CN106211136A - Secure communication mechanism based on name in a kind of intelligent grid - Google Patents
Secure communication mechanism based on name in a kind of intelligent grid Download PDFInfo
- Publication number
- CN106211136A CN106211136A CN201610795483.8A CN201610795483A CN106211136A CN 106211136 A CN106211136 A CN 106211136A CN 201610795483 A CN201610795483 A CN 201610795483A CN 106211136 A CN106211136 A CN 106211136A
- Authority
- CN
- China
- Prior art keywords
- name
- ndo
- intelligent grid
- network
- communication mechanism
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W8/00—Network data management
- H04W8/18—Processing of user or subscriber data, e.g. subscribed services, user preferences or user profiles; Transfer of user or subscriber data
- H04W8/20—Transfer of user or subscriber data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Databases & Information Systems (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides secure communication mechanism based on name in a kind of intelligent grid, employing wireless network also has security service, it is applicable to the communication of non-ICP/IP protocol, name, route and the process of caching by ICN is transmitted from data link layer to the data representing layer, specifically include: step 1: after creating communication, it is intended that data object i.e. NDO issues NDO in source in network;Step 2: receptor is subscribed to according to NDO demand;Step 3: docking system builds coupling distribution platform;Step 4: docking system builds coupling and subscribes to platform;Step 5: name scope identifier SI of NDO and junction identifier RI generation one to forward identifier FI, this FI to be sent to NS by being used for;Step 6: transport NS by PSIRP according to FI, NDO.Invention enhances security performance and improve communication efficiency, it is adaptable to the data sharing in scattered large-scale intelligent grid.
Description
Technical field
The present invention relates to secure communication mechanism based on name in a kind of intelligent grid.
Background technology
Along with the fast development of the Internet, the network being currently based on ICP/IP protocol can not well adapt to develop need
Asking, the problem such as extensibility, mobility and safety needs to solve.It is no longer based on the network architecture of ICP/IP protocol, such as, believes
Breath central site network (ICN), has become as the trend of next generation network.Intelligent grid is as in a following electrical network architecture
Theory, is automatically controlling with under the support of the modern communication technology of wireless network etc., and it has high efficiency, reliability and safety
Property.IEC 61850 standard is widely used in substation communication network.It addition, it is sampling value (SV), general OO
The area protocol in IEC 61850 standard such as transformer substation case (GOOSE) is not based on TCP/IP framework.IEC
61850 standards are based on intelligent substation, and it uses wireless communication, greatly improve substation equipment interoperability and
Connecting property.But, along with increasing number and the open development of intelligent electronic device (IED) node, new efficiency, reliability
Raw, the most therewith with safety challenge.
IEC 61850 was proposed by IEC in nineteen ninety-five, and promulgated by IEC TC57 in 2004.Defined in IEC 61850
Level, method and the agreement of communication between IED.Additionally, transformer station also devises data object, form and configuration language.From
The transmission of the information obtained in feeder equipment and equipment is based on SAV, GOOSE and MMS communication agreement.Reflected by particular communication service
Penetrating (SCSM, Special Communication Service Mapping), message is sent to message queue and is abstracted communication
Service interface (ACSI, Abstract Communication Service Interface) service receives.ACSI does not relies on
Following system.Communications applications completes based on ACSI service.Some have turned out for the research work of transformer station's wireless network
The performance of the delay requirement that it specifies in IEC 61850 the 5th part.Wireless network takies the lowest installation cost, and
Enough data rates can be provided, dispatch freely in the intelligent grid of extensive distribution of content.
The current network architecture has been suggested and has worked many decades, and the development in multiple communication requirement at present is also deposited
In problem.In order to solve these problems, the appearance of ICN is the hope of Future network architectures.Information is ordered by ICN in Internet
Name, transmits information by the caching in network and multiplex broadcasting mechanism to user the most in time.ICN uses and orders based on information
The protocol stack architecture of name replaces traditional framework based on TCP/IP.The work when that signature only local being transported in IP address.With
Family sends request to network, and is likely to obtain the response from caching.In IP-based network, information security with
The safety of main frame is closely related.But, ICN provides the safeguard protection of Information itself and can reach higher fine granularity
Safety.As a fund project of EU FP7, Publish-subscribe the Internet route pattern (PSIRP) is an awfully hot door in ICN
Method.PSIRP project is implemented for development and verifies information centre based on the Publish-subscribe pattern network architecture, and this may
It is to solve one of the most promising method of a lot of challenges and problem in current network.Among these, topmost concept refers to
Given data object (NDO).
As shown in table 1, GOOSE and SV in IEC 61850 standard has formulated publish/subscribe traffic model.PSIRP be
The method of a publish/subscribe pattern set up in ICN, after client registers is subscribed to resource can with when can obtain
Notice.In the communications, this has the highest extensibility.GOOSE and SV relates only to physical layer and meets ICN based on name
The data link layer of design.ICN introduces may strengthen the security performance of communication based on IEC 61850 in intelligent grid.
The comparison of table 1 IEC 61850 and ICN
IEC 61850 standard is one of major criterion of the automation of transformation substations and hot line job system, it defines equipment
Semantic entity with device.A large amount of intelligent electronic devices (IED) all have electric substation automation system (SAS) and collect, monitor
With process electric power data.IEC 61850 carries out three grades of divisions to SAS, including process level, intermediate layer and substation level.IEC
Section communication agreement in 61850 standards is not based on ICP/IP protocol, the SV in such as process level network service and
GOOSE.For SAS, reliability and the safety of process level network are extremely important, because it is connection process layer and centre
The only network of layer.By master pattern, the independence of IEC 61850 standard support application, and achieve communication in SAS
The highly property provided.
Along with constantly developing and development of network attack, SAS is subjected to interoperability, systemic-function opening and wireless network
The security threat that network environment brings.It is reported, the accident caused due to the safety problem of IEC 61850 has had resulted in huge
Loss.Substation safety based on IEC 61850 standard depends on a specific position.The private information of power grid user has
May leak.Illegal node or malicious node may issue some illegal, information of mistake.It addition, traditional IEC
61850 networks efficiency data augmentation when is the lowest.The application of wireless network and the growth of IED node make IEC 61850 intelligence
The various attacks such as Dos can be can suffer from by electrical network.Meanwhile, real-time Communication for Power needs use SV and GOOSE.The strict time
Demand makes to be restricted the use of network attacks middle heavyweight security protocol.But, traditional in IEC 61850 standard
Safeguard protection is all based on ICP/IP protocol, and this can not process new efficiency, reliability and safety issue.When above
Process to unified SAS platform is mainly based upon what the network coverage proposed.The intrinsic inefficiencies of ICP/IP protocol process existing
Problematic particularly extensibility and the safety issue limit performance of system.
Summary of the invention
For defect of the prior art, it is an object of the invention to provide safety based on name in a kind of intelligent grid and lead to
Letter mechanism, this mechanism employing wireless network also has security service, go for being not based on the SV of ICP/IP protocol with
GOOSE communicates.This mechanism enhances security performance and improves communication efficiency, it is adaptable in scattered large-scale intelligent grid
Data sharing.For creating the wireless network with greater security between the wall of transformer station and process level, based on life
The communication construction of name, utilizes the high security of ICN.
For reaching above-mentioned purpose, the technical solution adopted in the present invention is as follows:
Secure communication mechanism based on name in a kind of intelligent grid, employing wireless network also has security service, is suitable for
In the communication of non-ICP/IP protocol, transmit by the name of ICN from data link layer to the data representing layer, route and be cached
Journey, specifically includes:
Step 1: after creating communication, it is intended that data object i.e. NDO issues NDO in source in network;
Step 2: receptor is subscribed to according to NDO demand;
Step 3: docking system builds coupling distribution platform;
Step 4: docking system builds coupling and subscribes to platform;
Step 5: name scope identifier SI of NDO and junction identifier RI to generate a forwarding identifier FI by being used for,
This FI is sent to NS;
Step 6: transport NS by PSIRP according to FI, NDO.
The name of described ICN has three schemes, level, self identity and property value divide.
In the nomenclature scheme of described self identity, one be its form be P:L, another is metadata, P and L represents
The cryptographic Hash of PKI and the respective content tab of the owner, digital signature is signed by the owner and contains in metadata
Complete PKI.
Described route is in the content of ICN transmits, and asynchronous issue and subscription set up basis for network, increase extra
Expense is to ensure the concordance of distributed data state, and the integrity of contents construction and correctness depend on the infrastructure of ICN.
Described caching is by the content caching that gets in network in ICN, and all of content supplier all can issue interior
Hold, and can be obtained by all of network node.
Desired NDO is named jointly by scope identifier SI and junction identifier RI, and these two identifiers are by the demand of subscribing to
Illustrating, these two identifiers are forwarded to the Program Generating one of a coupling again and forward identifier FI.
Described security service includes access control algorithm based on publish/subscribe, specifically includes content as follows:
Role, represents a group access authority, and the distribution with network node is the relation of one-to-many, and a node only can be awarded
Give a kind of executive role, but a role can distribute to multiple node;One node is if a publisher, then will be based on
Theme is awarded executive role, if it is subscriber, executive role will be awarded based on agency, and the publisher of different themes will
Different authorities is needed to process data and resource;
Operation, is the different instruction performing data source;
Authority, represents the license performing aforesaid operations in a shielded system and data source;
The relations of distribution of authority and executive role are multi-to-multis, and system can be that a role distributes multiple access right
Limit.The role of publisher is awarded and issues relevant authority, and subscriber is awarded and subscribes to relevant authority.
The communication of described non-ICP/IP protocol includes that SV with GOOSE communicates.
Compared with prior art, the present invention has a following beneficial effect:
Accompanying drawing explanation
By the detailed description non-limiting example made with reference to the following drawings of reading, the further feature of the present invention,
Purpose and advantage will become more apparent upon:
Fig. 1 is the secure communication framework based on name that the present invention proposes;
Fig. 2 is the Secure Communication Model that SV/GOOSE proposes;
Fig. 3 is communication construction based on name;
Fig. 4 is that the access based on publish/subscribe proposed controls;
Fig. 5 is time delay and the relation of number of nodes increase;
Fig. 6 is the relation of time delay and simulation time;
Fig. 7 is the comparison of delay performance;
Fig. 8 is the comparison of security performance.
Detailed description of the invention
Below in conjunction with specific embodiment, the present invention is described in detail.Following example will assist in the technology of this area
Personnel are further appreciated by the present invention, but limit the present invention the most in any form.It should be pointed out that, the ordinary skill to this area
For personnel, without departing from the inventive concept of the premise, it is also possible to make some changes and improvements.These broadly fall into the present invention
Protection domain.
Secure communication framework based on name in the intelligent grid that the present invention proposes, as it is shown in figure 1, in intelligent substation
There is the traffic model of interoperability and connecting property based on IEC 61850 agreement between IED, and use wireless network.Power transformation
The sensor device of system of standing is measured and recording voltage and the real time data of electric current, and in time data is transferred to PMU.PMU is
Integrate all unit from different sensors data.Then, PMU uses communication skill based on name by the network of process level
Art sends compression data to IED.IED just starts to process data after receiving data.By result, IED can obtain
Protection controls and tests the function of whole transformer substation system.It addition, IED can also communicate with remote equipment, the most remotely
Other equipment such as control centre, engineer station, man-machine interface.
The secure communication framework based on name that the present invention described in detail below proposes:
In transformer station, sensor obtains data in process level, and at wall to IED transmission sensing data.Additionally, not
Also it is to use communication construction based on name with the communication between IED.
Present invention communication construction based on name designs as shown in Figure 4.The format character standardization design of physical layer.From data
Link layer is to representing that the data transmission of layer is by naming, routeing and cache.After communication creates, NDO source is issued in network
NDO, as shown in step 1 in Fig. 3.In the 2nd step, receptor can be subscribed to according to NDO demand.In the 3rd and the 4th step,
Docking system builds the platform that coupling is issued and subscribed to.Desired NDO is total to by scope identifier (SI) and junction identifier (RI)
With name, the two identifier is by subscribing to the statement of requirements.Identifier is forwarded to Program Generating one forwarding of a coupling again
Identifier (FI).In the 5th step, FI is sent to NS.NS is transported by PSIRP according to FI, NDO.
NS (NDOs source) in Fig. 3 is NDO data source, is the data publisher in ICN network;Scope is docking
The matching domain of system;RN (Rendezvous Node) is aggregation node;PR (PSIRP Router) is distribution subscription interconnection path
By the router of pattern.
As for IP-based network, information security is closely related with the safety of main frame.On the contrary, ICN provides Information originally
The safeguard protection of body and obtain higher fine granularity safety.Communication construction based on name takes full advantage of the high safety of ICN
Property.
Name.Three nomenclature scheme of ICN are divided by level, self identity and property value.The nomenclature scheme of self identity
In, one be its form be P:L, another part is metadata.P and L represents the cryptographic Hash of PKI and the owner each
Content tab.Digital signature is signed by the owner and contains complete PKI in metadata.Design unique oneself body
Part certification name is highly useful to advanced security, and easily carries out integrity check.
Caching.The content caching got in network is in ICN.This is applicable to the content transmission under institute's protocols having, all
Content supplier all can issue content, and can be obtained by all of network node.
Route.In the content of ICN transmits, asynchronous issue and subscription are to set up basis for network.Increase extra opening
Sell to ensure the concordance of distributed data state.Additionally, the basis that the integrity of contents construction and correctness depend on ICN sets
Execute.
Fig. 2 is the Secure Communication Model that SV/GOOSE proposes.
Access control algorithm based on publish/subscribe proposed by the invention described in detail below:
In intelligent grid, the IEDs in transformer station controls and the capital equipment of protection process level.According to different functions,
IEDs needs different related datas.In communication construction based on name, there is multiple being able to and realize difference in functionality
Node type.Malicious node may cause information leakage or network attack, such as ddos attack.Therefore, control is accessed right
IEDs and node in architectures of communication networks based on name are all the most necessary.RBAC as a safety and have
The access control mechanisms of effect, " role " this concept has been widely used, and this makes distribution and management license the most many.This
The access control algorithm that invention proposes is design based on RBAC in secure communication framework based on name.
As a typical case, based on accessing the distribution subscription algorithm controlled as shown in Figure 4 in NS.Character representation one
Group access authority.Node is many-to-one relation with the distribution of role.One node only can be awarded a kind of executive role, so
And a role can distribute to multiple node.One node is if a publisher, then will be awarded based on theme and hold
Row role, if it is subscriber executive role will be awarded based on agency.The publisher of different themes will need different power
Limit processes data and resource.The meaning of operation is the different instruction performing data source, such as reads, writes, increases, deletes
Etc..Authority represents the license performing these operations in a shielded system and data source, such as issues and subscribes to.Power
The relations of distribution of limit and executive role are multi-to-multis.Therefore, system can be that a role distributes multiple access rights.Issue
The role of person is awarded and issues relevant authority, and subscriber is awarded and subscribes to relevant authority.
The present invention solves that being currently based on ICP/IP protocol can not adapt to growth requirement and in the wireless network very well
The problem being restricted the use of network attacks middle heavyweight security protocol, for SV and GOOSE, these are not based on TCP/
The communication of IP agreement, a kind of based on name the ICN security mechanism of proposition, it is possible to meet demand for security and can carry out efficiently
Communication.The security mechanism that the present invention proposes can meet demand for security and have good communication performance.
1. the design of the security mechanism that the present invention proposes can meet demand for security.
ICN meets integrity, confidentiality and non repudiation protocol.The use of lightweight encryption algorithm makes RBAC be capable of height
Effect accesses and meets certification, complete new, confidentiality and these demands for security of mandate while controlling.
In network based on TCP/IP, information security is closely related with main frame.But, ICN provides Information itself
Safeguard protection, reach higher fine granularity safety.The proposition of communication construction based on name takes full advantage of the high safety of ICN
Property.Except original safety measure designed in PSIRP, with the addition of RBAC and lightweight encryption algorithm ensures based on name
The safety of communication.In the security mechanism proposed, safety method is to design in the form of services, it addition, with safety bus with often
Advise functional service it is combined.
Supporting package level authentication (PLA) technology in PSIRP, this contributes to encryption and signature personal data bag, it is ensured that
The integrity of data, confidentiality and the accountability of malice publisher.FN neutralizes the packet in they destination addresses and can make
Verify with PLA.For immutable data object, self identity name can use the cryptographic Hash of object as meeting point flat
Flat name is allowed to.And, dynamic link identifier may be used for path code to Bloom filter, and this resists assailant's system
The Bloom filter made or login ddos attack.In addition, also having other safe design in PSIRP, RBAC makes distribution
The authority accessing control with management is more convenient.Lightweight encryption algorithm ensure that the safety of data exchange process, and it takies simultaneously
The lowest communication cost so that the communication in intelligent grid is efficient, safety.
2. the security mechanism that the present invention proposes has good communication performance.
GOOSE and SV is used for real-time Communication for Power, an important parameter during therefore time delay is exactly a communication performance.In order to
The performance of the communication mechanism that assessment proposes, lightweight encryption algorithm is emulated by we with NS2.In emulation experiment, two
Individual NS, one is client, and one is server.1000 numbers through lightweight encryption algorithm for encryption of server transmission per second
According to bag.The ID of user comprises in the packet.When client receives packet when, they solve with its ID and key
Ciphertext data bag.If the ID of decoding wants to mate with the ID of oneself, then receive this packet, otherwise abandon this packet.Not yet
The simulation result using AES is had to carry out the most under identical condition.Client can be without all packets of reception selected.
As it is shown in figure 5, represent the conversion using the average delay of lightweight encryption algorithm to increase along with number of nodes respectively
Curve, and do not use the average delay change curve of lightweight encryption algorithm.The result of Fig. 5 and Fig. 6 represents, at nodes
Under the increase of amount and simulation time, extra time delay reduces, and even arrive finally, and postponing a meeting or conference time extra becomes the lowest.Along with IEC
The development of 61850, in intelligent grid, the quantity of IED can increase, but, under this communication mechanism, a lot of network can't be increased
Time delay.What Fig. 7 represented is the fluctuation of time delay.Adding lightweight encryption algorithm and only can increase small time delay, meansigma methods is several
Also it is just as.Safe encryption mechanism of the present invention is little on the impact of network delay.It is therefore proposed that based on
The secure communication mechanism of name can promote security performance under network delay increases little cost.What Fig. 8 represented is to receive number
According to the comparison of bag, result shows that this algorithm has effect clearly in terms of safety.Forge and invalid information all can subtract
Few.
Above the specific embodiment of the present invention is described.It is to be appreciated that the invention is not limited in above-mentioned
Particular implementation, those skilled in the art can make a variety of changes within the scope of the claims or revise, this not shadow
Ring the flesh and blood of the present invention.In the case of not conflicting, the feature in embodiments herein and embodiment can any phase
Combination mutually.
Claims (8)
1. secure communication mechanism based on name in an intelligent grid, it is characterised in that this communication mechanism employing wireless network
And there is security service, it is adaptable to and the communication of non-ICP/IP protocol, pass through ICN from data link layer to the data transmission representing layer
Name, route and process of caching, specifically include:
Step 1: after creating communication, it is intended that data object i.e. NDO issues NDO in source in network;
Step 2: receptor is subscribed to according to NDO demand;
Step 3: docking system builds coupling distribution platform;
Step 4: docking system builds coupling and subscribes to platform;
Step 5: name scope identifier SI of NDO and junction identifier RI to generate forwarding an identifier FI, this FI by being used for
It is sent to NS;
Step 6: transport NS by PSIRP according to FI, NDO.
Secure communication mechanism based on name in intelligent grid the most according to claim 1, it is characterised in that described ICN
Name there are three schemes, level, self identity and property value divide.
Secure communication mechanism based on name in intelligent grid the most according to claim 2, it is characterised in that described oneself
In the nomenclature scheme of certification, one be its form be P:L, another is metadata, P and L represents the cryptographic Hash of PKI
Content tab respective with the owner, digital signature is signed by the owner and contains complete PKI in metadata.
Secure communication mechanism based on name in intelligent grid the most according to claim 1, it is characterised in that described route
Being in the content of ICN transmits, asynchronous issue and subscription set up basis for network, increase extra expense distributed to ensure
The concordance of data mode, the integrity of contents construction and correctness depend on the infrastructure of ICN.
Secure communication mechanism based on name in intelligent grid the most according to claim 1, it is characterised in that described caching
It is that all of content supplier all can issue content, and can be all of by the content caching that gets in network in ICN
Network node obtains.
Secure communication mechanism based on name in intelligent grid the most according to claim 1, it is characterised in that desired
NDO is named jointly by scope identifier SI and junction identifier RI, these two identifiers by subscribing to the statement of requirements, these two marks
Symbol is forwarded to the Program Generating one of a coupling again and forwards identifier FI.
Secure communication mechanism based on name in intelligent grid the most according to claim 1, it is characterised in that described safety
Service includes access control algorithm based on publish/subscribe, specifically includes content as follows:
Role, represents a group access authority, and the distribution with network node is the relation of one-to-many, and a node only can be awarded one
Plant executive role, but a role can distribute to multiple node;One node is if a publisher, then will be based on theme
Executive role being awarded, if it is subscriber, executive role will be awarded based on agency, the publisher of different themes will need
Different authorities processes data and resource;
Operation, is the different instruction performing data source;
Authority, represents the license performing aforesaid operations in a shielded system and data source;
The relations of distribution of authority and executive role are multi-to-multis, and system can be that a role distributes multiple access rights.Send out
The role of cloth person is awarded and issues relevant authority, and subscriber is awarded and subscribes to relevant authority.
Secure communication mechanism based on name in intelligent grid the most according to claim 1, it is characterised in that described non-
The communication of ICP/IP protocol includes that SV with GOOSE communicates.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610795483.8A CN106211136B (en) | 2016-08-31 | 2016-08-31 | Naming-based secure communication method in smart power grid |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610795483.8A CN106211136B (en) | 2016-08-31 | 2016-08-31 | Naming-based secure communication method in smart power grid |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106211136A true CN106211136A (en) | 2016-12-07 |
CN106211136B CN106211136B (en) | 2021-07-13 |
Family
ID=58086530
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610795483.8A Active CN106211136B (en) | 2016-08-31 | 2016-08-31 | Naming-based secure communication method in smart power grid |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106211136B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106790111A (en) * | 2016-12-26 | 2017-05-31 | 上海交通大学 | Intelligent grid threat propagation defence method based on software definition multicast |
CN110138773A (en) * | 2019-05-14 | 2019-08-16 | 北京天地和兴科技有限公司 | A kind of means of defence for goose attack |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104468515A (en) * | 2014-10-31 | 2015-03-25 | 东北大学秦皇岛分校 | Intelligent substation communication method and system based on information center network |
CN104904186A (en) * | 2013-01-07 | 2015-09-09 | 华为技术有限公司 | Contextualized information Bus |
US20160014027A1 (en) * | 2014-07-13 | 2016-01-14 | Cisco Technology, Inc. | Caching data in an information centric networking architecture |
US20160234110A1 (en) * | 2015-02-06 | 2016-08-11 | Palo Alto Research Center Incorporated | System and method for on-demand content exchange with adaptive naming in information-centric networks |
-
2016
- 2016-08-31 CN CN201610795483.8A patent/CN106211136B/en active Active
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104904186A (en) * | 2013-01-07 | 2015-09-09 | 华为技术有限公司 | Contextualized information Bus |
US20160014027A1 (en) * | 2014-07-13 | 2016-01-14 | Cisco Technology, Inc. | Caching data in an information centric networking architecture |
CN104468515A (en) * | 2014-10-31 | 2015-03-25 | 东北大学秦皇岛分校 | Intelligent substation communication method and system based on information center network |
US20160234110A1 (en) * | 2015-02-06 | 2016-08-11 | Palo Alto Research Center Incorporated | System and method for on-demand content exchange with adaptive naming in information-centric networks |
CN105872008A (en) * | 2015-02-06 | 2016-08-17 | 帕洛阿尔托研究中心公司 | System and method for on-demand content exchange with adaptive naming in information-centric networks |
Non-Patent Citations (1)
Title |
---|
李军等: "ICN 体系结构与技术研究", 《技术研究》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106790111A (en) * | 2016-12-26 | 2017-05-31 | 上海交通大学 | Intelligent grid threat propagation defence method based on software definition multicast |
CN106790111B (en) * | 2016-12-26 | 2020-07-28 | 上海交通大学 | Smart power grid threat propagation defense method based on software defined multicast |
CN110138773A (en) * | 2019-05-14 | 2019-08-16 | 北京天地和兴科技有限公司 | A kind of means of defence for goose attack |
CN110138773B (en) * | 2019-05-14 | 2022-01-11 | 北京天地和兴科技有限公司 | Protection method for goose attack |
Also Published As
Publication number | Publication date |
---|---|
CN106211136B (en) | 2021-07-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Zhou et al. | Design and implementation of open LoRa for IoT | |
Zhang et al. | Blockchain and federated deep reinforcement learning based secure cloud-edge-end collaboration in power IoT | |
Tao et al. | Multi-layer cloud architectural model and ontology-based security service framework for IoT-based smart homes | |
Saxena et al. | State of the art authentication, access control, and secure integration in smart grid | |
Zhang et al. | Application-aware secure multicast for power grid communications | |
CN103873461B (en) | Based on the safety interacting method of the GOOSE message of IEC62351 | |
Lázaro et al. | A Survey on Vulnerabilities and Countermeasures in the Communications of the Smart Grid | |
CN100483997C (en) | Actual IPv6 source address verification method based on autonomy system interconnecting relation | |
CN107426152B (en) | Multitask security isolation system and method under cloud platform actual situation Interconnection Environment | |
CN103312682B (en) | The method and system that gateway security accesses | |
Lee et al. | Role-based access control for substation automation systems using XACML | |
CN113079215B (en) | Block chain-based wireless security access method for power distribution Internet of things | |
Manimuthu et al. | Privacy and data security for grid‐connected home area network using Internet of Things | |
CN109586924A (en) | A kind of intelligent distribution network data safe transmission method based on cloud computing | |
CN114281790A (en) | Multi-type load resource aggregator access system and method | |
Hittini et al. | FDIPP: false data injection prevention protocol for smart Grid distribution systems | |
CN106211136A (en) | Secure communication mechanism based on name in a kind of intelligent grid | |
Lu et al. | ATMChain: Blockchain‐Based Security Framework for Cyber‐Physics System in Air Traffic Management | |
CN103679567B (en) | A kind of intelligent grid plug and play system and its implementation | |
CN110474922A (en) | A kind of communication means, PC system and access control router | |
Chen et al. | Modeling and verifying NDN‐based IoV using CSP | |
CN109150290A (en) | A kind of satellite lightweight data transmission protection and ground safety service system | |
Wei et al. | Application layer security proxy for smart Grid substation automation systems | |
Chen et al. | Cyber security for multi-station integrated smart energy stations: Architecture and solutions | |
CN206865472U (en) | Power equipment safety control system under internet based on digital signature |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |