lead in the message Know;
Server, which is finally responded, responds the client of phase III for server, and server receives client response The random number encrypted in the message is decrypted using privacy key afterwards, three then generated using aforementioned three phases Session code key used in a generating random number application data transfer phase, then sends message to client, which includes Coding changes confirmation and server handshaking end notification.
6. safety protecting method according to claim 1, it is characterised in that the digital certificate described in step (3) includes using Family public key relevant information, informative abstract and digital signature, client public key relevant information are generated by Hash Encryption Algorithm, are led to simultaneously It crosses certification authorities personal key algorithm and carries out encryption generation digital signature.
7. safety protecting method according to claim 1, it is characterised in that the digital certificate authentication stream described in step (3) Journey the following steps are included:
(3.1) after communication handshake success, client is raw using Hash Encryption Algorithm to the Information Ontology for needing to be sent to server At informative abstract, while client encrypts informative abstract using client private key, generates digital signature;
(3.2) Information Ontology and digital signature are sent jointly to server by client;
(3.3) after server receives message, digital signature is taken out, digital signature is decrypted using client public key, is obtained Informative abstract;
(3.4) server obtains informative abstract using Hash Encryption Algorithm to the Information Ontology received again, and obtained information is plucked The informative abstract to obtain with step (3.3) compares, if the two is consistent, determines that the client is legitimate device;Such as Both fruits are inconsistent, then determine that the client is illegality equipment.
CN201910426426.6A 2019-05-21 2019-05-21 A kind of safety protecting method being directed to industrial data transmission of internet of things Pending CN110099072A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910426426.6A CN110099072A (en) 2019-05-21 2019-05-21 A kind of safety protecting method being directed to industrial data transmission of internet of things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910426426.6A CN110099072A (en) 2019-05-21 2019-05-21 A kind of safety protecting method being directed to industrial data transmission of internet of things

Publications (1)

Publication Number Publication Date
CN110099072A true CN110099072A (en) 2019-08-06

Family

ID=67448850

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910426426.6A Pending CN110099072A (en) 2019-05-21 2019-05-21 A kind of safety protecting method being directed to industrial data transmission of internet of things

Country Status (1)

Country Link
CN (1) CN110099072A (en)

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111935087A (en) * 2020-07-02 2020-11-13 上海微亿智造科技有限公司 Authentication verification method and system for gateway receiving large data volume through industrial internet
CN112229438A (en) * 2020-08-31 2021-01-15 深圳技术大学 Natural ecological credible monitoring system and method
CN112350826A (en) * 2021-01-08 2021-02-09 浙江中控技术股份有限公司 Industrial control system digital certificate issuing management method and encrypted communication method
CN112394683A (en) * 2020-11-24 2021-02-23 桂林电子科技大学 File transmission method using industrial control system
CN112636923A (en) * 2020-12-23 2021-04-09 江苏徐工工程机械研究院有限公司 Engineering machinery CAN equipment identity authentication method and system
CN113098863A (en) * 2021-03-31 2021-07-09 郑州信大捷安信息技术股份有限公司 TLS + MQTT protocol-based Internet of things double-authentication method and system
CN117376039A (en) * 2023-12-08 2024-01-09 四川科朗新创建设有限公司 Encryption method, system, equipment and medium of SD-WAN communication system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3407567A1 (en) * 2017-05-26 2018-11-28 ABB Schweiz AG Application deployment in industrial internet of things
CN109347809A (en) * 2018-09-25 2019-02-15 北京计算机技术及应用研究所 A kind of application virtualization safety communicating method towards under autonomous controllable environment

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3407567A1 (en) * 2017-05-26 2018-11-28 ABB Schweiz AG Application deployment in industrial internet of things
CN109347809A (en) * 2018-09-25 2019-02-15 北京计算机技术及应用研究所 A kind of application virtualization safety communicating method towards under autonomous controllable environment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
王斌: "工业物联网信息安全防护技术研究", 《中国优秀硕士学位论文全文数据库》 *

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111935087A (en) * 2020-07-02 2020-11-13 上海微亿智造科技有限公司 Authentication verification method and system for gateway receiving large data volume through industrial internet
CN112229438A (en) * 2020-08-31 2021-01-15 深圳技术大学 Natural ecological credible monitoring system and method
CN112394683A (en) * 2020-11-24 2021-02-23 桂林电子科技大学 File transmission method using industrial control system
CN112394683B (en) * 2020-11-24 2022-03-11 桂林电子科技大学 File transmission method using industrial control system
CN112636923A (en) * 2020-12-23 2021-04-09 江苏徐工工程机械研究院有限公司 Engineering machinery CAN equipment identity authentication method and system
CN112636923B (en) * 2020-12-23 2024-04-05 江苏徐工工程机械研究院有限公司 Engineering machinery CAN equipment identity authentication method and system
CN112350826A (en) * 2021-01-08 2021-02-09 浙江中控技术股份有限公司 Industrial control system digital certificate issuing management method and encrypted communication method
CN113098863A (en) * 2021-03-31 2021-07-09 郑州信大捷安信息技术股份有限公司 TLS + MQTT protocol-based Internet of things double-authentication method and system
CN117376039A (en) * 2023-12-08 2024-01-09 四川科朗新创建设有限公司 Encryption method, system, equipment and medium of SD-WAN communication system

Similar Documents

Publication Publication Date Title
CN110099072A (en) A kind of safety protecting method being directed to industrial data transmission of internet of things
CN111083131B (en) Lightweight identity authentication method for power Internet of things sensing terminal
US11102226B2 (en) Dynamic security method and system based on multi-fusion linkage response
Pereira et al. An authentication and access control framework for CoAP-based Internet of Things
CN102983965B (en) Transformer station's quantum communications model, quantum key distribution center and model implementation method
CN104158653B (en) A kind of safety communicating method based on the close algorithm of business
Naik et al. Cyber security—iot
Gaba et al. Robust and lightweight key exchange (LKE) protocol for industry 4.0
US11736304B2 (en) Secure authentication of remote equipment
CN106790064B (en) The method that both sides are communicated in credible root server-cloud computing server model
CN104935553B (en) Unified identity authentication platform and authentication method
CN104579679B (en) Wireless public network data forwarding method for agriculture distribution communication equipment
CN101657992A (en) Identity protection method, devices and corresponding computer programme product
CN109474613B (en) Highway information issuing private network security reinforcement system based on identity authentication
CN110999223A (en) Secure encrypted heartbeat protocol
CN112637136A (en) Encrypted communication method and system
CN103441983A (en) Information protection method and device based on link layer discovery protocol
CN103051869A (en) System and method for encrypting camera video in real time
CN111756627A (en) Cloud platform security access gateway of electric power monitored control system
CN104320329A (en) Method and system for safe instant messaging under open and untrusted internet environment
CN110266725A (en) Cryptosecurity isolation module and mobile office security system
Wazid et al. TACAS-IoT: trust aggregation certificate-based authentication Scheme for edge-enabled IoT systems
CN106789524A (en) The high speed parsing of VPN encrypted tunnels and restoring method
CN115459912A (en) Communication encryption method and system based on quantum key centralized management
CN106789845A (en) A kind of method of network data security transmission

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
TA01 Transfer of patent application right
TA01 Transfer of patent application right

Effective date of registration: 20200721

Address after: Luoyang City, Henan province high tech Zone 471000 Road No. 18.

Applicant after: LUOYANG ADVANCED MANUFACTURING INDUSTRY RESEARCH AND DEVELOPMENT BASE,TIANJIN RESEARCH INSTITUTE FOR ADVANCED EQUIPMENT,TSINGHUA University

Address before: Room 149, 1st floor, Guanggu Pioneer Street, Donghu New Technology Development Zone, Wuhan City, Hubei Province

Applicant before: Weiyiyun (Wuhan) Technology Co.,Ltd.

Applicant before: LUOYANG ADVANCED MANUFACTURING INDUSTRY RESEARCH AND DEVELOPMENT BASE,TIANJIN RESEARCH INSTITUTE FOR ADVANCED EQUIPMENT,TSINGHUA University

RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20190806