CN105592090A - Event-based demand response dynamic security service method - Google Patents

Abstract

The invention provides an event-based demand response dynamic security service method, comprising the following one or more steps: a security access service step: providing security access service to assess the reliability of an access power consumer, and distributing executable tasks to a power supplier according to an assessment result; a secure communication service step: providing secure communication service to guarantee the communication security between a demand side and a response side; and a security analysis service step: providing security analysis service to determine whether an event is reliable. Under the condition of not influencing the original demand response function and efficiency of an intelligent power grid, the method is provided with an event-based demand response dynamic security service mechanism to enhance demand response security; the method dynamically provides security service for different users through service combination.

Description

Demand response dynamic security method of servicing based on event

Technical field

The present invention relates to security service mechanism, particularly, relate to the demand response dynamic security service side based on eventMethod.

Background technology

Intelligent grid has become the developing direction of following electrical network, in an intelligent grid, is often equipped with thousands ofSensor up to ten thousand and intelligence instrument, therefore it has proposed very high requirement to security. Demand response is as intelligenceOne of core technology of electrical network, supplier of electricity and user's resource is carried out dynamic integration comprehensively by it, to help improveMany-sided problems such as efficiency in electric power networks infrastructure, reliability, security, wherein, security be itOne of important problem. But, in different demand response events, user's demand for security be according to actual andGeneration dynamic change. Unalterable security service cannot meet dynamic Service demand, therefore needs now one badlyDynamic security service mechanism is supported the demand response in intelligent grid.

Along with being on the increase that smart machine and business software use, demand response communication is in the face of various nowA little less than becoming when network attack and being highly brittle. In the security study for intelligent grid in the past, there is use adaptive closeThe secret protection demand response mechanism of privacy attack realized forward secrecy and resists by key, also has based on Spreading spectrumThereby method realize the quick and healthy and strong transfer of data of physical layer and solve the method for physical security hidden danger. But these biographiesSystem method is often absorbed in the Design and implementation of demand response communication better to realize the high efficiency utilization of the energy, subtractsFew communications cost and increase reliability, be not but concerned about the security service in demand response. Therefore traditionalSecurity service mechanism in intelligent grid all cannot meet demand for security now.

Summary of the invention

For defect of the prior art, the object of this invention is to provide a kind of demand response based on event and dynamically pacifyFull method of servicing.

According to a kind of demand response dynamic security method of servicing based on event provided by the invention, comprise following anyOr multiple steps:

Safe access service step: provide safe access service, to assess the reliability of access power consumer, according to assessmentExecutable task is distributed to supplier of electricity by result;

Secure communication service step: provide secure communication service, to ensure the communication security between demand end and responder;

Safety analysis service steps: safety analysis service is provided, whether reliable with decision event.

Preferably, described assessment result comprises S (es);

Described safe access service step, comprising:

The threat value S (es) that obtains existing all suspicious actions in supplier of electricity, calculating formula is as follows:

$S\left(es\right)=ln\left(\frac{1}{n}\underset{i=1}{\overset{n}{\Σ}}\exp \right(V\left(a_i\right)\left)\right)$

Wherein, es represents supplier of electricity, and n represents the quantity of suspicious actions, a_iRepresent i suspicious actions, V (a_i) representThe threat index of i suspicious actions;

V(a_i)＝0.1×(0.6×I_i+0.4×E_i-1.5)×f(I_i)

Wherein, I_iRepresent i suspicious actions corresponding affect module, E_iRepresent i corresponding the opening of suspicious actionsSend out module; Work as I_iEqual at 0 o'clock, f (I_i) equal 0, otherwise, f (I_i) equal 1.176;

I_i＝10.41×[1-(1-CI_i)×(1-II_i)×(1-AI_i)]

E_i＝20×AC_i×A_i×AV_i

Wherein, CI_iRepresent i the confidentiality influence factor that suspicious actions are corresponding, II_iRepresent i suspicious actions correspondenceIntegrality influence factor, AI_iRepresent i the practicality influence factor that suspicious actions are corresponding, AC_iRepresent that i canDoubt access complexity corresponding to behavior, A_iRepresent i the certification that suspicious actions are corresponding, AV_iRepresent i suspicious actionsCorresponding access vector.

Preferably, described secure communication service step, comprising:

Security association service steps: for demand end and responder provide security association service, security association service comprise based onThe mutual authentication service of user name and dynamic password;

Encryption key distribution service steps: for demand end and responder provide encryption key distribution service, encryption key distribution service is for initialChange the assigned key of participant of communication and the response events of upgrading demand;

Content issuing service step: for demand end and responder provide content issuing service, in content issuing service, inAppearance will become ciphertext by secret key encryption, and exchange between demand end and responder with ciphertext form, and subscriber passes throughOriginal text corresponding to ciphertext deciphered and obtained to private key, wherein, supplier of electricity, power consumer respectively as the publisher of content, orderThe person of readding;

Communication discharges service steps: discharge service for demand end and responder provide to communicate by letter.

Preferably, demand end is designated as to D, responder is designated as to R, supplier of electricity is positioned at demand end, and power consumer is positioned at responseEnd;

Discharge in service in communication:

(1) D generates a random number Chg;

(2) D calculates RequestMAC, and Chg, RequestParameters, T, RequestMAC are sent toR; Wherein, RequestMAC represents the digital digest of solicited message, and Chg represents random number, RequestParametersIn expression solicited message, for calculating the parameter of digital digest, T represents temporal information;

RequestMAC＝HMAC(RequestParameters，T)；

Wherein, HMAC () represents according to the digital digest of hash function computing information, (M₁，M₂) expression pooling information M₁And letterBreath M₂；

(3) D sends request information to R;

(4) R calculates the digital digest RequestMAC ' whether being tampered for detection of solicited message:

RequestMAC’＝HMAC(RequestParameters’，T’)

Wherein, in the solicited message that RequestParameters ' represents to receive for calculating the parameter of digital digest, T 'Represent temporal information corresponding to solicited message receiving;

(5) R judges that whether the RequestMAC receiving is consistent with the RequestMAC ' calculating; If consistent,The information that accepts request, enters step (6) and continues to carry out, if inconsistent, refuses solicited message, exiting communication and dischargingProcess;

(6) R obtains ResParameters by RequestParameters by sensor, wherein, and ResParametersRepresent the parameter relating in response message;

(7) ResponseMAC that R calculates:

ResponseMAC＝HMAC(ResParameters,T)

Wherein, ResponseMAC represents the digital digest of response message;

(8) R calculates dynamic password DynamicPassword:

DynamicPassword＝H(Password,Chg)

Wherein, H (Password, Chg) represents that carrying out Hash operation by original password and random number Chg draws dynamic password,Password represents original password;

(9) R generates a security token ST, and ResParameters, T, ResponseMAC, ST are sent to R;

ST＝(Username,DynamicPassword,Chg)

Wherein, Username represents user name, and symbol (,) and expression pooling information;

(10) R sends response message to D;

(11) D authenticates power consumer receiving after response message;

(12) more new key of D, calculates RequestMAC and private key Privatekey, and sends EncryptedPrivatekey, ReqParameters, T, RequestMAC are to R, and wherein, EncryptedPrivatekey representsThe corresponding private key of user on hash chain;

(13) D sends key information to R;

(14) R obtains key according to key information;

(15) D encrypts DR content and sends ciphertext to R, and wherein, DR represents demand response information;

(16) D issues DR content information;

(17) R obtains the DR content of issuing according to key;

(18) DR content distribution process finishes, and D sends Rlease, RequestParameters, T, RequestMACGive R, wherein, Rlease represents to finish the release information of demand response communication process;

(19) D sends request information to R;

(20) R sends Reply, ResParameters, T, ResponseMAC to D; Wherein, Reply agreesFinish the return information of demand response communication process;

(21) R sends response message to D.

Preferably, in security association service, random number Chg is produced and is sent the participation of putting to demand response event at randomPerson, new password is calculated by original password and Chg by Hash operation; In the process of transmission information, service timeInformation T to ensure the communication security in public network, resists Replay Attack as timestamp; Publisher uses existing ginsengNumber is made a summary by Hash operation generating digital with temporal information T; Subscriber receives the original communication information from publisherM, temporal information T and HMAC (M), and calculate HMAC (M) and HMAC (M) ' whether equate, recognize if equateReliably for the communication information is not tampered, otherwise, think that it is insecure that the communication information is tampered;

Wherein, HMAC (M) represents that publisher is by M is carried out to the digital digest that Hash operation obtains, HMAC (M) ' tableShow that subscriber is by carrying out to M the digital digest that Hash operation obtains.

Preferably, in described safe access service step, the authority of determining supplier of electricity according to S (es), has supplier of electricityThe executable task of corresponding authority is distributed to supplier of electricity.

Preferably, in described safety analysis service steps, by forecast sample coefficient correlation to estimate, thereby choosingThe Power system load data (for example can obtain by tabling look-up the Power system load data of coupling) of selecting coupling, computing formula is as follows:

$C=\frac{\underset{i=1}{\overset{N}{\Σ}}(P_i-\stackrel{\‾}{P})(X_i-\stackrel{\‾}{X})}{\sqrt{\underset{i=1}{\overset{N}{\Σ}}{(P_i-\stackrel{\‾}{P})}^2}\sqrt{\underset{i=1}{\overset{N}{\Σ}}{(X_i-\stackrel{\‾}{X})}^2}}$

Wherein, C represents sample correlation coefficient, P_iBe illustrated in i the power value in demand response event, X_iBe illustrated inCharacteristic value in i demand response event,Represent the electric power mean value in demand response event N time,Representing needs for N timeAsk the feature mean value in response events.

Compared with prior art, the present invention has following beneficial effect:

The present invention does not affect under the prerequisite of the original demand response function of intelligent grid and efficiency, by designing one in guaranteeThe individual demand response dynamic security service mechanism based on event is to strengthen the security of demand response.

The present invention by service combining method dynamically for different users provides security service, designed safety clothesBusiness mechanism provides three kinds of services:

(1) reliability with assessment access user based on safe access service;

(2) ensure the communication security between demand end and responder based on secure communication service;

(3) whether the safety analysis service based on demand corresponding event to carry out decision event reliable.

Brief description of the drawings

By reading the detailed description of non-limiting example being done with reference to the following drawings, further feature of the present invention,It is more obvious that object and advantage will become:

Fig. 1 is the schematic diagram of the security service mechanism in demand response.

Fig. 2 is the schematic diagram of the safe access service of demand response.

Fig. 3 is the schematic diagram of secure communication service.

Fig. 4 is the schematic diagram of the Services Composition based on demand for security.

Detailed description of the invention

Below in conjunction with specific embodiment, the present invention is described in detail. Following examples will contribute to the technology people of this areaMember further understands the present invention, but does not limit in any form the present invention. It should be pointed out that the common skill to this areaArt personnel, without departing from the inventive concept of the premise, can also make some changes and improvements. These all belong toProtection scope of the present invention.

First relevant technical terms is explained:

DR: demand response (DemandResponse);

RBAC: the access control (Role-BasedpoliciesAccessControl) based on role;

DRAFTCVSS: universal safety leak points-scoring system;

Pub/Sub: issue and subscribe model (Publish/Subscribe);

HMAC: the Hash operation message authentication code (Hash-basedMessageAuthenticationCode) that key is relevant;

SVM: SVMs (SupportVectorMachine);

KCT: key chain tree (Key-ChainTree);

MMH: maximum marginal hyperplane (MaximumMarginalHyperplane).

The present invention, with the form of service bus, does not affect under the prerequisite of original electricity needs response function, by safety in guaranteeService adds wherein. As shown in Figure 1, except traditional application program, BAM, rule and task,The carrying out of demand response event protected in security service by Service Management and Services Composition. Clothes in demand response eventBusiness management relies on three kinds of main security services, comprising: safe access service, secure communication service and demand responseEvent safety analysis service. Service Management provides the centralized management to original service and extra security service. Its bagDraw together a web services registry and service resources bank, made the demand response can versioned control and reuse different service classType; Also comprised that a service dispatch is used to provide issue and subscribes to communications framework simultaneously.

1, safe access service

Safe access service can be carried out demand response event under security situation. As shown in Figure 2, safety access clothesBusiness is taking the access control RBAC service based on role as basis, and it makes management and configures for the license of Object Operations moreFor convenience. Safe access service is that supplier of electricity (for example electric company) provides each power consumer can by calculating threat valueThe basis of executing the task.

In order to assess the security of supplier of electricity, safety detection is used to detect the suspicious actions that may cause network attack,Calculate threat index by these suspicious actions again. As shown in equation (1), the threat index V of each suspicious actions withAffect module I relevant with exploitation module E.

V＝0.1×(0.6×I+0.4×E-1.5)×f(I)(1)

Wherein, affect module I by confidentiality influence factor CI, integrality influence factor II and practicality influence factorAI determines jointly. And exploitation module E calculates jointly by accessing vectorial AV, access complexity AC and authenticating A.

I＝10.41×[1-(1-CI)×(1-II)×(1-AI)](2)

E＝20×AC×A×AV(3)

In addition, f in the time that I equals 0 (I) equals 0, otherwise f (I) equals 1.176.

$f\left(I\right)=\left\{\begin{array}{c}0,I=0\\ 1.176,otherwise\end{array}\right.---\left(4\right)$

Afterwards, the threat index V that all suspicious actions are calculated in supplier of electricity es defines in equation (5)Come. S (es) calculates existing all suspicious actions a in es_i, i=1,2 ..., n, threat value.

$S\left(es\right)=ln\left(\frac{1}{n}\underset{i=1}{\overset{n}{\Σ}}\exp \right(V\left(a_i\right)\left)\right)---\left(5\right)$

Wherein, n represents the quantity of suspicious actions, a_iRepresent i suspicious actions, V (a_i) i suspicious actions of expressionThreat index;

The threat value calculating based on equation (5), an executable task has been distributed to supplier of electricity. Particularly,According to threat value, determine the authority of supplier of electricity, if there is the authority of carrying out a certain task and operation, then assign the task toThis supplier of electricity main body.

Permit being divided into data message authority and function privilege. Operation has represented various order in data resource operation; MeetingWords be one in the time of supplier of electricity promotional activities and a dynamic content of setting up; Constraint is used for controlling batch operation and keeping awayExempt from conflict.

2, secure communication service

An a large number of distributed energy resource that demand response system has been passed through communication network control, and demand response thingThe transmission of part is carried out just under the protection of secure communication service. This secure communication service is to issue and subscribe modelPub/Sub pattern is basis, as shown in Figure 3. Pub/Sub pattern can make communication network obtain better networking autgmentabilityMore dynamic network topology structure.

In security association service, the mutual authentication service between demand end and responder is based on user name and dynamically closeCode.

Encryption key distribution service is for can initialize communications and upgrade the assigned key of participant, and participant refers to electric powerUser.

In content issuing service, content will be become ciphertext and be exchanged target subscriber with ciphertext form by secret key encryptionCan decipher and obtain original text by private key. Supplier of electricity and power consumer are respectively as publisher and subscriber.

In secure communication protocols, D and R represent respectively demand end and the responder of demand response. In security association, withMachine is counted chg and is produced at random and send the participant of putting to demand response event. New password by hash function by original passwordCalculate with chg. In the process of transmission information, use temporal information T to ensure the communication peace in public networkEntirely, opposing Replay Attack. Publisher makes a summary by HMAC generating digital by existing parameter and temporal information. Original logicalLetter information M, temporal information T and HMAC (M) are sent to subscriber. Subscriber receives information and calculatingWhether HMAC (M) ' equates the reliability with authorization information with HMAC (M).

Symbol description in table 1 secure communication protocols

In secure communication service, the encryption key distribution service with self-regeneration based on key chain tree KCT is adopted, justStage beginning, broadcast stage and key recovery stage are to realize topmost three parts of basic function. Be specially:

When after the safe access service of demand response, participant's task changes, and implements the key updating stage, works as subparticipationPerson loses broadcast packet, implements self-regeneration;

In initial phase, first defining maximum participant's quantity is N, and group keeper constructs a key chain tree KCTAnd the two-way hash chain of many-one. Suppose has s participant in logic in the time initializing in network, group keeper is by sIndividual participant is put on front s the leaf of KCT. Participant is relevant with the two-way hash chain of logN from leaf to root. Two-wayIn hash chain, all keys represent each participant's private key and distribute by group keeper. In the broadcast stage, meetingWords key need to be updated, and participant calculates encryption key by original private key by hash function. Group's management is two-wayIn hash chain, find encryption key. Broadcast packet had been considered the illegal participant who cancels before setting up. In key recovery,Participant obtains the position of encrypted session key in KCT, and obtains encryption key by two-way hash chain.

In the time that participant changes, being used as is that new task masses initialize a member, and group keeper is by memberBe placed in KCT first also in remaining leaf and distribute corresponding private key. The session of a new round is heavy group keeperNew granting session key and encrypted session key start. In the time that some member loses session packet, will come by self-regeneration extensiveMultiple session key. Session key will recover according to the broadcast session before this session content and after this session content.

3, safety analysis service

Demand response event entity comprises a series of relevant demand response information. In safety analysis service, for decipheringThe test of demand response event is very important. Rough set theory based on SVM is used to the authenticity of the event of identifying.

In a demand response event, there are the details of a lot of description demand response programs. A practical program listState in demand response program a lot of relevant information to carry out working procedure from the angle of supplier of electricity and power consumer. For electricityPower user, most important information is the electric load changing. Method proposed by the invention is by prediction linear correlationCoefficient to be to estimate, thereby select the data (for example Power system load data) of coupling, for example, and can be by tabling look-upTo the Power system load data of coupling. Computing formula is as shown in formula (6).

$C=\frac{\underset{i=1}{\overset{N}{\Σ}}(P_i-\stackrel{\‾}{P})(X_i-\stackrel{\‾}{X})}{\sqrt{\underset{i=1}{\overset{N}{\Σ}}{(P_i-\stackrel{\‾}{P})}^2}\sqrt{\underset{i=1}{\overset{N}{\Σ}}{(X_i-\stackrel{\‾}{X})}^2}}---\left(6\right)$

Wherein, C represents sample correlation coefficient, P_i、X_iRepresent respectively power value in i demand response event,Characteristic value,Represent respectively electric power mean value, the feature mean value in demand response event N time. Root while choosing dataSelect the better performance of the higher representative of value of C according to the sample correlation coefficient that data are corresponding.

Different from traditional conclusion deduction, SVM has realized the prediction example effectively changing into from training example. SVM canFrom feature space, catch geometric properties and do not need to obtain the weight of network, it also can be from training data in a small amount simultaneouslyMiddle extraction optimal solution. Hyperplane has represented partitioning boundary, and we can enter demand response event according to selected attributeRow classification. The definition of hyperplane is as shown in formula (7).

F(x)＝W×X+b(7)

W represents weight, W={w₁,w₂,…,w_m},w_iRepresent i attribute, i=1,2 ..., m, m represents attributeQuantity, b representative value partially, training data is the data of a series of m scales, is defined as follows:

X＝(x₁,x₂,…,x_m)

Wherein, x₁,x₂,…,x_mRepresent m attribute, b can be used as an extra weight w₀. Hyperplane also canRepresent with formula (8).

$F\left(x\right)=w_0+\underset{i=1}{\overset{m}{\Σ}}{w}_i{x}_i---\left(8\right)$

Wherein, x_iRepresent the property value of i attribute;

Adopt protruding double optimization algorithm to find maximum marginal hyperplane MMH. A partitioning boundary can be super according to maximum limitPlane MMH is written as formula (9):

$d\left(X^T\right)=\underset{i=1}{\overset{m}{\Σ}}{y}_i{\mathrm{\α}}_i{X}_i^T+b_0---\left(9\right)$

Wherein, d () represents partitioning boundary function, y_iExpress support for vectorial X_iClass label, α_i、b₀Represent automatically reallyFixed the most optimized parameter value; X_iRepresent the set of the property value of i attribute;

α_iAnd b₀To determine in the process of determining optimal solution. In order to ensure that all training datas can be classified, IMust make Edge difference maximize. For SVM, training process is very responsive for exceptional value, different in order to reduceThe impact of normal value, we give a membership qualification and by their member in training data set each dataQualification is added up deviation mutually, so just gives its lower membership qualification if a data point is detected as exceptional value,Thereby reduce overall error term. Wherein, membership qualification is an attribute of training in data set of definition.

By iteration, each experimental result joins in training set, and smart machine control can be distinguished different deciphering demands and ringThereby the authenticity of answering event is avoided the attack of fictitious use response events, make prediction more accurate.

4. dynamic security Services Composition

Services Composition is a core of system architecture, and it as shown in Figure 4. OO dynamic combined service baseIn safety condition to supplier of electricity and power consumer suitable service is provided. Service discovery module detects and connects with all equipmentConnect letter. All facility informations are all saved and analyze in an extra security service.

Except meeting system requirements, security attribute is also considered in Services Composition. Security information can be lookedFor the restrictive condition in the time that optimal service combination is provided.

Different electricity needs response projects are different for the demand of safety. Services Composition plan based on demand for securitySlightly help to provide different security services. In the time that service is requested, most suitable Services Composition Template is according to providedService request and demand for security optimization obtain. If result can not meet request, Services Composition will enter based on template soThe variation that row is small. The minimizing of service search and coupling computing time will improve the efficiency of algorithm. Institute in service processThe template producing will join in template database. If request has similar safety requirements, service can be in dataIn storehouse, find, thereby avoid repeating of Services Composition logic.

In traditional demand response security service, the safety that ensures demand response event has just been considered in some researchs,There is no the security service in too much consideration demand response, even if considered security service, is all often unalterablely not haveWith good grounds demand for services proposes security service dynamically.

And in the present invention, outside all safety having met demand response event realizes, also provide three kinds of safetyService, is respectively safe access service, secure communication service and safety analysis service, and different demand response eventsThe security service providing is also dynamic combined.

As shown in table 1, in the dynamic detection for information, five kinds of suspicious dynamic behaviours are all detected. According to equation(1) computational methods, threat value is all listed in the drawings. Calculate S (es)=0.223 according to equation (5).According to the threat value calculating, one conform to it execute the task and license is assigned to supplier of electricity. According to threatValue is different, and can execute the task and permit also can be different.

Table 2 dynamic detection result

As shown in table 2, m represents subscriber's quantity, the quantity of N representative all nodes in network. By of the present invention multipleAssorted degree is known compared with other invention complexities, and the present invention is on communication complexity and computation complexity and other invention phasesClosely, only slightly high than other inventions on storage complexity, but the invention provides one from being linked into the complete of releaseSecurity mechanism, and other security mechanisms are only to ensure the verifiability of data set.

The comparison of table 3 the present invention and other invention complexities

To sum up, this mechanism has ensured that in the situation that having ensured efficiency the safety of required time carries out, and provides at need simultaneouslyAsk the dynamic security service based on event in response.

Above specific embodiments of the invention are described. It will be appreciated that, the present invention is not limited toState specific implementations, those skilled in the art can make a variety of changes within the scope of the claims or revise,This does not affect flesh and blood of the present invention. In the situation that not conflicting, in the application's embodiment and embodimentFeature can combine arbitrarily mutually.

Claims (8)

1. the demand response dynamic security method of servicing based on event, is characterized in that, comprise following any orAppoint multiple steps:

Safe access service step: provide safe access service, to assess the reliability of access power consumer, according to assessmentExecutable task is distributed to supplier of electricity by result;

Secure communication service step: provide secure communication service, to ensure the communication security between demand end and responder;

Safety analysis service steps: safety analysis service is provided, whether reliable with decision event.

2. the demand response dynamic security method of servicing based on event according to claim 1, is characterized in that,Described assessment result comprises S (es);

Described safe access service step, comprising:

The threat value S (es) that obtains existing all suspicious actions in supplier of electricity, calculating formula is as follows:

$S\left(es\right)=ln\left(\frac{1}{n}\underset{i=1}{\overset{n}{\Σ}}\exp \right(V\left(a_i\right)\left)\right)$

Wherein, es represents supplier of electricity, and n represents the quantity of suspicious actions, a_iRepresent i suspicious actions, V (a_i) representThe threat index of i suspicious actions;

V(a_i)＝0.1×(0.6×I_i+0.4×E_i-1.5)×f(I_i)

Wherein, I_iRepresent i suspicious actions corresponding affect module, E_iRepresent i corresponding the opening of suspicious actionsSend out module; Work as I_iEqual at 0 o'clock, f (I_i) equal 0, otherwise, f (I_i) equal 1.176;

I_i＝10.41×[1-(1-CI_i)×(1-II_i)×(1-AI_i)]

E_i＝20×AC_i×A_i×AV_i

Wherein, CI_iRepresent i the confidentiality influence factor that suspicious actions are corresponding, II_iRepresent i suspicious actions correspondenceIntegrality influence factor, AI_iRepresent i the practicality influence factor that suspicious actions are corresponding, AC_iRepresent that i canDoubt access complexity corresponding to behavior, A_iRepresent i the certification that suspicious actions are corresponding, AV_iRepresent i suspicious actionsCorresponding access vector.

3. the demand response dynamic security method of servicing based on event according to claim 1, is characterized in that,Described secure communication service step, comprising:

Security association service steps: for demand end and responder provide security association service, security association service comprise based onThe mutual authentication service of user name and dynamic password;

Encryption key distribution service steps: for demand end and responder provide encryption key distribution service, encryption key distribution service is for initialChange the assigned key of participant of communication and the response events of upgrading demand;

Content issuing service step: for demand end and responder provide content issuing service, in content issuing service, inAppearance will become ciphertext by secret key encryption, and exchange between demand end and responder with ciphertext form, and subscriber passes throughOriginal text corresponding to ciphertext deciphered and obtained to private key, wherein, supplier of electricity, power consumer respectively as the publisher of content, orderThe person of readding;

Communication discharges service steps: discharge service for demand end and responder provide to communicate by letter.

4. the demand response dynamic security method of servicing based on event according to claim 3, is characterized in that, willDemand end is designated as D, and responder is designated as to R, and supplier of electricity is positioned at demand end, and power consumer is positioned at responder;

Discharge in service in communication:

(1) D generates a random number Chg;

(2) D calculates RequestMAC, and Chg, RequestParameters, T, RequestMAC are sent toR; Wherein, RequestMAC represents the digital digest of solicited message, and Chg represents random number, RequestParametersIn expression solicited message, for calculating the parameter of digital digest, T represents temporal information;

RequestMAC＝HMAC(RequestParameters，T)；

Wherein, HMAC () represents according to the digital digest of hash function computing information, (M₁，M₂) expression pooling information M₁And letterBreath M₂；

(3) D sends request information to R;

(4) R calculates the digital digest RequestMAC ' whether being tampered for detection of solicited message:

RequestMAC’＝HMAC(RequestParameters’，T’)

Wherein, in the solicited message that RequestParameters ' represents to receive for calculating the parameter of digital digest, T 'Represent temporal information corresponding to solicited message receiving;

(5) R judges that whether the RequestMAC receiving is consistent with the RequestMAC ' calculating; If consistent,The information that accepts request, enters step (6) and continues to carry out, if inconsistent, refuses solicited message, exiting communication and dischargingProcess;

(6) R obtains ResParameters by RequestParameters by sensor, wherein, and ResParametersRepresent the parameter relating in response message;

(7) ResponseMAC that R calculates:

ResponseMAC＝HMAC(ResParameters,T)

Wherein, ResponseMAC represents the digital digest of response message;

(8) R calculates dynamic password DynamicPassword:

DynamicPassword＝H(Password,Chg)

Wherein, H (Password, Chg) represents that carrying out Hash operation by original password and random number Chg draws dynamic password,Password represents original password;

(9) R generates a security token ST, and ResParameters, T, ResponseMAC, ST are sent to R;

ST＝(Username,DynamicPassword,Chg)

Wherein, Username represents user name, and symbol (,) and expression pooling information;

(10) R sends response message to D;

(11) D authenticates power consumer receiving after response message;

(12) more new key of D, calculates RequestMAC and private key Privatekey, and sends EncryptedPrivatekey, ReqParameters, T, RequestMAC are to R, and wherein, EncryptedPrivatekey representsThe corresponding private key of user on hash chain;

(13) D sends key information to R;

(14) R obtains key according to key information;

(15) D encrypts DR content and sends ciphertext to R, and wherein, DR represents demand response information;

(16) D issues DR content information;

(17) R obtains the DR content of issuing according to key;

(18) DR content distribution process finishes, and D sends Rlease, RequestParameters, T, RequestMACGive R, wherein, Rlease represents to finish the release information of demand response communication process;

(19) D sends request information to R;

(20) R sends Reply, ResParameters, T, ResponseMAC to D; Wherein, Reply agreesFinish the return information of demand response communication process;

(21) R sends response message to D.

5. the demand response dynamic security method of servicing based on event according to claim 3, is characterized in that,In security association service, random number Chg is produced at random and is sent the participant of putting to demand response event, and new password passes throughHash operation is calculated by original password and Chg; In the process of transmission information, service time, information T was as timestampTo ensure the communication security in public network, opposing Replay Attack; Publisher is logical by existing parameter and temporal information TCross Hash operation generating digital summary; Subscriber receive from publisher's original communication information M, temporal information T andHMAC (M), and calculate HMAC (M) and HMAC (M) ' whether equate, think that the communication information is not usurped if equateChanging is reliably, otherwise, think that it is insecure that the communication information is tampered;

Wherein, HMAC (M) represents that publisher is by M is carried out to the digital digest that Hash operation obtains, HMAC (M) ' tableShow that subscriber is by carrying out to M the digital digest that Hash operation obtains.

6. the demand response dynamic security method of servicing based on event according to claim 2, is characterized in that,In described safe access service step, determine the authority of supplier of electricity according to S (es), what supplier of electricity was had to a corresponding authority canCarrying out of task is distributed to supplier of electricity.

7. the demand response dynamic security method of servicing based on event according to claim 1, is characterized in that,In described safety analysis service steps, by forecast sample coefficient correlation, to estimate, computing formula is as follows:

$C=\frac{\underset{i=1}{\overset{N}{\Σ}}(P_i-\stackrel{\‾}{P})(X_i-\stackrel{\‾}{X})}{\sqrt{\underset{i=1}{\overset{N}{\Σ}}{(P_i-\stackrel{\‾}{P})}^2}\sqrt{\underset{i=1}{\overset{N}{\Σ}}{(X_i-\stackrel{\‾}{X})}^2}}$

Wherein, C represents sample correlation coefficient, P_iBe illustrated in i the power value in demand response event, X_iBe illustrated inCharacteristic value in i demand response event,Represent the electric power mean value in demand response event N time,Representing needs for N timeAsk the feature mean value in response events.

8. the demand response dynamic security method of servicing based on event according to claim 1, is characterized in that rootAccording to sample correlation coefficient, select the Power system load data of coupling.