CN106778323B - A kind of safety key of configurable control integration platform - Google Patents
A kind of safety key of configurable control integration platform Download PDFInfo
- Publication number
- CN106778323B CN106778323B CN201611038427.6A CN201611038427A CN106778323B CN 106778323 B CN106778323 B CN 106778323B CN 201611038427 A CN201611038427 A CN 201611038427A CN 106778323 B CN106778323 B CN 106778323B
- Authority
- CN
- China
- Prior art keywords
- key
- user
- safety
- integration platform
- control integration
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2141—Access rights, e.g. capability lists, access control lists, access tables, access matrices
Abstract
The invention discloses a kind of safety key of configurable control integration platform, setting is flexible, easy to use.The safety key of this configurable control integration platform, including fixed key and dynamic key;Fixed key is quantitatively unlimited, and key is associated with when unit is created, and designated user unit one belongs to has the key of the unit thereby using family when creating user, and user possesses fixed key always after logining successfully;The quantity of dynamic key is fixed, is applied by user, and user uses after applying successfully.
Description
Technical field
Technical field more particularly to a kind of configurable control integration the present invention relates to configurable control integration platform
The safety key of platform is mainly used for the safe space construction system of configurable control integration platform.
Background technology
Configuration software, one kind of upper computer software.Configuration software<=upper computer software.Also known as configuration monitoring software systems
Software.English SCADA is translated from, i.e. (data acquire and monitoring by Supervisory Control and Data Acquisition
Control).It refers to the special-purpose software of the acquisition of some data and process control.They are in automatic control system supervisory layers level-one
Software platform and development environment, the configuration mode of using flexible provide the monitoring of rapid build industrial automation control system to the user
The software tool of function, general level.The application field of configuration software is very wide, can be applied to electric system, water supply system,
The numerous areas such as the data acquisition in the fields such as oil, chemical industry and monitoring control and process control.In electric system and electrically
Change and telecontrol system (RTU System, Remote Terminal Unit) is also known as on railway.
Configuration software is a concept sanctified by usage at home, and there is no specific definition, it can be understood as " configuration
Formula monitoring software "." configuration (Configure) " is meant that the meanings such as " configuration ", " setting ", " setting ", refers to that user passes through
Oneself required software function is completed similar to the plain mode of " playing with building blocks ", without writing computer program, also
It is so-called " configuration ".It is sometimes referred to as " secondary development ", and configuration software can be described as " configurable control integration platform ".
" monitoring (Supervisory Control) ", i.e. " monitoring and control ", refer to through Computer signal to automation equipment or mistake
Cheng Jinhang monitoring, control and management.
In use, the access right of general component is previously set, engineering create after user be when in use cannot
It sets, change, deleting, this leads to configurable control integration platform, and security setting is very inconvenient when in use, flexibility
Difference.
To solve the above-mentioned problems, applicant proposed a kind of safe space construction sides of configurable control integration platform
Method and system.Wherein the permission and rank of component are configured by lock, key has been arranged in correspondence with lock.But not
Have and the structure of key and use are described in detail.And in general sense, it opens different locks with different keys, the number of such key
Just needs are consistent with the quantity of lock, therefore the structure of key is fixed for amount, and user is very inconvenient when in use.
Invention content
The defects of to overcome the prior art, the technical problem to be solved in the present invention is to provide a kind of configurable control with management
Change the safety key of platform, setting is flexible, easy to use.
The technical scheme is that:The safety key of this configurable control integration platform, including fixed key
With dynamic key;Fixed key is quantitatively unlimited, and key is associated with when unit is created, and use is specified when creating user
Family unit one belongs to has the key of the unit thereby using family, and user possesses fixed key always after logining successfully;Dynamic key
The quantity of spoon is fixed, is applied by user, user uses after applying successfully.
The present invention is by the fixed key of setting and dynamic key, wherein fixed key is quantitatively unlimited, it is single creating
Key is associated with when position, designated user unit one belongs to has the key of the unit, user thereby using family when creating user
Possess fixed key always after logining successfully;The quantity of dynamic key is fixed, is applied by user, after user applies successfully
It uses, so as to make the setting of safety key flexible, easy to use.
Description of the drawings
Fig. 1 show the structure figure of the safety key of configurable control integration platform according to the present invention.
Fig. 2 show the schematic diagram of the safety key of configurable control integration platform according to the present invention.
Specific embodiment
As shown in Figure 1, the safety key of this configurable control integration platform, including fixed key and dynamic key
Spoon;Fixed key is quantitatively unlimited, and key is associated with when unit is created, single where designated user when creating user
Position has the key of the unit thereby using family, and user possesses fixed key always after logining successfully;The quantity of dynamic key
It is fixed, is applied by user, user uses after applying successfully.
The present invention is by the fixed key of setting and dynamic key, wherein fixed key is quantitatively unlimited, it is to define
Time-division provisioned user, what user possessed always after logining successfully;The quantity of dynamic key is fixed, is applied by user,
User uses after applying successfully, until being recovered in the system, so as to make the setting of safety key flexible, easy to use.
Further, comprising a variety of operating rights in the safety key, the operating right is browses, creates, deleting
It removes, change business object.
Further, the safety key is allocation unit and user, and user is come access period by safety key
Hope the content accessed.
Further, level model is illustrated in figure 2 as in the case of positive sequence, the system manager distributes for unit
Several (being n shown in figure) a safety keys, user's sub-distribution again from the safety key of unit.
Further, the safety key is place of safety, time, operation, the combination of rank, and the wherein time is for industry
The description of the access rights of business object.For example the time is configured to 2016, as soon as this 2016 is a range, it is complete also to represent 2016
Year, then the people for taking this key can only see the planning of this time range in 2016, in real time and the business datums such as history.Such as
Shown in Fig. 2, a key corresponds to a place of safety, n permission, 1 rank.
Further, the dynamic key has using time-out time, and user is successfully assigned with after dynamic key
Have corresponding permission, at this moment start timing, waited until using the dynamic key that the user is recycled after time-out time.
In addition, dynamic key is specified quantity in instantiation.
It is static on earth or dynamic that type can be defined when key model is created, when creating key object, such as
Fruit is that dynamic needs to configure key quantity and time-out time.If the two attribute configurations of static key are invalid.
In addition, the fixed key uses in development mode and operational mode.
Development mode refers to our system modellings and case history stage, first modeling in model library, imports model
It is instantiated in engineering library, the process instantiated really is only the digital factory modeling said in industry, that is a work
It is that the equipment of factory is corresponding in computer for which data object, this is all the work of development mode, in the work of system Construction
Hold.
Operational mode refers to after data object disposition comes into force, final to be visited using our system using the people of software systems
It asks the data generated in real time of this equipment, accesses the historical data of its storage of system help, this refers to operational mode, system
Action after putting into operation.
As soon as can have dynamic key and static key in the unit where user, user has this unit naturally
The permission of lower key.Configuration modeling or case history system can be according to the keys of user to determine whether having under development mode
Relevant permission, if no permission user cannot access and operate the business object (industry here in corresponding place of safety
Business object is the semantic description of model and object);The judgement permission of static key is the same under operational mode, for limiting
User accesses and operates the business object (business object here is the operation data of object) under corresponding place of safety, if fortune
The place of safety business object that user accesses under row pattern is related to the use of dynamic key, that is to say, that system judges active user
The place of safety to be accessed will use dynamic key (because dynamic has place of safety information on the key), and client can initiate dynamic key
Application, system will decide whether distribute to the client according to current dynamic key occupancy situation.
In addition, the dynamic key is used in operational mode, the dynamic key is not used in development mode.
From the reality of demand, so complexity that just development mode is not done, if dynamic key is also supported in exploitation
Also to apply for that key just has a hello prolixity when editing an object.It can take into account the problem of more people edit simultaneously in system mechanism,
Namely if two people have editing authority, first man another person when editor cannot edit.But
Under running environment, practical business has many unknown, does not force client that must use dynamic key, if need can be by user
Dynamic key is configured during configuration modeling to use to operation user.
If dynamic key has been used in the access of some systems (during Scenario Design), then will log in Open Scene in user
Or load when some model calculates and go to apply for this dynamic key, if dynamic key resource has been occupied full, the user
The scene that dynamic key permission is needed to access will not be had permission to access or carry out corresponding operating.
In addition, the safety key can include one or more skeleton keys, by skeleton key come in access platform
Full content.This skeleton key is usually grasped by system manager, is responsible for distributing to the user in unit or unit by him.
Skeleton key is that configuration (configuration) comes out, if omnipotent to be determined by its corresponding operating right, key transfer state and static state, key
The title of spoon can be arbitrarily named, and each key should be also permission difference, so should be ripe by the industry of image
The safe term known goes to define key, different people is allowed to have different platform powers, exploitation is lower, and we are only limited using static
Key, operation can use static and dynamic key, dynamic key be because it is considered that in actual motion some situations
Some data are normally not allow to access, even if it is also to have what number limited to access, must apply moving before access or operation
State key.How this dynamic key to be used to depend on customer service demand as user.
The above is only presently preferred embodiments of the present invention, not makees limitation in any form to the present invention, it is every according to
According to any simple modification, equivalent change and modification that the technical spirit of the present invention makees above example, still belong to the present invention
The protection domain of technical solution.
Claims (9)
1. a kind of safety key of configurable control integration platform, it is characterised in that:Key is associated with when unit is created
Spoon, designated user unit one belongs to has the key of the unit thereby using family when creating user, including fixed key and dynamic
Key;Fixed key is quantitatively unlimited, and user possesses fixed key always after logining successfully;The quantity of dynamic key is
It is fixed, applied by user, user uses after applying successfully.
2. the safety key of configurable control integration platform according to claim 1, it is characterised in that:The security key
Comprising a variety of operating rights in spoon, the operating right is browsing, creates, deletes, modification business object.
3. the safety key of configurable control integration platform according to claim 2, it is characterised in that:The security key
Spoon is allocated to unit and user's, and user is to access the content for it is expected to access by safety key.
4. the safety key of configurable control integration platform according to claim 3, it is characterised in that:The unit is led to
It crosses system manager and distributes several safety keys, user's sub-distribution again from the safety key of unit for it.
5. the safety key of configurable control integration platform according to claim 4, it is characterised in that:The security key
Spoon is place of safety, time, operation, the combination of rank, and the wherein time is the description for the access rights of business object.
6. the safety key of configurable control integration platform according to claim 5, it is characterised in that:The dynamic key
Spoon utensil has using time-out time, and user has corresponding permission after being successfully assigned with dynamic key, at this moment starts timing, etc.
To the dynamic key that time-out time is used to recycle the user later.
7. according to the safety key of the configurable control integration platform of claim 1-6 any one of them, it is characterised in that:It is dynamic
State key is specified quantity in instantiation.
8. according to the safety key of the configurable control integration platform of claim 1-6 any one of them, it is characterised in that:Institute
Fixed key is stated to use in development mode and operational mode.
9. according to the safety key of the configurable control integration platform of claim 1-6 any one of them, it is characterised in that:Institute
Stating dynamic key is used in operational mode, and the dynamic key is not used in development mode.
Applications Claiming Priority (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610924268 | 2016-10-24 | ||
| CN2016109242683 | 2016-10-24 |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106778323A CN106778323A (en) | 2017-05-31 |
| CN106778323B true CN106778323B (en) | 2018-06-26 |
Family
ID=58974346
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611038427.6A Active CN106778323B (en) | 2016-10-24 | 2016-11-11 | A kind of safety key of configurable control integration platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106778323B (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101414253A (en) * | 2007-10-17 | 2009-04-22 | 华为技术有限公司 | Method and system for managing authority |
| CN101587439A (en) * | 2009-06-24 | 2009-11-25 | 用友软件股份有限公司 | Service system, authority system and data authority control method for service system |
| CN104821897A (en) * | 2015-04-29 | 2015-08-05 | 国网上海市电力公司 | Authority management system used for transformer substation digital platform and application thereof |
| CN105335669A (en) * | 2015-11-24 | 2016-02-17 | 南京大全自动化科技有限公司 | Permission configuration method and system used for photovoltaic monitoring system |
Family Cites Families (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102299933B (en) * | 2010-06-22 | 2015-07-01 | 中国国电集团公司 | Engineering configuration management method and system for distributed control system (DCS) |
| CN101872399B (en) * | 2010-07-01 | 2012-08-22 | 武汉理工大学 | Dynamic digital copyright protection method based on dual identity authentication |
| CN103605705A (en) * | 2013-11-11 | 2014-02-26 | 国家电网公司 | SCD (substation configuration description) file management system |
-
2016
- 2016-11-11 CN CN201611038427.6A patent/CN106778323B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101414253A (en) * | 2007-10-17 | 2009-04-22 | 华为技术有限公司 | Method and system for managing authority |
| CN101587439A (en) * | 2009-06-24 | 2009-11-25 | 用友软件股份有限公司 | Service system, authority system and data authority control method for service system |
| CN104821897A (en) * | 2015-04-29 | 2015-08-05 | 国网上海市电力公司 | Authority management system used for transformer substation digital platform and application thereof |
| CN105335669A (en) * | 2015-11-24 | 2016-02-17 | 南京大全自动化科技有限公司 | Permission configuration method and system used for photovoltaic monitoring system |
Non-Patent Citations (2)
| Title |
|---|
| 用于工业过程控制的一种新工具—组态软件;李丹等;《计算机技术与自动化》;19950930;第14卷(第3期);第5-7页 * |
| 组态软件的现状与发展;欧金成等;《工业控制计算机》;20021230;第15卷(第4期);第1-5页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106778323A (en) | 2017-05-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103268438B (en) | Based on Android right management method and the system of call chain | |
| CN106330575A (en) | Safety service platform and safety service deployment method | |
| CN104537488A (en) | Enterprise-level information system function authority unified management method | |
| CN105765901B (en) | Intelligent firewall access rule | |
| CN109478055A (en) | Using intelligent node for monitoring industrial process in general, intelligence system | |
| CN107706889A (en) | Based on the online O&M method and system of secondary equipment of intelligent converting station intelligently compared | |
| CN103500304A (en) | Virtual machine personalized security monitoring system and method based on Xen | |
| DE102022114256A1 (en) | SYSTEMS AND METHODS FOR DYNAMICALLY MAINTAINED REDUNDANCY AND LOAD BALANCING IN SOFTWARE-DEFINED CONTROL SYSTEMS FOR INDUSTRIAL PROCESS PLANTS | |
| CA2546163A1 (en) | Attribute-based allocation of resources to security domains | |
| Jiang et al. | Further criterion for stochastic stability analysis of semi‐Markovian jump linear systems | |
| CN103530538A (en) | XML safety view querying method based on Schema | |
| CN106997440A (en) | A kind of role access control method | |
| DE102022114306A1 (en) | I/O SERVER SERVICES CONFIGURED TO FACILITATE CONTROL IN A PROCESS CONTROL ENVIRONMENT THROUGH CONTAINERIZED CONTROL SERVICES | |
| CN104361098A (en) | Method applied to customization of nodes in topological graph of cloud system | |
| CN106778323B (en) | A kind of safety key of configurable control integration platform | |
| CN105141589B (en) | A kind of token of more examples shares the method and system with safeguarding | |
| Popescu | Topological imagination, digital determinism and the mobile border paradigm | |
| CN110555600B (en) | Method, device, equipment and storage medium for preventing forbidden components in modular BOM from being misused | |
| CN104732449B (en) | A kind of information system method of operation method for establishing model | |
| CN106709354B (en) | A kind of the safe space building method and system of configurable control integration platform | |
| Luo | Research on communication technology of ship integrated monitoring system based on opc | |
| CN103279510A (en) | Method for discontinuously synchronizing multiple data bases in online mode | |
| CN103914283A (en) | Dynamic business object construction method and system | |
| CN101163094B (en) | Method of implementing inter-task sharing data | |
| CN114064578A (en) | Multi-dimensional data interaction marking method, storage medium and electronic equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |