CN106100836A - A kind of industrial user's authentication and the method and system of encryption - Google Patents
A kind of industrial user's authentication and the method and system of encryption Download PDFInfo
- Publication number
- CN106100836A CN106100836A CN201610647319.2A CN201610647319A CN106100836A CN 106100836 A CN106100836 A CN 106100836A CN 201610647319 A CN201610647319 A CN 201610647319A CN 106100836 A CN106100836 A CN 106100836A
- Authority
- CN
- China
- Prior art keywords
- encryption
- user
- industry control
- authentication
- control command
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0876—Network architectures or network communication protocols for network security for authentication of entities based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The present invention relates to industrial information security technology area, in particular to a kind of industrial user's authentication and the method and system of encryption.The method includes: by electron key by USB interface access user terminal equipment, and log in client by subscriber terminal equipment;The hardware characteristics code of client comparison subscriber terminal equipment and the hardware characteristics code of electron key binding, if it is consistent, and certificate server checking user certificate there is legitimacy, then client obtain industry control command information and be encrypted, encapsulation process, obtain encryption packet;Described packet is transferred to encryption gateway by client;Described packet is carried out unpacking by encryption gateway, decryption processing, obtains the industry control command information of deciphering, and is transmitted to opc server.Solve present stage industrial information system data transmission security low, it is impossible to the problem ensureing the verity of packet.
Description
Technical field
The present invention relates to industrial information security technology area, in particular to a kind of industrial user's authentication with add
Close method and system.
Background technology
Along with popularizing that information technology and network technology are applied in industrial system, open, interconnection has become with standardization
For the inexorable trend of industrial information system development, industrial system is stronger to the dependency of information system, so industry letter
The safety problem of breath system the most increasingly causes the attention of people, existing computer system, information network, operation system and people
Safety consciousness had certain foundation for security, but for industrial information grid at present also in fast-developing rank
Section, existing safety product such as fire wall, VPN (Virtual Private Network, Virtual Private Network) also cannot be direct
For industrial information system, although the most also have Industry Control fire wall to be specifically designed for industrial protocol and be controlled, but
Industry Control fire wall solve only the filtration to packet and control, it is impossible to ensures the verity of packet, industrial information system
System there is presently no the security solution of comparative maturity.
Industrial information demand for security is extremely the most urgent, and the present invention combines conventional security correlation technique, for industrial information
The feature of system, a kind of industrial user's authentication of invention and encryption system, solve industrial information system data transmission safety and ask
Topic.
Summary of the invention
It is an object of the invention to provide a kind of industrial user's authentication and the method and system of encryption, to solve existing rank
Section industrial information system data transmission security is low, it is impossible to the problem ensureing the verity of packet.
The invention provides a kind of industrial user's authentication and the method for encryption, comprising:
Step 1: obtaining electron key, described electron key includes user certificate, the first hardware characteristics code;
Step 2: electron key passes through USB interface access user terminal equipment, and starts client;
Step 3: client obtains described first hardware characteristics code and the second hardware characteristics of described subscriber terminal equipment
Yard, the first hardware characteristics code, the second hardware characteristics code described in comparison, if unanimously, then carry out step 4;Otherwise terminate;
Step 4: client obtains described user certificate, and described user certificate is transferred to certificate server;
Step 5: certificate server verifies the legitimacy of described user certificate, if certification is passed through, and will be sent by information
To client, carry out step 6;Otherwise terminate;
Step 6: industry control command information is encrypted by client, obtains the industry control command information of encryption;
Step 7: the industry control command information of described encryption is carried out tunnel encapsulation process by client, obtains packet;
Step 8: described packet is transferred to encryption gateway by client;
Step 9: described packet is carried out unpacking by described encryption gateway, decryption processing, obtains the industry control instruction letter of deciphering
Breath;
Step 10: the industry control command information of described deciphering is transferred to opc server by described encryption gateway.
In certain embodiments, being preferably, described electron key is managed collectively by certificate authority.
In certain embodiments, being preferably, described electron key also includes: the encryption of Password Management office of country approval is calculated
Method, user basic information, described user basic information includes user name, unit, department, telephone number and email address.
In certain embodiments, being preferably, described first hardware characteristics code is hard with unique user terminal apparatus bound
Part condition code.
In certain embodiments, being preferably, described certificate server includes OCSP certificate server and ldap authentication service
Device.
In certain embodiments, it is preferably, described step 9 also includes: the industry control of described deciphering is instructed by encryption gateway
Information memory filtration treatment.
In certain embodiments, being preferably, described encryption gateway includes Industry Control firewall box.
Present invention also offers a kind of industrial user's authentication and the system of encryption, comprising: claim 1-6 is arbitrary
Client, certificate server, encryption gateway and opc server described in Xiang;
Described client includes: read module, authentication module, encrypting module, package module and transport module, described reading
Module is used for user certificate, the first hardware characteristics code information reading in electron key;Described authentication module is used for comparison first
Hardware characteristics code and the second hardware characteristics code of subscriber terminal equipment;Described encrypting module is for adding industry control command information
Close process, obtains the industry control command information of encryption;Described package module is for carrying out tunnel to the industry control command information of described encryption
Road encapsulation process, obtains packet;Described transport module is for being transferred to encryption gateway by described packet;
Described certificate server is used for verifying user certificate legitimacy;
Described encryption gateway for carrying out described packet unpacking, decryption processing, obtain the industry control command information of deciphering;
Described opc server receives the industry control command information of described deciphering, and according to the industry control command information of described deciphering
Perform associative operation.
For said system, further, in certain embodiments, being preferably, described certificate server includes OCSP certification
Server and ldap authentication server.
Further, in certain embodiments, being preferably, described encryption gateway includes Industry Control firewall box.
Industrial user's authentication of embodiment of the present invention offer and the method and system of encryption, compared with prior art,
By obtaining electron key, wherein electron key is bound with terminal device hardware, as long as the terminal unit through authorizing just has behaviour
Make right, prevent the illegal operation of unauthorized user and equipment.So client is compared, the hardware of subscriber terminal equipment is special
Levy the hardware characteristics code of code and electron key binding, and also the legal of described user certificate can be verified by certificate server
Property, double verification processes, it is ensured that the safety of equipment and operating rights in fact in data transmission procedure.It addition, client is being incited somebody to action
It can be encrypted encapsulation process before the transmission of industry control command information, take notice of the safety that ensure that data are transmitted.Therefore, originally
Industrial user's authentication of disclosure of the invention and the method for encryption effectively solve the transmission of present stage industrial information system data
Safety is low, it is impossible to the problem ensureing the verity of packet.
Accompanying drawing explanation
Fig. 1 is the method step schematic diagram of industrial user's authentication and encryption in one embodiment of the invention;
Fig. 2 is the system structure schematic diagram of industrial user's authentication and encryption in one embodiment of the invention.
Detailed description of the invention
For making the purpose of the embodiment of the present invention, technical scheme and advantage clearer, below in conjunction with the embodiment of the present invention
In accompanying drawing, the technical scheme in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
A part of embodiment of the present invention rather than whole embodiments.Based on the embodiment in the present invention, ordinary skill people
The every other embodiment that member is obtained on the premise of not making creative work, broadly falls into the scope of protection of the invention.
It is low for present stage industrial information system data transmission security, it is impossible to the problem ensureing the verity of packet,
The present invention proposes a kind of industrial user's authentication and the method and system of encryption.
As shown in Figure 1-2, it specifically includes:
Step 1: obtaining electron key, electron key includes user certificate, the first hardware characteristics code.
Electron key is managed collectively by certificate authority, comprises a user certificate and collect simultaneously inside each electron key
Become the associated encryption algorithm of Password Management office of country approval;User certificate is issued by certificate granting CA center is unified.User certificate
The inside comprises user basic information, and user basic information includes user name, unit, department, telephone number and email address;Each
The hardware characteristics code of a terminal unit is also comprised inside electron key.Electron key is bound with terminal device hardware, if warp
Cross the terminal unit authorized and just have operational rights, prevent the illegal operation of unauthorized user and equipment.
Step 2: electron key is by USB interface access user terminal equipment and starts client software.
Client software is arranged on subscriber terminal equipment, and user need to insert electron key when using client software,
Each electron key can only be with a station terminal apparatus bound, and subscriber terminal equipment can read data from electron key;Gateway sets
For carrying out two-way information interaction with subscriber terminal equipment;Family terminal unit and certificate server carry out two-way information interaction.Client
End Integrated Simulation industry control protocol engine, the only packet of industrial control protocols just carry out safety and encrypt and data encapsulation, other
Data do not enter tunnel, it is ensured that the data being transferred to server end only have the packet of industrial control protocols, and AES makes
With the close algorithm of state.
Step 3: client obtains the second hardware characteristics code of the first hardware characteristics code and subscriber terminal equipment, comparison
One hardware characteristics code, the second hardware characteristics code, if unanimously, then carry out step 4;Otherwise terminate.
Step 4: client obtains user certificate, and user certificate is transferred to certificate server.
Step 5: the legitimacy of certificate server checking user certificate, if certification is passed through, and will be sent to visitor by information
Family end, carries out step 6;Otherwise terminate.
Step 6: industry control command information is encrypted by client, obtains the industry control command information of encryption.
Step 7: the industry control command information of encryption is carried out tunnel encapsulation process by client, obtains packet.
Step 8: packet is transferred to encryption gateway by client.
Step 9: packet is carried out unpacking by encryption gateway, decryption processing, obtains the industry control command information of deciphering, densification network
Close the industry control command information memory filtration treatment to deciphering.
Therefore, encryption gateway, in addition to responsible data deciphering and forwarding, is also responsible for the industrial control protocols data after deciphering
Depth-type filtration, effectively control the execution of illegal instruction.
Step 10: the industry control command information of deciphering is transferred to opc server by encryption gateway, and opc server receives relevant
Performing associative operation after command information, a so far Industry Control instruction is completed by dedicated tunnel safe transmission.
The major function of client software is: the 1. hardware characteristics code of computing terminal equipment;2. read in electron key and tie up
Fixed hardware characteristics code also compares with the hardware characteristics code calculated;3. read the certificate inside electron key and pass through certification
Server carries out certificate verification;4. the industry control protocol data sent by industry control protocol engine module real-time monitor terminal equipment
Bag;5. by the hardware encryption algorithm of offer in electron key to Data Packet Encryption and encapsulation;6. the packet after encryption is sent.
Certificate server carries out subscriber authentication for the user certificate issued unified to certificate authority, and certification takes
Business device include OCSP (Online Certificate Status Protocol, online certificate status protocol) certificate server and
LDAP (Lightweight Directory Access Protocol, Light Directory Access Protocol) certificate server.
Encryption gateway includes: Industry Control firewall box.Gateway software is arranged on encryption gateway equipment, its main merit
Can be: the 1. industry control protocol data bag after subscriber terminal equipment receives encryption encapsulation;2. decrypted data packet;3. industry control plan is searched
Slightly;4. search strategy route;5. forward packet to opc server.
For said method, the invention provides the system of industrial user's authentication and encryption, comprising: claim
The client of any one of 1-6, certificate server, encryption gateway and opc server.Client includes: read module, checking mould
Block, encrypting module, package module and transport module, read module is used for user certificate, the first hardware reading in electron key
Condition code information;Authentication module is for the second hardware characteristics code of comparison the first hardware characteristics code with subscriber terminal equipment;Encryption
Module, for being encrypted industry control command information, obtains the industry control command information of encryption;Package module is for encryption
Industry control command information carry out tunnel encapsulation process, obtain packet;Transport module is for being transferred to encryption gateway by packet.
Certificate server is used for verifying user certificate legitimacy.Encryption gateway for carrying out packet unpacking, decryption processing, solved
Close industry control command information.The industry control command information of opc server receiving and deciphering, and perform according to the industry control command information of deciphering
Associative operation.
Within the system, certificate server includes OCSP certificate server and ldap authentication server.Encryption gateway includes
Industry Control firewall box.Its concrete principle is identical with the principle of the method for encryption with above-mentioned industrial user's authentication, therefore
State the most in detail.
For above-mentioned industrial user's authentication and the method and system of encryption, provide two specific embodiments:
Embodiment 1:
In embodiment 1 realize industrial user's authentication and encryption system includes hardware device and related software.Hardware
Equipment includes: encryption gateway, electron key, subscriber terminal equipment, certificate server;Related software includes: client software and
Gateway software.
Client software is arranged on subscriber terminal equipment, and user need to insert electron key when using client software,
Each electron key can only be with a station terminal apparatus bound, and subscriber terminal equipment can read data from electron key;Gateway sets
For carrying out two-way information interaction with subscriber terminal equipment;Family terminal unit and certificate server carry out two-way information interaction.
Electron key is managed collectively by certificate authority, comprises a user certificate and collect simultaneously inside each electron key
Become the associated encryption algorithm of Password Management office of country approval;User certificate is issued by certificate authority is unified;In user certificate
Bread contains user basic information, and described user basic information includes user name, unit, department, telephone number and email address;Often
The hardware characteristics code of a terminal unit is also comprised inside individual electron key.
The major function of client software is: the 1. hardware characteristics code of computing terminal equipment;2. read in electron key and tie up
Fixed hardware characteristics code also compares with the hardware characteristics code calculated;3. read the certificate inside electron key and pass through certification
Server carries out certificate verification;4. the industry control protocol data sent by industry control protocol engine module real-time monitor terminal equipment
Bag;5. by the hardware encryption algorithm of offer in electron key to Data Packet Encryption and encapsulation;6. the packet after encryption is sent.
Described certificate server carries out subscriber authentication for the user certificate issued unified to certificate authority, recognizes
Card server includes OCSP certificate server and ldap authentication server.
Described encryption gateway is Industry Control fire wall, and certificate server is ldap server.
Gateway software is arranged on encryption gateway equipment, and its major function is: 1. receives from subscriber terminal equipment and adds sealing
Industry control protocol data bag after dress;2. decrypted data packet;3. industry control strategy is searched;4. search strategy route;5. packet is forwarded
To opc server.
Use described industrial user's authentication and encryption system carry out information transmission flow process as in figure 2 it is shown, particularly as follows:
Step 1: subscriber terminal equipment sends an Industry Control instruction;
Step 2: client software obtains industry control by the industry control protocol engine that use is integrated in client software and instructs
Information;
Step 3: client software calculates the hardware encoding of subscriber terminal equipment, that then binds in reading electron key is hard
Part coding is compared, if unanimously, then performs the 4th step operation;Otherwise, current operation is terminated;
Step 4: client software reads the user certificate in electron key, then legal to certificate by certificate server
Property be authenticated, certification is passed through, then perform the 5th step operation;Otherwise, current operation is terminated;
Step 5: client software uses Password Management office of country assignment algorithm to be encrypted industry control command information and tunnel
Road encapsulates;
Step 6: the industry control command information after encapsulation is sent to encryption gateway by client software;
Step 7: encryption gateway is transmitted to opc server after receiving the industry control command information after encrypting and deciphering, and OPC services
Device performs associative operation after receiving relevant instruction information, so far an Industry Control instruction is complete by dedicated tunnel safe transmission
Become.
Embodiment 2:
In embodiment 2 to realize industrial user's authentication identical with the system in embodiment 1 with encryption system structure, district
Not being only that: certificate server is OCSP certificate server, user certificate uses on-line authentication mode.
Use described industrial user's authentication and encryption system carry out information transmission flow process as in figure 2 it is shown, particularly as follows:
Step 1: subscriber terminal equipment sends an Industry Control instruction;
Step 2: client software obtains industry control by the industry control protocol engine that use is integrated in client software and instructs
Information;
Step 3: client software calculates the hardware encoding of subscriber terminal equipment, that then binds in reading electron key is hard
Part coding is compared, if unanimously, then performs the 4th step operation;Otherwise, current operation is terminated;
Step 4: client software reads the user certificate in electron key, then legal to certificate by certificate server
Property be authenticated, certification is passed through, then perform the 5th step operation;Otherwise, current operation is terminated;
Step 5: client software uses Password Management office of country assignment algorithm to be encrypted industry control command information and tunnel
Road encapsulates;
Step 6: the industry control command information after encapsulation is sent to encryption gateway by client software;
Step 7: encryption gateway is transmitted to opc server after receiving the industry control command information after encrypting and deciphering, and OPC services
Device performs associative operation after receiving relevant instruction information, so far an Industry Control instruction is complete by dedicated tunnel safe transmission
Become.
These are only the preferred embodiments of the present invention, be not limited to the present invention, for those skilled in the art
For Yuan, the present invention can have various modifications and variations.All within the spirit and principles in the present invention, any amendment of being made,
Equivalent, improvement etc., should be included within the scope of the present invention.
Claims (9)
1. industrial user's authentication and the method for encryption, it is characterised in that including:
Step 1: obtaining electron key, described electron key includes user certificate, the first hardware characteristics code;
Step 2: electron key passes through USB interface access user terminal equipment, and starts client;
Step 3: client obtains described first hardware characteristics code and the second hardware characteristics code of described subscriber terminal equipment, than
To described first hardware characteristics code, the second hardware characteristics code, if unanimously, then carry out step 4;Otherwise terminate;
Step 4: client obtains described user certificate, and described user certificate is transferred to certificate server;
Step 5: certificate server verifies the legitimacy of described user certificate, if certification is passed through, and will be sent to visitor by information
Family end, carries out step 6;Otherwise terminate;
Step 6: industry control command information is encrypted by client, obtains the industry control command information of encryption;
Step 7: the industry control command information of described encryption is carried out tunnel encapsulation process by client, obtains packet;
Step 8: described packet is transferred to encryption gateway by client;
Step 9: described packet is carried out unpacking by described encryption gateway, decryption processing, obtains the industry control command information of deciphering;
Step 10: the industry control command information of described deciphering is transferred to opc server by described encryption gateway.
A kind of industrial user's authentication the most as claimed in claim 1 and the method for encryption, it is characterised in that described electronics key
Spoon is managed collectively by certificate authority;And/or,
Described electron key also includes: the AES of Password Management office of country approval, user basic information, described user is basic
Information includes user name, unit, department, telephone number and email address.
A kind of industrial user's authentication the most as claimed in claim 1 and the method for encryption, it is characterised in that described step 9
In also include: the encryption gateway industry control command information memory filtration treatment to described deciphering.
A kind of industrial user's authentication the most as claimed in claim 1 and the method for encryption, it is characterised in that described first hard
Part condition code is the hardware characteristics code with unique user terminal apparatus bound.
A kind of industrial user's authentication the most as claimed in claim 1 and the method for encryption, it is characterised in that described certification takes
Business device includes OCSP certificate server and ldap authentication server.
A kind of industrial user's authentication the most as claimed in claim 1 and the method for encryption, it is characterised in that described densification network
Pass includes Industry Control firewall box.
7. industrial user's authentication and the system of encryption, it is characterised in that including: described in any one of claim 1-6
Client, certificate server, encryption gateway and opc server;
Described client includes: read module, authentication module, encrypting module, package module and transport module, described read module
For reading user certificate in electron key, the first hardware characteristics code information;Described authentication module is used for comparison the first hardware
Condition code and the second hardware characteristics code of subscriber terminal equipment;Described encrypting module is for being encrypted place to industry control command information
Reason, obtains the industry control command information of encryption;Described package module is for carrying out tunnel envelope to the industry control command information of described encryption
Dress processes, and obtains packet;Described transport module is for being transferred to encryption gateway by described packet;
Described certificate server is used for verifying user certificate legitimacy;
Described encryption gateway for carrying out described packet unpacking, decryption processing, obtain the industry control command information of deciphering;
Described opc server receives the industry control command information of described deciphering, and performs according to the industry control command information of described deciphering
Associative operation.
A kind of industrial user's authentication the most as claimed in claim 7 and the system of encryption, it is characterised in that described certification takes
Business device includes OCSP certificate server and ldap authentication server.
A kind of industrial user's authentication the most as claimed in claim 7 and the system of encryption, it is characterised in that described densification network
Pass includes Industry Control firewall box.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610647319.2A CN106100836B (en) | 2016-08-09 | 2016-08-09 | A kind of method and system of industrial user's authentication and encryption |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610647319.2A CN106100836B (en) | 2016-08-09 | 2016-08-09 | A kind of method and system of industrial user's authentication and encryption |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106100836A true CN106100836A (en) | 2016-11-09 |
CN106100836B CN106100836B (en) | 2019-02-12 |
Family
ID=57456014
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610647319.2A Active CN106100836B (en) | 2016-08-09 | 2016-08-09 | A kind of method and system of industrial user's authentication and encryption |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106100836B (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107508852A (en) * | 2017-07-07 | 2017-12-22 | 杰为软件系统(深圳)有限公司 | A kind of industrial control equipment identification and management system and method based on Internet of Things |
CN108076051A (en) * | 2017-11-16 | 2018-05-25 | 北京润信恒达科技有限公司 | A kind of internet of things equipment means of defence and device |
CN109214221A (en) * | 2018-08-23 | 2019-01-15 | 武汉普利商用机器有限公司 | A kind of identity card reader verification method, host computer and identity card reader |
CN110225038A (en) * | 2019-06-13 | 2019-09-10 | 江苏亨通工控安全研究院有限公司 | Method, apparatus and system for industrial information safety |
CN110502909A (en) * | 2019-08-06 | 2019-11-26 | 北京北信源软件股份有限公司 | A kind of file encrypting method and device, a kind of file decryption method and device |
CN111083134A (en) * | 2019-12-11 | 2020-04-28 | 哈尔滨安天科技集团股份有限公司 | Industrial control system communication encryption method and device, electronic equipment and storage medium |
CN112087511A (en) * | 2020-09-08 | 2020-12-15 | 国润创投(北京)科技有限公司 | Automation equipment information acquisition system based on industrial internet |
CN112731897A (en) * | 2021-04-06 | 2021-04-30 | 浙江中控技术股份有限公司 | Industrial control system communication method and system based on tunnel encryption and decryption |
WO2022083212A1 (en) * | 2020-10-23 | 2022-04-28 | 苏州浪潮智能科技有限公司 | Blockchain-based cloud platform authentication method, system and device and medium |
CN114500005A (en) * | 2022-01-05 | 2022-05-13 | 上海安几科技有限公司 | ModbusTcp instruction protection method, device, terminal and storage medium |
CN115022064A (en) * | 2022-06-15 | 2022-09-06 | 北京安盟信息技术股份有限公司 | Private work network encrypted access method and device |
CN116318876A (en) * | 2023-02-16 | 2023-06-23 | 江苏特视智能科技有限公司 | Special security gateway system for information board information release and operation method thereof |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101247391A (en) * | 2007-12-28 | 2008-08-20 | 上海电力学院 | OPC safety proxy system and proxy method thereof |
CN201266949Y (en) * | 2008-09-10 | 2009-07-01 | 北京科东电力控制系统有限责任公司 | System for implementing digital certificate identification verification and sensitive data encipher |
CN104268742A (en) * | 2014-10-20 | 2015-01-07 | 陕西万宇电子信息科技有限公司 | Official seal fake detection method and device based on network digital certificate and network lookup |
CN104460657A (en) * | 2014-11-14 | 2015-03-25 | 北京网御星云信息技术有限公司 | Method, device and system for achieving protection of mobile operation and maintenance of industrial control system |
CN105243314A (en) * | 2015-09-14 | 2016-01-13 | 成都金安卓创科技有限公司 | USB-key based security system and usage method therefor |
-
2016
- 2016-08-09 CN CN201610647319.2A patent/CN106100836B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101247391A (en) * | 2007-12-28 | 2008-08-20 | 上海电力学院 | OPC safety proxy system and proxy method thereof |
CN201266949Y (en) * | 2008-09-10 | 2009-07-01 | 北京科东电力控制系统有限责任公司 | System for implementing digital certificate identification verification and sensitive data encipher |
CN104268742A (en) * | 2014-10-20 | 2015-01-07 | 陕西万宇电子信息科技有限公司 | Official seal fake detection method and device based on network digital certificate and network lookup |
CN104460657A (en) * | 2014-11-14 | 2015-03-25 | 北京网御星云信息技术有限公司 | Method, device and system for achieving protection of mobile operation and maintenance of industrial control system |
CN105243314A (en) * | 2015-09-14 | 2016-01-13 | 成都金安卓创科技有限公司 | USB-key based security system and usage method therefor |
Cited By (17)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107508852A (en) * | 2017-07-07 | 2017-12-22 | 杰为软件系统(深圳)有限公司 | A kind of industrial control equipment identification and management system and method based on Internet of Things |
CN108076051A (en) * | 2017-11-16 | 2018-05-25 | 北京润信恒达科技有限公司 | A kind of internet of things equipment means of defence and device |
CN109214221B (en) * | 2018-08-23 | 2022-02-01 | 武汉普利商用机器有限公司 | Authentication method of identity card reader, upper computer and identity card reader |
CN109214221A (en) * | 2018-08-23 | 2019-01-15 | 武汉普利商用机器有限公司 | A kind of identity card reader verification method, host computer and identity card reader |
CN110225038A (en) * | 2019-06-13 | 2019-09-10 | 江苏亨通工控安全研究院有限公司 | Method, apparatus and system for industrial information safety |
CN110225038B (en) * | 2019-06-13 | 2022-05-17 | 江苏亨通工控安全研究院有限公司 | Method, device and system for industrial information security |
CN110502909A (en) * | 2019-08-06 | 2019-11-26 | 北京北信源软件股份有限公司 | A kind of file encrypting method and device, a kind of file decryption method and device |
CN111083134A (en) * | 2019-12-11 | 2020-04-28 | 哈尔滨安天科技集团股份有限公司 | Industrial control system communication encryption method and device, electronic equipment and storage medium |
CN112087511A (en) * | 2020-09-08 | 2020-12-15 | 国润创投(北京)科技有限公司 | Automation equipment information acquisition system based on industrial internet |
WO2022083212A1 (en) * | 2020-10-23 | 2022-04-28 | 苏州浪潮智能科技有限公司 | Blockchain-based cloud platform authentication method, system and device and medium |
US11882227B2 (en) | 2020-10-23 | 2024-01-23 | Inspur Suzhou Intelligent Technology Co., Ltd. | Blockchain-based cloud platform authentication method, system and device and medium |
CN112731897A (en) * | 2021-04-06 | 2021-04-30 | 浙江中控技术股份有限公司 | Industrial control system communication method and system based on tunnel encryption and decryption |
WO2022213535A1 (en) * | 2021-04-06 | 2022-10-13 | 浙江中控技术股份有限公司 | Industrial control system communication method and system based on tunnel encryption and decryption |
CN114500005A (en) * | 2022-01-05 | 2022-05-13 | 上海安几科技有限公司 | ModbusTcp instruction protection method, device, terminal and storage medium |
CN115022064A (en) * | 2022-06-15 | 2022-09-06 | 北京安盟信息技术股份有限公司 | Private work network encrypted access method and device |
CN116318876A (en) * | 2023-02-16 | 2023-06-23 | 江苏特视智能科技有限公司 | Special security gateway system for information board information release and operation method thereof |
CN116318876B (en) * | 2023-02-16 | 2023-09-12 | 江苏特视智能科技有限公司 | Special security gateway system for information board information release |
Also Published As
Publication number | Publication date |
---|---|
CN106100836B (en) | 2019-02-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106100836A (en) | A kind of industrial user's authentication and the method and system of encryption | |
CN108684041B (en) | System and method for login authentication | |
CN106357400B (en) | Establish the method and system in channel between TBOX terminal and TSP platform | |
CN111222155A (en) | Method and system for combining re-encryption and block link | |
US6981156B1 (en) | Method, server system and device for making safe a communication network | |
CN110535653A (en) | A kind of safe distribution terminal and its means of communication | |
CN105027493A (en) | Secure mobile app connection bus | |
CN112528250B (en) | System and method for realizing data privacy and digital identity through block chain | |
CN107105060A (en) | A kind of method for realizing electric automobile information security | |
US20170279807A1 (en) | Safe method to share data and control the access to these in the cloud | |
US6990582B2 (en) | Authentication method in an agent system | |
CN102111274A (en) | A platform and method for establishing provable identities while maintaining privacy | |
CN103248479A (en) | Cloud storage safety system, data protection method and data sharing method | |
CN106789024B (en) | A kind of remote de-locking method, device and system | |
CN109474613B (en) | Highway information issuing private network security reinforcement system based on identity authentication | |
CN104424446A (en) | Safety verification and transmission method and system | |
CN114039753B (en) | Access control method and device, storage medium and electronic equipment | |
Griffin | Telebiometric authentication objects | |
CN109948357A (en) | System for connecting medical block chain and Internet of things | |
JPH10224345A (en) | Cipher key authentication method for chip card and certificate | |
CN111787027A (en) | Safety protection system and method for traffic information release | |
CN110213039A (en) | A kind of management method, terminal and server | |
CN111327591A (en) | Data transmission method, system and storage medium based on block chain | |
US20060053288A1 (en) | Interface method and device for the on-line exchange of content data in a secure manner | |
WO2021170049A1 (en) | Method and apparatus for recording access behavior |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |