CN108966216B - Mobile communication method and system applied to power distribution network - Google Patents
Mobile communication method and system applied to power distribution network Download PDFInfo
- Publication number
- CN108966216B CN108966216B CN201810990771.8A CN201810990771A CN108966216B CN 108966216 B CN108966216 B CN 108966216B CN 201810990771 A CN201810990771 A CN 201810990771A CN 108966216 B CN108966216 B CN 108966216B
- Authority
- CN
- China
- Prior art keywords
- power distribution
- distribution network
- mobile terminal
- management platform
- service data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000009826 distribution Methods 0.000 title claims abstract description 363
- 238000000034 method Methods 0.000 title claims abstract description 63
- 238000010295 mobile communication Methods 0.000 title claims abstract description 26
- 238000005192 partition Methods 0.000 claims abstract description 67
- 238000001514 detection method Methods 0.000 claims description 28
- 238000012795 verification Methods 0.000 claims description 22
- 238000012545 processing Methods 0.000 claims description 21
- 230000008569 process Effects 0.000 claims description 17
- 238000013475 authorization Methods 0.000 claims description 7
- 230000006854 communication Effects 0.000 abstract description 37
- 238000004891 communication Methods 0.000 abstract description 35
- 230000006870 function Effects 0.000 abstract description 10
- 238000007726 management method Methods 0.000 description 146
- 230000005540 biological transmission Effects 0.000 description 20
- 230000003993 interaction Effects 0.000 description 10
- 238000010586 diagram Methods 0.000 description 8
- 238000002955 isolation Methods 0.000 description 7
- 238000004519 manufacturing process Methods 0.000 description 4
- 238000012544 monitoring process Methods 0.000 description 4
- 238000003860 storage Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 238000012550 audit Methods 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 230000007704 transition Effects 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H02J13/0013—
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/105—Multiple levels of security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Abstract
The application provides a mobile communication method and a mobile communication system applied to a power distribution network. The mobile terminal accesses a three-safety zone or a one-safety zone of the power distribution network according to the assigned operation authority, communication between the mobile terminal and each safety zone of the power distribution network, particularly the one-safety zone with a higher safety level, is realized, and therefore control management of workers on the one-safety zone is realized through the mobile terminal. When the staff uses the mobile terminal to control and manage each safety partition of the power distribution network, the staff can also access the external network and realize other communication functions. Therefore, by adopting the method, the communication of the mobile terminal to each safety partition, especially the safety zone, can be realized on the premise of ensuring the communication safety of the mobile terminal and the power distribution network, and the convenience of the mobile terminal is fully exerted.
Description
Technical Field
The application relates to the technical field of power distribution network communication, in particular to a mobile communication method and system applied to a power distribution network.
Background
With the continuous development of the smart power grid, the interactive service based on the mobile terminal in the domestic power industry presents a vigorous development situation. The mobile application is used in various fields of operation and management of the power distribution network, and brings great convenience to operation and management work of the power distribution network. In the power distribution network, a power distribution network mobile application server receives an access request of a mobile terminal, and the access request is further processed by a power distribution network operation management platform; the power distribution network operation management platform collects various service data in the power distribution network, and realizes the functions of analyzing and managing the service data of the power distribution network, monitoring and controlling the state of power distribution equipment and the like. In the communication process of the mobile terminal and the power distribution network, due to the openness of the mobile network and the mobile terminal, more security risks can be brought to the power distribution network by using the mobile terminal. As an extension of internal operation and external service of the power distribution network, when the mobile terminal is used, information interaction can be generated between the mobile application server side of the power distribution network and the operation management platform of the power distribution network, and in the process of processing access requests and reading and writing data, the operation management platform of the power distribution network has safety risks of being maliciously attacked, illegally acquiring service data and the like. Therefore, when the mobile terminal is used for information interaction in the power distribution network, convenience and high efficiency of the mobile terminal need to be exerted, and safety of communication between the mobile terminal and the power distribution network system needs to be guaranteed.
At present, a service system based on computer and network technology in a power distribution network is divided into a production control area and a management information area in principle. The first safety area is a control area of a production control large area and has high safety level; the safety three area is a production management area of a management information large area, and the safety level of the production management area is low. The power distribution network operation management platform arranged in the power distribution network can be generally arranged in three safety areas. When the service processing is performed on the security areas with different security levels, the working personnel need to have the operation authority of the corresponding level of the power distribution network operation management platform. In addition, the mobile application server of the power distribution network installed in the power distribution network may be generally installed in an isolation Zone (DMZ). In the existing power distribution network system, for information interaction between a mobile terminal and a security three-area with a low security level, an APN virtual private encryption transmission channel is established by using an operator Access Point (APN) private line. When the business processing is carried out on the three safety zones, the mobile terminal and the mobile application server of the power distribution network communicate through the APN virtual special encryption transmission channel, the establishment of the APN virtual special encryption transmission channel ensures the communication safety between the mobile terminal and the mobile application server of the power distribution network, and the mobile terminal obtains the primary operation authority of the power distribution network operation management platform. The staff can use the mobile terminal to carry out information interaction with the power distribution network operation management platform, and relatively simple business processing work such as historical data query and report statistics is completed. And for the information interaction of the security zone with high security level, the mobile terminal is not used, and the fixed terminal equipment is used for carrying out service processing in a communication mode of a private local area network. After obtaining the operation authority of the power distribution network operation management platform at the corresponding level, the working personnel utilize fixed terminal equipment, such as a computer, in a specific office area to realize the control and management of the first safety area through the power distribution network operation management platform. Therefore, in the prior art, an APN virtual private encryption transmission channel is established through an APN private line of an operator, and information interaction is established with a power distribution network operation management platform, so that a mobile terminal can access a three-security area; for the control and management of the safety first area, the communication in the safety first area of the power distribution network is realized by using a private local area network instead of using mobile application and using fixed terminal equipment.
However, in the first safety area, if the staff only controls and manages through the fixed terminal device, the requirement of the mobile office for power grid operation management cannot be met. When a worker goes out for office, the worker can not master the real-time operation condition of the power distribution network at any time and any place due to the fact that the worker is separated from an office area and does not have corresponding fixed terminal equipment; if the abnormal operation of the power distribution network needs to be handled, and when workers corresponding to the authority level just go out, the control management of the power distribution network cannot be carried out in time, and the problem of the abnormal operation of the power distribution network cannot be solved in time. For the third security area, in the prior art, an APN virtual private encryption transmission channel is established through an APN private line of an operator to ensure communication security, and a mobile terminal obtains an access right to the third security area. However, if the carrier APN dedicated line is used as a communication mode, when the distribution network mobile application is used, the mobile terminal cannot be connected with the external network, and the staff must quit the distribution network mobile application and switch the network to the external network to use other communication functions of the mobile terminal, which brings inconvenience to the staff. Therefore, in the prior art, communication of the mobile terminal to each security partition, especially to the security first partition, cannot be realized on the premise of ensuring communication security, so that convenience of the mobile terminal cannot be brought into full play.
Disclosure of Invention
The application provides a mobile communication method and a mobile communication system applied to a power distribution network, and aims to solve the problems that in the prior art, in the process of realizing communication between a mobile terminal and each safety partition of the power distribution network, the communication of the mobile terminal to all safety partitions, especially a safety partition, cannot be realized on the premise of ensuring the communication safety, and the convenience of the mobile terminal cannot be fully exerted.
In a first aspect of the present application, there is provided a mobile communication method applied to a power distribution network, the method applied to a power distribution network system, including:
the mobile terminal sends a network access login request to the VPN gateway;
the VPN gateway verifies whether the network access login request passes, and if the network access login request passes the verification, the mobile terminal logs in to enter a VPN network;
after entering a VPN network, the mobile terminal sends the characteristic identification of the mobile terminal to a mobile application server of the power distribution network through the VPN network;
the power distribution network mobile application server side verifies the validity of the characteristic identification, and if the validity of the characteristic identification is verified, the power distribution network mobile application server side sends user information corresponding to the characteristic identification to the mobile terminal;
the mobile terminal displays the user information in a login interface, receives password information input in the login interface, and sends the password information to the power distribution network mobile application server;
the power distribution network mobile application server side sends the user information and the password information to a power distribution network unified security management platform;
the power distribution network unified security management platform verifies whether the user information is matched with the password information, if the user information is matched with the password information, the power distribution network unified security management platform identifies identity level information contained in the user information, and grants corresponding operation permission of the mobile terminal to the power distribution network operation management platform according to the identity level information;
the operation authority at least comprises: data access right to the safety three area and control management right to the safety one area.
Optionally, after the unified security management platform for the power distribution network grants the corresponding operation permission of the mobile terminal to the operation management platform for the power distribution network, the method further includes:
and the mobile terminal acquires the digital certificate corresponding to the operation authority from the power distribution network unified security management platform.
Optionally, after the mobile terminal obtains the digital certificate corresponding to the operation right from the power distribution network unified security management platform, the method further includes:
the mobile terminal sends a service data access request and the digital certificate to the mobile application server side of the power distribution network;
the power distribution network mobile application server side detects whether the digital certificate is valid, and if the digital certificate is valid, the power distribution network mobile application server side sends the service data access request and the digital certificate to the power distribution network operation management platform;
the power distribution network operation management platform identifies the type of the service data access request and sends the type information of the service data access request and the digital certificate to the power distribution network unified security management platform;
the power distribution network unified security management platform detects whether the operation authority corresponding to the digital certificate is matched with the type information or not, and sends a detection result to the power distribution network operation management platform;
if the detection result is matched, the power distribution network operation management platform confirms the safety partition needing to be accessed according to the type information and acquires the service data of the corresponding safety partition;
the power distribution network operation management platform processes the service data to generate return information and sends the return information to a power distribution network mobile application server;
and the power distribution network mobile application server sends the return information to the mobile terminal.
Optionally, if the power distribution network operation management platform and the mirror image server are arranged in a security three-zone, after the power distribution network operation management platform confirms the security partition to be accessed according to the type information and obtains the service data of the corresponding security partition, the method further includes:
when the safety partition needing to be accessed is a safety three-area partition and the service data of the safety three-area partition is stored in the power distribution network operation management platform, the power distribution network operation management platform directly calls the service data of the safety three-area partition;
when the security partition needing to be accessed is the first security partition and the mirror image server synchronizes and stores the service data of the first security partition, the power distribution network operation management platform acquires the service data of the first security partition from the mirror image server.
Optionally, before the mobile terminal sends the service data access request and the digital certificate to the power distribution network mobile application server, the method further includes:
and the mobile terminal encrypts the service data access request through an SSL secure socket layer to obtain a json character string ciphertext, so that the mobile terminal sends the service data access request converted into the json character string ciphertext to the power distribution network mobile application server.
Optionally, before the power distribution network mobile application server sends the return information to the mobile terminal, the method further includes:
and the power distribution network mobile application server encrypts the return information through an SSL secure socket layer to obtain a json character string ciphertext so that the power distribution network mobile application server sends the return information converted into the json character string ciphertext to the mobile terminal.
In a second aspect of the present application, there is provided a mobile communication system applied to a power distribution network, including: the mobile terminal comprises a first sending module, a second sending module, a playback module and a fourth sending module which are arranged in the mobile terminal; the first verification module is arranged at the VPN gateway; the second verification module, the third sending module and the fifth sending module are arranged at the mobile application server side of the power distribution network; the setting is at the matching module and the authorization module of the unified safety management platform of distribution network, wherein:
the first sending module is used for sending a network access login request to the VPN gateway;
the first verification module is used for verifying whether the network access login request passes, and if the network access login request passes the verification, the mobile terminal logs in to enter a VPN network;
the second sending module is used for sending the feature identifier of the mobile terminal to the mobile application server side of the power distribution network through the VPN after entering the VPN;
the second verification module is used for verifying the validity of the feature identifier;
the third sending module is configured to send, to the mobile terminal, user information corresponding to the feature identifier when the validity of the feature identifier is verified;
the back display module is used for displaying the user information in a login interface;
the fourth sending module is used for receiving password information input in the login interface and sending the password information to the power distribution network mobile application server;
the fifth sending module is used for sending the user information and the password information to a power distribution network unified security management platform;
the matching module is used for verifying whether the user information is matched with the password information;
and the authorization module is used for identifying the identity level information contained in the user information when the user information is matched with the password information, and granting the mobile terminal corresponding operation authority to the power distribution network operation management platform according to the identity level information.
Optionally, the system further includes: the first obtaining module and the sixth sending module are arranged on the mobile terminal; the first detection module, the seventh sending module and the eighth sending module are arranged at the mobile application server side of the power distribution network; the identification module, the second acquisition module and the service processing module are arranged in the power distribution network operation management platform; the setting is at the second detection module of the unified safety management platform of distribution network, wherein:
the first obtaining module is used for obtaining a digital certificate corresponding to the operation authority from the power distribution network unified security management platform after the power distribution network unified security management platform grants the corresponding operation authority of the mobile terminal to the power distribution network operation management platform.
The sixth sending module is configured to send a service data access request and the digital certificate to the power distribution network mobile application server after the mobile terminal obtains the digital certificate corresponding to the operation authority from the power distribution network unified security management platform;
the first detection module is used for detecting whether the digital certificate is valid;
the seventh sending module is configured to send the service data access request and the digital certificate to the power distribution network operation management platform when the digital certificate is valid;
the identification module is used for identifying the type of the service data access request and sending the type information of the service data access request and the digital certificate to the power distribution network unified security management platform;
the second detection module is used for detecting whether the operation authority corresponding to the digital certificate is matched with the type information or not and sending a detection result to the power distribution network operation management platform;
the second obtaining module is configured to, when the detection result is a match, determine a security partition to be accessed according to the type information, and obtain service data of the corresponding security partition;
the service processing module is used for processing the service data, generating return information and sending the return information to the mobile application server side of the power distribution network;
and the eighth sending module is configured to send the return information to the mobile terminal.
Optionally, if the power distribution network operation management platform and the image server are set in three areas of safety, the second obtaining module further includes a calling unit and a obtaining unit, wherein:
the calling unit is used for directly calling the service data of the three safety zones when the safety zone needing to be accessed is the three safety zones and the service data of the three safety zones are stored in the power distribution network operation management platform;
the acquiring unit is configured to acquire the service data of the secure first area from the mirror server when the secure partition to be accessed is the secure first area and the mirror server synchronizes and stores the service data of the secure first area.
Optionally, the system further includes an SSL encryption module disposed in the mobile terminal, wherein:
the SSL encryption module is used for encrypting the service data access request through an SSL secure socket layer before the mobile terminal sends the service data access request and the digital certificate to the power distribution network mobile application server, so as to obtain a json character string ciphertext, and therefore the mobile terminal can send the service data access request converted into the json character string ciphertext to the power distribution network mobile application server.
According to the technical scheme, the application provides the mobile communication method and the system applied to the power distribution network, wherein in the method, the mobile terminal sends a network access login request to the VPN gateway; the VPN gateway verifies whether the network access login request passes, and if the network access login request passes the verification, the mobile terminal logs in to enter a VPN network; after entering a VPN network, the mobile terminal sends the characteristic identification of the mobile terminal to a mobile application server of the power distribution network through the VPN network; the power distribution network mobile application server side verifies the validity of the characteristic identification, and if the validity of the characteristic identification is verified, the power distribution network mobile application server side sends user information corresponding to the characteristic identification to the mobile terminal; the mobile terminal displays the user information in a login interface, receives password information input in the login interface, and sends the password information to the power distribution network mobile application server; the power distribution network mobile application server side sends the user information and the password information to a power distribution network unified security management platform; the power distribution network unified security management platform verifies whether the user information is matched with the password information, if the user information is matched with the password information, the power distribution network unified security management platform identifies identity level information contained in the user information, and grants corresponding operation permission of the mobile terminal to the power distribution network operation management platform according to the identity level information; the operation authority at least comprises: data access right to the safety three area and control management right to the safety one area.
According to the method provided by the embodiment of the application, a VPN gateway is used for constructing a secure communication channel between the mobile terminal and the power distribution network, namely a VPN network, after the mobile terminal enters the VPN network, identity information interaction is carried out between the mobile application server of the power distribution network and a unified security management platform of the power distribution network, the unified security management platform of the power distribution network distributes operation authority of the mobile terminal to the operation management platform of the power distribution network through a user security verification process, and the operation authority at least comprises data access authority for a security three-area and control management authority for a security one-area. Therefore, the mobile terminal can access the three safety zones or the one safety zone of the power distribution network according to the assigned operation authority, communication between the mobile terminal and each safety zone of the power distribution network, particularly the one safety zone with higher safety level is realized, and therefore, workers can realize control and management of the one safety zone through the mobile terminal. Therefore, the operation authority of the mobile terminal on the power distribution network operation management platform is distributed through the user security verification process, and therefore the security of the mobile terminal on the service data access of each security partition of the power distribution network is guaranteed. Meanwhile, information transmission between the mobile terminal and the mobile application server side of the power distribution network is encrypted through an SSL secure socket layer protocol, so that the safety of the information transmission between the mobile terminal and the power distribution network is ensured; and because the mobile communication between the mobile terminal and the power distribution network is realized in the VPN network, it can be known from the characteristics of the VPN network that when a worker uses the mobile terminal (such as a smart phone) to control and manage each safety partition of the power distribution network through a power distribution network mobile application, the smart phone can also access the external network and realize other communication functions. Therefore, by adopting the method, the communication of the mobile terminal to each safety partition, especially the safety one partition, can be realized on the premise of ensuring the communication safety of the mobile terminal and the power distribution network, and the convenience of mobile application can be fully exerted.
Drawings
In order to more clearly explain the technical solution of the present application, the drawings needed to be used in the embodiments will be briefly described below, and it is obvious to those skilled in the art that other drawings can be obtained according to the drawings without creative efforts.
Fig. 1 is a schematic view of an application scenario of a mobile communication method applied to a power distribution network according to an embodiment of the present application;
fig. 2 is a schematic workflow diagram of a mobile communication method applied to a power distribution network according to an embodiment of the present application;
fig. 3 is a schematic flowchart illustrating steps of a mobile communication method applied to a power distribution network according to an embodiment of the present application;
fig. 4 is a schematic flowchart illustrating steps of another mobile communication method applied to a power distribution network according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a mobile communication system applied to a power distribution network according to an embodiment of the present application.
Detailed Description
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, the present application is described in further detail with reference to the accompanying drawings and the detailed description.
In order to solve the problem that in the prior art, in the process of realizing communication between a mobile terminal and each safety partition of a power distribution network, the prior art cannot realize communication between the mobile terminal and each safety partition, especially a safety partition on the premise of ensuring communication safety, so that convenience of the mobile terminal cannot be fully exerted, the application provides a mobile communication method applied to the power distribution network through the following embodiments.
Referring to an application scene schematic diagram of fig. 1, the mobile communication method applied to the power distribution network provided in the embodiment of the present application is applied to a power distribution network system, where the power distribution network system includes a power distribution network mobile application server, a power distribution network operation management platform, and a power distribution network unified security management platform.
The mobile terminal is positioned outside the power distribution network system, and in the power distribution network system, the power distribution network mobile application server side firstly receives an access request of the mobile terminal and transfers the access request to the power distribution network operation management platform for further processing; the power distribution network operation management platform collects various service data in the power distribution network, and realizes the functions of analyzing and managing the service data of the power distribution network, monitoring and controlling the state of power distribution equipment and the like. The power distribution network unified security management platform is arranged in the three security areas, and realizes 4A functions (Authentication, Authorization, Accounting and Audit Audit), including account Authentication, authority setting and the like.
In addition, the power distribution network system can further comprise a mirror image server, wherein the mirror image server is arranged in the third safety area and can synchronously acquire and store the service data in the first safety area into the mirror image server.
As shown in the scene diagram of fig. 1, the components of the power distribution network system related in the application scene sequentially include an isolation area, i.e., a DMZ area (DMZ), a third safety area, and a first safety area from outside to inside. The mobile terminal is positioned outside the power distribution network system, the power distribution network mobile application server is arranged in a DMZ (distributed Mobile network) area, namely a transition area between the mobile terminal and the power distribution network, the DMZ area is also provided with a firewall and a front-end processor, and the DMZ area is protected from being attacked by a malicious network through the firewall; the power distribution network operation management platform, the power distribution network unified safety management platform and the mirror image server are all arranged in three safety areas. In the first safety area, an SCADA (Supervisory Control And Data Acquisition, SCADA) system is further provided, that is, a Data Acquisition And monitoring Control system, so as to monitor And Control the on-site operating equipment. The first safety area is also provided with a front-end processor which is used as an external interface of the first safety area to realize external information exchange; in addition, information exchange between the DMZ area and the safety three areas and information exchange between the safety three areas and the safety one area are provided with a forward isolation device and a reverse isolation device respectively, and the forward isolation device and the reverse isolation device are used for guaranteeing the safety of information transmission between the safety sub areas of the power distribution network.
Referring to the work flow diagram of fig. 2 and the step flow diagram of fig. 3, a mobile communication method applied to a power distribution network according to a first embodiment of the present application includes the following steps:
In this step, the mobile terminal refers to a computer device that can be used in movement, such as a smart phone, a tablet computer, etc. having multiple application functions; the network access login request comprises a VPN account and a password corresponding to the account.
And 102, the VPN gateway verifies whether the network access login request passes, and if the network access login request passes the verification, the mobile terminal logs in to enter a VPN network.
In this step, the VPN gateway performs VPN login authentication on the mobile terminal, and after the authentication is passed, the mobile terminal can log in to enter the VPN network. The VPN is a virtual private network, and through the steps, a private communication channel from the mobile terminal to the power distribution network is constructed.
And 103, after entering the VPN network, the mobile terminal sends the characteristic identifier of the mobile terminal to a mobile application server of the power distribution network through the VPN network.
In this step, the feature identifier of the Mobile terminal may refer to an International Mobile Equipment Identity (IMEI) of the Mobile terminal, or may refer to other identification information uniquely corresponding to the Mobile terminal device. And the power distribution network mobile application server is used for processing information interaction with the mobile terminal in the power distribution network. If the client version of the mobile application App is installed in the mobile terminal and used for control management operation of a worker on the power distribution network, the control end version of the mobile application App is correspondingly installed at the mobile application server end of the power distribution network and used for matching with the mobile terminal to control management of the power distribution network.
And 104, the power distribution network mobile application server side verifies the legality of the feature identifier, and if the legality of the feature identifier is verified, the power distribution network mobile application server side sends user information corresponding to the feature identifier to the mobile terminal.
In this step, the specific manner adopted by the power distribution network mobile application server to verify the validity of the feature identifier may be as follows: the power distribution network mobile application server stores a white list of the feature identifiers of the mobile terminals, and if the feature identifier of a certain mobile terminal is in the white list, the power distribution network mobile application server can judge that the mobile terminal corresponding to the feature identifier is legal equipment. The white list also comprises user information of staff who can use the mobile terminal, and the user information comprises departments where the users are located, user types, user names and the like. The user information corresponds to the mobile terminal, which has a corresponding feature identifier, and thus the user information also corresponds to the feature identifier of the mobile terminal. And after the mobile terminal is judged to be legal, the power distribution network mobile application server side sends corresponding user information to the mobile terminal.
And 105, the mobile terminal displays the user information in a login interface, receives password information input in the login interface, and sends the password information to the power distribution network mobile application server.
In the step, the mobile terminal receives user information sent by the power distribution network mobile application server and displays the user information on a screen of the mobile terminal, namely, a login interface in mobile application installed on the mobile terminal, a worker inputs password information corresponding to the user information on the login interface, and then the mobile terminal sends the password information to the power distribution network mobile application server.
106, the mobile application server of the power distribution network sends the user information and the password information to a unified security management platform of the power distribution network; and the power distribution network unified security management platform verifies whether the user information is matched with the password information.
In the step, after the mobile application server of the power distribution network receives the password information, the corresponding user information and the password information are sent to the unified security management platform of the power distribution network in combination with the user information. The power distribution network mobile application server is located in a DMZ area, and the power distribution network unified safety management platform is located in a safety three area; the transmission process of the user information and the password information is information transmission from the DMZ area to the three safety areas, and the information is transmitted through the forward isolating device in the information transmission process so as to ensure that the information is not leaked, and therefore the safety of information transmission is improved.
In this step, if the user information matches the password information, step 107 is executed.
In this step, the power distribution network unified security management platform checks the matching between the user information and the password information, and after a result that the user information is matched with the password information is obtained, analyzes the checked user information to obtain identity level information included in the user information, where the identity level in the identity level information refers to each level of a common operator, an operation team executive, a department master, a general engineer, a local leader, and the like. The operation authority corresponding to each level is different, and the power distribution network unified security management platform distributes corresponding operation authority to the mobile terminal according to the identity level information. The operation authority refers to the operation authority of the power distribution network operation management platform; the power distribution network operation management platform collects various service data in the power distribution network, and realizes the functions of analyzing and managing the service data of the power distribution network, monitoring and controlling the state of power distribution equipment and the like. Each different function is realized in the security partitions with different security levels, and meanwhile, the operation authority of the corresponding level needs to be provided for the power distribution network operation management platform. The operation authority of the power distribution network operation management platform at least comprises data access authority for a security three-zone and control management authority for a security one-zone, and in addition, the operation authority for other zones in the power distribution network such as a security two-zone can also be included.
After the mobile terminal has the operation authority of the corresponding level, the mobile terminal can access the service data of each safety partition through the power distribution network operation management platform, including the control and management of the safety partition, namely, the safety communication between the mobile terminal and each safety partition can be realized.
In the method, a secure communication channel between a mobile terminal and a power distribution network, namely a VPN network, is established by using a VPN gateway, after the mobile terminal enters the VPN network, identity information interaction is performed between the mobile application server of the power distribution network and a unified security management platform of the power distribution network, the unified security management platform of the power distribution network distributes operation permissions of the mobile terminal to the operation management platform of the power distribution network through a user security verification process, and the operation permissions at least include data access permissions for a security three-zone and control management permissions for a security one-zone. Therefore, the mobile terminal can access three safety zones or one safety zone of the power distribution network according to the assigned operation authority, communication between the mobile terminal and each safety zone of the power distribution network, particularly the safety zone with a higher safety level, is realized, and therefore, workers can realize control management work on the safety zone through the mobile terminal. Therefore, the operation authority of the mobile terminal on the power distribution network operation management platform is distributed through the user security verification process, and therefore the security of the mobile terminal on the service data access of each security partition of the power distribution network is guaranteed. And because the mobile communication between the mobile terminal and the power distribution network is realized in the VPN network, it can be known from the characteristics of the VPN network that when a worker uses the mobile terminal (such as a smart phone) to control and manage each safety partition of the power distribution network through a power distribution network mobile application, the smart phone can also access the external network and realize other communication functions. Therefore, compared with the prior art, the method of the first embodiment of the application can realize the communication of the mobile terminal to each safety partition, especially the safety first partition, on the premise of ensuring the communication safety of the mobile terminal and the power distribution network, and fully exerts the convenience of mobile application.
Referring to the schematic step flow diagram of fig. 4, a second embodiment of the present application provides another mobile communication method applied to a power distribution network, and this embodiment is performed on the basis of the first embodiment of the present application, and with respect to the first embodiment of the present application, in the mobile communication method applied to the power distribution network disclosed in the second embodiment of the present application, after the power distribution network unified security management platform grants the corresponding operation authority of the mobile terminal to the power distribution network operation management platform, the method includes the following steps:
In this step, on the basis of the first embodiment of the present application, the mobile terminal has already obtained the operation authority of the power distribution network operation management platform from the power distribution network unified security management platform. The power distribution network unified security management platform generates a digital certificate corresponding to the operation authority, and the digital certificate has uniqueness and represents the operation authority of the mobile terminal to the power distribution network.
In this step, when initiating a service processing operation on the power distribution network, the mobile terminal first sends a service data access request to the mobile application server of the power distribution network, and simultaneously sends a digital certificate.
After receiving the data access request and the digital certificate, the mobile application server end of the power distribution network can detect the validity of the digital certificate, wherein the detection means detecting whether the digital certificate belongs to the mobile terminal, is issued by the unified security management platform of the power distribution network, and is in the validity period. If the digital certificate is valid, step 203 is executed.
In the step, it can be seen that the mobile application server of the power distribution network builds a bridge between the mobile terminal and the power distribution network system and plays a role of transition connection. After the mobile application server side of the power distribution network preliminarily guarantees the safety of the mobile terminal by detecting the digital certificate, the service data access request sent by the mobile terminal and the digital certificate are forwarded to the power distribution network operation management platform.
In addition, before this step, that is, before the mobile terminal sends the service data access request and the digital certificate to the power distribution network mobile application server, the method further includes: and the mobile terminal encrypts the service data access request through an SSL secure socket layer to obtain a json character string ciphertext, so that the mobile terminal sends the service data access request converted into the json character string ciphertext to the power distribution network mobile application server. Therefore, in the data transmission process from the mobile terminal to the power distribution network, the mobile terminal encrypts the data to be transmitted by using the SSL technology.
And 204, identifying the type of the service data access request by the power distribution network operation management platform, and sending the type information of the service data access request and the digital certificate to the power distribution network unified security management platform.
In this step, after receiving the service data access request and the digital certificate, the power distribution network operation management platform analyzes the service data access request to identify the type of the service data access request. The access request includes but is not limited to a query request of historical data of the electrical quantity of a certain line in a certain time period, a request of state control of a certain electrical switch and the like; different access requests involve different secure partitions. For example, a query request for historical data of electrical quantities requires access to a third security area, and a control request for the state of a certain electrical switch requires access to a first security area; and the distribution network operation management platform identifies the type of the service data access request, namely confirms which safety partition of the distribution network the service data access request relates to. The type information refers to information of which security partition of the power distribution network the content of the service data access request relates to, and the type information includes data query, device status query, device control and the like.
After the type information is acquired, the power distribution network operation management platform sends the type information and the digital certificate to the power distribution network unified security management platform together, so that the next operation is performed, that is, step 205 is executed.
In this step, after receiving the type information and the digital certificate, the power distribution network unified security management platform detects the matching between the operation authority of the mobile terminal and the type information of the service data access request. For example, the operation right corresponding to the digital certificate of the mobile terminal is an access right to the secure first zone, that is, the operation right represents that the mobile terminal can process services belonging to the secure first zone; the type information of the service data access request initiated by the mobile terminal is a control request for the electrical equipment, the control request needs information of a security area, namely service data access of the security area is needed, therefore, the operation authority corresponding to the digital certificate is matched with the type information, and the detection result is 'matching'.
For another example, the operation right corresponding to the digital certificate of the mobile terminal is an access right to the three security zones, that is, the mobile terminal can process services belonging to the range of the three security zones but cannot process services of the one security zone with higher security level; the type information of the service data access request initiated by the mobile terminal is a control request for the electrical equipment, and the control request needs data of a safety area, namely service data access of the safety area is needed; therefore, the operation authority corresponding to the digital certificate is not matched with the type information, and the detection result is 'no match'.
If the detection result is "match", then go to step 206; and if the detection result is 'unmatched', the unified safety management platform of the power distribution network sends 'no operation authority' information to the operation management platform of the power distribution network, and the operation management platform of the power distribution network refuses the access of the mobile terminal.
And step 206, the power distribution network operation management platform confirms the safety partition needing to be accessed according to the type information and acquires the service data of the corresponding safety partition.
As can be seen from the above description of step 204, the type information includes information of the secure partition to be accessed. In this step, the power distribution network operation management platform obtains the service data of the corresponding security partition according to the type information.
The power distribution network operation management platform and the mirror image server are arranged in a third safety area, service data of the third safety area are stored in the power distribution network operation management platform, and service data of the first safety area are synchronized and stored by the mirror image server.
When the secure partition to be accessed is a secure triple-partition, for example, the type information refers to a query of historical data of the electrical quantity, step 2061 is performed.
Step 2061, the power distribution network operation management platform directly calls the service data of the three safety zones;
when the secure partition to be accessed is a secure partition, for example, the type information refers to a control request for the state of a certain electrical switch, step 2062 is performed.
Step 2062, the power distribution network operation management platform acquires the service data of the first safety area from the mirror image server.
And step 207, processing the service data by the power distribution network operation management platform, generating return information, and sending the return information to the power distribution network mobile application server.
In this step, after the service data of the security partition is obtained in step 206, the distribution network operation management platform processes the service data to generate the return information. The step of processing the service data refers to processing the obtained service data according to service logic preset by the power distribution network operation management platform, so that return information suitable for the mobile terminal is generated.
After the return information is generated, the power distribution network operation management platform sends the return information to the power distribution network mobile application server side, the transmission process of the return information is information transmission from a safety three area to a DMZ area, and the return information passes through a reverse isolation device in the information transmission process to ensure that the information is not leaked, so that the safety of information transmission is improved.
And 208, the power distribution network mobile application server side sends the return information to the mobile terminal.
In the step, the return information generated by the power distribution network operation management platform is transmitted to the mobile terminal through the power distribution network mobile application server, so that the interaction of the mobile terminal on the service data information of the power distribution network is completed.
Before this step, that is, before the power distribution network mobile application server sends the return information to the mobile terminal, the method further includes: and the power distribution network mobile application server encrypts the return information through an SSL secure socket layer to obtain a json character string ciphertext so that the power distribution network mobile application server sends the return information converted into the json character string ciphertext to the mobile terminal. Therefore, in the data transmission process between the mobile application server of the power distribution network and the mobile terminal, the mobile application server of the power distribution network can also encrypt the data to be transmitted by using the SSL technology.
The second embodiment of the present application is based on the first embodiment of the present application, and provides a mobile communication method for processing power distribution network services by using a mobile terminal through steps 201 to 208. After the mobile terminal obtains the operation authority of the power distribution network operation management platform through the user security verification process of the first embodiment of the application, the mobile terminal carries the digital certificate corresponding to the operation authority to access the power distribution network. The power distribution network operation management platform analyzes the content of the service data access request, obtains the type information of the access request, and then sends the type information and the digital certificate to the power distribution network unified security management platform to detect whether the operation authority represented by the digital certificate can meet the access request, if the detected type information of the access request is matched with the digital certificate, namely the digital certificate meets the requirement of the type information, the power distribution network operation management platform processes the service data to generate return information, and sends the return information to the mobile terminal through the power distribution network mobile application server.
Through the second embodiment of the application, the mobile terminal can not only realize communication with the three safety zones and process services (such as historical data query of electrical quantity information) located in the three safety zones, but also realize communication with the first safety zone and process services (such as control of a certain electrical equipment state) located in the first safety zone. Meanwhile, information transmission between the mobile terminal and the mobile application server of the power distribution network is encrypted through an SSL protocol, so that the safety of the information transmission between the mobile terminal and the power distribution network is ensured, and the safety of a communication process is ensured.
The following are embodiments of the system of the present application that may be used to perform embodiments of the method of the present application. For details which are not disclosed in the embodiments of the system of the present application, reference is made to the embodiments of the method of the present invention.
Referring to the schematic structural diagram shown in fig. 5, the present application provides a mobile application communication system applied to a power distribution network, including: a first sending module 11, a second sending module 12, a playback module 13 and a fourth sending module 14 which are arranged in the mobile terminal; a first authentication module 21 disposed at the VPN gateway; the second verification module 31, the third sending module 32 and the fifth sending module 33 are arranged at the mobile application server side of the power distribution network; the matching module 41 and the authorization module 42 are arranged on the power distribution network unified security management platform, wherein:
the first sending module 11 is configured to send a network access login request to the VPN gateway.
The first verification module 21 is configured to verify whether the network access login request passes through, and if the network access login request passes through the verification, the mobile terminal logs in to the VPN network.
The second sending module 12 is configured to send the feature identifier of the mobile terminal to the power distribution network mobile application server through the VPN network after entering the VPN network.
The second verification module 31 is configured to verify the validity of the feature identifier.
The third sending module 32 is configured to send, to the mobile terminal, the user information corresponding to the feature identifier when the validity of the feature identifier is verified.
And the display back module 13 is configured to display the user information in a login interface.
The fourth sending module 14 is configured to receive the password information input in the login interface, and send the password information to the power distribution network mobile application server.
The fifth sending module 33 is configured to send the user information and the password information to a power distribution network unified security management platform.
The matching module 41 is configured to verify whether the user information is matched with the password information.
And the authorization module 42 is configured to, when the user information matches the password information, identify identity level information included in the user information, and grant, according to the identity level information, a corresponding operation permission of the mobile terminal to the power distribution network operation management platform.
Optionally, the system further includes: the first obtaining module and the sixth sending module are arranged on the mobile terminal; the first detection module, the seventh sending module and the eighth sending module are arranged at the mobile application server side of the power distribution network; the identification module, the second acquisition module and the service processing module are arranged in the power distribution network operation management platform; the setting is at the second detection module of the unified safety management platform of distribution network, wherein:
the first obtaining module is used for obtaining a digital certificate corresponding to the operation authority from the power distribution network unified security management platform after the power distribution network unified security management platform grants the corresponding operation authority of the mobile terminal to the power distribution network operation management platform.
The sixth sending module is configured to send a service data access request and the digital certificate to the power distribution network mobile application server after the mobile terminal obtains the digital certificate corresponding to the operation authority from the power distribution network unified security management platform.
The first detection module is used for detecting whether the digital certificate is valid.
And the seventh sending module is configured to send the service data access request and the digital certificate to the power distribution network operation management platform when the digital certificate is valid.
The identification module is used for identifying the type of the service data access request and sending the type information of the service data access request and the digital certificate to the power distribution network unified security management platform.
And the second detection module is used for detecting whether the operation authority corresponding to the digital certificate is matched with the type information or not and sending a detection result to the power distribution network operation management platform.
And the second acquisition module is used for confirming the safety partition to be accessed according to the type information and acquiring the service data of the corresponding safety partition when the detection result is matched.
And the service processing module is used for processing the service data, generating return information and sending the return information to the mobile application server side of the power distribution network.
And the eighth sending module is configured to send the return information to the mobile terminal.
Optionally, if the power distribution network operation management platform and the image server are arranged in three areas of safety, the second obtaining module further includes a calling unit and a obtaining unit, wherein:
the calling unit is used for directly calling the service data of the three safety zones when the safety zone needing to be accessed is the three safety zones and the service data of the three safety zones are stored in the power distribution network operation management platform.
The acquiring unit is configured to acquire the service data of the secure first area from the mirror server when the secure partition to be accessed is the secure first area and the mirror server synchronizes and stores the service data of the secure first area.
Optionally, the system further includes an SSL encryption module disposed in the mobile terminal, wherein:
the SSL encryption module is used for encrypting the service data access request through an SSL secure socket layer before the mobile terminal sends the service data access request and the digital certificate to the power distribution network mobile application server, so as to obtain a json character string ciphertext, and therefore the mobile terminal can send the service data access request converted into the json character string ciphertext to the power distribution network mobile application server.
In a specific implementation manner, the present application further provides a computer storage medium, where the computer storage medium may store a program, and the program may include some or all of the steps in the embodiments of the mobile communication method and system applied to the power distribution network provided in the present application when executed. The storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM) or a Random Access Memory (RAM).
Those skilled in the art will clearly understand that the techniques in the embodiments of the present application may be implemented by way of software plus a required general hardware platform. Based on such understanding, the technical solutions in the embodiments of the present application may be essentially implemented or a part contributing to the prior art may be embodied in the form of a software product, which may be stored in a storage medium, such as a ROM/RAM, a magnetic disk, an optical disk, etc., and includes several instructions for enabling a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the method described in the embodiments or some parts of the embodiments of the present application.
The same and similar parts in the various embodiments in this specification may be referred to each other. In particular, for the system embodiment, since it is substantially similar to the method embodiment, the description is simple, and the relevant points can be referred to the description in the method embodiment.
The present application has been described in detail with reference to specific embodiments and illustrative examples, but the description is not intended to limit the application. Those skilled in the art will appreciate that various equivalent substitutions, modifications or improvements may be made to the presently disclosed embodiments and implementations thereof without departing from the spirit and scope of the present disclosure, and these fall within the scope of the present disclosure. The protection scope of this application is subject to the appended claims.
Claims (7)
1. A mobile communication method applied to a power distribution network is characterized by comprising the following steps:
the mobile terminal sends a network access login request to the VPN gateway;
the VPN gateway verifies whether the network access login request passes, and if the network access login request passes the verification, the mobile terminal logs in to enter a VPN network;
after entering a VPN network, the mobile terminal sends the characteristic identification of the mobile terminal to a mobile application server of the power distribution network through the VPN network;
the power distribution network mobile application server side verifies the validity of the characteristic identification, and if the validity of the characteristic identification is verified, the power distribution network mobile application server side sends user information corresponding to the characteristic identification to the mobile terminal;
the mobile terminal displays the user information in a login interface, receives password information input in the login interface, and sends the password information to the power distribution network mobile application server;
the power distribution network mobile application server side sends the user information and the password information to a power distribution network unified security management platform;
the power distribution network unified security management platform verifies whether the user information is matched with the password information, if the user information is matched with the password information, the power distribution network unified security management platform identifies identity level information contained in the user information, and grants corresponding operation permission of the mobile terminal to the power distribution network operation management platform according to the identity level information;
the operation authority at least comprises: data access authority to the security three area and control management authority to the security one area;
the mobile terminal acquires a digital certificate corresponding to the operation authority from a power distribution network unified security management platform;
the mobile terminal sends a service data access request and the digital certificate to the mobile application server side of the power distribution network;
the power distribution network mobile application server side detects whether the digital certificate is valid, and if the digital certificate is valid, the power distribution network mobile application server side sends the service data access request and the digital certificate to the power distribution network operation management platform;
the power distribution network operation management platform identifies the type of the service data access request and sends the type information of the service data access request and the digital certificate to the power distribution network unified security management platform;
the power distribution network unified security management platform detects whether the operation authority corresponding to the digital certificate is matched with the type information or not, and sends a detection result to the power distribution network operation management platform;
if the detection result is matched, the power distribution network operation management platform confirms the safety partition needing to be accessed according to the type information and acquires the service data of the corresponding safety partition;
the power distribution network operation management platform processes the service data to generate return information and sends the return information to a power distribution network mobile application server;
and the power distribution network mobile application server sends the return information to the mobile terminal.
2. The method according to claim 1, wherein if the power distribution network operation management platform and the mirror image server are arranged in a security three area, the power distribution network operation management platform confirms the security partition to be accessed according to the type information, and after acquiring the service data of the corresponding security partition, the method further comprises:
when the safety partition needing to be accessed is a safety three-area partition and the service data of the safety three-area partition is stored in the power distribution network operation management platform, the power distribution network operation management platform directly calls the service data of the safety three-area partition;
when the security partition needing to be accessed is the first security partition and the mirror image server synchronizes and stores the service data of the first security partition, the power distribution network operation management platform acquires the service data of the first security partition from the mirror image server.
3. The method of claim 1, wherein before the mobile terminal sends the service data access request and the digital certificate to the power distribution network mobile application server, the method further comprises:
and the mobile terminal encrypts the service data access request through an SSL secure socket layer to obtain a json character string ciphertext, so that the mobile terminal sends the service data access request converted into the json character string ciphertext to the power distribution network mobile application server.
4. The method of claim 1, wherein before the power distribution network mobile application server sends the return information to the mobile terminal, the method further comprises:
and the power distribution network mobile application server encrypts the return information through an SSL secure socket layer to obtain a json character string ciphertext so that the power distribution network mobile application server sends the return information converted into the json character string ciphertext to the mobile terminal.
5. A mobile communication system applied to a power distribution network, comprising: the system comprises a mobile terminal, a VPN gateway, a power distribution network mobile application server, a power distribution network unified security management platform and a power distribution network operation management platform, wherein the mobile terminal comprises a first sending module, a second sending module, a playback module, a fourth sending module, a first acquisition module and a sixth sending module; the VPN gateway includes a first authentication module; the power distribution network mobile application server comprises a second verification module, a third sending module, a fifth sending module, a first detection module, a seventh sending module and an eighth sending module; the power distribution network unified security management platform comprises a matching module, an authorization module and a second detection module; the power distribution network operation management platform comprises an identification module, a second acquisition module and a service processing module, wherein:
the first sending module is used for sending a network access login request to the VPN gateway;
the first verification module is used for verifying whether the network access login request passes, and if the network access login request passes the verification, the mobile terminal logs in to enter a VPN network;
the second sending module is used for sending the feature identifier of the mobile terminal to the mobile application server side of the power distribution network through the VPN after entering the VPN;
the second verification module is used for verifying the validity of the feature identifier;
the third sending module is configured to send, to the mobile terminal, user information corresponding to the feature identifier when the validity of the feature identifier is verified;
the back display module is used for displaying the user information in a login interface;
the fourth sending module is used for receiving password information input in the login interface and sending the password information to the power distribution network mobile application server;
the fifth sending module is used for sending the user information and the password information to a power distribution network unified security management platform;
the matching module is used for verifying whether the user information is matched with the password information;
the authorization module is used for identifying identity level information contained in the user information when the user information is matched with the password information, and granting the mobile terminal corresponding operation authority to the power distribution network operation management platform according to the identity level information;
the first obtaining module is used for obtaining a digital certificate corresponding to the operation authority from the power distribution network unified security management platform after the power distribution network unified security management platform grants the corresponding operation authority of the mobile terminal to the power distribution network operation management platform;
the sixth sending module is configured to send a service data access request and the digital certificate to the power distribution network mobile application server after the mobile terminal obtains the digital certificate corresponding to the operation authority from the power distribution network unified security management platform;
the first detection module is used for detecting whether the digital certificate is valid;
the seventh sending module is configured to send the service data access request and the digital certificate to the power distribution network operation management platform when the digital certificate is valid;
the identification module is used for identifying the type of the service data access request and sending the type information of the service data access request and the digital certificate to the power distribution network unified security management platform;
the second detection module is used for detecting whether the operation authority corresponding to the digital certificate is matched with the type information or not and sending a detection result to the power distribution network operation management platform;
the second obtaining module is configured to, when the detection result is a match, determine a security partition to be accessed according to the type information, and obtain service data of the corresponding security partition;
the service processing module is used for processing the service data, generating return information and sending the return information to the mobile application server side of the power distribution network;
and the eighth sending module is configured to send the return information to the mobile terminal.
6. The system of claim 5, wherein if the power distribution network operation management platform and the image server are disposed in a third security zone, the second obtaining module further comprises a retrieving unit and a obtaining unit, wherein:
the calling unit is used for directly calling the service data of the three safety zones when the safety zone needing to be accessed is the three safety zones and the service data of the three safety zones are stored in the power distribution network operation management platform;
the acquiring unit is configured to acquire the service data of the secure first area from the mirror server when the secure partition to be accessed is the secure first area and the mirror server synchronizes and stores the service data of the secure first area.
7. The system of claim 5, wherein the mobile terminal further comprises an SSL encryption module, wherein:
the SSL encryption module is used for encrypting the service data access request through an SSL secure socket layer before the mobile terminal sends the service data access request and the digital certificate to the power distribution network mobile application server, so as to obtain a json character string ciphertext, and therefore the mobile terminal can send the service data access request converted into the json character string ciphertext to the power distribution network mobile application server.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810990771.8A CN108966216B (en) | 2018-08-28 | 2018-08-28 | Mobile communication method and system applied to power distribution network |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810990771.8A CN108966216B (en) | 2018-08-28 | 2018-08-28 | Mobile communication method and system applied to power distribution network |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108966216A CN108966216A (en) | 2018-12-07 |
| CN108966216B true CN108966216B (en) | 2021-07-30 |
Family
ID=64474608
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810990771.8A Active CN108966216B (en) | 2018-08-28 | 2018-08-28 | Mobile communication method and system applied to power distribution network |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108966216B (en) |
Families Citing this family (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109858800A (en) * | 2019-01-28 | 2019-06-07 | 云南电网有限责任公司瑞丽供电局 | Operation data KPI system mobile solution platform based on power distribution network |
| CN111200815A (en) * | 2019-12-31 | 2020-05-26 | 北京指掌易科技有限公司 | Information transmission method and device based on mobile application |
| CN111698248B (en) * | 2020-06-11 | 2021-06-11 | 杭州商湾网络科技有限公司 | Network authorization management method and system based on label |
| CN112163211A (en) * | 2020-10-16 | 2021-01-01 | 云南电网有限责任公司丽江供电局 | Power distribution net cage management method and device, computer equipment and storage medium |
| CN113347004A (en) * | 2021-06-04 | 2021-09-03 | 南京华盾电力信息安全测评有限公司 | Encryption method for power industry |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401905A (en) * | 2013-07-19 | 2013-11-20 | 中国南方电网有限责任公司 | Mobile application platform system for power grid scheduling based on mobile intelligent terminal |
| CN104065485A (en) * | 2014-07-04 | 2014-09-24 | 中国南方电网有限责任公司 | Power grid dispatching mobile platform safety guaranteeing and controlling method |
| CN104202338A (en) * | 2014-09-23 | 2014-12-10 | 中国南方电网有限责任公司 | Secure access method applicable to enterprise-level mobile applications |
| CN107276997A (en) * | 2017-06-06 | 2017-10-20 | 云南电网有限责任公司信息中心 | A kind of intelligent cut-in method, the apparatus and system of electric power mobile application terminal |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106656457A (en) * | 2015-10-30 | 2017-05-10 | 深圳市中兴微电子技术有限公司 | Method, device and system for safe access of data based on VPN |
-
2018
- 2018-08-28 CN CN201810990771.8A patent/CN108966216B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103401905A (en) * | 2013-07-19 | 2013-11-20 | 中国南方电网有限责任公司 | Mobile application platform system for power grid scheduling based on mobile intelligent terminal |
| CN104065485A (en) * | 2014-07-04 | 2014-09-24 | 中国南方电网有限责任公司 | Power grid dispatching mobile platform safety guaranteeing and controlling method |
| CN104202338A (en) * | 2014-09-23 | 2014-12-10 | 中国南方电网有限责任公司 | Secure access method applicable to enterprise-level mobile applications |
| CN107276997A (en) * | 2017-06-06 | 2017-10-20 | 云南电网有限责任公司信息中心 | A kind of intelligent cut-in method, the apparatus and system of electric power mobile application terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108966216A (en) | 2018-12-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN108966216B (en) | Mobile communication method and system applied to power distribution network | |
| CN101401387B (en) | Access control protocol for embedded devices | |
| CN104754582B (en) | Safeguard the client and method of BYOD safety | |
| CN109729180A (en) | Entirety is intelligence community platform | |
| CN201194396Y (en) | Safe gateway platform based on transparent proxy gateway | |
| RU2676896C2 (en) | Method and system related to authentication of users for accessing data networks | |
| US20080150753A1 (en) | Secure Data Transfer In A Communication System Including Portable Meters | |
| CN106657011A (en) | Business server authorized secure access method | |
| CN108200037B (en) | Method and system for executing security operation by using security device | |
| CN111586021B (en) | Remote office business authorization method, terminal and system | |
| CN108881309A (en) | Access method, device, electronic equipment and the readable storage medium storing program for executing of big data platform | |
| CN102916965A (en) | Safety authentication mechanism and safety authentication system thereof for cloud service interfaces | |
| CN102984045A (en) | Access method of Virtual Private Network and Virtual Private Network client | |
| CN114866346B (en) | Password service platform based on decentralization | |
| CN111797378A (en) | Multiple identity management authentication platform of people's society information | |
| CN110138779A (en) | A kind of Hadoop platform security control method based on multi-protocols reverse proxy | |
| RU2474073C2 (en) | Network and method for initialising trust centre link key | |
| CN101443777B (en) | Network system | |
| CN113872940A (en) | Access control method, device and equipment based on NC-Link | |
| CN110602133B (en) | Intelligent contract processing method, block chain management device and storage medium | |
| CN102404114A (en) | Monitoring method and system both for Web service | |
| CN111917798A (en) | Internet of things terminal management and control and secure communication method | |
| US9232078B1 (en) | Method and system for data usage accounting across multiple communication networks | |
| KR20210123518A (en) | Systems that support smart work | |
| CN114466038B (en) | Communication protection system of electric power thing networking |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |