CN112968780A - Safety encryption authentication platform based on electric power distribution network automation operation and maintenance network - Google Patents

Safety encryption authentication platform based on electric power distribution network automation operation and maintenance network Download PDF

Info

Publication number
CN112968780A
CN112968780A CN202110197907.1A CN202110197907A CN112968780A CN 112968780 A CN112968780 A CN 112968780A CN 202110197907 A CN202110197907 A CN 202110197907A CN 112968780 A CN112968780 A CN 112968780A
Authority
CN
China
Prior art keywords
data
current
block chain
abnormal
module
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202110197907.1A
Other languages
Chinese (zh)
Other versions
CN112968780B (en
Inventor
刘智勇
陈良汉
陈敏超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai Hongrui Information Technology Co Ltd
Original Assignee
Zhuhai Hongrui Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuhai Hongrui Information Technology Co Ltd filed Critical Zhuhai Hongrui Information Technology Co Ltd
Priority to CN202110197907.1A priority Critical patent/CN112968780B/en
Publication of CN112968780A publication Critical patent/CN112968780A/en
Application granted granted Critical
Publication of CN112968780B publication Critical patent/CN112968780B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/06Electricity, gas or water supply
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S10/00Systems supporting electrical power generation, transmission or distribution
    • Y04S10/50Systems or methods supporting the power network operation or management, involving a certain degree of interaction with the load-side end user applications

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computing Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Business, Economics & Management (AREA)
  • General Health & Medical Sciences (AREA)
  • Economics (AREA)
  • Primary Health Care (AREA)
  • Physics & Mathematics (AREA)
  • General Business, Economics & Management (AREA)
  • General Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Strategic Management (AREA)
  • Marketing (AREA)
  • Human Resources & Organizations (AREA)
  • Water Supply & Treatment (AREA)
  • Public Health (AREA)
  • Tourism & Hospitality (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a safety encryption authentication platform based on an electric power distribution network automation operation and maintenance network, which comprises an abnormal data identification system, an abnormal data characteristic comparison system, a data safety encryption system and a central control platform, the abnormal data identification system is used for carrying out safety detection on data before an engineer uploads the data to the platform, judging whether the data is tampered before uploading and ensuring the safety of the data, the abnormal data characteristic comparison system is used for identifying the tampered data characteristics, thereby, the rapid identification and authentication can be carried out on the tampered data characteristics, the data security encryption system is used for uploading the data which is confirmed to be safe to the blockchain node, and the central processing platform is used for uploading the collected data and safely processing the data by engineers.

Description

Safety encryption authentication platform based on electric power distribution network automation operation and maintenance network
Technical Field
The invention relates to the technical field of power distribution network security encryption, in particular to a power distribution network-based automatic operation and maintenance network security encryption authentication platform.
Background
The power distribution network operation and maintenance is to perform power cut and transmission work on an area, perform line construction, perform maintenance construction on a transformer substation, perform distribution network construction maintenance and the like, when a certain area is powered off or the transformer substation needs to be maintained, a real site needs to be surveyed and data is uploaded on a platform, so that a background can process current input data in time and report found defects to the platform, the platform can monitor whether current employees work seriously or not and process related work in time, when current data is processed, more problems still occur, when data is reported, the problem that the network is delayed can be encountered, whether the current stored data is tampered or not needs to be carefully checked, and when other people want to acquire data to be uploaded by the current employees, the authority of the current person who wants to access needs to be carefully checked, so that the safety of the deleted data can be guaranteed;
therefore, a security encryption authentication platform based on the power distribution network automation operation and maintenance network is needed to solve the above problems.
Disclosure of Invention
The invention aims to provide a power distribution network-based automatic operation and maintenance network security encryption authentication platform to solve the problems in the background art.
In order to solve the technical problems, the invention provides the following technical scheme: the platform comprises an abnormal data identification system, an abnormal data feature comparison system, a data security encryption system and a central control platform, wherein the abnormal data identification system is used for carrying out security detection on data before an engineer uploads the data to the platform, judging whether the data is falsified before uploading and ensuring the security of the data, the abnormal data feature comparison system is used for identifying falsified data features so as to be capable of carrying out rapid identification and authentication on falsified data features, the data security encryption system is used for uploading data confirmed to be secure to a block chain node and carrying out security encryption on the data, the central processing platform is used for uploading collected data by the engineer and carrying out security processing on the data, and the central processing platform and the abnormal data identification system are used for uploading collected data, The abnormal data characteristic comparison system is connected with the data security encryption system.
Further, the abnormal data identification system comprises a data collection and uploading module, a historical data time updating module, a data early warning identification module, a network safety connection determining module and a data integrity judging module, wherein the data collection and uploading module is used for uploading data detected in an actual field to a central control platform by an engineer so that the current platform knows the data content and gives the engineer a command to repair the data content, the historical data time updating module is used for judging the time when the current data is uploaded to the platform according to the updating time of the historical data in the platform when the data is uploaded to the platform, the data early warning identification module is used for early warning the data when the time when the current data is uploaded to the platform and the updating time is detected to be larger than the updating time of the historical data, so that the current redundant time is judged to be caused by the problem of network delay or the problem of data theft, the network security connection determining module is used for inquiring the reason of delay and taking corresponding measures to prevent when the current data updating time is detected to be smaller than or larger than the preset time, and the data integrity judging module is used for judging whether the format of the uploaded data is the same as that of the historical data before the network is disconnected, so that whether the current data is completely filled.
Further, the abnormal data characteristic comparison system comprises an abnormal data characteristic module, a data grade safety module, a similarity comparison module and a data packet discarding module, wherein the abnormal data characteristic module is used for judging that the current data is abnormal when the current uploaded data is detected to be incomplete, the data grade safety module is used for judging that the current data is one of common data and encrypted data according to the position of the data uploaded by an engineer, when the current data is detected to be the common data, the filled data is memorized and stored, when the current data is detected to be the encrypted data, the currently filled data is not stored, the similarity comparison module is used for comparing the similarity of the data uploaded by the engineer with the abnormal data and judging whether the current data meets the condition of abnormal data, the data packet discarding module is used for judging that the current abnormal data is the encrypted data, and discarding the encrypted data, wherein the encrypted data needs to be uploaded again by an engineer, and the abnormal data characteristic module, the data grade safety module, the similarity comparison module and the data packet discarding module are connected with the central control platform.
Further, the data security encryption system comprises block chain nodes, a data keyword search authentication module, a block chain node sharing module and a node partial data authentication module, wherein the block chain nodes are used for data administration of parts in charge of different regions, different block chain nodes correspond to different data contents, the data keyword search authentication module is used for searching data keywords in the platform and specifically displaying the block chain region of the current keywords in the platform, the block chain node sharing module is used for decoding the password of the current block chain when the front block chain node wants to acquire data in other block chains, so that the block chain nodes without knowing the password access data are avoided, the security of the data is guaranteed, and the node partial data partial authentication module is used for verifying the encrypted data, it is necessary to check the permission level of the current blockchain so as to avoid unauthorized blockchain node access to other blockchain nodes.
Further, the step of judging abnormal data:
z01, uploading the data to the central processing platform, detecting the uploading time of the current data, judging whether the uploading time of the data is the same as the uploading time of the historical data to the central processing platform, if not, jumping to the step Z02;
z02: according to historical data, judging the security level and the format of the data to be uploaded, judging the filled data format before the network is disconnected, comparing the data format with the labeled data format, recording the data format as d, if the data format changes, jumping to the step Z03, if the data format does not change, storing the data according to a historical data mode;
z03: judging the abnormal characteristics of the current data and judging the similarity value of the abnormal data.
Further, in the step Z02, the data set to be uploaded currently is W ═ W1,w2,w3...wnDetermining different format standards of data to be filled in the data set, setting the number of rows and columns of historical data as i x j, setting the number of rows and columns of filled data as a x b when the current network is not disconnected, and detecting a x b<When the current data is not completely written, the filled data is changed into a '× b', the characteristic point of the current data is 0, and the current data is relatively complete;
when the filled data is changed from a b to a '/b', and a '/b' > a '/b' < a '/b', the characteristic point of the current data is 1, and the current data is tampered;
when the characteristic point is detected to be 0, after network connection, the data format is still unchanged, namely a x b, and the current data is detected to be common data;
when the characteristic point is detected to be 1, the data format is changed after the network connection, the value is changed from a 'b' to a null value, and the current data is detected to be encrypted data.
In step Z03, similarity comparison is performed on the detected abnormal data features, and the similarity formula is:
Figure BDA0002946541200000031
the x and y are abnormal data in the text, the more the cosine values of the two abnormal data are close to 1, the higher the similarity of the two data is, the more the cosine values of the two abnormal data are far from 1, the lower the similarity of the two data is, meanwhile, the similarity is sent to a central control platform through an abnormal data characteristic comparison system, whether the data is normal data or encrypted data is judged according to the type of the current abnormal data, and when the data is detected to be abnormal encrypted data, the content of the abnormal encrypted data is discarded.
The current data is encrypted by the block link point as follows:
z001: distributing different block chain nodes to the data uploaded by the current engineer, setting an encryption module and a common module for the block chain nodes, when other block chain nodes want to acquire common data, reading the data under permission of other block chain nodes, and when other block chain nodes want to acquire encrypted data, skipping to the step Z002;
z002: when the front block chain node reads the common data in the encrypted data, the common data can be read only by allowing the chain nodes of other blocks and cracking the current password, and when any condition is not met, the current data cannot be read;
when the front block chain node reads the top-secret data in the encrypted data, the authority level of the current reader needs to be verified, when the current authority level is not met, the current block chain node cannot read, when the authority level is met, the password of the current top-secret data needs to be cracked, and meanwhile, the reading time is set and the top-secret data cannot be read repeatedly.
When the authority level of the current block chain node is continuously updated and the updated data is sent to the central control platform through the data security encryption system, when the data of other block chain nodes read by the current block chain is detected, the integral value of the current block chain node needs to be deducted, the transaction data of the integral value can only be shared by the current block chain link point and the block chain link point to be read, and the current residual integral value can only be provided for the currently read block chain link point;
the integral values of different block chain nodes are related to the data browsed by the current block chain node, the full integral value of the current block chain node is P, and the residual integral value P' is P-theta1P12P2When the remaining integral value of the block chain node is not enough to read the data in other block chain nodes, a new integral value, theta, needs to be applied under the agreement of other block chain nodes1Refers to the coefficient, P, by which the data in the current blockchain node is viewed and modified1Means thatIntegral value, theta, to be deducted from the current blockchain node2Refers to the number of times that other block link points acquire data in the current block link point, P2It means that other blockchains pay the value of the integral in the current blockchain node.
The steps of the platform are as follows:
a01: by using the abnormal data identification system, the safety detection can be carried out on the data uploaded by the current engineer, whether abnormal data exists or is tampered is judged, and the safety of the data is ensured;
a02: the method comprises the steps that an abnormal data feature comparison system is used, according to the features of abnormal data, the similarity is used for verifying more abnormal data, so that more abnormal data are identified, and the data cannot be lost or tampered during uploading;
a03: the data security encryption system is used for encrypting the block chain after uploading the current data, so that the data can not be easily tampered, and when the current block chain wants to acquire other block chain nodes, the encryption authority needs to be verified, and the security of the data is ensured.
Compared with the prior art, the invention has the following beneficial effects:
1. the abnormal data identification system is used for carrying out safety detection on data to be uploaded by an engineer, when the current data update is detected to be less than the preset time, the current network is verified, whether the data update speed is less than the preset speed due to network delay or data stealing is judged, and whether the current data after network recovery is as complete as the data before network delay is judged, so that whether the current data is abnormal data is judged, and the safety of the data is ensured;
2. the method comprises the steps that an abnormal data feature comparison system is used for storing current abnormal data features, when an engineer uploads data next time, the security of the current data is verified by using a similarity comparison module according to the features of the abnormal data, when the abnormal data are detected, the data are discarded, and the central control platform requires the engineer to upload the data again to ensure the security of the data;
3. by using the data security encryption system and the different block chain link points, when other block chain link points want to acquire data content, password verification and authority authentication are required, so that the data cannot be stolen after being uploaded to the block chain nodes, and the data security is ensured.
Drawings
The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the principles of the invention and not to limit the invention. In the drawings:
FIG. 1 is a schematic diagram of a module composition of a security encryption authentication platform based on an automatic operation and maintenance network of a power distribution network according to the present invention;
fig. 2 is a schematic diagram of the steps of the security encryption authentication platform based on the power distribution network automation operation and maintenance network of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Referring to fig. 1-2, the present invention provides the following technical solutions:
the platform comprises an abnormal data identification system, an abnormal data characteristic comparison system, a data security encryption system and a central control platform, the abnormal data identification system is used for carrying out safety detection on data before an engineer uploads the data to the platform, judging whether the data is tampered before uploading and ensuring the safety of the data, the abnormal data characteristic comparison system is used for identifying the tampered data characteristics, thereby, the rapid identification and authentication can be carried out on the tampered data characteristics, the data security encryption system is used for uploading the data which is confirmed to be safe to the blockchain node, and the data is encrypted safely, the central processing platform is used for the engineer to upload the collected data, and the central processing platform is connected with an abnormal data identification system, an abnormal data characteristic comparison system and a data security encryption system.
The abnormal data identification system comprises a data collection and uploading module, a historical data time updating module, a data early warning identification module, a network safety connection determining module and a data integrity judging module, wherein the data collection and uploading module is used for uploading data detected in an actual field to a central control platform by an engineer so that the current platform knows the data content and gives the engineer a command to repair the data content, the historical data time updating module is used for judging the time when the current data is uploaded to the platform according to the updating time of the historical data in the platform when the data is uploaded to the platform, the data early warning identification module is used for early warning the data when the time when the current data is uploaded to the platform and is updated is detected to be longer than the updating time of the historical data, and therefore whether the current redundant time is caused by the problem of network delay or the problem of data stealing is judged, the network security connection determining module is used for inquiring the reason of delay and taking corresponding measures to prevent when the current data updating time is detected to be smaller than or larger than the preset time, and the data integrity judging module is used for judging whether the format of the uploaded data is the same as that of the historical data before the network is disconnected, so that whether the current data is completely filled.
When the current data updating time is detected to be larger than the preset time, the updating delay caused by the reason that the data is stolen is indicated;
the data includes voltage, current, resistance and the like collected by engineers.
The abnormal data characteristic comparison system comprises an abnormal data characteristic module, a data grade safety module, a similarity comparison module and a data packet discarding module, wherein the abnormal data characteristic module is used for judging the abnormal data of the current data when detecting that the current uploaded data is incomplete, the data grade safety module is used for judging the current data is one of common data and encrypted data according to the data position uploaded by an engineer, when detecting that the current data is the common data, the filled data is stored in a memory mode, when detecting that the current data is the encrypted data, the currently filled data is not stored, the similarity comparison module is used for comparing the similarity of the data uploaded by the engineer with the abnormal data and judging whether the current data meets the condition of abnormal data, the data packet discarding module is used for judging that the current abnormal data is the encrypted data, and discarding the encrypted data, wherein the encrypted data needs to be uploaded again by an engineer, and the abnormal data characteristic module, the data grade safety module, the similarity comparison module and the data packet discarding module are connected with the central control platform.
The data security encryption system comprises block chain nodes, a data keyword searching and authenticating module, a block chain link point sharing module and a node part data authenticating module, wherein the block chain link points are used for data administration of parts in charge of different regions, different block chain link points correspond to different data contents, the data keyword searching and authenticating module is used for searching data keywords in a platform and specifically displaying the block chain region of the current keywords in the platform, the block chain link point sharing module is used for decoding the password of the current block chain when the front block chain nodes want to acquire data in other block chains, so that the block chain link points without knowing the password are prevented from accessing data, the security of the data is guaranteed, the node part data part authenticating module is used for verifying the encrypted data and needing to check the authority level of the current block chain, thereby avoiding unauthorized access of the block link node to other block link nodes.
Judging abnormal data:
z01, uploading the data to the central processing platform, detecting the uploading time of the current data, judging whether the uploading time of the data is the same as the uploading time of the historical data to the central processing platform, if not, jumping to the step Z02;
z02: according to historical data, judging the security level and the format of the data to be uploaded, judging the filled data format before the network is disconnected, comparing the data format with the labeled data format, recording the data format as d, if the data format changes, jumping to the step Z03, if the data format does not change, storing the data according to a historical data mode;
z03: judging the abnormal characteristics of the current data and judging the similarity value of the abnormal data.
In the step Z02, the data set to be uploaded currently is W ═ W1,w2,w3...wnDetermining different format standards of data to be filled in the data set, setting the number of rows and columns of historical data as i x j, setting the number of rows and columns of filled data as a x b when the current network is not disconnected, and detecting a x b<When the current data is not completely written, the filled data is changed into a '× b', the characteristic point of the current data is 0, and the current data is relatively complete;
when the filled data is changed from a b to a '/b', and a '/b' > a '/b' < a '/b', the characteristic point of the current data is 1, and the current data is tampered;
when the characteristic point is detected to be 0, after network connection, the data format is still unchanged, namely a x b, and the current data is detected to be common data;
when the characteristic point is detected to be 1, the data format is changed after network connection, a 'b' is changed into a null value, and the current data is detected to be encrypted data;
the comparison between a and b and a 'and b' is carried out by comparing the number of rows and columns of the data, and the judgment of more or less is carried out.
In step Z03, similarity comparison is performed on the detected abnormal data features, and the similarity formula is:
Figure BDA0002946541200000071
the method comprises the steps that x and y refer to abnormal data in a text, when cosine values of the two abnormal data are closer to 1, the similarity of the two data is higher, when the cosine values of the two abnormal data are far away from 1, the similarity of the two data is lower, the similarity is sent to a central control platform through an abnormal data characteristic comparison system, whether the data are normal data or encrypted data is judged according to the type of the current abnormal data, and when the data are detected to be abnormal encrypted data, the contents of the abnormal encrypted data are discarded;
when the data is detected to be abnormal data, in order to judge the authenticity of the abnormal data, verification is carried out through a similarity formula.
The current data is encrypted by the block link point as follows:
z001: distributing different block chain nodes to the data uploaded by the current engineer, setting an encryption module and a common module for the block chain nodes, when other block chain nodes want to acquire common data, reading the data under permission of other block chain nodes, and when other block chain nodes want to acquire encrypted data, skipping to the step Z002;
z002: when the front block chain node reads the common data in the encrypted data, the common data can be read only by allowing the chain nodes of other blocks and cracking the current password, and when any condition is not met, the current data cannot be read;
when the front block chain node reads the top-secret data in the encrypted data, the authority level of the current reader needs to be verified, when the current authority level is not met, the current block chain node cannot read, when the authority level is met, the password of the current top-secret data needs to be cracked, and meanwhile, the reading time is set and the top-secret data cannot be read repeatedly.
When someone views the confidential data, whether the current permission level is met or not, the block link points which have permission to view the confidential data currently receive the information that the current block link nodes are viewing, and when the situation that the block link points which have permission do not agree to view the data when the data are viewed by other block link points is detected, the currently viewed block link points cannot view the current data;
when the current block chain is detected to be in reading and repeatedly upwards and downwards, the current data content cannot be read, when the current block chain node is detected to read the next confidential data, the confidential data needs to be decrypted, when the decrypted password is incorrect, the current data cannot be previewed, wherein the chance of decryption has a set number of times, and when the current decryption number of times is detected to exceed a preset value and is still not decrypted, the currently displayed page is directly closed.
When the authority level of the current block chain node is continuously updated and the updated data is sent to the central control platform through the data security encryption system, when the data of other block chain nodes read by the current block chain is detected, the integral value of the current block chain node needs to be deducted, the transaction data of the integral value can only be shared by the current block chain link point and the block chain link point to be read, and the current residual integral value can only be provided for the currently read block chain link point;
the integral values of different block chain nodes are related to the data browsed by the current block chain node, the full integral value of the current block chain node is P, and the residual integral value P' is P-theta1P12P2When the remaining integral value of the block chain node is not enough to read the data in other block chain nodes, a new integral value, theta, needs to be applied under the agreement of other block chain nodes1Refers to the coefficient, P, by which the data in the current blockchain node is viewed and modified1Is the integral value theta that should be deducted from the current blockchain node2Refers to the number of times that other block link points acquire data in the current block link point, P2It means that other blockchains pay the value of the integral in the current blockchain node.
The steps of the platform are as follows:
a01: by using the abnormal data identification system, the safety detection can be carried out on the data uploaded by the current engineer, whether abnormal data exists or is tampered is judged, and the safety of the data is ensured;
a02: the method comprises the steps that an abnormal data feature comparison system is used, according to the features of abnormal data, the similarity is used for verifying more abnormal data, so that more abnormal data are identified, and the data cannot be lost or tampered during uploading;
a03: the data security encryption system is used for encrypting the block chain after uploading the current data, so that the data can not be easily tampered, and when the current block chain wants to acquire other block chain nodes, the encryption authority needs to be verified, and the security of the data is ensured.
Example 1: in the step Z02, the data set to be uploaded currently is W ═ W1{ resistance value: 50.089 ohms, voltage value: 210.098V, current value: 15.647A, determining different format standards of data to be filled in the data set, setting the number of rows and columns of historical data as i x j equal to 1 x 32, the number of rows and columns of filled data as a x b when the current network is not disconnected equal to 1 x 23,
it is detected that a × b < i × j ═ 1 × 23<1 × 32, indicating that the current data is not written, and the filled data becomes a '× b' ═ resistance value: 50.000 ohms, voltage value: 250V, current value: 10.26A }, detecting the current a '. cndot.b' < a.cndot.b, indicating that the characteristic point of the current data is 1, indicating that the current data has been tampered.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that changes may be made in the embodiments and/or equivalents thereof without departing from the spirit and scope of the invention. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (10)

1. Based on electric power distribution network automation operation and maintenance network security encryption authentication platform, its characterized in that: the platform comprises an abnormal data identification system, an abnormal data characteristic comparison system, a data security encryption system and a central control platform, the abnormal data identification system is used for carrying out safety detection on data before an engineer uploads the data to the platform, judging whether the data is tampered before uploading and ensuring the safety of the data, the abnormal data characteristic comparison system is used for identifying the tampered data characteristics, thereby, the rapid identification and authentication can be carried out on the tampered data characteristics, the data security encryption system is used for uploading the data which is confirmed to be safe to the blockchain node, and the data is encrypted safely, the central processing platform is used for the engineer to upload the collected data, and the central processing platform is connected with an abnormal data identification system, an abnormal data characteristic comparison system and a data security encryption system.
2. The power distribution network automation operation and maintenance network-based security encryption authentication platform of claim 1, wherein: the abnormal data identification system comprises a data collection and uploading module, a historical data time updating module, a data early warning identification module, a network safety connection determining module and a data integrity judging module, wherein the data collection and uploading module is used for uploading data detected in an actual field to a central control platform by an engineer so that the current platform knows the data content and gives the engineer a command to repair the data content, the historical data time updating module is used for judging the time when the current data is uploaded to the platform according to the updating time of the historical data in the platform when the data is uploaded to the platform, the data early warning identification module is used for early warning the data when the time when the current data is uploaded to the platform and is updated is detected to be longer than the updating time of the historical data, and therefore whether the current redundant time is caused by the problem of network delay or the problem of data stealing is judged, the network security connection determining module is used for inquiring the reason of delay and taking corresponding measures to prevent when the current data updating time is detected to be smaller than or larger than the preset time, and the data integrity judging module is used for judging whether the format of the uploaded data is the same as that of the historical data before the network is disconnected, so that whether the current data is completely filled.
3. The power distribution network automation operation and maintenance network-based security encryption authentication platform of claim 1, wherein: the abnormal data characteristic comparison system comprises an abnormal data characteristic module, a data grade safety module, a similarity comparison module and a data packet discarding module, wherein the abnormal data characteristic module is used for judging the abnormal data of the current data when detecting that the current uploaded data is incomplete, the data grade safety module is used for judging the current data is one of common data and encrypted data according to the data position uploaded by an engineer, when detecting that the current data is the common data, the filled data is stored in a memory mode, when detecting that the current data is the encrypted data, the currently filled data is not stored, the similarity comparison module is used for comparing the similarity of the data uploaded by the engineer with the abnormal data and judging whether the current data meets the condition of abnormal data, the data packet discarding module is used for judging that the current abnormal data is the encrypted data, and discarding the encrypted data, wherein the encrypted data needs to be uploaded again by an engineer, and the abnormal data characteristic module, the data grade safety module, the similarity comparison module and the data packet discarding module are connected with the central control platform.
4. The power distribution network automation operation and maintenance network-based security encryption authentication platform of claim 1, wherein: the data security encryption system comprises block chain nodes, a data keyword searching and authenticating module, a block chain link point sharing module and a node part data authenticating module, wherein the block chain link points are used for data administration of parts in charge of different regions, different block chain link points correspond to different data contents, the data keyword searching and authenticating module is used for searching data keywords in a platform and specifically displaying the block chain region of the current keywords in the platform, the block chain link point sharing module is used for decoding the password of the current block chain when the front block chain nodes want to acquire data in other block chains, so that the block chain link points without knowing the password are prevented from accessing data, the security of the data is guaranteed, the node part data part authenticating module is used for verifying the encrypted data and needing to check the authority level of the current block chain, thereby avoiding unauthorized access of the block link node to other block link nodes.
5. The power distribution network automation operation and maintenance network-based security encryption authentication platform of claim 1, wherein: judging abnormal data:
z01, uploading the data to the central processing platform, detecting the uploading time of the current data, judging whether the uploading time of the data is the same as the uploading time of the historical data to the central processing platform, if not, jumping to the step Z02;
z02: according to historical data, judging the security level and the format of the data to be uploaded, judging the filled data format before the network is disconnected, comparing the data format with the labeled data format, recording the data format as d, if the data format changes, jumping to the step Z03, if the data format does not change, storing the data according to a historical data mode;
z03: judging the abnormal characteristics of the current data and judging the similarity value of the abnormal data.
6. The power distribution network automation operation and maintenance network-based security encryption authentication platform of claim 5, wherein: in the step Z02, the data set to be uploaded currently is W ═ W1,w2,w3...wnDetermining different format standards of data to be filled in the data set, setting the number of rows and columns of historical data as i x j, setting the number of rows and columns of filled data as a x b when the current network is not disconnected, and detecting a x b<When the current data is not completely written, the filled data is changed into a '× b', the characteristic point of the current data is 0, and the current data is relatively complete;
when the filled data is changed from a b to a '/b', and a '/b' > a '/b' < a '/b', the characteristic point of the current data is 1, and the current data is tampered;
when the characteristic point is detected to be 0, after network connection, the data format is still unchanged, namely a x b, and the current data is detected to be common data;
when the characteristic point is detected to be 1, the data format is changed after the network connection, the value is changed from a 'b' to a null value, and the current data is detected to be encrypted data.
7. The power distribution network automation operation and maintenance network-based security encryption authentication platform of claim 5, wherein: in step Z03, similarity comparison is performed on the detected abnormal data features, and the similarity formula is:
Figure FDA0002946541190000031
the x and y are abnormal data in the text, the more the cosine values of the two abnormal data are close to 1, the higher the similarity of the two data is, the more the cosine values of the two abnormal data are far from 1, the lower the similarity of the two data is, meanwhile, the similarity is sent to a central control platform through an abnormal data characteristic comparison system, whether the data is normal data or encrypted data is judged according to the type of the current abnormal data, and when the data is detected to be abnormal encrypted data, the content of the abnormal encrypted data is discarded.
8. The power distribution network automation operation and maintenance network-based security encryption authentication platform according to claim 1 or 5, wherein: the current data is encrypted by the block link point as follows:
z001: distributing different block chain nodes to the data uploaded by the current engineer, setting an encryption module and a common module for the block chain nodes, when other block chain nodes want to acquire common data, reading the data under permission of other block chain nodes, and when other block chain nodes want to acquire encrypted data, skipping to the step Z002;
z002: when the front block chain node reads the common data in the encrypted data, the common data can be read only by allowing the chain nodes of other blocks and cracking the current password, and when any condition is not met, the current data cannot be read;
when the front block chain node reads the top-secret data in the encrypted data, the authority level of the current reader needs to be verified, when the current authority level is not met, the current block chain node cannot read, when the authority level is met, the password of the current top-secret data needs to be cracked, and meanwhile, the reading time is set and the top-secret data cannot be read repeatedly.
9. The power distribution network automation-based operation and maintenance network security encryption authentication platform of claim 8, wherein: when the authority level of the current block chain node is continuously updated and the updated data is sent to the central control platform through the data security encryption system, when the data of other block chain nodes read by the current block chain is detected, the integral value of the current block chain node needs to be deducted, the transaction data of the integral value can only be shared by the current block chain link point and the block chain link point to be read, and the current residual integral value can only be provided for the currently read block chain link point;
the integral values of different block chain nodes are related to the data browsed by the current block chain node, the full integral value of the current block chain node is P, and the residual integral value P' is P-theta1P12P2When the remaining integral value of the block link node is not enough to read the data in other block link nodes, it is necessary to keep the other block link nodes in agreementApplication for a new integral value, θ1Refers to the coefficient, P, by which the data in the current blockchain node is viewed and modified1Is the integral value theta that should be deducted from the current blockchain node2Refers to the number of times that other block link points acquire data in the current block link point, P2It means that other blockchains pay the value of the integral in the current blockchain node.
10. The power distribution network automation operation and maintenance network-based security encryption authentication platform of claim 1, wherein: the steps of the platform are as follows:
a01: by using the abnormal data identification system, the safety detection can be carried out on the data uploaded by the current engineer, whether abnormal data exists or is tampered is judged, and the safety of the data is ensured;
a02: the method comprises the steps that an abnormal data feature comparison system is used, according to the features of abnormal data, the similarity is used for verifying more abnormal data, so that more abnormal data are identified, and the data cannot be lost or tampered during uploading;
a03: the data security encryption system is used for encrypting the block chain after uploading the current data, so that the data can not be easily tampered, and when the current block chain wants to acquire other block chain nodes, the encryption authority needs to be verified, and the security of the data is ensured.
CN202110197907.1A 2021-02-22 2021-02-22 Safety encryption authentication platform based on electric power distribution network automation operation and maintenance network Active CN112968780B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110197907.1A CN112968780B (en) 2021-02-22 2021-02-22 Safety encryption authentication platform based on electric power distribution network automation operation and maintenance network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110197907.1A CN112968780B (en) 2021-02-22 2021-02-22 Safety encryption authentication platform based on electric power distribution network automation operation and maintenance network

Publications (2)

Publication Number Publication Date
CN112968780A true CN112968780A (en) 2021-06-15
CN112968780B CN112968780B (en) 2021-10-22

Family

ID=76285538

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110197907.1A Active CN112968780B (en) 2021-02-22 2021-02-22 Safety encryption authentication platform based on electric power distribution network automation operation and maintenance network

Country Status (1)

Country Link
CN (1) CN112968780B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113672981A (en) * 2021-08-20 2021-11-19 国网河南省电力公司信息通信公司 Electric power thing networking data access control system based on block chain

Citations (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5432901A (en) * 1992-01-30 1995-07-11 Bmc Software, Inc. Method of dynamically generating a local format for use by a logical unit in a VTAM-type communications session
US20020078403A1 (en) * 2000-01-18 2002-06-20 Gullo Louis J. Reliability assessment and prediction system and method for implementing the same
JP2002203206A (en) * 2000-10-31 2002-07-19 Canon Inc Device and method for identifying document format
CN101114946A (en) * 2007-09-12 2008-01-30 中兴通讯股份有限公司 Method for collecting performance object data in telecommunication network management system
CN102194208A (en) * 2011-05-26 2011-09-21 西安理工大学 Image falsification detecting and falsification positioning method based on image signature
CN102930185A (en) * 2012-11-28 2013-02-13 中国人民解放军国防科学技术大学 Method and device for verifying integrity of security critical data of program in process of running
CN104050400A (en) * 2014-06-27 2014-09-17 西南交通大学 Webpage link protection method based on control character coding and steganography
CN107995148A (en) * 2016-10-27 2018-05-04 中国电信股份有限公司 The anti-tamper method of file, system, terminal and credible cloud platform
CN108846705A (en) * 2018-06-26 2018-11-20 李建欣 A kind of digital integration service system, method and electronic device
CN108876697A (en) * 2018-06-22 2018-11-23 南开大学 Pixel-level image certification, tampering detection and restoration methods
CN108932635A (en) * 2018-06-27 2018-12-04 中国银行股份有限公司 A kind of integration managing method and system based on block chain
CN108965042A (en) * 2018-05-31 2018-12-07 Oppo广东移动通信有限公司 Acquisition methods, device, terminal device and the storage medium of network delay
CN109302491A (en) * 2018-11-13 2019-02-01 爱普(福建)科技有限公司 A kind of industry internet framework and its operation method based on block chain
CN109682436A (en) * 2018-12-21 2019-04-26 金卡智能集团股份有限公司 Internet of Things gas meter, flow meter meter reading data mends the method copied
CN109829767A (en) * 2019-03-29 2019-05-31 山东浪潮云信息技术有限公司 A kind of point reward exchanging system and method based on block chain technology
CN110427783A (en) * 2019-08-01 2019-11-08 南京信业能源科技有限公司 A method of the anti-data tampering of weighing system is measured for supervision
CN110659651A (en) * 2019-09-05 2020-01-07 淮阴工学院 Tampering positioning reversible image watermarking method based on SIFT
CN112104626A (en) * 2020-09-03 2020-12-18 深圳市中科网威科技有限公司 Block chain-based data access verification method and device, electronic equipment and medium
CN112131317A (en) * 2020-11-25 2020-12-25 江苏荣泽信息科技股份有限公司 Data storage safety system based on block chain technology

Patent Citations (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5432901A (en) * 1992-01-30 1995-07-11 Bmc Software, Inc. Method of dynamically generating a local format for use by a logical unit in a VTAM-type communications session
US20020078403A1 (en) * 2000-01-18 2002-06-20 Gullo Louis J. Reliability assessment and prediction system and method for implementing the same
JP2002203206A (en) * 2000-10-31 2002-07-19 Canon Inc Device and method for identifying document format
CN101114946A (en) * 2007-09-12 2008-01-30 中兴通讯股份有限公司 Method for collecting performance object data in telecommunication network management system
CN102194208A (en) * 2011-05-26 2011-09-21 西安理工大学 Image falsification detecting and falsification positioning method based on image signature
CN102930185A (en) * 2012-11-28 2013-02-13 中国人民解放军国防科学技术大学 Method and device for verifying integrity of security critical data of program in process of running
CN104050400A (en) * 2014-06-27 2014-09-17 西南交通大学 Webpage link protection method based on control character coding and steganography
CN107995148A (en) * 2016-10-27 2018-05-04 中国电信股份有限公司 The anti-tamper method of file, system, terminal and credible cloud platform
CN108965042A (en) * 2018-05-31 2018-12-07 Oppo广东移动通信有限公司 Acquisition methods, device, terminal device and the storage medium of network delay
CN108876697A (en) * 2018-06-22 2018-11-23 南开大学 Pixel-level image certification, tampering detection and restoration methods
CN108846705A (en) * 2018-06-26 2018-11-20 李建欣 A kind of digital integration service system, method and electronic device
CN108932635A (en) * 2018-06-27 2018-12-04 中国银行股份有限公司 A kind of integration managing method and system based on block chain
CN109302491A (en) * 2018-11-13 2019-02-01 爱普(福建)科技有限公司 A kind of industry internet framework and its operation method based on block chain
CN109682436A (en) * 2018-12-21 2019-04-26 金卡智能集团股份有限公司 Internet of Things gas meter, flow meter meter reading data mends the method copied
CN109829767A (en) * 2019-03-29 2019-05-31 山东浪潮云信息技术有限公司 A kind of point reward exchanging system and method based on block chain technology
CN110427783A (en) * 2019-08-01 2019-11-08 南京信业能源科技有限公司 A method of the anti-data tampering of weighing system is measured for supervision
CN110659651A (en) * 2019-09-05 2020-01-07 淮阴工学院 Tampering positioning reversible image watermarking method based on SIFT
CN112104626A (en) * 2020-09-03 2020-12-18 深圳市中科网威科技有限公司 Block chain-based data access verification method and device, electronic equipment and medium
CN112131317A (en) * 2020-11-25 2020-12-25 江苏荣泽信息科技股份有限公司 Data storage safety system based on block chain technology

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
PRADIP KUMAR SHARMA等: "《A Software Defined Fog Node Based Distributed Blockchain Cloud Architecture for IoT》", 《IEEE ACCESS》 *
张炜: "《以区块链促进协作保存网络环境下信息资源的可信性》", 《技术应用》 *

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113672981A (en) * 2021-08-20 2021-11-19 国网河南省电力公司信息通信公司 Electric power thing networking data access control system based on block chain

Also Published As

Publication number Publication date
CN112968780B (en) 2021-10-22

Similar Documents

Publication Publication Date Title
CN104620225B (en) Method and system for server security checking
CN102224509B (en) Monitoring system, program-executing device, monitoring program, recording medium and integrated circuit
CN102355467B (en) Power transmission and transformation equipment state monitoring system security protection method based on trust chain transmission
CN105975877A (en) Safe storage method for sensitive file
CN112385197A (en) Block chain-based distributed automatic driving data management device and method
CN112968780B (en) Safety encryption authentication platform based on electric power distribution network automation operation and maintenance network
EP2947611A1 (en) Apparatus, method for controlling apparatus, and program
CN112468995A (en) Searchable encryption privacy protection method and system based on Internet of vehicles
CN113962787A (en) Safety protection method for financial information
CN102272770B (en) Tampering monitoring system, control device, and tampering control method
CN108776760A (en) A kind of secure storage and access method of electronic record
CN115982764A (en) Method, system, device and medium for storing electronic file based on block chain
CN102202057B (en) System and method for safely dumping data of mobile memory
CN117150576B (en) Intelligent verification system and method for block chain electronic seal
CN103839305A (en) Access control system and access control system privilege management method
WO2021082996A1 (en) File management method
CN115640591B (en) Contract management system and method for supply chain
CN106453057A (en) Method and terminal for preventing short message from being stolen
US10929313B2 (en) Method for securely and efficiently accessing connection data
CN115134169A (en) Block chain data management method and system
CN101424898B (en) Image forming apparatus and image forming system
CN111274579B (en) Enterprise document encryption protection system based on computer
CN113949591A (en) Data encryption protection method and system based on block chain
CN110365467B (en) Unmanned aerial vehicle behavior supervision system and method
CN111866554B (en) Multimedia safe playing method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant