CN106789318B - Network power supply safety management system - Google Patents
Network power supply safety management system Download PDFInfo
- Publication number
- CN106789318B CN106789318B CN201710001159.9A CN201710001159A CN106789318B CN 106789318 B CN106789318 B CN 106789318B CN 201710001159 A CN201710001159 A CN 201710001159A CN 106789318 B CN106789318 B CN 106789318B
- Authority
- CN
- China
- Prior art keywords
- zebra
- network power
- node
- management center
- power supply
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000006854 communication Effects 0.000 claims abstract description 65
- 238000004891 communication Methods 0.000 claims abstract description 64
- 230000005540 biological transmission Effects 0.000 claims abstract description 14
- 241000283070 Equus zebra Species 0.000 claims description 87
- 238000000034 method Methods 0.000 claims description 3
- 238000010586 diagram Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 4
- 238000011161 development Methods 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/02—Standardisation; Integration
- H04L41/0213—Standardised network management protocols, e.g. simple network management protocol [SNMP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/04—Network management architectures or arrangements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/04—Network management architectures or arrangements
- H04L41/042—Network management architectures or arrangements comprising distributed management centres cooperatively managing the network
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/18—Network architectures or network communication protocols for network security using different networks or channels, e.g. using out of band channels
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/302—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters involving the integer factorization problem, e.g. RSA or quadratic sieve [QS] schemes
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Remote Monitoring And Control Of Power-Distribution Networks (AREA)
Abstract
The invention relates to a network power supply safety management system which comprises a network power supply management center and one or more power supply distribution units in communication connection with the network power supply management center, wherein a first conventional communication channel is established between the network power supply management center and each power supply distribution unit, and a second safety communication channel is also established. According to the network power supply safety management system, a safety communication channel is additionally arranged between the management center and each power supply distribution unit, data can be sent through a conventional communication channel or a safety communication channel according to needs, the information double-channel transmission function of the intelligent power distribution system is realized, and the safety of the intelligent power distribution system is enhanced.
Description
Technical Field
The invention relates to an intelligent power distribution system, in particular to a network power supply safety management system.
Background
With the progress of computer technology and the rapid development of the internet, services or functions provided through the internet are increasing, and thus, data centers composed of a plurality of computers or servers are also rapidly increasing. In order to provide more services or functions on the internet, the number of computers or servers in the data center must be increased, and the problems of power supply, distribution and management of the data center also follow. In order to solve the problems of circuit supply, Distribution, management and the like of the data center, the data center distributes the electric Power required by each computer or server by using a Power Distribution unit (PDU for short), manages whether each Power Distribution unit supplies Power to the connected computer or server by using a remote network Power management center, and monitors the Power utilization condition of the computer or server on each Power Distribution unit, environmental parameters in a machine room and the like to form a network Power management system. The network power management system is the most important gateway for the safe and stable operation of the whole computer room, and if the network power management system is not stable enough and lacks enough safety protection function, expensive equipment can be damaged, and even the whole system is crashed. Therefore, security of the network power management system is of great concern.
Disclosure of Invention
The invention aims to solve the technical problem that the existing network power supply management system possibly faces network information security threat, and provides a network power supply security management system for realizing information security monitoring and protection of an intelligent power distribution system.
The technical scheme adopted by the invention for solving the technical problems is as follows: the network power supply safety management system comprises a network power supply management center and one or more power supply distribution units in communication connection with the network power supply management center, wherein a first conventional communication channel is established between the network power supply management center and each power supply distribution unit, and a second safety communication channel is also established at the same time.
According to one embodiment of the invention, the network power management center comprises an SNMP management module, each power distribution unit comprises an SNMP agent module, and the network power management center establishes the first conventional communication channel with the SNMP agent module of each power distribution unit through the SNMP management module.
According to an embodiment of the present invention, the network power management center further includes a first Zebra client module, each power distribution unit further includes a second Zebra client module, the system further includes a Zebra node, the network power management center is communicatively connected to the Zebra node through the first Zebra client module, and the Zebra node is further communicatively connected to the second Zebra client module of each power distribution unit, so as to establish the second secure communication channel between the network power management center and each power distribution unit.
According to one embodiment of the invention, the second secure communication channel adopts an RSA asymmetric encryption algorithm to realize dynamic encryption tunnel communication.
According to an embodiment of the present invention, the network power management center further includes a first Zebra client module, each power distribution unit further includes a second Zebra client module, the system further includes a Zebra node cloud formed by a plurality of Zebra nodes, the network power management center is in communication connection with the Zebra node cloud through the first Zebra client module, and the Zebra node cloud is further in communication connection with the second Zebra client module of each power distribution unit, so as to establish the second secure communication channel between the network power management center and each power distribution unit.
According to one embodiment of the invention, the second secure communication channel adopts an RSA asymmetric encryption algorithm to realize dynamic encryption tunnel communication.
According to an embodiment of the present invention, the second secure communication channel uses a multi-segment random transmission technique to transmit the encrypted information.
According to one embodiment of the invention, the system further comprises at least one handheld terminal, each handheld terminal comprises a third Zebra client module, and the handheld terminal is in communication connection with the Zebra node or the Zebra node point cloud through the third Zebra client module, is in communication connection with the network power management center through the Zebra node or the Zebra node point cloud, and is in communication connection with each power distribution unit through the Zebra node or the Zebra node point cloud.
According to one embodiment of the invention, dynamic encryption tunnel communication is realized between the handheld terminal and the network power management center and between the handheld terminal and each power distribution unit by adopting an RSA asymmetric encryption algorithm.
According to one embodiment of the invention, the transmission of the encrypted information between the handheld terminal and the network power management center and between the handheld terminal and each power distribution unit is performed by adopting a multi-slice random transmission technology.
According to the network power supply safety management system, a safety communication channel is additionally arranged between the management center and each power supply distribution unit, data can be sent through a conventional communication channel or a safety communication channel according to needs, the information double-channel transmission function of the intelligent power distribution system is realized, and the safety of the intelligent power distribution system is enhanced.
Drawings
The invention will be further described with reference to the accompanying drawings and examples, in which:
fig. 1 is a block diagram of a network power supply security management system according to a first embodiment of the present invention;
fig. 2 is a structural diagram of a network power supply security management system of a second embodiment of the present invention;
fig. 3 is a block diagram of a network power supply security management system according to a third embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Fig. 1 shows a block diagram of a network power security management system according to a first embodiment of the present invention. As shown in fig. 1, the network power security management system mainly includes a network power management center 110, one or more power distribution units 120-120 n, a Zebra node 130, and a handheld terminal 140. The one or more power distribution units 120-120 n are in communication connection with the network power management center 110 to achieve remote control and management. Specifically, the one or more power distribution units 120-120 n supply power to the electric equipment, and collect power supply related state parameters and environment related parameters and report the parameters to the network power management center 110; the network power management center 110 issues a control command to the one or more power distribution units 120-120 n as required to manage power supply to the electric devices. The handheld terminal 140 can be communicatively connected to the network power management center 110 and the one or more power distribution units 120-120 n to manage the one or more power distribution units 120-120 n after passing through the authentication of the network power management center 110.
Specifically, as shown in fig. 1, the network power management center 110 is provided with an SNMP management module 111, each power distribution unit 120 to 120n is provided with an SNMP agent module, and the network power management center 110 establishes a conventional communication channel based on SNMP with the SNMP agent module 121 of each power distribution unit 120 to 120n through the SNMP management module 111. The abbreviation SNMP, Simple Network Management Protocol (SNMP), is an abbreviation of SNMP, and the specific implementation of data communication based on SNMP Protocol is the prior art, and therefore, it is not described in detail herein. As further shown in fig. 1, the network power management center 110 is further provided with a first Zebra client module 112, each power distribution unit 120 to 120n is further provided with a second Zebra client module 122, the network power management center 110 is in communication connection with the Zebra node 130 through the first Zebra client module 112, and the Zebra node 130 is further in communication connection with the second Zebra client module 122 of each power distribution unit 120 to 120n, so as to establish a secure communication channel based on Zebra between the network power management center 110 and each power distribution unit 120 to 120 n. The Zebra is an existing open-source routing software package, and the implementation of routing communication based on Zebra is prior art, so detailed description is omitted here. Aiming at a secure communication channel based on Zebra between the network power management center 110 and each power distribution unit 120-120 n, the invention also adopts an RSA asymmetric encryption algorithm to realize dynamic encryption tunnel communication, and a public and private key pair of the communication channel for encryption and decryption is periodically replaced by the system, so that the encryption transmission tunnel is dynamically changed, and the reliability and the security of data transmission in the secure communication channel are ensured.
As further shown in fig. 1, the handheld terminal 140 is located in a local area network of the network power supply security management system, and a third Zebra client module 141 is provided on the handheld terminal 140. The handheld terminal 140 is communicatively connected to the Zebra node 130 through the third Zebra client module 141, so as to be communicatively connected to the network power management center 110 through the Zebra node 130, and is communicatively connected to each of the power distribution units 120-120 n through the Zebra node 130. Similarly, an RSA asymmetric encryption algorithm can be used between the handheld terminal 140 and the network power management center 110 and between the handheld terminal 140 and each of the power distribution units 120-120 n to implement dynamic encryption tunnel communication, so as to ensure the reliability and security of the handheld terminal 140 to the management of the power distribution units 120-120 n. Specifically, the handheld terminal 140 establishes an encrypted communication connection with the network power management center 110, so that the network power management center 110 verifies the identity of the handheld terminal 140, and then issues the device information of the power distribution units 120 to 120n managed by the network power management center 110 to the handheld terminal 140, so that the handheld terminal 140 can issue a control instruction for each power distribution unit 120 to 120 n. There are two implementation ways for issuing the control command. The handheld terminal 140 can directly control each of the power distribution units 120-120 n. Or, the handheld terminal 140 sends the control instruction to the network power management center 110, and the network power management center 110 forwards the control instruction to the power distribution units 120 to 120n, so that the network power management center 110 can manage and control the instruction of the handheld terminal 140.
Fig. 2 is a block diagram showing a network power security management system according to a second embodiment of the present invention. The network power security management system shown in fig. 2 is substantially the same as the system of the first embodiment shown in fig. 1, except that in the system shown in fig. 2, a secure communication channel between the network power management center 110 and each of the power distribution units 120 to 120n is routed through a Zebra node cloud 150 composed of a plurality of Zebra nodes 130, that is, the network power management center 110 is communicatively connected to the Zebra node cloud 150 through a first Zebra client module 112, and the Zebra node cloud 150 is further communicatively connected to a second Zebra client module 122 of each of the power distribution units 120 to 120 n. Therefore, the network power management center 110 issues the management information to the Zebra node cloud 150, and then forwards the management information to the second Zebra client module 122 of the destination power distribution unit 120-120 n through the plurality of Zebra nodes 130 by random routing. Similarly, the power distribution units 120-120 n report the parameter information to the Zebra node cloud 150 through the second Zebra client module 122, and then forward to the network power management center 110 through the plurality of Zebra nodes 130 by random routing. In the embodiment shown in FIG. 2, the secure communication channel between the network power management center 110 and each of the power distribution units 120-120 n can also use RSA asymmetric encryption algorithm to realize dynamic encryption tunnel communication. In addition, the information transmission between the network power management center 110 and each power distribution unit 120-120 n through the secure communication channel may also adopt a multi-segment random transmission technology, the encrypted information is divided into a plurality of segments and sent to the Zebra node cloud 150, then each data segment reaches a final Zebra node after being randomly routed through different Zebra nodes 130 in the Zebra node cloud 150, and then the data segments are combined into complete data to be forwarded to a destination.
As further shown in fig. 2, the handheld terminal 140 is located within the local area network of the network power security management system. The communication connections between the handheld terminal 140 and the network power management center 110 and between each of the power distribution units 120-120 n are also routed through a Zebra node cloud 150 comprised of a plurality of Zebar nodes 130. Similarly, an RSA asymmetric encryption algorithm can be used between the handheld terminal 140 and the network power management center 110 and between the handheld terminal 140 and each of the power distribution units 120-120 n to implement dynamic encryption tunnel communication, so as to ensure the reliability and security of the handheld terminal 140 to the management of the power distribution units 120-120 n. In addition, the encrypted communication between the handheld terminal 140 and the network power management center 110 and between the handheld terminal and each of the power distribution units 120 to 120n may also use a multi-segment random transmission technology, the encrypted information is divided into a plurality of segments and sent to the Zebra node cloud 150, then each data segment reaches the final Zebra node after being randomly routed through different Zebra nodes 130 in the Zebra node cloud 150, and then the data segments are combined into complete data to be forwarded to the destination.
Fig. 3 shows a block diagram of a network power security management system according to a third embodiment of the present invention. The network power security management system shown in fig. 3 is substantially the same as the system of the second embodiment shown in fig. 2, except that in the system shown in fig. 3, the handheld terminal 140 is located in an external network outside the local area network of the network power security management system. As such, the Zebra nodal point cloud 160 needs to be deployed in the extranet, and the Zebra nodal point cloud 160 of the extranet is communicatively connected to the Zebra nodal point cloud 150 of the intranet. In this way, the handheld terminal 140 is in communication connection with the Zebra node cloud 160 of the external network through the third Zebra client module 141, and further communicates with the Zebra node cloud 150 of the internal network through the Zebra node cloud 160, so as to establish secure communication connection with the network power management center 110 and with each power distribution unit 120-120 n. For a specific communication process, refer to the foregoing description of the second embodiment shown in fig. 2.
The above description is only for the purpose of illustrating the preferred embodiments of the present invention and is not to be construed as limiting the invention, and any modifications, equivalents and improvements made within the spirit and principle of the present invention are intended to be included within the scope of the present invention.
Claims (6)
1. A network power security management system, comprising a network power management center and one or more power distribution units communicatively coupled to the network power management center, wherein:
the network power supply management center comprises a Simple Network Management Protocol (SNMP) management module, each power supply distribution unit comprises a SNMP agent module, and the network power supply management center establishes a first conventional communication channel based on the SNMP with the SNMP agent module of each power supply distribution unit through the SNMP management module;
the network power management center further comprises a first Zebra client module for realizing routing communication based on open source routing software Zebra, each power distribution unit further comprises a second Zebra client module for realizing routing communication based on open source routing software Zebra, the system further comprises a Zebra node point cloud formed by a Zebra node or a plurality of Zebra nodes for realizing routing communication based on open source routing software Zebra, the network power management center is in communication connection with the Zebra node or the Zebra node point cloud through the first Zebra client module, and the Zebra node or the Zebra node point cloud is further in communication connection with the second Zebra client module of each power distribution unit so as to establish a second secure communication channel based on open source routing software Zebra between the network power management center and each power distribution unit.
2. The network power security management system of claim 1 wherein the second secure communication channel implements dynamic encrypted tunnel communications using an RSA asymmetric encryption algorithm.
3. The system according to claim 2, wherein when a second secure communication channel is established between the network power management center and each power distribution unit through the Zebra node cloud, the second secure communication channel performs encrypted information transmission by using a multi-slice random transmission method.
4. The network power supply security management system of claim 1, further comprising at least one handheld terminal, wherein each handheld terminal comprises a third Zebra client module for implementing routing communication based on open source routing software Zebra, and the handheld terminal is in communication connection with the Zebra node or the Zebra node cloud through the third Zebra client module, is in communication connection with the network power supply management center through the Zebra node or the Zebra node cloud, and is in communication connection with each power supply distribution unit through the Zebra node or the Zebra node cloud.
5. The network power security management system of claim 4, wherein dynamic encryption tunnel communication is implemented between the handheld terminal and the network power management center and between the handheld terminal and each power distribution unit by using an RSA asymmetric encryption algorithm.
6. The network power security management system of claim 5, wherein the transmission of the encrypted information between the handheld terminal and the network power management center and between the handheld terminal and each power distribution unit is performed by a multi-slice random transmission method.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710001159.9A CN106789318B (en) | 2017-01-03 | 2017-01-03 | Network power supply safety management system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201710001159.9A CN106789318B (en) | 2017-01-03 | 2017-01-03 | Network power supply safety management system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106789318A CN106789318A (en) | 2017-05-31 |
| CN106789318B true CN106789318B (en) | 2020-05-01 |
Family
ID=58952983
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201710001159.9A Active CN106789318B (en) | 2017-01-03 | 2017-01-03 | Network power supply safety management system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106789318B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113190392B (en) * | 2021-05-14 | 2023-08-01 | 宁畅信息产业(北京)有限公司 | Stability testing method and device for power module, controller and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101030967A (en) * | 2006-03-01 | 2007-09-05 | 中兴通讯股份有限公司 | Method for inspecting and maintaining network controlling channel accessibility |
| CN102638354A (en) * | 2011-02-11 | 2012-08-15 | 硕天科技股份有限公司 | Grouping remote power distribution and control system and method |
| CN103457777A (en) * | 2013-09-05 | 2013-12-18 | 华为技术有限公司 | Power-supply distribution unit disaster tolerance method, managers and system |
-
2017
- 2017-01-03 CN CN201710001159.9A patent/CN106789318B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101030967A (en) * | 2006-03-01 | 2007-09-05 | 中兴通讯股份有限公司 | Method for inspecting and maintaining network controlling channel accessibility |
| CN102638354A (en) * | 2011-02-11 | 2012-08-15 | 硕天科技股份有限公司 | Grouping remote power distribution and control system and method |
| CN103457777A (en) * | 2013-09-05 | 2013-12-18 | 华为技术有限公司 | Power-supply distribution unit disaster tolerance method, managers and system |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106789318A (en) | 2017-05-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN107018134B (en) | Power distribution terminal safety access platform and implementation method thereof | |
| Breiling et al. | Secure communication for the robot operating system | |
| CN104780069B (en) | A kind of key-course towards SDN and data Layer communication port self-configuration method and its system | |
| CN110289952B (en) | Quantum data link security terminal and security communication network | |
| CN110943913A (en) | Industrial safety isolation gateway | |
| CN102761494B (en) | A kind of ike negotiation processing method and device | |
| CN111526061B (en) | Monitoring flow scheduling system and method for network target range actual combat drilling scene | |
| Li et al. | A fast and scalable authentication scheme in IOT for smart living | |
| Lam et al. | Securing SDN southbound and data plane communication with IBC | |
| CN110808834B (en) | Quantum key distribution method and quantum key distribution system | |
| CN113726795B (en) | Message forwarding method and device, electronic equipment and readable storage medium | |
| Park et al. | Inter-authentication and session key sharing procedure for secure M2M/IoT environment | |
| CN111988323A (en) | IPSec tunnel establishment method, IPSec tunnel establishment device, network system and electronic equipment | |
| CN107493294B (en) | Safe access and management control method of OCF (optical clock and frequency conversion) equipment based on asymmetric encryption algorithm | |
| CN211352206U (en) | IPSec VPN cryptographic machine based on quantum key distribution | |
| CN103888940A (en) | Multi-level encryption and authentication type WIA-PA network handheld device communication method | |
| CN102710638A (en) | Device and method for isolating data by adopting non-network manner | |
| CN106789318B (en) | Network power supply safety management system | |
| CN100376092C (en) | Firewall and invasion detecting system linkage method | |
| CN110417706B (en) | Switch-based secure communication method | |
| CN106571937A (en) | Router, mobile terminal and alarm information sending and reception method | |
| CN104917750A (en) | SDN-faced control layer and data layer communication channel self-configuration method and system thereof | |
| KR20220036141A (en) | Security device and method for power control system | |
| CN113115306B (en) | Encryption method, system and storage medium for enhancing LoraWan network architecture security | |
| CN218301408U (en) | Encrypt management type serial port server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| CP03 | Change of name, title or address |
Address after: Building A2, No. 39 East Hechang 6th Road, Zhongkai High tech Zone, Huizhou City, Guangdong Province, 516000 A3 Patentee after: Huizhou Keliwo Electronics Co.,Ltd. Country or region after: China Address before: Sunshine City Gardens Futian District No. 6017 Shennan Road Shenzhen city Guangdong province 518048 3 25D Patentee before: SHENZHEN CLEVER ELECTRONIC Co.,Ltd. Country or region before: China |