CN103532951B - The off-line initial method of industrial terminal equipment and system - Google Patents
The off-line initial method of industrial terminal equipment and system Download PDFInfo
- Publication number
- CN103532951B CN103532951B CN201310482962.0A CN201310482962A CN103532951B CN 103532951 B CN103532951 B CN 103532951B CN 201310482962 A CN201310482962 A CN 201310482962A CN 103532951 B CN103532951 B CN 103532951B
- Authority
- CN
- China
- Prior art keywords
- terminal equipment
- industrial
- initialization
- industrial terminal
- certificate
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 claims description 30
- 238000000034 method Methods 0.000 description 8
- 238000005516 engineering process Methods 0.000 description 3
- 238000010276 construction Methods 0.000 description 2
- 238000001514 detection method Methods 0.000 description 2
- 238000005538 encapsulation Methods 0.000 description 2
- 238000009434 installation Methods 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 2
- 238000001629 sign test Methods 0.000 description 2
- 241001269238 Data Species 0.000 description 1
- 238000005039 chemical industry Methods 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000000977 initiatory Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000005304 joining Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000007639 printing Methods 0.000 description 1
Abstract
The present invention provides the off-line initial method of a kind of industrial terminal equipment, including: management terminal obtains the initialization information of the industrial terminal equipment of input;Management terminal is set up with described industrial terminal equipment and is connected, and initialization command is sent to described industrial terminal equipment;Industrial terminal equipment responds described initialization command;Management terminal receives described response command, obtains the digital certificate of server password machine generation and signs;Described digital certificate and initialization information are sent to industrial terminal equipment by management terminal;Described industrial terminal equipment receives described digital certificate and initialization information carries out initialization operation, and feeds back initialization result to described management terminal.The present invention also provides for the system of correspondence, industrial terminal equipment can carry out off-line initialization, work efficiency and security performance high.
Description
Technical field
The present invention relates to industrial end initialization technique field, particularly relate to a kind of industrial terminal equipment from
Line initial method, and the off-line initialization system of a kind of industrial terminal equipment.
Background technology
Industrial terminal equipment (such as equipment such as the distribution terminal of electrical network, loaded termination, measuring terminals) is in application
Extensively application.Typical distributed industrial control system (or distributed data acquisition system) by industry control main website (or
Monitoring backstage) and industrial terminal equipment composition.
Communication between these industrial end and industry control main website is mainly based upon IP network technology, for solving this
The business datum of one type system confidentiality, integrity and non-repudiation in traditional IP, needs
Preventer (or protection module), i.e. main website preventer and terminal is disposed between industrial end and industry control main website
Preventer.Communications security between equipment depends on the confidentiality of key, and wherein private key is by equipment voluntarily
Keeping, PKI distributes to all communication peer-entities by certificate mode.High at some security level requireds
In order to ensure safety in application scenarios (such as electrical network production system), use offline mode grant a certificate, often
Increase the manual work performed following aspects of a station terminal preventer:
1) public private key pair is generated
2) digital certificate system signs and issues the certificate A of this terminal protection equipment
3) certificate A off-line is presented to main website preventer
4) main website certificate B is presented to this terminal protection equipment
5) this terminal protection equipment is given by the root certificate authority of digital certificate system
6) a collection of configuration information of this terminal protection equipment etc. is configured.
The certificate issuance that this industrial control system off-line certificate issuance compares conventional digital diploma system has following lacking
Fall into:
1 be the equipment that conventional digital diploma system is signed and issued be more the equipment such as computer, server or PC,
The certificate installation process of these equipment is all manual operation, artificial configuration operation can be carried out.And industry is eventually
End preventer is a kind of industrial control equipment, without universal human interfaces such as mouse, keyboard, display;
And installation does not generally possess the engineer of computer relevant knowledge.
2 is that conventional digital certificate is all utilized in line mode to equipment grant a certificate, and by CA mechanism, (certificate is awarded
Card Certificate Authority center) carry out online certificate issuance, so can be by a lot of configuration information communications
The agreement signed and issued online is transmitted.And the certificate issuance of industrial end preventer is for guaranteeing that its safety needs
Offline mode to be used carries out certificate issuance, so causes needing substantial amounts of configuration information is passed through offline mode
It is injected in equipment.
3 is that industry control main website preventer quantity is generally fixed for two or four, but terminal protection equipment is several
Amount is a lot, and along with industrial control system scale increases (such as the construction of intelligent grid), these terminal protection equipment
Quantity can get more and more.And often increase by a station terminal preventer and be accomplished by injecting substantial amounts of joining to this terminal
Confidence ceases, and increases the information of this terminal protection equipment to main website preventer simultaneously.Set with the protection of every station terminal
Standby configuration needs count half an hour, and the configuration of 10,000 terminal protection equipment needs could configure for 6.94 months,
For industrial control system production, run and construction brings great inconvenience, efficiency is the lowest.
Summary of the invention
Based on this, the present invention provides off-line initial method and the system of a kind of industrial terminal equipment, can be to work
It is high that industry terminal unit carries out off-line initialization, work efficiency and security performance.
The off-line initial method of a kind of industrial terminal equipment, comprises the steps:
Management terminal obtains the initialization information of the industrial terminal equipment of input;
Management terminal is set up with described industrial terminal equipment and is connected, and initialization command is sent to described industry
Terminal unit;
Industrial terminal equipment responds described initialization command;
Management terminal receives described response command, obtains the digital certificate of server password machine generation and signs;
Described digital certificate and initialization information are sent to industrial terminal equipment by management terminal;
Described industrial terminal equipment receives described digital certificate and initialization information and carries out initialization operation, and instead
Feedback initialization result gives described management terminal.
The digital certificate off-line of a kind of industrial terminal equipment signs and issues system, sets including management terminal, industrial end
Standby and server cipher machine, described industrial terminal equipment and server cipher machine are respectively with described management terminal even
Connecing, wherein, described management terminal includes acquisition module, link block, signature blocks and sending module;Institute
State industrial terminal equipment and include respond module and initialization module;
Described acquisition module is for obtaining the initialization information of the industrial terminal equipment of input;
Described link block is connected for setting up with described industrial terminal equipment, and is sent to by initialization command
Described industrial terminal equipment;
Described respond module responds described initialization command;
Described signature blocks is used for receiving described response command, obtains the digital certificate that server password machine generates
And sign;
Described sending module is for being sent to industrial terminal equipment by described digital certificate and initialization information;
Described initialization module is used for receiving described digital certificate and initialization information carries out initialization operation, and
Feedback initialization result gives described management terminal.
The off-line initial method of above-mentioned industrial terminal equipment and system, obtained at the beginning of input by management terminal
Beginning information, management terminal is set up with industrial terminal equipment after being connected and is sent initialization command, obtaining industry
After the response of terminal unit, invoking server cipher machine generates digital certificate;Management terminal log word certificate enters
After row signature, the digital certificate after signature and initialization information are sent simultaneously at the beginning of industrial terminal equipment carries out
Beginning chemical industry is made;The present invention improves industrial terminal equipment and disposes, installs and initialized efficiency, convenient a large amount of
The management of industrial end preventer, the information of all industrial end preventers and certificate can carry out off-line
Management, industrial end preventer off-line and management terminal, directly to even, automatically initialize and demonstrate,prove
Book imports, it is to avoid the network security risk that traditional online certificate exists, and conventional USB flash drive offline copies
Certificate management security risk.
Accompanying drawing explanation
Fig. 1 is the off-line initial method schematic flow sheet in one embodiment of industrial terminal equipment of the present invention.
Fig. 2 is that the off-line of industrial terminal equipment of the present invention initializes system structural representation in one embodiment.
Fig. 3 is that the off-line of industrial terminal equipment of the present invention initializes system structural representation in another embodiment
Figure.
Fig. 4 is the handling process schematic diagram of Fig. 3 system.
Detailed description of the invention
Below in conjunction with embodiment and accompanying drawing, the present invention is described in further detail, but embodiments of the present invention
It is not limited to this.
As it is shown in figure 1, be the off-line initial method of a kind of industrial terminal equipment of the present invention, including walking as follows
Rapid:
S11, management terminal obtain the initialization information of the industrial terminal equipment of input;
Equipment management personnel will need the initialization information input management terminal of initialized equipment;Management terminal
Can be terminal, by arranging terminal management plug-in unit in WEB container, be exclusively used in acquisition industrial end
The initial informational services of equipment.
In a preferred embodiment, described initialization information is the configuration information of described industrial terminal equipment, bag
Include the IP address of described industrial terminal equipment, gateway ip address and/or be connected with described industrial terminal equipment
The IP address of wireless terminal device.
S12, management terminal are set up with described industrial terminal equipment and are connected, and are sent to by initialization command described
Industrial terminal equipment;
Management terminal is set up with industrial terminal equipment after being connected, and is sent to by the initialization command containing subject information
The industrial terminal equipment being initialised;Management terminal may be connected with multiple stage industrial terminal equipment simultaneously, is sending out
The subject information of the equipment of being initialised need to be carried when sending initialization command.
In a preferred embodiment, described management terminal sets up, with described industrial terminal equipment, the step bag being connected
Include: described management terminal selects to be connected with the foundation of described industrial terminal equipment by serial mode or network interface mode;
When industrial terminal equipment need to initialize, connect with management terminals physical with serial mode or network interface mode
Connect;Management terminal, by detection port, selects to be set with described industrial end by serial mode or network interface mode
Connect for setting up communication, it is achieved both off-line communications.
S13, industrial terminal equipment respond described initialization command;
Industrial terminal equipment responds after receiving described initialization command, to ensure and management terminal
Communications service is normal, it is ensured that follow-up digital certificate is signed and issued and is smoothed out with initial work.
S14, management terminal receive described response command, obtain the digital certificate of server password machine generation and sign
Name;
Management terminal receives response command, represents current and industrial terminal equipment communication is normal, can start to hold
Row certificate issuance and initialization operation;
The acquisition of digital certificate, need to call connected server password machine, server password machine generate;
Server password machine equipment for providing basic crypto-operation service, such as, realizes SM1/SM2/SM3 etc. right
Title, asymmetric and hashing algorithm, generate digital certificate;Get the digital certificate that server password machine generates,
It is signed by management terminal, the digital certificate after being signed.
In a preferred embodiment, the step of the digital certificate that described acquisition server password machine generates comprises the steps that
Described management terminal passes through openssl agreement and described server password machine communication, when carrying out communication,
The cryptographic algorithm of server password machine is registered in openssl agreement, when described management terminal obtains numeral card
During book, generate and obtain certificate request, by openssl agreement, described acquisition certificate request is converted to described
The certificate call request of server password machine, it is thus achieved that digital certificate;
Management terminal is by openssl agreement and described server password machine communication, and openssl agreement is used for shielding
Cover the difference of the server password various algorithm of machine bottom, and provide to upper strata unified certificate to process, sign/test
The functions such as label, data encrypting and deciphering, make communication process more safe and reliable.
Described digital certificate and initialization information are sent to industrial terminal equipment by S15, management terminal;
In this step, the initialization information of the digital certificate after signature and input is sent jointly to industry eventually
End equipment, improves the efficiency of industrial terminal equipment initial work.
S16, described industrial terminal equipment receive described digital certificate and initialization information carries out initialization operation,
And feed back initialization result to described management terminal.
Industrial terminal equipment can proceed by initialization operation after receiving digital certificate and initialization information, complete
After one-tenth, initialization result is fed back to described management terminal.
As in figure 2 it is shown, the digital certificate off-line that present invention also offers a kind of industrial terminal equipment signs and issues system,
Including management terminal 21, industrial terminal equipment 22 and server cipher machine 23, described industrial terminal equipment 22
Connecting with described management terminal 21 respectively with server cipher machine 23, wherein said management terminal 21 includes obtaining
Delivery block 211, link block 212, signature blocks 213 and sending module 214;Described industrial terminal equipment
22 include respond module 221 and initialization module 222;
Described acquisition module 211 is for obtaining the initialization information of the industrial terminal equipment of input;
Equipment management personnel will need the initialization information input management terminal 21 of initialized equipment;Management is eventually
End 21 can be terminal, by arranging terminal management plug-in unit in WEB container, is exclusively used in acquisition work
The initial informational services of industry terminal unit 22.
In a preferred embodiment, described initialization information is the configuration information of described industrial terminal equipment, bag
Include the IP address of described industrial terminal equipment, gateway ip address and/or be connected with described industrial terminal equipment
The IP address of wireless terminal device.
Described link block 212 is connected for setting up with described industrial terminal equipment 22, and by initialization command
It is sent to described industrial terminal equipment 22;
Management terminal 21 is set up with industrial terminal equipment 22 after being connected, by the initialization command containing subject information
It is sent to the industrial terminal equipment 22 being initialised;With multiple stage industrial terminal equipment while that management terminal 21 being possible
22 connect, and need to carry the subject information of the equipment of being initialised when sending initialization command.
In a preferred embodiment, described link block 212 is additionally operable to select by serial mode or network interface side
Formula is set up with described industrial terminal equipment and is connected;
When industrial terminal equipment 22 need to initialize, with serial mode or network interface mode and management terminal 21
Physical connection;Management terminal 21, by detection port, selects by serial mode or network interface mode and described work
Industry terminal unit 22 is set up communication and is connected, it is achieved both off-line communications.
Described respond module 221 is used for responding described initialization command;
Industrial terminal equipment 22 responds after receiving described initialization command, to ensure and management terminal
The Communications service of 21 is normal, it is ensured that follow-up digital certificate is signed and issued and is smoothed out with initial work.
Described signature blocks 213 is used for receiving described response command, obtains the numeral that server password machine generates
Certificate is also signed;
Management terminal 21 receives response command, represents current and industrial terminal equipment 22 communication is normal, can
Start to perform certificate issuance and initialization operation;
The acquisition of digital certificate, need to call connected server password machine 23, by server password machine 23
Generate;Server password machine 23 equipment is used for providing basic crypto-operation service, such as, realize
SM1/SM2/SM3 etc. are symmetrical, asymmetric and hashing algorithm, generate digital certificate;Get server password
The digital certificate that machine 23 generates, management terminal 21 is to its signature, the digital certificate after being signed.
In a preferred embodiment, described signature blocks 213 is additionally operable to by openssl agreement and described service
Device cipher machine 23 communication, when carrying out communication, is registered to openssl by the cryptographic algorithm of server password machine 23
In agreement, when described management terminal 21 obtains digital certificate, generate and obtain certificate request, pass through openssl
Described acquisition certificate request is converted to the certificate call request to described server password machine 23 by agreement, it is thus achieved that
Digital certificate;
Management terminal 21 is by openssl agreement and the communication of described server password machine 23, openssl agreement
For shielding the difference of the server cipher machine 23 various algorithm of bottom, and provide unified certificate to process to upper strata,
The function such as signature/sign test, data encrypting and deciphering, makes communication process more safe and reliable.
Described sending module 214 is for being sent to industrial terminal equipment by described digital certificate and initialization information
22;
In this module, the initialization information of the digital certificate after signature and input is sent jointly to industry eventually
End equipment 22, improves the efficiency of industrial terminal equipment 22 initial work.
Described initialization module 222 is used for receiving described digital certificate and initialization information carries out initialization operation,
And feed back initialization result to described management terminal 21.
Industrial terminal equipment 22 can proceed by initialization operation after receiving digital certificate and initialization information,
After completing, initialization result is fed back to described management terminal 21.
Next the present invention program is illustrated by a specific embodiment again.
As it is shown on figure 3, be realize the digital certificate off-line of above-mentioned industrial terminal equipment and sign and issue one of system be
System structure chart;
Described server password machine equipment, for the crypto-operation service basic for system offer, this service
Device cipher machine mainly achieves symmetrical, the asymmetric and hashing algorithms such as SM1/SM2/SM3.
Described industrial terminal equipment, carries out certificate issuance and initialized object for the present embodiment.
Described certificate package module, mainly completes the certificate issuance of SM2/SM3 algorithm, below pkcs10(
Be called for short P#10) form certificate request encapsulation and resolve.Wherein, certificate package module include cipher machine engine,
The parts such as openssl module, certificate interface encapsulation storehouse, JNI library.
Wherein, cipher machine engine is the adapter between Openssl and server cipher machine equipment, according to
The standard of Openssl engine realizes.The SM2/SM3 that server password machine equipment is realized by cipher machine engine
Algorithm is registered in openssl, and when openssl needs to use SM2/SM3 algorithm, cipher machine engine will be adjusted
It is converted into the call request to server password machine with request.
Wherein, openssl is used for shielding the difference of the various algorithm of bottom, and at the certificate that upper strata provides unified
The functions such as reason, signature/sign test, data encrypting and deciphering.When using SM2/SM3 scheduling algorithm, openssl calls
The cipher machine engine registering this algorithm completes concrete computing.
Wherein, certificate interface library is that the basic function provided based on openssl is packaged, it is achieved the product of certificate
The functions such as life, the generation of P#10 and parsing.Certificate interface library needs to read certificate template (bag from configuration file
Include the configuration template of the information such as certificate subject item, extension), cipher machine engine, the information such as private key index.
Wherein, JNI library is to realize the switching between java and certificate interface library.
Described configuration file, is used for depositing the information such as certificate template, cipher machine engine, private key index, supplies
Certificate interface library uses.
Described terminal protection equipment communication pool, for realization with the communication of terminal protection equipment with mutual.?
On communicating with terminal protection equipment, serial ports or network interface two ways, terminal protection equipment communication pool pair can be used
Two kinds of communication modes carry out abstract, it is achieved Unified Communication interface, real on the basis of Unified Communication interface the most again
The most unified communication protocol, terminal protection equipment communication pool uses apache mina technology to realize.
Described service mastery routine uses the framework of base java and Plugin Mechanism to realize, and frame part realizes basic
Function, for plug-in unit provide basis service.Mastery routine provides web interface to provide with system interaction for user
Interface.
Wherein, terminal management plug-in unit mainly completes the CRUD(additions and deletions of industrial terminal equipment and looks into and change,
Create/Read/Update/Delete) initialization operation of operation and industrial terminal equipment (includes the pre-of device
The functions such as record, initiation parameter configuration, information printing and initialization);
When initialization terminal preventer, terminal management plug-in unit calls terminal protection equipment communication pool and terminal
Preventer communicates, and the PKI derived according to terminal protection equipment, in conjunction with the terminal protection equipment pre-recorded
Information, calls organization management plug-in unit and realizes certificate issuance.Subsequently, the initialization that terminal management plug-in unit will be pre-recorded
Parameter transmits to terminal protection equipment together with certificate.
Wherein, organization management plug-in unit mainly provides the management function of mechanism, main website, under comprising importing and resolving
The P#10 of level main website, produce the function such as CRUD of main website certificate, master information according to P#10.
Wherein, mainly to complete user based on various actions such as IE browser login, operations for audit management plug-in unit
Record, for protecting the safety of present system self.
Wherein, system administration plug-in unit mainly completes present system user account number, password, account number role (bag
Include role's account numbers such as operator, system manager, security audit person, safety officer) each function privilege
Configuration.
As shown in Figure 4, it is the digital certificate off-line of an above-mentioned industrial terminal equipment process stream signing and issuing system
Cheng Tu;
Step 1.1: the information needing initialized terminal is entered into web by IE by manager in advance.
Step 1.2:web container calls the acquisition terminal details service that terminal management plug-in unit provides.
Step 2: manager by IE select be initialised terminal connected mode (include serial mode and
Network interface mode).
Step 3: manager performs initialization operation by IE.
Step 3.1:web container calling communication storehouse is set up with the equipment that is initialised and is connected, and will contain subject information
Initialization command be sent to the equipment that is initialised.
Step 3.2: the equipment response concurrent of being initialised send certificate P#10 request data, and communication pool is by this P#10
Request is sent to terminal management plug-in unit.
Step 3.3: terminal management plug-in unit sends certificate P#10 to certificate package module and generates request, and certificate seals
The SM2/SM3 algorithm computing of die-filling piece of invoking server cipher machine equipment Generates Certificate, and returns to terminal conduit
Reason plug-in unit.
Step 3.4: terminal management plug-in unit obtains main website certificate to organization management plug-in unit.
Step 3.5: the initialization datas such as the certificate of terminal, main website certificate are passed through communication pool by terminal management plug-in unit
It is sent to the equipment that is initialised, and waits initialization result.
Step 3.6: terminal management plug-in unit by initialization related information record in signing and issuing system.
The off-line initial method of industrial terminal equipment of the present invention and system, obtain input by management terminal
Initialization information, management terminal is set up with industrial terminal equipment after being connected and is sent initialization command, obtaining work
After the response of industry terminal unit, invoking server cipher machine generates digital certificate;Management terminal log word certificate
After signing, the digital certificate after signature and initialization information are sent simultaneously to industrial terminal equipment and carry out
Initial work;The present invention improves industrial terminal equipment and disposes, installs and initialized efficiency, convenient big
Amount industrial end preventer management, the information of all industrial end preventers and certificate can carry out from
Wire management, industrial end preventer off-line and management terminal directly to even, automatically carry out initializing and
Certificate imports, it is to avoid the network security risk of the existence of traditional online certificate, and conventional USB flash drive offline copies
Certificate management security risk.
Embodiment described above only have expressed the several embodiments of the present invention, and it describes more concrete and detailed,
But therefore can not be interpreted as the restriction to the scope of the claims of the present invention.It should be pointed out that, for this area
Those of ordinary skill for, without departing from the inventive concept of the premise, it is also possible to make some deformation and
Improving, these broadly fall into protection scope of the present invention.Therefore, the protection domain of patent of the present invention should be with appended
Claim is as the criterion.
Claims (8)
1. the off-line initial method of an industrial terminal equipment, it is characterised in that comprise the steps:
Management terminal obtains the initialization information of the industrial terminal equipment of input;Wherein, described initialization information
Comprise the information that described industrial terminal equipment is uniquely identified;
Management terminal is set up with described industrial terminal equipment and is connected, and initialization command is sent to described industry
Terminal unit;
Industrial terminal equipment responds described initialization command;
Management terminal receives described response command, obtains the digital certificate of server password machine generation and signs;
Described digital certificate and initialization information are sent to industrial terminal equipment by management terminal;
Industrial terminal equipment receives described digital certificate and initialization information is carried out at the beginning of initialization operation, and feedback
Beginningization result gives described management terminal.
The off-line initial method of industrial terminal equipment the most according to claim 1, it is characterised in that
The step of the digital certificate that described acquisition server password machine generates includes:
Described management terminal passes through openssl agreement and described server password machine communication, when carrying out communication,
The cryptographic algorithm of server password machine is registered in openssl agreement, when described management terminal obtains numeral card
During book, generate and obtain certificate request, by openssl agreement, described acquisition certificate request is converted to described
The certificate call request of server password machine, it is thus achieved that digital certificate.
The off-line initial method of industrial terminal equipment the most according to claim 1, it is characterised in that
Described management terminal is set up, with described industrial terminal equipment, the step being connected and is included:
Described management terminal selects to be set up even with described industrial terminal equipment by serial mode or network interface mode
Connect.
The off-line initial method of industrial terminal equipment the most according to claim 1, it is characterised in that
Described initialization information is the configuration information of described industrial terminal equipment, including the IP of described industrial terminal equipment
Address, gateway ip address and/or the IP address of wireless terminal device being connected with described industrial terminal equipment.
5. industrial terminal equipment off-line initialize a system, including management terminal, industrial terminal equipment and
Server password machine, described industrial terminal equipment and server cipher machine connect with described management terminal respectively,
It is characterized in that, described management terminal includes acquisition module, link block, signature blocks and sending module;
Described industrial terminal equipment includes respond module and initialization module;
Described acquisition module is for obtaining the initialization information of the industrial terminal equipment of input;
Described link block is connected for setting up with described industrial terminal equipment, and is sent to by initialization command
Described industrial terminal equipment;
Described respond module responds described initialization command;
Described signature blocks is used for receiving described response command, obtains the digital certificate that server password machine generates
And sign;
Described sending module is for being sent to industrial terminal equipment by described digital certificate and initialization information;
Described initialization module is used for receiving described digital certificate and initialization information carries out initialization operation, and
Feedback initialization result gives described management terminal.
The off-line of industrial terminal equipment the most according to claim 5 initializes system, it is characterised in that
Described signature blocks is additionally operable to by openssl agreement and described server password machine communication, when carrying out communication,
The cryptographic algorithm of server password machine is registered in openssl agreement, when described management terminal obtains numeral card
During book, generate and obtain certificate request, by openssl agreement, described acquisition certificate request is converted to described
The certificate call request of server password machine, it is thus achieved that digital certificate.
The off-line of industrial terminal equipment the most according to claim 5 initializes system, it is characterised in that
Described link block is additionally operable to select to be set up even with described industrial terminal equipment by serial mode or network interface mode
Connect.
The off-line of industrial terminal equipment the most according to claim 5 initializes system, it is characterised in that
Described initialization information is the configuration information of described industrial terminal equipment, including the IP of described industrial terminal equipment
Address, gateway ip address and/or the IP address of wireless terminal device being connected with described industrial terminal equipment.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310482962.0A CN103532951B (en) | 2013-10-15 | The off-line initial method of industrial terminal equipment and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310482962.0A CN103532951B (en) | 2013-10-15 | The off-line initial method of industrial terminal equipment and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN103532951A CN103532951A (en) | 2014-01-22 |
| CN103532951B true CN103532951B (en) | 2016-11-30 |
Family
ID=
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1838593A (en) * | 2005-03-07 | 2006-09-27 | 富士施乐株式会社 | Certificate acquisition system, certificate acquisition method, management communication apparatus and certification authority |
| CN101039182A (en) * | 2007-03-07 | 2007-09-19 | 广东南方信息安全产业基地有限公司 | Authentication system and method for issuing user identification certificate |
| CN101494862A (en) * | 2008-12-05 | 2009-07-29 | 北京工业大学 | Access authentication method of wireless mesh network |
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1838593A (en) * | 2005-03-07 | 2006-09-27 | 富士施乐株式会社 | Certificate acquisition system, certificate acquisition method, management communication apparatus and certification authority |
| CN101039182A (en) * | 2007-03-07 | 2007-09-19 | 广东南方信息安全产业基地有限公司 | Authentication system and method for issuing user identification certificate |
| CN101494862A (en) * | 2008-12-05 | 2009-07-29 | 北京工业大学 | Access authentication method of wireless mesh network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112291230B (en) | Data security authentication transmission method and device for terminal of Internet of things | |
| CN109361517A (en) | A kind of virtualization cloud cipher machine system and its implementation based on cloud computing | |
| CN101951366A (en) | Single-point logon method and system based on character terminal | |
| CN104320419A (en) | Encryption remote control system of power distribution network | |
| CN101945097A (en) | Electronic bill processing method, device and system | |
| CN106941403A (en) | Secrecy GSM and method based on quantum key | |
| CN113810788A (en) | Intelligent ammeter information transmission method and device and terminal equipment | |
| CN104578422A (en) | Remote maintenance method for transformer substation telecontrol forwarding table | |
| CN103401905A (en) | Mobile application platform system for power grid scheduling based on mobile intelligent terminal | |
| CN104144361B (en) | Logical resource test acceptance method and system under FTTH patterns | |
| CN114531942A (en) | Intelligent power grid measuring method | |
| CN103532951B (en) | The off-line initial method of industrial terminal equipment and system | |
| CN103873245B (en) | Dummy machine system data ciphering method and equipment | |
| CN107422181A (en) | A kind of electric energy meter for supporting 698 communications protocol | |
| CN105302664B (en) | A kind of storage snapshot management method and system | |
| CN107426008A (en) | Integrated wireless manages interchanger | |
| CN110633956A (en) | Information safety protection system of interactive service type microgrid | |
| CN103516683A (en) | Remote server system with offline terminals | |
| CN206313784U (en) | A kind of encryption equipment test system | |
| CN109195139A (en) | Data transmission method, device, platform and the medium of M2M management platform and eSIM card | |
| CN105812428A (en) | Method and system for household public resource management | |
| CN103532951A (en) | Off-line initialization method and off-line initialization system for industrial terminal devices | |
| RU128429U1 (en) | SOFTWARE AND HARDWARE COMPLEX OF AUTOMATED DATA EXCHANGE SYSTEMS | |
| CN103428247A (en) | Data transit server for embedded LED display screen control system | |
| CN100417101C (en) | Method for implementing selective service tracking function and selective service tracking apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| CP01 | Change in the name or title of a patent holder |
Address after: 510080 Dongfeng East Road, Dongfeng, Guangdong, Guangzhou, Zhejiang Province, No. 8 Patentee after: ELECTRIC POWER RESEARCH INSTITUTE, GUANGDONG POWER GRID CO., LTD. Address before: 510080 Dongfeng East Road, Dongfeng, Guangdong, Guangzhou, Zhejiang Province, No. 8 Patentee before: Electrical Power Research Institute of Guangdong Power Grid Corporation |