CN106100836A - A kind of industrial user's authentication and the method and system of encryption - Google Patents

A kind of industrial user's authentication and the method and system of encryption Download PDF

Info

Publication number
CN106100836A
CN106100836A CN201610647319.2A CN201610647319A CN106100836A CN 106100836 A CN106100836 A CN 106100836A CN 201610647319 A CN201610647319 A CN 201610647319A CN 106100836 A CN106100836 A CN 106100836A
Authority
CN
China
Prior art keywords
encryption
user
industry control
authentication
control command
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201610647319.2A
Other languages
Chinese (zh)
Other versions
CN106100836B (en
Inventor
晏培
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Tianyu Technology (beijing) Co Ltd
Original Assignee
Beijing Tianyu Technology (beijing) Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Tianyu Technology (beijing) Co Ltd filed Critical Beijing Tianyu Technology (beijing) Co Ltd
Priority to CN201610647319.2A priority Critical patent/CN106100836B/en
Publication of CN106100836A publication Critical patent/CN106100836A/en
Application granted granted Critical
Publication of CN106100836B publication Critical patent/CN106100836B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0876Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Power Engineering (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Computer And Data Communications (AREA)

Abstract

The present invention relates to industrial information security technology area, in particular to a kind of industrial user's authentication and the method and system of encryption.The method includes: by electron key by USB interface access user terminal equipment, and log in client by subscriber terminal equipment;The hardware characteristics code of client comparison subscriber terminal equipment and the hardware characteristics code of electron key binding, if it is consistent, and certificate server checking user certificate there is legitimacy, then client obtain industry control command information and be encrypted, encapsulation process, obtain encryption packet;Described packet is transferred to encryption gateway by client;Described packet is carried out unpacking by encryption gateway, decryption processing, obtains the industry control command information of deciphering, and is transmitted to opc server.Solve present stage industrial information system data transmission security low, it is impossible to the problem ensureing the verity of packet.

Description

A kind of industrial user's authentication and the method and system of encryption
Technical field
The present invention relates to industrial information security technology area, in particular to a kind of industrial user's authentication with add Close method and system.
Background technology
Along with popularizing that information technology and network technology are applied in industrial system, open, interconnection has become with standardization For the inexorable trend of industrial information system development, industrial system is stronger to the dependency of information system, so industry letter The safety problem of breath system the most increasingly causes the attention of people, existing computer system, information network, operation system and people Safety consciousness had certain foundation for security, but for industrial information grid at present also in fast-developing rank Section, existing safety product such as fire wall, VPN (Virtual Private Network, Virtual Private Network) also cannot be direct For industrial information system, although the most also have Industry Control fire wall to be specifically designed for industrial protocol and be controlled, but Industry Control fire wall solve only the filtration to packet and control, it is impossible to ensures the verity of packet, industrial information system System there is presently no the security solution of comparative maturity.
Industrial information demand for security is extremely the most urgent, and the present invention combines conventional security correlation technique, for industrial information The feature of system, a kind of industrial user's authentication of invention and encryption system, solve industrial information system data transmission safety and ask Topic.
Summary of the invention
It is an object of the invention to provide a kind of industrial user's authentication and the method and system of encryption, to solve existing rank Section industrial information system data transmission security is low, it is impossible to the problem ensureing the verity of packet.
The invention provides a kind of industrial user's authentication and the method for encryption, comprising:
Step 1: obtaining electron key, described electron key includes user certificate, the first hardware characteristics code;
Step 2: electron key passes through USB interface access user terminal equipment, and starts client;
Step 3: client obtains described first hardware characteristics code and the second hardware characteristics of described subscriber terminal equipment Yard, the first hardware characteristics code, the second hardware characteristics code described in comparison, if unanimously, then carry out step 4;Otherwise terminate;
Step 4: client obtains described user certificate, and described user certificate is transferred to certificate server;
Step 5: certificate server verifies the legitimacy of described user certificate, if certification is passed through, and will be sent by information To client, carry out step 6;Otherwise terminate;
Step 6: industry control command information is encrypted by client, obtains the industry control command information of encryption;
Step 7: the industry control command information of described encryption is carried out tunnel encapsulation process by client, obtains packet;
Step 8: described packet is transferred to encryption gateway by client;
Step 9: described packet is carried out unpacking by described encryption gateway, decryption processing, obtains the industry control instruction letter of deciphering Breath;
Step 10: the industry control command information of described deciphering is transferred to opc server by described encryption gateway.
In certain embodiments, being preferably, described electron key is managed collectively by certificate authority.
In certain embodiments, being preferably, described electron key also includes: the encryption of Password Management office of country approval is calculated Method, user basic information, described user basic information includes user name, unit, department, telephone number and email address.
In certain embodiments, being preferably, described first hardware characteristics code is hard with unique user terminal apparatus bound Part condition code.
In certain embodiments, being preferably, described certificate server includes OCSP certificate server and ldap authentication service Device.
In certain embodiments, it is preferably, described step 9 also includes: the industry control of described deciphering is instructed by encryption gateway Information memory filtration treatment.
In certain embodiments, being preferably, described encryption gateway includes Industry Control firewall box.
Present invention also offers a kind of industrial user's authentication and the system of encryption, comprising: claim 1-6 is arbitrary Client, certificate server, encryption gateway and opc server described in Xiang;
Described client includes: read module, authentication module, encrypting module, package module and transport module, described reading Module is used for user certificate, the first hardware characteristics code information reading in electron key;Described authentication module is used for comparison first Hardware characteristics code and the second hardware characteristics code of subscriber terminal equipment;Described encrypting module is for adding industry control command information Close process, obtains the industry control command information of encryption;Described package module is for carrying out tunnel to the industry control command information of described encryption Road encapsulation process, obtains packet;Described transport module is for being transferred to encryption gateway by described packet;
Described certificate server is used for verifying user certificate legitimacy;
Described encryption gateway for carrying out described packet unpacking, decryption processing, obtain the industry control command information of deciphering;
Described opc server receives the industry control command information of described deciphering, and according to the industry control command information of described deciphering Perform associative operation.
For said system, further, in certain embodiments, being preferably, described certificate server includes OCSP certification Server and ldap authentication server.
Further, in certain embodiments, being preferably, described encryption gateway includes Industry Control firewall box.
Industrial user's authentication of embodiment of the present invention offer and the method and system of encryption, compared with prior art, By obtaining electron key, wherein electron key is bound with terminal device hardware, as long as the terminal unit through authorizing just has behaviour Make right, prevent the illegal operation of unauthorized user and equipment.So client is compared, the hardware of subscriber terminal equipment is special Levy the hardware characteristics code of code and electron key binding, and also the legal of described user certificate can be verified by certificate server Property, double verification processes, it is ensured that the safety of equipment and operating rights in fact in data transmission procedure.It addition, client is being incited somebody to action It can be encrypted encapsulation process before the transmission of industry control command information, take notice of the safety that ensure that data are transmitted.Therefore, originally Industrial user's authentication of disclosure of the invention and the method for encryption effectively solve the transmission of present stage industrial information system data Safety is low, it is impossible to the problem ensureing the verity of packet.
Accompanying drawing explanation
Fig. 1 is the method step schematic diagram of industrial user's authentication and encryption in one embodiment of the invention;
Fig. 2 is the system structure schematic diagram of industrial user's authentication and encryption in one embodiment of the invention.
Detailed description of the invention
For making the purpose of the embodiment of the present invention, technical scheme and advantage clearer, below in conjunction with the embodiment of the present invention In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is A part of embodiment of the present invention rather than whole embodiments.Based on the embodiment in the present invention, ordinary skill people The every other embodiment that member is obtained on the premise of not making creative work, broadly falls into the scope of protection of the invention.
It is low for present stage industrial information system data transmission security, it is impossible to the problem ensureing the verity of packet, The present invention proposes a kind of industrial user's authentication and the method and system of encryption.
As shown in Figure 1-2, it specifically includes:
Step 1: obtaining electron key, electron key includes user certificate, the first hardware characteristics code.
Electron key is managed collectively by certificate authority, comprises a user certificate and collect simultaneously inside each electron key Become the associated encryption algorithm of Password Management office of country approval;User certificate is issued by certificate granting CA center is unified.User certificate The inside comprises user basic information, and user basic information includes user name, unit, department, telephone number and email address;Each The hardware characteristics code of a terminal unit is also comprised inside electron key.Electron key is bound with terminal device hardware, if warp Cross the terminal unit authorized and just have operational rights, prevent the illegal operation of unauthorized user and equipment.
Step 2: electron key is by USB interface access user terminal equipment and starts client software.
Client software is arranged on subscriber terminal equipment, and user need to insert electron key when using client software, Each electron key can only be with a station terminal apparatus bound, and subscriber terminal equipment can read data from electron key;Gateway sets For carrying out two-way information interaction with subscriber terminal equipment;Family terminal unit and certificate server carry out two-way information interaction.Client End Integrated Simulation industry control protocol engine, the only packet of industrial control protocols just carry out safety and encrypt and data encapsulation, other Data do not enter tunnel, it is ensured that the data being transferred to server end only have the packet of industrial control protocols, and AES makes With the close algorithm of state.
Step 3: client obtains the second hardware characteristics code of the first hardware characteristics code and subscriber terminal equipment, comparison One hardware characteristics code, the second hardware characteristics code, if unanimously, then carry out step 4;Otherwise terminate.
Step 4: client obtains user certificate, and user certificate is transferred to certificate server.
Step 5: the legitimacy of certificate server checking user certificate, if certification is passed through, and will be sent to visitor by information Family end, carries out step 6;Otherwise terminate.
Step 6: industry control command information is encrypted by client, obtains the industry control command information of encryption.
Step 7: the industry control command information of encryption is carried out tunnel encapsulation process by client, obtains packet.
Step 8: packet is transferred to encryption gateway by client.
Step 9: packet is carried out unpacking by encryption gateway, decryption processing, obtains the industry control command information of deciphering, densification network Close the industry control command information memory filtration treatment to deciphering.
Therefore, encryption gateway, in addition to responsible data deciphering and forwarding, is also responsible for the industrial control protocols data after deciphering Depth-type filtration, effectively control the execution of illegal instruction.
Step 10: the industry control command information of deciphering is transferred to opc server by encryption gateway, and opc server receives relevant Performing associative operation after command information, a so far Industry Control instruction is completed by dedicated tunnel safe transmission.
The major function of client software is: the 1. hardware characteristics code of computing terminal equipment;2. read in electron key and tie up Fixed hardware characteristics code also compares with the hardware characteristics code calculated;3. read the certificate inside electron key and pass through certification Server carries out certificate verification;4. the industry control protocol data sent by industry control protocol engine module real-time monitor terminal equipment Bag;5. by the hardware encryption algorithm of offer in electron key to Data Packet Encryption and encapsulation;6. the packet after encryption is sent.
Certificate server carries out subscriber authentication for the user certificate issued unified to certificate authority, and certification takes Business device include OCSP (Online Certificate Status Protocol, online certificate status protocol) certificate server and LDAP (Lightweight Directory Access Protocol, Light Directory Access Protocol) certificate server.
Encryption gateway includes: Industry Control firewall box.Gateway software is arranged on encryption gateway equipment, its main merit Can be: the 1. industry control protocol data bag after subscriber terminal equipment receives encryption encapsulation;2. decrypted data packet;3. industry control plan is searched Slightly;4. search strategy route;5. forward packet to opc server.
For said method, the invention provides the system of industrial user's authentication and encryption, comprising: claim The client of any one of 1-6, certificate server, encryption gateway and opc server.Client includes: read module, checking mould Block, encrypting module, package module and transport module, read module is used for user certificate, the first hardware reading in electron key Condition code information;Authentication module is for the second hardware characteristics code of comparison the first hardware characteristics code with subscriber terminal equipment;Encryption Module, for being encrypted industry control command information, obtains the industry control command information of encryption;Package module is for encryption Industry control command information carry out tunnel encapsulation process, obtain packet;Transport module is for being transferred to encryption gateway by packet. Certificate server is used for verifying user certificate legitimacy.Encryption gateway for carrying out packet unpacking, decryption processing, solved Close industry control command information.The industry control command information of opc server receiving and deciphering, and perform according to the industry control command information of deciphering Associative operation.
Within the system, certificate server includes OCSP certificate server and ldap authentication server.Encryption gateway includes Industry Control firewall box.Its concrete principle is identical with the principle of the method for encryption with above-mentioned industrial user's authentication, therefore State the most in detail.
For above-mentioned industrial user's authentication and the method and system of encryption, provide two specific embodiments:
Embodiment 1:
In embodiment 1 realize industrial user's authentication and encryption system includes hardware device and related software.Hardware Equipment includes: encryption gateway, electron key, subscriber terminal equipment, certificate server;Related software includes: client software and Gateway software.
Client software is arranged on subscriber terminal equipment, and user need to insert electron key when using client software, Each electron key can only be with a station terminal apparatus bound, and subscriber terminal equipment can read data from electron key;Gateway sets For carrying out two-way information interaction with subscriber terminal equipment;Family terminal unit and certificate server carry out two-way information interaction.
Electron key is managed collectively by certificate authority, comprises a user certificate and collect simultaneously inside each electron key Become the associated encryption algorithm of Password Management office of country approval;User certificate is issued by certificate authority is unified;In user certificate Bread contains user basic information, and described user basic information includes user name, unit, department, telephone number and email address;Often The hardware characteristics code of a terminal unit is also comprised inside individual electron key.
The major function of client software is: the 1. hardware characteristics code of computing terminal equipment;2. read in electron key and tie up Fixed hardware characteristics code also compares with the hardware characteristics code calculated;3. read the certificate inside electron key and pass through certification Server carries out certificate verification;4. the industry control protocol data sent by industry control protocol engine module real-time monitor terminal equipment Bag;5. by the hardware encryption algorithm of offer in electron key to Data Packet Encryption and encapsulation;6. the packet after encryption is sent.
Described certificate server carries out subscriber authentication for the user certificate issued unified to certificate authority, recognizes Card server includes OCSP certificate server and ldap authentication server.
Described encryption gateway is Industry Control fire wall, and certificate server is ldap server.
Gateway software is arranged on encryption gateway equipment, and its major function is: 1. receives from subscriber terminal equipment and adds sealing Industry control protocol data bag after dress;2. decrypted data packet;3. industry control strategy is searched;4. search strategy route;5. packet is forwarded To opc server.
Use described industrial user's authentication and encryption system carry out information transmission flow process as in figure 2 it is shown, particularly as follows:
Step 1: subscriber terminal equipment sends an Industry Control instruction;
Step 2: client software obtains industry control by the industry control protocol engine that use is integrated in client software and instructs Information;
Step 3: client software calculates the hardware encoding of subscriber terminal equipment, that then binds in reading electron key is hard Part coding is compared, if unanimously, then performs the 4th step operation;Otherwise, current operation is terminated;
Step 4: client software reads the user certificate in electron key, then legal to certificate by certificate server Property be authenticated, certification is passed through, then perform the 5th step operation;Otherwise, current operation is terminated;
Step 5: client software uses Password Management office of country assignment algorithm to be encrypted industry control command information and tunnel Road encapsulates;
Step 6: the industry control command information after encapsulation is sent to encryption gateway by client software;
Step 7: encryption gateway is transmitted to opc server after receiving the industry control command information after encrypting and deciphering, and OPC services Device performs associative operation after receiving relevant instruction information, so far an Industry Control instruction is complete by dedicated tunnel safe transmission Become.
Embodiment 2:
In embodiment 2 to realize industrial user's authentication identical with the system in embodiment 1 with encryption system structure, district Not being only that: certificate server is OCSP certificate server, user certificate uses on-line authentication mode.
Use described industrial user's authentication and encryption system carry out information transmission flow process as in figure 2 it is shown, particularly as follows:
Step 1: subscriber terminal equipment sends an Industry Control instruction;
Step 2: client software obtains industry control by the industry control protocol engine that use is integrated in client software and instructs Information;
Step 3: client software calculates the hardware encoding of subscriber terminal equipment, that then binds in reading electron key is hard Part coding is compared, if unanimously, then performs the 4th step operation;Otherwise, current operation is terminated;
Step 4: client software reads the user certificate in electron key, then legal to certificate by certificate server Property be authenticated, certification is passed through, then perform the 5th step operation;Otherwise, current operation is terminated;
Step 5: client software uses Password Management office of country assignment algorithm to be encrypted industry control command information and tunnel Road encapsulates;
Step 6: the industry control command information after encapsulation is sent to encryption gateway by client software;
Step 7: encryption gateway is transmitted to opc server after receiving the industry control command information after encrypting and deciphering, and OPC services Device performs associative operation after receiving relevant instruction information, so far an Industry Control instruction is complete by dedicated tunnel safe transmission Become.
These are only the preferred embodiments of the present invention, be not limited to the present invention, for those skilled in the art For Yuan, the present invention can have various modifications and variations.All within the spirit and principles in the present invention, any amendment of being made, Equivalent, improvement etc., should be included within the scope of the present invention.

Claims (9)

1. industrial user's authentication and the method for encryption, it is characterised in that including:
Step 1: obtaining electron key, described electron key includes user certificate, the first hardware characteristics code;
Step 2: electron key passes through USB interface access user terminal equipment, and starts client;
Step 3: client obtains described first hardware characteristics code and the second hardware characteristics code of described subscriber terminal equipment, than To described first hardware characteristics code, the second hardware characteristics code, if unanimously, then carry out step 4;Otherwise terminate;
Step 4: client obtains described user certificate, and described user certificate is transferred to certificate server;
Step 5: certificate server verifies the legitimacy of described user certificate, if certification is passed through, and will be sent to visitor by information Family end, carries out step 6;Otherwise terminate;
Step 6: industry control command information is encrypted by client, obtains the industry control command information of encryption;
Step 7: the industry control command information of described encryption is carried out tunnel encapsulation process by client, obtains packet;
Step 8: described packet is transferred to encryption gateway by client;
Step 9: described packet is carried out unpacking by described encryption gateway, decryption processing, obtains the industry control command information of deciphering;
Step 10: the industry control command information of described deciphering is transferred to opc server by described encryption gateway.
A kind of industrial user's authentication the most as claimed in claim 1 and the method for encryption, it is characterised in that described electronics key Spoon is managed collectively by certificate authority;And/or,
Described electron key also includes: the AES of Password Management office of country approval, user basic information, described user is basic Information includes user name, unit, department, telephone number and email address.
A kind of industrial user's authentication the most as claimed in claim 1 and the method for encryption, it is characterised in that described step 9 In also include: the encryption gateway industry control command information memory filtration treatment to described deciphering.
A kind of industrial user's authentication the most as claimed in claim 1 and the method for encryption, it is characterised in that described first hard Part condition code is the hardware characteristics code with unique user terminal apparatus bound.
A kind of industrial user's authentication the most as claimed in claim 1 and the method for encryption, it is characterised in that described certification takes Business device includes OCSP certificate server and ldap authentication server.
A kind of industrial user's authentication the most as claimed in claim 1 and the method for encryption, it is characterised in that described densification network Pass includes Industry Control firewall box.
7. industrial user's authentication and the system of encryption, it is characterised in that including: described in any one of claim 1-6 Client, certificate server, encryption gateway and opc server;
Described client includes: read module, authentication module, encrypting module, package module and transport module, described read module For reading user certificate in electron key, the first hardware characteristics code information;Described authentication module is used for comparison the first hardware Condition code and the second hardware characteristics code of subscriber terminal equipment;Described encrypting module is for being encrypted place to industry control command information Reason, obtains the industry control command information of encryption;Described package module is for carrying out tunnel envelope to the industry control command information of described encryption Dress processes, and obtains packet;Described transport module is for being transferred to encryption gateway by described packet;
Described certificate server is used for verifying user certificate legitimacy;
Described encryption gateway for carrying out described packet unpacking, decryption processing, obtain the industry control command information of deciphering;
Described opc server receives the industry control command information of described deciphering, and performs according to the industry control command information of described deciphering Associative operation.
A kind of industrial user's authentication the most as claimed in claim 7 and the system of encryption, it is characterised in that described certification takes Business device includes OCSP certificate server and ldap authentication server.
A kind of industrial user's authentication the most as claimed in claim 7 and the system of encryption, it is characterised in that described densification network Pass includes Industry Control firewall box.
CN201610647319.2A 2016-08-09 2016-08-09 A kind of method and system of industrial user's authentication and encryption Active CN106100836B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201610647319.2A CN106100836B (en) 2016-08-09 2016-08-09 A kind of method and system of industrial user's authentication and encryption

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610647319.2A CN106100836B (en) 2016-08-09 2016-08-09 A kind of method and system of industrial user's authentication and encryption

Publications (2)

Publication Number Publication Date
CN106100836A true CN106100836A (en) 2016-11-09
CN106100836B CN106100836B (en) 2019-02-12

Family

ID=57456014

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201610647319.2A Active CN106100836B (en) 2016-08-09 2016-08-09 A kind of method and system of industrial user's authentication and encryption

Country Status (1)

Country Link
CN (1) CN106100836B (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107508852A (en) * 2017-07-07 2017-12-22 杰为软件系统(深圳)有限公司 A kind of industrial control equipment identification and management system and method based on Internet of Things
CN108076051A (en) * 2017-11-16 2018-05-25 北京润信恒达科技有限公司 A kind of internet of things equipment means of defence and device
CN109214221A (en) * 2018-08-23 2019-01-15 武汉普利商用机器有限公司 A kind of identity card reader verification method, host computer and identity card reader
CN110225038A (en) * 2019-06-13 2019-09-10 江苏亨通工控安全研究院有限公司 Method, apparatus and system for industrial information safety
CN110502909A (en) * 2019-08-06 2019-11-26 北京北信源软件股份有限公司 A kind of file encrypting method and device, a kind of file decryption method and device
CN111083134A (en) * 2019-12-11 2020-04-28 哈尔滨安天科技集团股份有限公司 Industrial control system communication encryption method and device, electronic equipment and storage medium
CN112087511A (en) * 2020-09-08 2020-12-15 国润创投(北京)科技有限公司 Automation equipment information acquisition system based on industrial internet
CN112731897A (en) * 2021-04-06 2021-04-30 浙江中控技术股份有限公司 Industrial control system communication method and system based on tunnel encryption and decryption
WO2022083212A1 (en) * 2020-10-23 2022-04-28 苏州浪潮智能科技有限公司 Blockchain-based cloud platform authentication method, system and device and medium
CN114500005A (en) * 2022-01-05 2022-05-13 上海安几科技有限公司 ModbusTcp instruction protection method, device, terminal and storage medium
CN115022064A (en) * 2022-06-15 2022-09-06 北京安盟信息技术股份有限公司 Private work network encrypted access method and device
CN116318876A (en) * 2023-02-16 2023-06-23 江苏特视智能科技有限公司 Special security gateway system for information board information release and operation method thereof

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101247391A (en) * 2007-12-28 2008-08-20 上海电力学院 OPC safety proxy system and proxy method thereof
CN201266949Y (en) * 2008-09-10 2009-07-01 北京科东电力控制系统有限责任公司 System for implementing digital certificate identification verification and sensitive data encipher
CN104268742A (en) * 2014-10-20 2015-01-07 陕西万宇电子信息科技有限公司 Official seal fake detection method and device based on network digital certificate and network lookup
CN104460657A (en) * 2014-11-14 2015-03-25 北京网御星云信息技术有限公司 Method, device and system for achieving protection of mobile operation and maintenance of industrial control system
CN105243314A (en) * 2015-09-14 2016-01-13 成都金安卓创科技有限公司 USB-key based security system and usage method therefor

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101247391A (en) * 2007-12-28 2008-08-20 上海电力学院 OPC safety proxy system and proxy method thereof
CN201266949Y (en) * 2008-09-10 2009-07-01 北京科东电力控制系统有限责任公司 System for implementing digital certificate identification verification and sensitive data encipher
CN104268742A (en) * 2014-10-20 2015-01-07 陕西万宇电子信息科技有限公司 Official seal fake detection method and device based on network digital certificate and network lookup
CN104460657A (en) * 2014-11-14 2015-03-25 北京网御星云信息技术有限公司 Method, device and system for achieving protection of mobile operation and maintenance of industrial control system
CN105243314A (en) * 2015-09-14 2016-01-13 成都金安卓创科技有限公司 USB-key based security system and usage method therefor

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107508852A (en) * 2017-07-07 2017-12-22 杰为软件系统(深圳)有限公司 A kind of industrial control equipment identification and management system and method based on Internet of Things
CN108076051A (en) * 2017-11-16 2018-05-25 北京润信恒达科技有限公司 A kind of internet of things equipment means of defence and device
CN109214221B (en) * 2018-08-23 2022-02-01 武汉普利商用机器有限公司 Authentication method of identity card reader, upper computer and identity card reader
CN109214221A (en) * 2018-08-23 2019-01-15 武汉普利商用机器有限公司 A kind of identity card reader verification method, host computer and identity card reader
CN110225038A (en) * 2019-06-13 2019-09-10 江苏亨通工控安全研究院有限公司 Method, apparatus and system for industrial information safety
CN110225038B (en) * 2019-06-13 2022-05-17 江苏亨通工控安全研究院有限公司 Method, device and system for industrial information security
CN110502909A (en) * 2019-08-06 2019-11-26 北京北信源软件股份有限公司 A kind of file encrypting method and device, a kind of file decryption method and device
CN111083134A (en) * 2019-12-11 2020-04-28 哈尔滨安天科技集团股份有限公司 Industrial control system communication encryption method and device, electronic equipment and storage medium
CN112087511A (en) * 2020-09-08 2020-12-15 国润创投(北京)科技有限公司 Automation equipment information acquisition system based on industrial internet
WO2022083212A1 (en) * 2020-10-23 2022-04-28 苏州浪潮智能科技有限公司 Blockchain-based cloud platform authentication method, system and device and medium
US11882227B2 (en) 2020-10-23 2024-01-23 Inspur Suzhou Intelligent Technology Co., Ltd. Blockchain-based cloud platform authentication method, system and device and medium
CN112731897A (en) * 2021-04-06 2021-04-30 浙江中控技术股份有限公司 Industrial control system communication method and system based on tunnel encryption and decryption
WO2022213535A1 (en) * 2021-04-06 2022-10-13 浙江中控技术股份有限公司 Industrial control system communication method and system based on tunnel encryption and decryption
CN114500005A (en) * 2022-01-05 2022-05-13 上海安几科技有限公司 ModbusTcp instruction protection method, device, terminal and storage medium
CN115022064A (en) * 2022-06-15 2022-09-06 北京安盟信息技术股份有限公司 Private work network encrypted access method and device
CN116318876A (en) * 2023-02-16 2023-06-23 江苏特视智能科技有限公司 Special security gateway system for information board information release and operation method thereof
CN116318876B (en) * 2023-02-16 2023-09-12 江苏特视智能科技有限公司 Special security gateway system for information board information release

Also Published As

Publication number Publication date
CN106100836B (en) 2019-02-12

Similar Documents

Publication Publication Date Title
CN106100836A (en) A kind of industrial user's authentication and the method and system of encryption
CN108684041B (en) System and method for login authentication
CN106357400B (en) Establish the method and system in channel between TBOX terminal and TSP platform
CN111222155A (en) Method and system for combining re-encryption and block link
US6981156B1 (en) Method, server system and device for making safe a communication network
CN110535653A (en) A kind of safe distribution terminal and its means of communication
CN105027493A (en) Secure mobile app connection bus
CN112528250B (en) System and method for realizing data privacy and digital identity through block chain
CN107105060A (en) A kind of method for realizing electric automobile information security
US20170279807A1 (en) Safe method to share data and control the access to these in the cloud
US6990582B2 (en) Authentication method in an agent system
CN102111274A (en) A platform and method for establishing provable identities while maintaining privacy
CN103248479A (en) Cloud storage safety system, data protection method and data sharing method
CN106789024B (en) A kind of remote de-locking method, device and system
CN109474613B (en) Highway information issuing private network security reinforcement system based on identity authentication
CN104424446A (en) Safety verification and transmission method and system
CN114039753B (en) Access control method and device, storage medium and electronic equipment
Griffin Telebiometric authentication objects
CN109948357A (en) System for connecting medical block chain and Internet of things
JPH10224345A (en) Cipher key authentication method for chip card and certificate
CN111787027A (en) Safety protection system and method for traffic information release
CN110213039A (en) A kind of management method, terminal and server
CN111327591A (en) Data transmission method, system and storage medium based on block chain
US20060053288A1 (en) Interface method and device for the on-line exchange of content data in a secure manner
WO2021170049A1 (en) Method and apparatus for recording access behavior

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant