CN114640998A - Cross-network joint authentication method and system for power transmission line equipment - Google Patents
Cross-network joint authentication method and system for power transmission line equipment Download PDFInfo
- Publication number
- CN114640998A CN114640998A CN202210188403.8A CN202210188403A CN114640998A CN 114640998 A CN114640998 A CN 114640998A CN 202210188403 A CN202210188403 A CN 202210188403A CN 114640998 A CN114640998 A CN 114640998A
- Authority
- CN
- China
- Prior art keywords
- equipment
- authentication
- authentication server
- network area
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/069—Authentication using certificates or pre-shared keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3263—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a cross-network joint authentication method and a system for power transmission line equipment, which comprise the following steps: the equipment sends an authentication request to an authentication server p of a current network area; judging whether the equipment exists in a legal node table in the equipment according to the ID information of the equipment, and if so, directly carrying out identity authentication on the equipment; if the equipment is not issued with the command of acquiring the network area identification, the equipment sends the network area identification of the equipment to the authentication server p; the authentication server p forwards an authentication request of the equipment to an authentication server q of a network area to which the equipment belongs, authenticates the identity of the equipment, and sends an endorsement certificate passing the authentication to the authentication server p if the authentication passes; and after the authentication server p receives the endorsement certificate, the device passes the authentication at the authentication server p. The invention can realize the cross-network authentication of the helicopter and other mobile devices, solve the problem of the cooperative authentication of the terminal device in different networks and ensure the credible access of the roaming service.
Description
Technical Field
The invention relates to the technical field of power transmission lines, in particular to a cross-network joint authentication method and system for power transmission line equipment.
Background
Along with the gradual popularization of the internet of things technology, the equipment is gradually turned into the normal state of the industry, and the automation and the intelligent degree in the field of electric power are improved by acquiring the operating parameters of the electric power equipment and transmitting the operating parameters to the terminal for visual display and monitoring.
However, in a heterogeneous converged networking environment, for authentication of a mobile device such as a helicopter, cross-center joint authentication is required to support its mobile roaming with respect to the network. The prior art does not provide a corresponding cross-network joint authentication method.
Disclosure of Invention
This section is for the purpose of summarizing some aspects of embodiments of the invention and to briefly introduce some preferred embodiments. In this section, as well as in the abstract and the title of the invention of this application, simplifications or omissions may be made to avoid obscuring the purpose of the section, the abstract and the title, and such simplifications or omissions are not intended to limit the scope of the invention.
The present invention has been made in view of the above-mentioned conventional problems.
Therefore, the technical problem solved by the invention is as follows: in a heterogeneous converged networking environment, cross-center joint authentication is required for authentication of mobile devices such as helicopters to support mobile roaming of the mobile devices relative to a network, and a corresponding cross-network joint authentication method is not provided in the prior art.
In order to solve the technical problems, the invention provides the following technical scheme: the method comprises the steps that equipment sends an authentication request to an authentication server p of a current network area, wherein the authentication request comprises ID information of the equipment; after receiving the authentication request, the authentication server p judges whether the equipment exists in a legal node table in the equipment according to the ID information of the equipment, if so, the identity authentication is directly carried out on the equipment, and if not, a command for acquiring the network area identifier is issued to the equipment; after receiving the command for acquiring the network area identifier, the equipment sends the network area identifier of the equipment to an authentication server p, the authentication server p forwards an authentication request of the equipment to an authentication server q of the network area of the equipment, the authentication server q authenticates the identity of the equipment, and if the authentication is passed, an endorsement certificate passing the authentication is sent to the authentication server p; after the authentication server p receives the endorsement credential, the device passes the authentication at the authentication server p, and the authentication server p stores the ID information of the device in the authenticated node table.
As an optimal scheme of the cross-network joint authentication method for the power transmission line equipment, the method comprises the following steps: after the authentication server q authenticates the identity of the device, sending the endorsement credential that the authentication passes to the authentication server p includes: ID information of the equipment, a network area identifier issued by the certificate, ID information of an authentication server q of the network area issued by the certificate, a result of passing equipment identity authentication, effective time of the certificate, a timestamp, a digital signature of the authentication server q issued by the certificate, and an identifier of the network area where the equipment is currently located.
As an optimal scheme of the cross-network joint authentication method for the power transmission line equipment, the method comprises the following steps: the ID information and the equipment authority level information of the equipment are stored in an authenticated node table of the authentication server p, the authentication server p records the ID information and the equipment authority level information of the equipment as metadata, and the metadata is packaged into a BLOCK BLOCK and put into a alliance chain.
As an optimal scheme of the cross-network joint authentication method for the power transmission line equipment, the method comprises the following steps: and if the equipment exists in a legal node table in the equipment, the authentication server p adopts a digital signature method of a public key certificate to carry out identity authentication on the equipment.
As an optimal scheme of the cross-network joint authentication method for the power transmission line equipment, the method comprises the following steps: the specific process of the authentication server p for authenticating the identity of the equipment by adopting the digital signature method of the public key certificate is as follows:
the equipment completes the signature of the authentication request by using the elliptic domain parameters and the combined public and private key of the authentication server p to generate signature data;
and the authentication server p carries out identity authentication on the equipment according to the signature data of the equipment and the public key of the equipment to obtain the conclusion whether the equipment passes the identity authentication.
In order to solve the above technical problem, the present invention further provides a cross-network joint authentication system for power transmission line equipment, including: the method comprises the steps that equipment, an authentication server p of a network area where the equipment is located currently and an authentication server q of a network area where the equipment belongs are included; the method comprises the steps that equipment sends an authentication request to an authentication server p of a current network area, wherein the authentication request comprises ID information of the equipment; after receiving the authentication request, the authentication server p judges whether the equipment exists in a legal node table in the equipment according to the ID information of the equipment, and if so, the authentication server p directly performs identity authentication on the equipment; if not, issuing a command for acquiring the network area identifier to the equipment; after receiving the command for acquiring the network area identifier, the device sends the network area identifier to which the device belongs to the authentication server p; the authentication server p forwards the authentication request of the equipment to an authentication server q of a network area to which the equipment belongs, the authentication server q authenticates the identity of the equipment, and if the authentication is passed, an endorsement certificate passing the authentication is sent to the authentication server p; after the authentication server p receives the endorsement credential, the device passes the authentication at the authentication server p, and the authentication server p stores the ID information of the device in the authenticated node table.
As an optimal scheme of the power transmission line device cross-network joint authentication system, the power transmission line device cross-network joint authentication system provided by the invention comprises the following steps: after the authentication server q authenticates the identity of the device, sending the endorsement credential that the authentication passes to the authentication server p includes: ID information of the equipment, a network area identifier issued by the certificate, ID information of an authentication server q of the network area issued by the certificate, a result of passing equipment identity authentication, effective time of the certificate, a timestamp, a digital signature of the authentication server q issued by the certificate, and an identifier of the network area where the equipment is currently located.
As an optimal scheme of the power transmission line device cross-network joint authentication system, the power transmission line device cross-network joint authentication system provided by the invention comprises the following steps: the ID information and the equipment authority level information of the equipment are stored in an authenticated node table of the authentication server p, the authentication server p records the ID information and the equipment authority level information of the equipment as metadata, and the metadata is packaged into a BLOCK BLOCK and put into a alliance chain.
As a preferred scheme of the cross-network joint authentication system for the power transmission line equipment, the invention comprises: and if the equipment exists in a legal node table in the equipment, the authentication server p adopts a digital signature method of a public key certificate to carry out identity authentication on the equipment.
As a preferred scheme of the cross-network joint authentication system for the power transmission line equipment, the invention comprises: the specific process of the authentication server p for authenticating the identity of the equipment by adopting the digital signature method of the public key certificate is as follows: the equipment completes the signature of the authentication request by using the elliptic domain parameters and the combined public and private key of the authentication server p to generate signature data; and the authentication server p carries out identity authentication on the equipment according to the signature data of the equipment and the public key of the equipment to obtain the conclusion whether the equipment passes the identity authentication.
The invention has the beneficial effects that: the method provided by the invention can realize the cross-network authentication problem of the helicopter and other mobile devices, and solve the problem of the cooperative authentication of the terminal device in different networks so as to ensure the credible access of roaming services.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings based on these drawings without inventive exercise. Wherein:
fig. 1 is a basic flowchart of a method and a system for cross-network joint authentication of power transmission line equipment according to an embodiment of the present invention;
fig. 2 is a basic flowchart of a method and a system for cross-network joint authentication of power transmission line equipment according to an embodiment of the present invention;
fig. 3 is a basic flowchart of a method and a system for cross-network joint authentication of power transmission line equipment according to an embodiment of the present invention.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present invention more comprehensible, embodiments accompanying figures of the present invention are described in detail below, and it is apparent that the described embodiments are a part, not all or all of the embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without making creative efforts based on the embodiments of the present invention, shall fall within the protection scope of the present invention.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present invention, but the present invention may be practiced in other ways than those specifically described and will be readily apparent to those of ordinary skill in the art without departing from the spirit of the present invention, and therefore the present invention is not limited to the specific embodiments disclosed below.
Furthermore, reference herein to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one implementation of the invention. The appearances of the phrase "in one embodiment" in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments.
The present invention will be described in detail with reference to the drawings, wherein the cross-sectional views illustrating the structure of the device are not enlarged partially in general scale for convenience of illustration, and the drawings are only exemplary and should not be construed as limiting the scope of the present invention. In addition, the three-dimensional dimensions of length, width and depth should be included in the actual fabrication.
Meanwhile, in the description of the present invention, it should be noted that the terms "upper, lower, inner and outer" and the like indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience of describing the present invention and simplifying the description, but do not indicate or imply that the referred device or element must have a specific orientation, be constructed in a specific orientation and operate, and thus, cannot be construed as limiting the present invention. Furthermore, the terms first, second, or third are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
The terms "mounted, connected and connected" in the present invention are to be understood broadly, unless otherwise explicitly specified or limited, for example: can be fixedly connected, detachably connected or integrally connected; they may be mechanically, electrically, or directly connected, or indirectly connected through intervening media, or may be interconnected between two elements. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
Example 1
Referring to fig. 1 to 2, an embodiment of the present invention provides a cross-network joint authentication method for power transmission line equipment, including:
s1: the equipment sends an authentication request to an authentication server p of a current network area, wherein the authentication request comprises ID information of the equipment;
s2: after receiving the authentication request, the authentication server p judges whether the equipment exists in a legal node table in the equipment according to the ID information of the equipment, if so, the identity authentication is directly carried out on the equipment, and if not, a command for acquiring the network area identifier is issued to the equipment;
s3: after receiving a command for acquiring a network area identifier, the equipment sends the network area identifier of the equipment to an authentication server p, the authentication server p forwards an authentication request of the equipment to an authentication server q of the network area of the equipment, the authentication server q authenticates the identity of the equipment, and if the authentication is passed, an endorsement certificate passing the authentication is sent to the authentication server p;
s4: after the authentication server p receives the endorsement credential, the device passes the authentication at the authentication server p, and the authentication server p stores the ID information of the device in the authenticated node table.
In a specific implementation process, after the authentication server q authenticates the identity of the device, sending the endorsement credential that the authentication passes to the authentication server p includes: ID information of equipment, a network area identifier issued by a certificate, ID information of an authentication server q of the network area issued by the certificate, a result that equipment identity authentication passes, effective time of the certificate, a timestamp, a digital signature of the authentication server q issued by the certificate, and an identifier of a network area where the equipment is currently located.
In a specific implementation process, the authenticated node table of the authentication server p stores ID information and device authority level information of the device, and the authentication server p records the ID information and the device authority level information of the device as metadata, packs the metadata into a BLOCK, and puts the BLOCK into a federation chain.
In a specific implementation process, if the device exists in a legal node table inside the device, the authentication server p performs identity authentication on the device by using a digital signature method of a public key certificate.
In a specific implementation process, as shown in fig. 2, a specific process of the authentication server p performing identity authentication on the device by using a digital signature method of a public key certificate is as follows:
the equipment completes the signature of the authentication request by using the elliptic domain parameters and the combined public and private key of the authentication server p to generate signature data;
and the authentication server p carries out identity authentication on the equipment according to the signature data of the equipment and the public key of the equipment to obtain a conclusion whether the equipment passes the identity authentication.
Example 2
Referring to fig. 3, another embodiment of the present invention is different from the first embodiment in that a power transmission line device cross-network joint authentication system is provided, and the power transmission line device cross-network joint authentication method is implemented based on the system, and specifically includes:
the authentication server p of the network area where the equipment is currently located and the authentication server q of the network area where the equipment itself belongs.
Specifically, the device sends an authentication request to an authentication server p in a current network area, wherein the authentication request includes ID information of the device;
after receiving the authentication request, the authentication server p judges whether the equipment exists in a legal node table in the equipment according to the ID information of the equipment, and if so, the authentication server p directly performs identity authentication on the equipment; if not, issuing a command for acquiring the network area identifier to the equipment;
after receiving a command for acquiring a network area identifier, the equipment sends the network area identifier to which the equipment belongs to an authentication server p; the authentication server p forwards an authentication request of the equipment to an authentication server q of a network area to which the equipment belongs, the authentication server q authenticates the identity of the equipment, and if the authentication passes, an endorsement certificate passing the authentication is sent to the authentication server p;
after the authentication server p receives the endorsement credential, the device passes the authentication at the authentication server p, and the authentication server p stores the ID information of the device in the authenticated node table.
In a specific implementation process, after the authentication server q authenticates the identity of the device, sending the endorsement credential that the authentication passes to the authentication server p includes: ID information of the equipment, a network area identifier issued by the certificate, ID information of an authentication server q of the network area issued by the certificate, a result of passing equipment identity authentication, effective time of the certificate, a timestamp, a digital signature of the authentication server q issued by the certificate, and an identifier of the network area where the equipment is currently located.
In a specific implementation process, the authenticated node table of the authentication server p stores ID information and device authority level information of the device, and the authentication server p records the ID information and the device authority level information of the device as metadata, packs the metadata into a BLOCK, and puts the BLOCK into a federation chain.
In a specific implementation process, if the device exists in a legal node table inside the device, the authentication server p performs identity authentication on the device by using a digital signature method of a public key certificate.
In a specific implementation process, the specific process of the authentication server p performing identity authentication on the device by using a digital signature method of a public key certificate is as follows:
the equipment completes the signature of the authentication request by using the elliptic domain parameters and the combined public and private key of the authentication server p to generate signature data;
and the authentication server p carries out identity authentication on the equipment according to the signature data of the equipment and the public key of the equipment to obtain the conclusion whether the equipment passes the identity authentication.
It should be recognized that embodiments of the present invention can be realized and implemented by computer hardware, a combination of hardware and software, or by computer instructions stored in a non-transitory computer readable memory. The methods may be implemented in a computer program using standard programming techniques, including a non-transitory computer-readable storage medium configured with the computer program, where the storage medium so configured causes a computer to operate in a specific and predefined manner, according to the methods and figures described in the detailed description. Each program may be implemented in a high level procedural or object oriented programming language to communicate with a computer system. However, the program(s) can be implemented in assembly or machine language, if desired. In any case, the language may be a compiled or interpreted language. Furthermore, the program can be run on a programmed application specific integrated circuit for this purpose.
Further, the operations of processes described herein can be performed in any suitable order unless otherwise indicated herein or otherwise clearly contradicted by context. The processes described herein (or variations and/or combinations thereof) may be performed under the control of one or more computer systems configured with executable instructions, and may be implemented as code (e.g., executable instructions, one or more computer programs, or one or more applications) collectively executed on one or more processors, by hardware, or combinations thereof. The computer program includes a plurality of instructions executable by one or more processors.
Further, the method may be implemented in any type of computing platform operatively connected to a suitable connection, including but not limited to a personal computer, mini computer, mainframe, workstation, networked or distributed computing environment, separate or integrated computer platform, or in communication with a charged particle tool or other imaging device, or the like. Aspects of the invention may be embodied in machine-readable code stored on a non-transitory storage medium or device, whether removable or integrated into a computing platform, such as a hard disk, optically read and/or write storage medium, RAM, ROM, or the like, such that it may be read by a programmable computer, which when read by the storage medium or device, is operative to configure and operate the computer to perform the procedures described herein. Further, the machine-readable code, or portions thereof, may be transmitted over a wired or wireless network. The invention described herein includes these and other different types of non-transitory computer-readable storage media when such media include instructions or programs that implement the steps described above in conjunction with a microprocessor or other data processor. The invention also includes the computer itself when programmed according to the methods and techniques described herein. A computer program can be applied to input data to perform the functions described herein to transform the input data to generate output data that is stored to non-volatile memory. The output information may also be applied to one or more output devices, such as a display. In a preferred embodiment of the invention, the transformed data represents physical and tangible objects, including particular visual depictions of physical and tangible objects produced on a display.
As used in this application, the terms "component," "module," "system," and the like are intended to refer to a computer-related entity, either hardware, firmware, a combination of hardware and software, or software in execution. For example, a component may be, but is not limited to being: a process running on a processor, an object, an executable, a thread of execution, a program, and/or a computer. By way of example, both an application running on a computing device and the computing device can be a component. One or more components can reside within a process and/or thread of execution and a component can be localized on one computer and/or distributed between two or more computers. In addition, these components can execute from various computer readable media having various data structures thereon. The components may communicate by way of local and/or remote processes such as in accordance with a signal having one or more data packets (e.g., data from one component interacting with another component in a local system, distributed system, and/or across a network such as the internet with other systems by way of the signal).
It should be noted that the above-mentioned embodiments are only for illustrating the technical solutions of the present invention and not for limiting, and although the present invention is described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that modifications or equivalent substitutions can be made to the technical solutions of the present invention without departing from the spirit and scope of the technical solutions of the present invention, which should be covered by the claims of the present invention.
Claims (10)
1. A cross-network joint authentication method for power transmission line equipment is characterized by comprising the following steps:
the method comprises the steps that equipment sends an authentication request to an authentication server p of a current network area, wherein the authentication request comprises ID information of the equipment;
after receiving the authentication request, the authentication server p judges whether the equipment exists in a legal node table in the equipment according to the ID information of the equipment, if so, the identity authentication is directly carried out on the equipment, and if not, a command for acquiring the network area identifier is issued to the equipment;
after receiving the command for acquiring the network area identifier, the equipment sends the network area identifier of the equipment to an authentication server p, the authentication server p forwards an authentication request of the equipment to an authentication server q of the network area of the equipment, the authentication server q authenticates the identity of the equipment, and if the authentication is passed, an endorsement certificate passing the authentication is sent to the authentication server p;
after the authentication server p receives the endorsement credential, the device passes the authentication at the authentication server p, and the authentication server p stores the ID information of the device in the authenticated node table.
2. The cross-network joint authentication method for the power transmission line equipment according to claim 1, wherein after the authentication server q authenticates the identity of the equipment, sending an endorsement credential that the authentication is successful to an authentication server p comprises: ID information of the equipment, a network area identifier issued by the certificate, ID information of an authentication server q of the network area issued by the certificate, a result of passing equipment identity authentication, effective time of the certificate, a timestamp, a digital signature of the authentication server q issued by the certificate, and an identifier of the network area where the equipment is currently located.
3. The cross-network joint authentication method for the electric transmission line equipment according to claim 1, wherein ID information and equipment authority level information of the equipment are stored in an authenticated node table of the authentication server p, and the authentication server p records the ID information and the equipment authority level information of the equipment as metadata, packages the metadata into a BLOCK, and places the BLOCK in a alliance chain.
4. The cross-network joint authentication method for the power transmission line equipment according to claim 1, wherein if the equipment exists in a legal node table inside the equipment, the authentication server p performs identity authentication on the equipment by using a digital signature method of a public key certificate.
5. The cross-network joint authentication method for the power transmission line equipment according to claim 4, wherein the specific process of the authentication server p for performing identity authentication on the equipment by adopting a digital signature method of a public key certificate is as follows:
the equipment completes the signature of the authentication request by using the elliptic domain parameters and the combined public and private key of the authentication server p to generate signature data;
and the authentication server p carries out identity authentication on the equipment according to the signature data of the equipment and the public key of the equipment to obtain a conclusion whether the equipment passes the identity authentication.
6. A power transmission line equipment cross-network joint authentication system is characterized by comprising: the method comprises the steps of obtaining equipment, an authentication server p of a network area where the equipment is located currently and an authentication server q of a network area where the equipment belongs;
the method comprises the steps that equipment sends an authentication request to an authentication server p of a current network area, wherein the authentication request comprises ID information of the equipment;
after receiving the authentication request, the authentication server p judges whether the equipment exists in a legal node table in the equipment according to the ID information of the equipment, and if so, the authentication server p directly performs identity authentication on the equipment; if not, issuing a command for acquiring the network area identifier to the equipment;
after receiving the command for acquiring the network area identifier, the device sends the network area identifier to which the device belongs to the authentication server p; the authentication server p forwards the authentication request of the equipment to an authentication server q of a network area to which the equipment belongs, the authentication server q authenticates the identity of the equipment, and if the authentication is passed, an endorsement certificate passing the authentication is sent to the authentication server p;
after the authentication server p receives the endorsement credential, the device passes the authentication at the authentication server p, and the authentication server p stores the ID information of the device in the authenticated node table.
7. The inter-network joint authentication system for the power transmission line equipment according to claim 6, wherein after the authentication server q authenticates the identity of the equipment, sending an endorsement credential that the authentication is successful to the authentication server p comprises: ID information of the equipment, a network area identifier issued by the certificate, ID information of an authentication server q of the network area issued by the certificate, a result of passing equipment identity authentication, effective time of the certificate, a timestamp, a digital signature of the authentication server q issued by the certificate, and an identifier of the network area where the equipment is currently located.
8. The cross-network joint authentication system for the electric transmission line equipment as claimed in claim 6, wherein ID information and equipment authority level information of the equipment are stored in an authenticated node table of the authentication server p, and the authentication server p records the ID information and the equipment authority level information of the equipment as metadata, packages the metadata into a BLOCK, and places the BLOCK in a federation chain.
9. The cross-network joint authentication system for the power transmission line equipment according to claim 6, wherein if the equipment exists in a legal node table inside the equipment, the authentication server p performs identity authentication on the equipment by using a digital signature method of a public key certificate.
10. The cross-network joint authentication system for the power transmission line equipment according to claim 9, wherein the authentication server p performs identity authentication on the equipment by using a digital signature method of a public key certificate in the following specific process:
the equipment completes the signature of the authentication request by using the elliptic domain parameters and the combined public and private key of the authentication server p to generate signature data;
and the authentication server p carries out identity authentication on the equipment according to the signature data of the equipment and the public key of the equipment to obtain a conclusion whether the equipment passes the identity authentication.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210188403.8A CN114640998A (en) | 2022-02-28 | 2022-02-28 | Cross-network joint authentication method and system for power transmission line equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210188403.8A CN114640998A (en) | 2022-02-28 | 2022-02-28 | Cross-network joint authentication method and system for power transmission line equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114640998A true CN114640998A (en) | 2022-06-17 |
Family
ID=81947535
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210188403.8A Pending CN114640998A (en) | 2022-02-28 | 2022-02-28 | Cross-network joint authentication method and system for power transmission line equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114640998A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115604357A (en) * | 2022-08-31 | 2023-01-13 | 云南电网有限责任公司(Cn) | Heterogeneous integration networking communication management and control system for power transmission line |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010111479A1 (en) * | 2009-03-26 | 2010-09-30 | Qualcomm Incorporated | Apparatus and method for user identity authentication in peer-to-peer overlay networks |
| CN102710422A (en) * | 2012-06-07 | 2012-10-03 | 西安电子科技大学 | Node authentication method for avoiding authentication congestion |
| CN106559408A (en) * | 2015-11-27 | 2017-04-05 | 国网智能电网研究院 | A kind of SDN authentication methods based on trust management |
| CN110430207A (en) * | 2019-08-13 | 2019-11-08 | 广东电网有限责任公司 | A kind of smart grid multi-point remote inter-network interaction collaboration authentication method |
-
2022
- 2022-02-28 CN CN202210188403.8A patent/CN114640998A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010111479A1 (en) * | 2009-03-26 | 2010-09-30 | Qualcomm Incorporated | Apparatus and method for user identity authentication in peer-to-peer overlay networks |
| CN102710422A (en) * | 2012-06-07 | 2012-10-03 | 西安电子科技大学 | Node authentication method for avoiding authentication congestion |
| CN106559408A (en) * | 2015-11-27 | 2017-04-05 | 国网智能电网研究院 | A kind of SDN authentication methods based on trust management |
| CN110430207A (en) * | 2019-08-13 | 2019-11-08 | 广东电网有限责任公司 | A kind of smart grid multi-point remote inter-network interaction collaboration authentication method |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN115604357A (en) * | 2022-08-31 | 2023-01-13 | 云南电网有限责任公司(Cn) | Heterogeneous integration networking communication management and control system for power transmission line |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110944330B (en) | MEC platform deployment method and device | |
| US9473496B2 (en) | Dynamically mapping network trust relationships | |
| CN110267270B (en) | Identity authentication method for sensor terminal access edge gateway in transformer substation | |
| EP3337219B1 (en) | Carrier configuration processing method, device and system, and computer storage medium | |
| CN104994504A (en) | Secure and automatic connection to wireless network | |
| EP2940954A1 (en) | Website identification method, device, and network system | |
| KR20190004499A (en) | Apparatus and methods for esim device and server to negociate digital certificates | |
| CN112565213A (en) | Authentication method and device, storage medium, and electronic device | |
| CN112019503A (en) | Method for obtaining equipment identification, communication entity, communication system and storage medium | |
| EP3713196A1 (en) | Method and apparatuses for binding an edge computing device to a communication terminal for pre-processing data | |
| US11523332B2 (en) | Cellular network onboarding through wireless local area network | |
| CN113343196A (en) | Internet of things security authentication method | |
| CN115462108A (en) | Password-free wireless authentication | |
| CN114640998A (en) | Cross-network joint authentication method and system for power transmission line equipment | |
| EP4280538A1 (en) | Service certificate management method and apparatus, system, and electronic device | |
| AU2021247219B2 (en) | Terminal parameter updating protection method and communication device | |
| EP3580885B1 (en) | Private key updating | |
| US20230308440A1 (en) | Establishment of Secure Communication | |
| CN111163466B (en) | Method for 5G user terminal to access block chain, user terminal equipment and medium | |
| CN115438353A (en) | User data management method and related equipment | |
| CN110351726B (en) | Terminal authentication method and device | |
| CN115086956A (en) | Network access method, network access device, medium, and electronic device for communication network | |
| CN109962897B (en) | Open platform authentication and access method and system based on two-dimensional code scanning | |
| CN114501441A (en) | User authentication method and device | |
| CN111372250A (en) | Base station determination method and apparatus, storage medium, and electronic apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |