CN111447283A - Method for realizing information security of power distribution station room system - Google Patents
Method for realizing information security of power distribution station room system Download PDFInfo
- Publication number
- CN111447283A CN111447283A CN202010264485.0A CN202010264485A CN111447283A CN 111447283 A CN111447283 A CN 111447283A CN 202010264485 A CN202010264485 A CN 202010264485A CN 111447283 A CN111447283 A CN 111447283A
- Authority
- CN
- China
- Prior art keywords
- data
- block chain
- equipment
- block
- power distribution
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 66
- 238000009826 distribution Methods 0.000 title claims abstract description 57
- 238000004891 communication Methods 0.000 claims abstract description 19
- 238000003860 storage Methods 0.000 claims abstract description 19
- 230000005540 biological transmission Effects 0.000 claims abstract description 13
- 238000007726 management method Methods 0.000 claims description 35
- 238000012795 verification Methods 0.000 claims description 23
- 238000012545 processing Methods 0.000 claims description 13
- 238000005192 partition Methods 0.000 claims description 11
- 230000008569 process Effects 0.000 claims description 10
- 238000013475 authorization Methods 0.000 claims description 6
- 238000013500 data storage Methods 0.000 claims description 6
- 230000000977 initiatory effect Effects 0.000 claims description 4
- 230000007246 mechanism Effects 0.000 claims description 4
- 238000012163 sequencing technique Methods 0.000 claims description 4
- 238000012550 audit Methods 0.000 claims description 3
- 238000012790 confirmation Methods 0.000 claims description 3
- 238000012544 monitoring process Methods 0.000 abstract description 13
- 238000012423 maintenance Methods 0.000 abstract description 9
- 238000011156 evaluation Methods 0.000 abstract description 2
- 238000005516 engineering process Methods 0.000 description 5
- 238000010586 diagram Methods 0.000 description 4
- 238000005457 optimization Methods 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 230000002457 bidirectional effect Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 101000651199 Dictyostelium discoideum Sphingosine kinase A Proteins 0.000 description 2
- 230000007547 defect Effects 0.000 description 2
- 206010033799 Paralysis Diseases 0.000 description 1
- 238000004378 air conditioning Methods 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 238000006243 chemical reaction Methods 0.000 description 1
- 238000004140 cleaning Methods 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000007123 defense Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000004870 electrical engineering Methods 0.000 description 1
- 238000005265 energy consumption Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000002474 experimental method Methods 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000005057 refrigeration Methods 0.000 description 1
- 239000000779 smoke Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
-
- H—ELECTRICITY
- H02—GENERATION; CONVERSION OR DISTRIBUTION OF ELECTRIC POWER
- H02J—CIRCUIT ARRANGEMENTS OR SYSTEMS FOR SUPPLYING OR DISTRIBUTING ELECTRIC POWER; SYSTEMS FOR STORING ELECTRIC ENERGY
- H02J13/00—Circuit arrangements for providing remote indication of network conditions, e.g. an instantaneous record of the open or closed condition of each circuitbreaker in the network; Circuit arrangements for providing remote control of switching means in a power distribution network, e.g. switching in and out of current consumers by using a pulse code signal carried by the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/04—Network management architectures or arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0442—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0823—Network architectures or network communication protocols for network security for authentication of entities using certificates
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/10—Protocols in which an application is distributed across nodes in the network
- H04L67/1097—Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02B—CLIMATE CHANGE MITIGATION TECHNOLOGIES RELATED TO BUILDINGS, e.g. HOUSING, HOUSE APPLIANCES OR RELATED END-USER APPLICATIONS
- Y02B70/00—Technologies for an efficient end-user side electric power management and consumption
- Y02B70/30—Systems integrating technologies related to power network operation and communication or information technologies for improving the carbon footprint of the management of residential or tertiary loads, i.e. smart grids as climate change mitigation technology in the buildings sector, including also the last stages of power distribution and the control, monitoring or operating management systems at local level
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S20/00—Management or operation of end-user stationary applications or the last stages of power distribution; Controlling, monitoring or operating thereof
- Y04S20/20—End-user application control systems
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Power Engineering (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
Abstract
The invention discloses a method for realizing the information security of a power distribution station house system, which realizes the information security access and encryption transmission of a power distribution station house, adopts a block chain account book structure to realize the data security storage, and adopts a block chain transaction deployment mode to realize the equipment linkage control, online operation and maintenance evaluation and the like in the station house. The scheme can be applied to power sensing terminal equipment, station room edge equipment and a cloud platform server according to deployment requirements and use conditions of application scenes of the power distribution station room, and supports functions of encrypted communication and safety certification of sensing monitoring information of the power distribution station room, assessment of station room operation and maintenance efficiency and the like.
Description
Technical Field
The invention relates to the technical field of electrical engineering, in particular to a method for realizing information safety of a power distribution station room system.
Background
With the effective integration of new-generation information technologies such as the internet of things and the internet with the smart grid, the traditional power grid is promoted to gradually transform to a smart grid bidirectional interactive service mode, and a power management department can timely master and know the operation condition of power facilities, equipment faults, environmental information and other contents by means of the smart terminal, so that the power operation and maintenance are reasonably arranged. Compare the heterogeneous intelligent terminal of novel electric wire netting diversified with traditional electric wire netting, the network safety protection border is ubiquitous, business safety access demand is diversified, this has also directly increased electric power terminal information leakage, a series of safety risks such as illegal access and out of control, the safety protection degree of difficulty of heterogeneous intelligent terminal has been increaseed, cause heterogeneous terminal's vulnerability to excavate, the integrality protection, the confidentiality protection and attack defense degree of difficulty are showing and are increasing, put forward stricter requirement to different kinds of intelligent terminal and mobile terminal's access mode and safety protection simultaneously. When safety inspection is carried out on the smart power grid, the fact that safety protection of a plurality of electric power information system terminals has certain defects due to the weak security vulnerability of weak passwords, insufficient remote service protection and the like is found.
Currently, a large number of power monitoring and sensing devices are widely applied to the field of power distribution monitoring, and the construction scheme of these power distribution station room monitoring systems generally adopts the steps that sensing data acquired by mass sensors are uploaded to access nodes through sink nodes, and finally enter a server of a cloud platform through an access controller and a control gateway of a network layer. The scheme is still a centralized distributed network structure essentially, and when facing the situation that the mass sensing data finally converges into the cloud platform server through the station house gateway equipment, the access authentication and the safety protection of the monitoring information of the intelligent station house are important problems to be solved:
1) safety of equipment
With the increase of data value, the terminal equipment of the power internet of things becomes a potential object of malicious attack of hackers. For example, according to public reported data, a famous zombie internet of things is infected by more than 200 ten thousand cameras and other internet of things devices accumulatively, and DDoS attack is initiated, so that a domain name resolution service provider Dyn is paralyzed.
2) Information security
Streaming data in the power internet of things is extremely easy to steal especially when transmitted through a wireless network. Meanwhile, with the combination of big data and the internet of things, mass data are stored in a few central nodes, data are lack of backup, and data security cannot be guaranteed.
3) User privacy protection
The traditional internet of things does not have privacy protection capability based on application, such as resistance to key sharing attack. Whether the GPS positioning systems of various sensors in the power equipment Internet of things can completely keep private data of users secret or not and whether information is monitored by manufacturers or not are important problems faced by the safety of the power sensing monitoring system.
The communication safety scheme of the current management and control system of the power distribution station generally comprises the following steps: and a hardware encryption method and a software algorithm encryption method are adopted at the station house equipment end, and a software encryption method is adopted at the cloud platform server end. Hardware encryption generally adopts the addition of encryption equipment, such as an encryption chip embedded in a sensing equipment end of a station house, and communication equipment such as access encryption equipment or an encryption gateway and the like added in edge equipment, so as to realize communication security authentication; software encryption generally adopts data encryption algorithm or encryption communication protocol and other technologies to ensure communication security.
The hardware encryption method comprises the following steps: as the security access proxy device: the method is characterized in that a power special cryptographic algorithm authorized and approved by the national cryptographic authority is adopted, and a self-developed high-performance power special hardware encryption chip is embedded, and the hardware encryption chip has the main functions of supporting identity authentication, information encryption, digital signature, key generation and protection and the like, and has enough capability of resisting cryptoanalysis attack. In order to ensure the security of the key and the cryptographic algorithm, the key and the algorithm of the safe access agent device are only stored in the safe storage area of the hardware encryption chip, are completely isolated from the application system and cannot be accessed by any illegal means, and the security of data exchange is greatly improved.
The software encryption method comprises the following steps: according to different key types, modern cryptographic technology mainly includes two types, namely a symmetric encryption system and an asymmetric encryption system. The SM1 algorithm is a commercial cipher block standard symmetric algorithm programmed by the national crypto authority, and is used for implementing encryption/decryption operations of data to ensure confidentiality of data and information. The SM1 block cipher algorithm is a general block symmetric encryption and decryption algorithm independently designed in China, the block length is 128 bits, the key length is 128 bits, and the security and secrecy strength and the related software and hardware implementation performance of the algorithm are equivalent to those of AES. The SM2 algorithm is called SM2 elliptic curve public key cryptographic algorithm, published by the national cryptology administration in 12 months 2010, and used as the national cryptology industry standard. The SM2 algorithm belongs to an asymmetric key algorithm and works by encrypting a private key and decrypting it using a public key. Its advantages mainly include: the key management is simple, and the number of key groups required during secret transmission is small; the secret key can be published in a public way, is easy to spread and is not easy to crack; the information confidentiality level is high, and the safety is good; the key occupies small storage space; the calculated amount is small, and the processing speed is high; the method has low bandwidth requirement, has wide application prospect in the field of wireless networks, and is mainly used for replacing the traditional RSA algorithm in the commercial cipher system of China.
At present, most management and control systems in power distribution rooms adopt a software encryption method, communication encryption between devices in a station room generally adopts an SM1 encryption algorithm, the SM2 algorithm is generally adopted between a station room gateway device and a cloud platform server based on factors such as performance characteristics of power sensing and communication devices, resource overhead and the like.
In an existing management and control system in a power distribution room, various types of sensing data monitored on site are generally uploaded to a remote management platform through a sink node or edge computing equipment, the sensing data are not strong in local processing capability, and a data comprehensive processing function is generally realized on the remote management platform. The real-time performance and the effectiveness level of data processing are not high, the requirement on communication bandwidth is high, and the method is not suitable for the real-time processing of mass station monitoring data and the popularization and the application fields with high functional requirements on comprehensive evaluation of equipment states, equipment linkage and the like.
Meanwhile, the existing hardware and software encryption method is essentially based on an encryption architecture taking a remote management platform or a cloud platform server as a center, the security of the existing hardware and software encryption method mainly depends on the cryptology strength, and the security of the schemes is gradually weakened when the computing capacity of attackers is increased day by day, such as the occurrence of quantum computers; meanwhile, hardware encryption equipment can increase the system cost and increase the complexity of system installation, deployment, operation and maintenance; the software encryption algorithm puts higher requirements on the computing capacity, the storage capacity, the energy consumption and the like of the electric power sensing terminal equipment, and is not suitable for application and popularization of mass electric power sensing terminals.
Disclosure of Invention
The technical problem to be solved by the invention is to overcome the defects of the prior art and provide a method for realizing the information security of a power distribution station room system, so that the information security access and encryption transmission of the power distribution station room are realized, and the reliable storage, the non-falsification, the traceability of an information access source and the like of data are ensured; the scheme can be applied to power sensing terminal equipment, station room edge equipment and a cloud platform server according to deployment requirements and use conditions of application scenes of the power distribution station room, and supports functions of encrypted communication and safety certification of sensing monitoring information of the power distribution station room, assessment of station room operation and maintenance efficiency and the like.
The invention adopts the following technical scheme for solving the technical problems:
according to the method for realizing the information security of the power distribution station room system, a power distribution station room information security system framework is constructed, block chain system initialization, entity registration, equipment authentication, data transmission among equipment and data storage are realized based on the power distribution station room information security system framework, and the equipment comprises main equipment and slave equipment;
the method for constructing the information security system architecture of the power distribution station room comprises the following steps:
two layers of parallel block chain structures are adopted as the information safety system structure of the power distribution station house, block chains in partitions are arranged in the power distribution station house, and block chain structures between the partitions are adopted among different station houses;
the method comprises the following steps that a block chain in a partition is adopted in a power distribution station room, a terminal and a gateway form a power sensing data block chain system in one partition, in the system, the gateway serves as a main device of block chain transaction, and the terminal is a slave device; constructing a block chain trust domain by a master device, wherein a slave device in the trust domain is a terminal in a gateway communication area;
the power distribution station rooms are partitioned block chains, an electric power information storage area block chain system is formed by a plurality of gateways and a remote management platform, in the block chain system, the remote management platform is used as a main device, and the gateways are used as slave devices; the trust domain is built by the main device, and the new gateway is used as the slave device to apply for association to the trust domain.
As a further optimization scheme of the method for realizing the information security of the power distribution station room system, the block chain system initialization and entity registration:
the block chain initialization comprises the following steps: the master device creates a management block chain of the master device as a trust domain, and if other slave devices belong to the block chain with the master device, the slave devices perform entity registration on the trust domain.
The equipment authentication method is characterized in that data for verifying the validity of equipment identity is stored in a block chain account book commonly maintained by a plurality of distributed block chain nodes in a block chain transaction mode, so that a terminal identity authentication framework with a decentralized characteristic is constructed, and the identity bidirectional authentication between equipment and a platform and between equipment and the platform is realized without the intervention of a trusted third party; the specific process of equipment authentication comprises the following steps:
step 1, when a new device is used as a slave device to require to be accessed into a block chain network, an authentication management request is sent out; confirming, by the master device, an identity of the slave device;
step 2, the main device receives the authentication request of the new device and then verifies the request, if the request is legal, the main device generates a certificate and returns the certificate to the authentication management module of the slave device, and if the request is illegal, an illegal prompt is returned; the authentication management service obtains authorization in the configuration of channels, sequencing services and nodes in the block chain network in advance, and meanwhile, the data sharing and privacy authority of the slave equipment are configured;
step 3, after receiving the certificate from the equipment authentication management module, encrypting and storing the certificate in a local database, and recording the corresponding relation between the certificate and the sensing equipment;
step 4, the data receiving and processing module receives data collected by the power sensing equipment, processes the data, and sends the processed data to the super account book storage module for storage;
and 5, the super account book storage module signs by using the certificate of the slave equipment, packages the data into a transaction proposal and then sends the transaction proposal to the node in the channel.
As a further optimization scheme of the method for realizing the information security of the power distribution station room system, the method for data transmission among equipment comprises the following steps:
the safe access of data between the slave devices is realized through the authorization of the master device in the block chain;
various electric power information transmitted by the equipment is reported to the gateway after the signature is encrypted, and a data block chaining is applied in the electric power sensing data block chain; in the process of reporting and storing data, an asymmetric encryption and signature system is used; and the block chain server node for storing the aggregated power data synchronizes a power information data account book through a PBFT consensus mechanism.
The method for realizing the information security of the power distribution station room system is further optimized, and the Keccak algorithm encryption is carried out on data transmitted by equipment each time by using a secret key of the data; signing the encrypted data by adopting an ECDSA algorithm, and forming a block application uplink together with a Hash value of the encrypted data; the specific data transmission flow is as follows:
step A: the equipment generates an uplink data packet for various data to be transmitted according to a sensing network communication protocol;
and B: encrypting the sensing data by adopting a Keccak encryption algorithm to obtain a ciphertext;
and C: generating a signature and a Hash value thereof for the ciphertext;
step D: reporting the encrypted ciphertext, the Hash value and a timestamp generated by data to an edge gateway block chain node in the region;
step E: and (3) carrying out signature verification and Hash value verification on data by other block chain link points in the region: if true, the collected data is true and effective; if false, the data is discarded and re-tested.
As a further optimization scheme of the method for realizing the information security of the power distribution station room system, the data storage method specifically comprises the following steps:
step ①, the main node sorts and sorts the sensing data received from the chain, generates a block, fills the data into the block, adds the signature and the hash of the block, and broadcasts the block to the power sensing data block chain network;
step ②, after receiving the new block, the slave node adds the block head to the latest block account book owned by the slave node, that is, adds a block record, and performs hash audit on the block, if the hash is consistent with the hash sent by the master node, the hash passes verification, and broadcasts the verification result information to the power sensing data block chain;
step ③, each node receives the verification results of other nodes while verifying the block broadcast by the master node, and after collecting the correctness confirmation messages sent by other nodes more than half the number of the nodes, considers the block to be valid, and submits the block to the local owned block chain account book of the power sensing data;
at this point, each node completes the account book synchronization operation of the power sensing data;
the master node is a master device, the slave node is a slave device, the node is a node in a block chain and is a device, and the device comprises the master device and the slave device.
The further optimization scheme of the method for realizing the information security of the power distribution station house system further comprises a linkage decision method of equipment in the station house, and the method specifically comprises the following steps:
according to the operation characteristics of the power distribution station house, the linkage decision model is used as an intelligent contract transaction model of the block chain, and the block chain master and slave devices are deployed and implemented in the station; if the terminal acquires data and meets the triggering condition, initiating data transaction to the gateway; the gateway sends the data to contract transaction, namely, the gateway judges whether to execute corresponding linkage measures according to the linkage strategy and a decision engine, namely, the execution of a functional contract; after executing the contract, the execution result is sent to the interested gateway or platform and other devices.
Compared with the prior art, the invention adopting the technical scheme has the following technical effects:
the invention provides a method for power information access authentication and safety protection by adopting a decentralized safety encryption structure on the basis of a block chain technology; the method can be applied to power sensing terminal equipment, station room edge gateway equipment and a cloud platform server according to deployment requirements and use conditions of application scenes of the power distribution station room, and supports encrypted communication and safety authentication of sensing monitoring information of the power distribution station room.
Drawings
Fig. 1 is a block chain system structure diagram.
Fig. 2 is a block chain system configuration diagram in the station house.
Fig. 3 is a block chain slave device authentication flow diagram.
Detailed Description
The technical scheme of the invention is further explained in detail by combining the attached drawings:
in the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular internal procedures, techniques, etc. in order to provide a thorough understanding of the embodiments of the invention. It will be apparent, however, to one skilled in the art that the present invention may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present invention with unnecessary detail.
The method is a safety protection scheme of an electric power distribution station room system, and the scheme is that a block chain technology is applied to monitoring terminal equipment (called a terminal for short), gateway equipment (called a gateway for short) and a distribution station room management platform in a distribution station room, so that the information safety protection of the distribution station room is realized.
1. Information security scheme system architecture
The system structure diagram of the scheme is shown in the attached figure 1. The system adopts a two-layer parallel block chain structure as a power distribution station house information safety system structure, the inside of a power distribution station house is a block chain in a subarea, and a block chain structure between subareas is adopted between different station houses.
A block chain in a partition is adopted in a station house, and a terminal and a gateway form a power sensing data block chain system in a small area. In this system, the gateway acts as the master for the blockchain transaction and the terminal is the slave. And constructing a block chain trust domain by the master device, wherein the slave devices in the trust domain are terminals in a gateway communication area. Figure 2 is a block chain system architecture within a zone within a terminal building. The equipment in the invention comprises a master device and a slave device; the device authentication is mainly slave device authentication, the master device is used for creating a block chain trust domain, and the master device exists firstly.
The station rooms are partitioned block chains, and a large power information storage area block chain system is formed by a plurality of gateways and a remote management platform. In this large blockchain system, the remote management platform serves as a master and the gateway serves as a slave. The trust domain is built by the main device, and the new gateway is used as the slave device to apply for association to the trust domain. The application service running on the remote management platform can provide various electric power information monitoring data for the monitoring center and operation and maintenance personnel, for example, the operation and maintenance personnel can use the information query, operation and maintenance overhaul and query service and the like provided by the management platform through the mobile APP.
2. Safety protection scheme of power distribution station room system
The safety protection scheme of the power distribution station room system comprises the following steps: the block chain system initialization and entity registration, equipment authentication, data transmission between equipment, data storage, equipment linkage in the station house and other safety design methods.
2.1 blockchain System initialization and physical registration
The block chain initialization comprises the following steps: the master device creates a management block chain of the master device as a trust domain, and if other slave devices belong to the block chain with the master device, the slave devices perform entity registration on the trust domain.
1) Data structure generated by the master device to create a trust domain request transaction:
| Domain-ID | Master-ID | Flag | Timestamp | Signature |
table 1: creating trust zone request transaction data structures
In table 1, Domain-ID represents a certain trust Domain identifier created by the master device; Master-ID denotes the unique identifier of the Master, Flag denotes the Flag bit for the transaction type, Timestamp denotes the Timestamp, and Signature denotes the Signature of the Master for the transaction.
2) Data structure for requesting a transaction from an associated trust domain generated by a device:
| Slave-ID | Ticket | Flag | Timestamp | Signature |
table 2: association trust zone request transaction data structure
In table 2, the Slave-ID indicates a unique identifier of the Slave device, Ticket indicates a trust credential issued by the master device for the Slave device, Flag and Timestamp indicate the same meanings, and Signature indicates a Signature of the Slave device for the blockchain transaction.
2.2 device authentication method
The key data for verifying the validity of the equipment identity is stored in a block chain book commonly maintained by a plurality of distributed block chain link points in a block chain transaction mode, so that a terminal identity authentication framework with a decentralization characteristic is constructed, and the identity bidirectional authentication between equipment and a platform and between equipment and the platform is realized without the intervention of a trusted third party.
The system adopts two layers of parallel block chain structures, the block chain in each station house adopts a partition, and the block chain structures between different station houses adopt partitions. Each zone block chain is provided with a master device which is responsible for building a trust domain of the zone block chain, and other devices are used as slave devices to provide association requests of the trust domain for the devices. Fig. 3 is a block chain slave device authentication flow chart, and the following is a device authentication specific flow:
step 1: when a new device is required to be accessed into the block chain network as a slave device, sending an authentication management request; the identity of the slave device is confirmed by the master device.
Step 2: the master device receives the authentication request of the new device and then verifies the request, if the request is legal, a certificate is generated and then the certificate is returned to the authentication management module of the slave device, and if the request is illegal, an illegal prompt is returned. The authentication management service has previously obtained authorization in the configuration of components such as channels, sequencing services, nodes and the like in the blockchain network, and at the same time, the data sharing and privacy authority of the slave device is also configured.
And step 3: and after receiving the certificate, the slave equipment authentication management module encrypts and stores the certificate in a local database, and records the corresponding relation between the certificate and the sensing equipment.
And 4, step 4: the data receiving and processing module receives data collected by the power sensing equipment, performs necessary processing such as cleaning and format conversion on the data, and sends the processed data to the super account book for storage.
And 5: and the super account book storage module signs by using the certificate of the slave equipment, packages the data into a transaction proposal and then sends the transaction proposal to the node in the channel.
2.3 data transmission method
The safe access of data between the slave devices is realized through the authorization of the master device in the block chain;
data interaction request transaction data structures generated from devices:
| Domain-ID | Slave-ID | Data | Flag | Timestamp | Signature |
table 3: data interaction request transaction data structure
In table 3, Domain-ID represents a trust Domain identifier to which the Slave device belongs, Slave-ID represents a unique identifier of the Slave device, Data represents Data information that the Slave device needs to perform Data interaction, Flag represents a Flag of the transaction type, Timestamp represents a Timestamp, and Signature represents a Signature of the master device for the transaction.
Various electric power information transmitted by the equipment is reported to the gateway after the signature is encrypted, and a data block chaining is applied in the electric power sensing data block chain. In the process of reporting and storing data, an asymmetric encryption and signature system is used, and the signature and encryption algorithm of the power sensing data are respectively represented by (Gsig, Ssig, Vsig) (generation, signature and verification) and (Genc, Eenc, Denc) (generation, encryption and decryption). And the block chain server node for storing the aggregated power data synchronizes a power information data account book through a PBFT consensus mechanism.
The system encrypts data transmitted by equipment each time by using a key of the data according to the characteristics of power data of a power distribution station room; and signing the encrypted data by adopting an ECDSA algorithm, and forming a block application uplink together with the Hash value of the encrypted data. Fig. 3 includes a data transmission flow, and the specific data transmission flow is as follows:
power sensing data communication encryption method
The specific communication encryption process is as follows:
step 1: after the power sensing equipment collects various data, an uplink data packet is generated according to a sensing network communication protocol.
Step 2: encrypting the sensing data by adopting a Keccak encryption algorithm to obtain a ciphertext;
and step 3: generating a signature and a Hash value thereof for the ciphertext;
and 4, step 4: and reporting the encrypted ciphertext, the Hash value and a timestamp generated by the data to main node equipment in the region: an edge gateway;
and 5: and the other block chain slave nodes (power sensing equipment) perform signature verification and Hash value verification on the data: if true, the collected data is true and effective; if the data is false, discarding the data and recalling the data;
power sensing data signature encryption method
The ECDSA algorithm, an elliptic curve digital signature algorithm, uses an Elliptic Curve Cipher (ECC) to simulate a Digital Signature Algorithm (DSA). The ECDSA signature algorithm is realized by the following steps: domain parameter selection, key pair generation, signature generation and signature verification 4 steps.
1. The domain parameters are composed of various parameters on an elliptic curve;
2. and (3) key pair generation: the ECDSA key pair comprises a public key PK-A and a private key SK-A;
3. signature generation: the sender A signs the hash value H (m) of the message m by using a signature algorithm Sig depending on a private key SK-A to generate a signature result SigSK-A (H (m)), and the signature result and the message are sent to a receiver B;
4. signature verification: in order to verify the signature result of the sender a on the message m, the receiver B needs to obtain the domain parameters and the public key of a in advance for signature decryption verification. The signature verification process is generally completed by a message receiver B, a verification algorithm Ver depending on a public key PK-A is used for verifying a signature result SigSK-A (H (m)) to obtain a decrypted hash value H (m), the decrypted hash value H (m) is compared with the hash value of the received message calculated by using the same hash function H, and if the hash value H and the hash value are equal, the verification is successful, which indicates that the message is really sent by the A.
2.4 data storage method
The system adopts a super account book framework of a block chain to realize the cochain storage of the station monitoring information so as to ensure the safety protection and the reliable storage of the monitoring data of the power distribution station.
The gateway keeps the complete data transaction record and the data transaction account book, and the gateway equipment comprises: the system comprises an authentication management module, a data receiving and processing module and a super account book storage module. The three are mutually matched to enable the Internet of things equipment to interact with the block chain network. The system comprises a certificate management module, a data receiving and processing module and a super account book SDK, wherein the certificate management module is used for applying and storing a certificate of the Internet of things equipment, the data receiving and processing module is used for receiving and processing data collected by the Internet of things equipment, and the super account book SDK is used for communicating with a block chain network.
After the sensing data is authenticated, the primary device (edge gateway) plays a role in initiating and guiding a consensus process, such as sequencing uplink requests. The master device (blockchain master node) is generally served by a gateway with stronger computing performance, but cannot occupy the voting dominance in consensus, and the rest of the slave devices are used as blockchain slave nodes.
In the nodes on the power sensing data block chain, only the gateway is used as main equipment for storing the aggregated power sensing data account book, and other slave nodes only participate in the block chain identity verification of the legality of the uplink application block due to the limitation of equipment resources, and adopt a PBFT common identification mechanism to synchronize uplink data into the power sensing data block chain. The method comprises the following specific steps:
step 1: the main node sorts and arranges the sensing data received from the chain to generate a block, fills the data into the block, adds the self signature and the hash of the block, and broadcasts the block into the power sensing data block chain network;
step 2: and after receiving the new block, the slave node adds the block head of the new block into the latest block account book owned by the slave node, namely adds a block record, performs hash audit on the block, passes verification if the hash is consistent with the hash sent by the master node, and broadcasts verification result information to the power sensing data block chain.
And step 3: each node receives the verification results of other nodes while verifying the block broadcast by the main node, considers the block to be valid after collecting the correctness confirmation messages sent by other nodes above the general node, and submits the block to the local owned power sensing data block chain account book.
And at this point, each node completes the account book synchronization operation of the power sensing data.
2.5 linkage decision method
By using the station house linkage decision model as an intelligent contract transaction model of the block chain, the master and slave equipment nodes of the block chain are deployed and implemented in the station, so that the reliability and accuracy of the station house linkage decision are realized, and the self-healing level of the operation fault of the station house equipment is improved.
And according to the operation characteristics of the power distribution station house, the linkage decision model is used as an intelligent contract transaction model of the block chain, and the block chain master-slave equipment is deployed and implemented in the station. The specific contract transaction deployment implementation flow is shown in fig. 3. If the terminal acquires data and meets the triggering condition, initiating data transaction to the gateway; and the gateway sends the data to contract transaction, namely, whether corresponding linkage measures are executed or not is judged according to the linkage strategy and a decision engine, namely, the function contract is executed. After executing the contract, the execution result is sent to the interested gateway or platform and other devices (block chain nodes).
The linkage decision comprises the following steps: the system comprises a triggering condition set, a triggering action set, a decision engine, a linkage strategy set and the like, wherein the triggering condition set mainly comprises the running state and the safety alarm of station room equipment, and the triggering action set mainly comprises safety disposal measures which can be taken in system maintenance, including air-conditioning refrigeration, fan exhaust, smoke alarm and the like. The intelligent contract transaction model comprises: when the trigger condition and a series of trigger actions form a linkage strategy, the linkage strategy is stored in a linkage strategy library, and meanwhile, the linkage strategy in the linkage strategy library is collected and transmitted to a decision engine, and corresponding linkage measures are executed through decision judgment.
Specific embodiments of the present invention have been described above in detail. It should be understood that numerous modifications and variations could be devised by those skilled in the art in light of the present teachings without departing from the inventive concepts. Therefore, the technical solutions available to those skilled in the art through logic analysis, reasoning and limited experiments based on the prior art according to the concept of the present invention should be within the scope of protection defined by the claims.
Claims (7)
1. A method for realizing information security of a power distribution station room system is characterized in that a power distribution station room information security system architecture is constructed, block chain system initialization and entity registration, equipment authentication, data transmission and data storage among equipment are realized based on the power distribution station room information security system architecture, and the equipment comprises master equipment and slave equipment;
the method for constructing the information security system architecture of the power distribution station room comprises the following steps:
two layers of parallel block chain structures are adopted as the information safety system structure of the power distribution station house, block chains in partitions are arranged in the power distribution station house, and block chain structures between the partitions are adopted among different station houses;
the method comprises the following steps that a block chain in a partition is adopted in a power distribution station room, a terminal and a gateway form a power sensing data block chain system in one partition, in the system, the gateway serves as a main device of block chain transaction, and the terminal is a slave device; constructing a block chain trust domain by a master device, wherein a slave device in the trust domain is a terminal in a gateway communication area;
the power distribution station rooms are partitioned block chains, an electric power information storage area block chain system is formed by a plurality of gateways and a remote management platform, in the block chain system, the remote management platform is used as a main device, and the gateways are used as slave devices; the trust domain is built by the main device, and the new gateway is used as the slave device to apply for association to the trust domain.
2. The method of claim 1, wherein the blockchain system initialization and entity registration comprises:
the block chain initialization comprises the following steps: the master device creates a management block chain of the master device as a trust domain, and if other slave devices belong to the block chain with the master device, the slave devices perform entity registration on the trust domain.
3. The method for realizing the information security of the power distribution station room system as claimed in claim 1, wherein the equipment authentication method is to store data for verifying the validity of the equipment identity in a blockchain account book commonly maintained by a plurality of distributed blockchain link points in a blockchain transaction manner, so as to construct a terminal identity authentication architecture with a decentralized feature, and realize the identity mutual authentication between equipment and platform and between equipment and platform without the intervention of a trusted third party; the specific process of equipment authentication comprises the following steps:
step 1, when a new device is used as a slave device to require to be accessed into a block chain network, an authentication management request is sent out; confirming, by the master device, an identity of the slave device;
step 2, the main device receives the authentication request of the new device and then verifies the request, if the request is legal, the main device generates a certificate and returns the certificate to the authentication management module of the slave device, and if the request is illegal, an illegal prompt is returned; the authentication management service obtains authorization in the configuration of channels, sequencing services and nodes in the block chain network in advance, and meanwhile, the data sharing and privacy authority of the slave equipment are configured;
step 3, after receiving the certificate from the equipment authentication management module, encrypting and storing the certificate in a local database, and recording the corresponding relation between the certificate and the sensing equipment;
step 4, the data receiving and processing module receives data collected by the power sensing equipment, processes the data, and sends the processed data to the super account book storage module for storage;
and 5, the super account book storage module signs by using the certificate of the slave equipment, packages the data into a transaction proposal and then sends the transaction proposal to the node in the channel.
4. The method for realizing the information security of the power distribution station room system as claimed in claim 1, wherein the method for data transmission between the devices comprises the following steps:
the safe access of data between the slave devices is realized through the authorization of the master device in the block chain;
various electric power information transmitted by the equipment is reported to the gateway after the signature is encrypted, and a data block chaining is applied in the electric power sensing data block chain; in the process of reporting and storing data, an asymmetric encryption and signature system is used; and the block chain server node for storing the aggregated power data synchronizes a power information data account book through a PBFT consensus mechanism.
5. The method for realizing the information security of the power distribution station room system as claimed in claim 4, wherein the data transmitted by the equipment each time is encrypted by a Keccak algorithm by using a secret key of the data; signing the encrypted data by adopting an ECDSA algorithm, and forming a block application uplink together with a Hash value of the encrypted data; the specific data transmission flow is as follows:
step A: the equipment generates an uplink data packet for various data to be transmitted according to a sensing network communication protocol;
and B: encrypting the sensing data by adopting a Keccak encryption algorithm to obtain a ciphertext;
and C: generating a signature and a Hash value thereof for the ciphertext;
step D: reporting the encrypted ciphertext, the Hash value and a timestamp generated by data to an edge gateway block chain node in the region;
step E: and (3) carrying out signature verification and Hash value verification on data by other block chain link points in the region: if true, the collected data is true and effective; if false, the data is discarded and re-tested.
6. The method for realizing the information security of the power distribution station room system as claimed in claim 1, wherein the data storage method comprises the following specific steps:
step ①, the main node sorts and sorts the sensing data received from the chain, generates a block, fills the data into the block, adds the signature and the hash of the block, and broadcasts the block to the power sensing data block chain network;
step ②, after receiving the new block, the slave node adds the block head to the latest block account book owned by the slave node, that is, adds a block record, and performs hash audit on the block, if the hash is consistent with the hash sent by the master node, the hash passes verification, and broadcasts the verification result information to the power sensing data block chain;
step ③, each node receives the verification results of other nodes while verifying the block broadcast by the master node, and after collecting the correctness confirmation messages sent by other nodes more than half the number of the nodes, considers the block to be valid, and submits the block to the local owned block chain account book of the power sensing data;
at this point, each node completes the account book synchronization operation of the power sensing data;
the master node is a master device, the slave node is a slave device, the node is a node in a block chain and is a device, and the device comprises the master device and the slave device.
7. The method for realizing the information security of the power distribution station room system according to claim 1, further comprising a linkage decision method of equipment in the station room, specifically as follows:
according to the operation characteristics of the power distribution station house, the linkage decision model is used as an intelligent contract transaction model of the block chain, and the block chain master and slave devices are deployed and implemented in the station; if the terminal acquires data and meets the triggering condition, initiating data transaction to the gateway; the gateway sends the data to contract transaction, namely, the gateway judges whether to execute corresponding linkage measures according to the linkage strategy and a decision engine, namely, the execution of a functional contract; after executing the contract, the execution result is sent to the interested gateway or platform and other devices.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010264485.0A CN111447283A (en) | 2020-04-07 | 2020-04-07 | Method for realizing information security of power distribution station room system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010264485.0A CN111447283A (en) | 2020-04-07 | 2020-04-07 | Method for realizing information security of power distribution station room system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111447283A true CN111447283A (en) | 2020-07-24 |
Family
ID=71650045
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010264485.0A Pending CN111447283A (en) | 2020-04-07 | 2020-04-07 | Method for realizing information security of power distribution station room system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111447283A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111818104A (en) * | 2020-09-11 | 2020-10-23 | 深圳华工能源技术有限公司 | Energy-saving data metering system of energy-saving equipment of power distribution and utilization system based on block chain technology |
| CN112199676A (en) * | 2020-11-03 | 2021-01-08 | 中国南方电网有限责任公司 | Transformer substation operation and maintenance system, method and device and computer equipment |
| CN112600710A (en) * | 2020-12-18 | 2021-04-02 | 四川虹微技术有限公司 | Block chain-based terminal linkage method and device and electronic equipment |
| CN115102753A (en) * | 2022-06-17 | 2022-09-23 | 国网河北省电力有限公司信息通信分公司 | Power grid terminal data security management method based on master-slave chain |
| CN117194576A (en) * | 2023-10-07 | 2023-12-08 | 贵州电网有限责任公司信息中心 | Power grid customer information data integration processing method and system |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109768988A (en) * | 2019-02-26 | 2019-05-17 | 安捷光通科技成都有限公司 | Decentralization Internet of Things security certification system, facility registration and identity identifying method |
-
2020
- 2020-04-07 CN CN202010264485.0A patent/CN111447283A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109768988A (en) * | 2019-02-26 | 2019-05-17 | 安捷光通科技成都有限公司 | Decentralization Internet of Things security certification system, facility registration and identity identifying method |
Non-Patent Citations (2)
| Title |
|---|
| 江秀臣等: "区块链在电力设备泛在物联网应用的关键技术及方案", 《高电压技术》 * |
| 王桥: "基于区块链技术的物联网设备身份认证机制研究", 《中国优秀硕士论文全文数据库》 * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111818104A (en) * | 2020-09-11 | 2020-10-23 | 深圳华工能源技术有限公司 | Energy-saving data metering system of energy-saving equipment of power distribution and utilization system based on block chain technology |
| CN112199676A (en) * | 2020-11-03 | 2021-01-08 | 中国南方电网有限责任公司 | Transformer substation operation and maintenance system, method and device and computer equipment |
| CN112600710A (en) * | 2020-12-18 | 2021-04-02 | 四川虹微技术有限公司 | Block chain-based terminal linkage method and device and electronic equipment |
| CN115102753A (en) * | 2022-06-17 | 2022-09-23 | 国网河北省电力有限公司信息通信分公司 | Power grid terminal data security management method based on master-slave chain |
| CN117194576A (en) * | 2023-10-07 | 2023-12-08 | 贵州电网有限责任公司信息中心 | Power grid customer information data integration processing method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111478902B (en) | Power edge gateway equipment and sensing data uplink storage method based on same | |
| Lei et al. | Blockchain-based dynamic key management for heterogeneous intelligent transportation systems | |
| WO2020133655A1 (en) | Lightweight authentication method supporting anonymous access of heterogeneous terminal in edge computing scenario | |
| Sun et al. | A privacy-preserving mutual authentication resisting DoS attacks in VANETs | |
| Saxena et al. | Authentication scheme for flexible charging and discharging of mobile vehicles in the V2G networks | |
| Liu et al. | Message authentication using proxy vehicles in vehicular ad hoc networks | |
| Li et al. | An efficient merkle-tree-based authentication scheme for smart grid | |
| Cao et al. | GBAAM: group‐based access authentication for MTC in LTE networks | |
| CN111447283A (en) | Method for realizing information security of power distribution station room system | |
| CN112039870B (en) | Privacy protection-oriented vehicle-mounted network authentication method and system based on block chain | |
| CN111092717B (en) | Group authentication-based safe and reliable communication method in smart home environment | |
| CN111372248A (en) | Efficient anonymous identity authentication method in Internet of vehicles environment | |
| Liu et al. | Bua: A blockchain-based unlinkable authentication in vanets | |
| CN111447067A (en) | Encryption authentication method for power sensing equipment | |
| CN113079215B (en) | Block chain-based wireless security access method for power distribution Internet of things | |
| CN105553666A (en) | Security authentication system and method for smart power terminal | |
| He et al. | An accountable, privacy-preserving, and efficient authentication framework for wireless access networks | |
| CN108989020B (en) | Unmanned aerial vehicle ad hoc network Sybil attack defense method and system | |
| CN104636672A (en) | Security data reporting method and security data reporting system on basis of Hash trees and anonymity technologies | |
| Carvajal-Roca et al. | A semi-centralized dynamic key management framework for in-vehicle networks | |
| Kumar et al. | LKM-AMI: a lightweight key management scheme for secure two way communications between smart meters and HAN devices of AMI system in smart grid | |
| CN112134849A (en) | Dynamic credible encryption communication method and system for intelligent substation | |
| Roychoudhury et al. | Hierarchical group based mutual authentication and key agreement for machine type communication in LTE and future 5G networks | |
| Cao et al. | RPRIA: Reputation and PUF-based remote identity attestation protocol for massive IoT devices | |
| Bouassida | Authentication vs. Privacy within Vehicular Ad Hoc Networks. |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200724 |