CN109450854A - A kind of distribution terminal communication security protection method and system - Google Patents

A kind of distribution terminal communication security protection method and system Download PDF

Info

Publication number
CN109450854A
CN109450854A CN201811184146.0A CN201811184146A CN109450854A CN 109450854 A CN109450854 A CN 109450854A CN 201811184146 A CN201811184146 A CN 201811184146A CN 109450854 A CN109450854 A CN 109450854A
Authority
CN
China
Prior art keywords
distribution terminal
distribution
message
algorithm
key
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201811184146.0A
Other languages
Chinese (zh)
Inventor
徐俊
许光
杨乔
秦卫东
胡波
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhuhai XJ Electric Co Ltd
Zhuhai Xujizhi Power System Automation Co Ltd
Original Assignee
Zhuhai XJ Electric Co Ltd
Zhuhai Xujizhi Power System Automation Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhuhai XJ Electric Co Ltd, Zhuhai Xujizhi Power System Automation Co Ltd filed Critical Zhuhai XJ Electric Co Ltd
Priority to CN201811184146.0A priority Critical patent/CN109450854A/en
Publication of CN109450854A publication Critical patent/CN109450854A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0869Network architectures or network communication protocols for network security for authentication of entities for achieving mutual authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Small-Scale Networks (AREA)

Abstract

The present invention relates to a kind of distribution terminal communication security protection method and system, avoid electrical power distribution automatization system main website and distribution terminal by network attack, so that it is guaranteed that the safe and reliable power supply of distribution system.It the described method comprises the following steps: A, providing front server between distribution main website and distribution terminal, securely communicate distribution main website with distribution terminal by front server and dock;B, after front server and distribution terminal communication connection are established, initiation bidirectional identity authentication enters key agreement after communicating pair authentication success first;If C, key agreement passes through, normal service communication link is entered between Ze Shi distribution main website and distribution terminal.

Description

A kind of distribution terminal communication security protection method and system
Technical field
The present invention relates to a kind of distribution terminal communication security protection method and system, belong to power equipment safety technology neck Domain.
Background technique
Power system security regulation of protection ensures electric power monitoring system to reinforce electrical power distribution automatization system security protection Safety, electrical power distribution automatization system main website is communicated with distribution terminal must have safety prevention measure.Live distribution terminal is main Access electrical power distribution automatization system by communication modes such as optical fiber, wireless networks, due to current safety prevention measure it is relatively weak with And the enhancing of hacker attack means, cause multi-point and wide-ranging, widely distributed electrical power distribution automatization system to face from public network or private network Network attack risk, and then influence safe and reliable power supply of the distribution system to user, meanwhile, current international security situation occurs New variation, attacker, which exists, reports the modes twisting attack main websites such as fault message by mistake by distribution terminal, in turn results in bigger The security threat of range.
In addition, as shown in Figure 1, currently on the market, electrical power distribution automatization system terminal communication security protection measure is only for matching The encryption of communication channel between electric main website and distribution terminal is realized in such a way that safety device is installed at communication channel both ends Safeguard protection to channel cannot avoid completely distribution main website and distribution terminal by network attack.Communication channel encryption technology Deficiency be: communication channel encryption technology plays the privacy functions of application data, can prevent useful data information leakage It is utilized, but the technology cannot be guaranteed the integrality using data;Prior art communicating pair can not identify mutually other side's Legal identity information;Communication channel encryption technology can not selectivity application data encryption, flexibility is insufficient, low efficiency;It is logical Letter channel encryption technology not can solve between distribution terminal and terminal side safety device, distribution main website and main website side safety device Link safety problem.
Summary of the invention
The present invention provides a kind of distribution terminal communication security protection method and system, avoid electrical power distribution automatization system main website and Distribution terminal is by network attack, so that it is guaranteed that the safe and reliable power supply of distribution system.
Technical solution of the present invention first aspect be a kind of distribution terminal communication security protection method, the method includes with Lower step:
A, front server is provided between distribution main website and distribution terminal, distribution main website is made to pass through front server and match Electric terminals securely communicate docking;
B, after front server and distribution terminal communication connection are established, bidirectional identity authentication, communicating pair body are initiated first After part authenticates successfully, key agreement is entered;
If C, key agreement passes through, normal service communication link is entered between Ze Shi distribution main website and distribution terminal.
Further, the step A includes configuring to front server:
Symmetrical enciphering and deciphering algorithm, asymmetric enciphering and deciphering algorithm, digest algorithm or signature sign test algorithm;
The key management of legal distribution terminal in database and digital certificate management;
With after the link establishment of distribution terminal bidirectional identity authentication, using message protocol extension, key and certificate management Message communication is handled using message encryption and decryption, using message signature sign test processing.
Further, the step A includes to each distribution terminal or every group of distribution terminal configuration:
Symmetrical enciphering and deciphering algorithm, asymmetric enciphering and deciphering algorithm, digest algorithm or signature sign test algorithm;
With the associated cipher key interaction feature of physical message and digital certificate interaction feature of this distribution terminal;
With after the link establishment of front server bidirectional identity authentication, using message protocol extension, key and certificate pipe Message communication is managed, is handled using message encryption and decryption, using message signature sign test processing.
Further, the step B includes:
According to the permission of each distribution terminal or the priority of security level, the certification number with distribution terminal is screened, and According to the low to high of security level, the higher Encryption Algorithm of level of encryption and authentication mode are selected.
Further, the step C includes:
During service communication, type of message is applied in identification, and selective application data encrypt/decrypt, pluck It handles, signature/sign test processing, time-stamp Recognition.
Technical solution of the present invention second aspect is a kind of distribution terminal communication security protection system, including is arranged in distribution Front server between main website and distribution terminal, the front server include
Encryption Algorithm realizes module, for providing symmetrical enciphering and deciphering algorithm, asymmetric enciphering and deciphering algorithm, digest algorithm or label Name sign test algorithm;
Key certificate management module, for managing the key and digital certificate of whole distribution main website and all distribution terminals;
Application protocol expansion module, for after the link establishment with distribution terminal bidirectional identity authentication, assist using message View extension, key and certificate management message communication are handled using message encryption and decryption, using message signature sign test processing.
Further, the distribution terminal is provided with corresponding Encryption Algorithm and realizes module, key certificate interactive module and answer With protocol extension module, it is respectively used to:
Symmetrical enciphering and deciphering algorithm, asymmetric enciphering and deciphering algorithm, digest algorithm or signature sign test algorithm;
With the associated cipher key interaction feature of physical message and digital certificate interaction feature of this distribution terminal;
With after the link establishment of front server bidirectional identity authentication, using message protocol extension, key and certificate pipe Message communication is managed, is handled using message encryption and decryption, using message signature sign test processing.
The technical solution of the present invention third aspect is a kind of computer system, including memory, processor and being stored in is deposited On reservoir and the computer program that can run on a processor, the processor realize above-mentioned side when executing described program Method.
Technical solution of the present invention fourth aspect is a kind of computer readable storage medium, stores computer journey thereon Sequence, the computer program realize above-mentioned method when being executed by processor.
The invention has the benefit that
1) safety prevention measure is deep into inside distribution main website and distribution terminal, and protective range covers all around, no safety Dead angle;
2) have bidirectional identity authentication mechanism, effectively prevent hacker and pretend masquerading;
It 3) can flexible choice encryption policy, it is ensured that improve communication efficiency in the case of significant data privacy;
4) secondary identity legitimacy identification is carried out to significant data by digital signature, guarantees the identity peace of important instruction Entirely;
5) communications applications message is attached to timestamp mark, can effectively take precautions against Replay Attack.
Detailed description of the invention
Fig. 1 show the mode of channel encryption in the prior art.
Fig. 2 show schematic diagram according to the solution of the present invention.
Fig. 3 show general flow chart according to the method for the present invention.
Specific embodiment
It is carried out below with reference to technical effect of the embodiment and attached drawing to design of the invention, specific structure and generation clear Chu, complete description, to be completely understood by the purpose of the present invention, scheme and effect.
It should be noted that unless otherwise specified, when a certain feature referred to as " fixation ", " connection " are in another feature, It can directly fix, be connected to another feature, and can also fix, be connected to another feature indirectly.This paper institute The use of any and all example or exemplary language (" such as ", " such as ") provided is intended merely to that the present invention is better described Embodiment otherwise the scope of the present invention will not be applied and be limited and unless the context requires otherwise.
With reference to Fig. 2, distribution terminal security protection system according to the present invention include distribution main website, distribution terminal and they Between communication channel need to change distribution main website, distribution terminal, communication mechanism using application layer encryption guard technology It makes.
For distribution main website, the data communication with distribution terminal is responsible for by front server, therefore terminal communicates level Security protection is realized by the software function module inside front server, mainly increases 3 functional modules newly, is that encryption is calculated respectively Method realizes module, key certificate management module, application protocol expansion module.Encryption Algorithm realizes that module provides various symmetrical plus solution Close algorithm, asymmetric enciphering and deciphering algorithm, digest algorithm, signature sign test algorithm etc.;Key certificate management module is responsible for whole distribution master It stands and the key management of all distribution terminals and digital certificate management, including key pair generates, key updating and recovery, number card Inteilectual at and publication;Application protocol expansion module is nucleus module, bidirectional identity authentication, application after being mainly responsible for link establishment Message protocol extension, key and certificate management message communication are handled using message encryption and decryption, using message signature sign test processing.
Distribution terminal is that Encryption Algorithm realizes module, key certificate interaction respectively also by newly-increased 3 Implement of Function Module Module, application protocol expansion module.It realizes that function is similar to distribution main website.
After front server and distribution terminal communication connection are established, bidirectional identity authentication, communicating pair identity are initiated first After authenticating successfully, key agreement is entered, normal service communication link can be entered after the completion of key agreement.In service communication In the process, application protocol expansion module automatic identification application type of message, selective application data encrypt/decrypt, A series of processing such as abstract processing, signature/sign test processing, time-stamp Recognition.
In the above scheme, application layer encryption guard technology scheme includes following characteristics:
1) security protection is deep into inside distribution main website and distribution terminal, realizes application by expanding application layer protocol mode Data safety;
2) after communication link is established before session start, distribution main website and distribution terminal carry out bidirectional identity authentication identification;
3) flexible choice encryption policy application data selective encryption, it is ensured that significant data privacy;
4) digital signature technology is used, application data is selectively digitally signed, and guarantees that the identity of important instruction is closed Method identification;
5) communications applications message is attached to timestamp mark, anti-replay-attack;
6) key and certificate management mechanism, Safeguard tactics are customized by user flexibility, it is ensured that key safety, certificate management It is convenient.
Referring to Fig. 3, according to the method for the present invention the following steps are included:
A, front server is provided between distribution main website and distribution terminal, distribution main website is made to pass through front server and match Electric terminals securely communicate docking;
B, after front server and distribution terminal communication connection are established, bidirectional identity authentication, communicating pair body are initiated first After part authenticates successfully, key agreement is entered;
If C, key agreement passes through, normal service communication link is entered between Ze Shi distribution main website and distribution terminal.
Further, the step A includes configuring to front server: symmetrical enciphering and deciphering algorithm, asymmetric enciphering and deciphering algorithm, Digest algorithm or signature sign test algorithm;The key management of legal distribution terminal in database and digital certificate management;With distribution Bidirectional identity authentication after the link establishment of terminal, using message protocol extension, key and certificate management message communication, using report Literary encryption and decryption processing is handled using message signature sign test.
Further, the step A includes to each distribution terminal or every group of distribution terminal configuration: symmetrical encryption and decryption is calculated Method, asymmetric enciphering and deciphering algorithm, digest algorithm or signature sign test algorithm;Physical message with this distribution terminal is (for example, distribution is whole The unique ID of the factory at end, network physical address etc.) associated cipher key interaction feature and digital certificate interaction feature;With preposition service Bidirectional identity authentication after the link establishment of device, using message protocol extension, key and certificate management message communication, using message Encryption and decryption processing is handled using message signature sign test.
Further, the step B includes: the priority of the permission or security level according to each distribution terminal, screening with The certification number of distribution terminal, and according to the low to high of security level, select the higher Encryption Algorithm of level of encryption and authenticating party Formula.It can more efficiently processing terminal authenticate in this way.The security level of distribution terminal can be preset according to the actual situation, can be with It is adapted to according to the physical location of distribution terminal.
Further, the step C includes: during service communication, and type of message is applied in identification, selective to application Data encrypt/decrypt, abstract processing, signature/sign test processing, time-stamp Recognition.
In the particular embodiment, above-mentioned Encryption Algorithm is, for example, MD5, RSA, DES scheduling algorithm.MD5 is will be arbitrarily long " byte serial " of degree is transformed into the big integer of a 128bit, and it is an irreversible character string transformation algorithm, changes sentence It talks about and is exactly, even if you see source program and algorithm description, the value of a MD5 can not also be switched back to original character string, from It is said on mathematical principle, is because original character string has infinite multiple, this is somewhat like the mathematical function there is no inverse function.RSA Data encryption can be used for and can be used for the algorithm of digital signature by being first.It should be readily appreciated that and operates, also popular, but The safety of RSA fails to obtain theoretic proof always, it experienced various attacks, is not broken through completely so far.DES algorithm For the DSE arithmetic in cipher system, be otherwise known as Data Encryption Standard, is that IBM Corporation, the U.S. in 1972 develops DSE arithmetic Encryption Algorithm.It is grouped in plain text by 64, key is 64 long, and key is in fact 56 participation DES fortune Plaintext group after calculating (the 8th, 16,24,32,40,48,56,64 is check bit, so that each key has odd number 1) grouping The encryption method of ciphertext group is formed with 56 key step-by-step substitutions or the method for exchange.
It should be appreciated that embodiment of the method for the invention can be by computer hardware, the combination of hardware and software or logical The computer instruction that is stored in non-transitory computer-readable memory is crossed to be effected or carried out.Mark can be used in the method Quasi- programming technique.Each program can be realized with the programming language of level process or object-oriented with logical with computer system Letter.However, if desired, the program can be realized with compilation or machine language.Under any circumstance, the language can be compiling or The language of explanation.In addition, the program can be run on the specific integrated circuit of programming for this purpose.
In addition, the operation of process described herein can be performed in any suitable order, unless herein in addition instruction or Otherwise significantly with contradicted by context.Process described herein (or modification and/or combination thereof) can be held being configured with It executes, and is can be used as jointly on the one or more processors under the control of one or more computer systems of row instruction The code (for example, executable instruction, one or more computer program or one or more application) of execution, by hardware or its group It closes to realize.The computer program includes the multiple instruction that can be performed by one or more processors.
Further, the method can be realized in being operably coupled to suitable any kind of computing platform, wrap Include but be not limited to PC, mini-computer, main frame, work station, network or distributed computing environment, individual or integrated Computer platform or communicated with charged particle tool or other imaging devices etc..Each aspect of the present invention can be to deposit The machine readable code on non-transitory storage medium or equipment is stored up to realize no matter be moveable or be integrated to calculating Platform, such as hard disk, optical reading and/or write-in storage medium, RAM, ROM, so that it can be read by programmable calculator, when Storage medium or equipment can be used for configuration and operation computer to execute process described herein when being read by computer.This Outside, machine readable code, or part thereof can be transmitted by wired or wireless network.When such media include combining microprocessor Or other data processors realize steps described above instruction or program when, invention as described herein including these and other not The non-transitory computer-readable storage media of same type.When methods and techniques according to the present invention programming, the present invention It further include computer itself.
Computer program can be applied to input data to execute function as described herein, to convert input data with life At storing to the output data of nonvolatile memory.Output information can also be applied to one or more output equipments as shown Device.In the preferred embodiment of the invention, the data of conversion indicate physics and tangible object, including the object generated on display Reason and the particular visual of physical objects are described.
The above, only presently preferred embodiments of the present invention, the invention is not limited to above embodiment, as long as It reaches technical effect of the invention with identical means, all within the spirits and principles of the present invention, any modification for being made, Equivalent replacement, improvement etc., should be included within the scope of the present invention.Its technical solution within the scope of the present invention And/or embodiment can have a variety of different modifications and variations.

Claims (9)

1. a kind of distribution terminal communication security protection method, which is characterized in that the described method comprises the following steps:
A, front server is provided between distribution main website and distribution terminal, keeps distribution main website whole by front server and distribution End securely communicates docking;
B, after front server and distribution terminal communication connection are established, initiation bidirectional identity authentication, communicating pair identity are recognized first After demonstrate,proving successfully, key agreement is entered;
If C, key agreement passes through, normal service communication link is entered between Ze Shi distribution main website and distribution terminal.
2. the method according to claim 1, wherein the step A includes configuring to front server:
Symmetrical enciphering and deciphering algorithm, asymmetric enciphering and deciphering algorithm, digest algorithm or signature sign test algorithm;
The key management of legal distribution terminal in database and digital certificate management;
With after the link establishment of distribution terminal bidirectional identity authentication, using message protocol extension, key and certificate management message Communication is handled using message encryption and decryption, using message signature sign test processing.
3. method according to claim 1 or 2, which is characterized in that the step A includes to each distribution terminal or often Group distribution terminal configuration:
Symmetrical enciphering and deciphering algorithm, asymmetric enciphering and deciphering algorithm, digest algorithm or signature sign test algorithm;
With the associated cipher key interaction feature of physical message and digital certificate interaction feature of this distribution terminal;
With after the link establishment of front server bidirectional identity authentication, using message protocol extension, key and certificate management report Text communication is handled using message encryption and decryption, using message signature sign test processing.
4. the method according to claim 1, wherein the step B includes:
According to the permission of each distribution terminal or the priority of security level, the certification number of screening and distribution terminal, and according to Low to high, the higher Encryption Algorithm of selection level of encryption and the authentication mode of security level.
5. the method according to claim 1, wherein the step C includes:
During service communication, type of message is applied in identification, and selective application data encrypt/decrypt, at abstract Reason, signature/sign test processing, time-stamp Recognition.
6. a kind of distribution terminal communication security protection system, which is characterized in that including setting distribution main website and distribution terminal it Between front server, which includes
Encryption Algorithm realizes module, tests for providing symmetrical enciphering and deciphering algorithm, asymmetric enciphering and deciphering algorithm, digest algorithm or signature Sign algorithm;
Key certificate management module, for managing the key and digital certificate of whole distribution main website and all distribution terminals;
Application protocol expansion module, for after the link establishment with distribution terminal bidirectional identity authentication, expand using message protocol Exhibition, key and certificate management message communication are handled using message encryption and decryption, using message signature sign test processing.
7. distribution terminal communication security protection system according to claim 6, which is characterized in that the distribution terminal setting There is corresponding Encryption Algorithm to realize module, key certificate interactive module and application protocol expansion module, be respectively used to:
Symmetrical enciphering and deciphering algorithm, asymmetric enciphering and deciphering algorithm, digest algorithm or signature sign test algorithm;
With the associated cipher key interaction feature of physical message and digital certificate interaction feature of this distribution terminal;
With after the link establishment of front server bidirectional identity authentication, using message protocol extension, key and certificate management report Text communication is handled using message encryption and decryption, using message signature sign test processing.
8. a kind of computer system, can run on a memory and on a processor including memory, processor and storage Computer program, which is characterized in that the processor realizes such as any one of claims 1 to 5 right when executing described program It is required that the method.
9. a kind of computer readable storage medium, stores computer program thereon, the computer program is executed by processor Method of the Shi Shixian as described in any one of claims 1 to 5 claim.
CN201811184146.0A 2018-10-11 2018-10-11 A kind of distribution terminal communication security protection method and system Pending CN109450854A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201811184146.0A CN109450854A (en) 2018-10-11 2018-10-11 A kind of distribution terminal communication security protection method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201811184146.0A CN109450854A (en) 2018-10-11 2018-10-11 A kind of distribution terminal communication security protection method and system

Publications (1)

Publication Number Publication Date
CN109450854A true CN109450854A (en) 2019-03-08

Family

ID=65545440

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201811184146.0A Pending CN109450854A (en) 2018-10-11 2018-10-11 A kind of distribution terminal communication security protection method and system

Country Status (1)

Country Link
CN (1) CN109450854A (en)

Cited By (9)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109725565A (en) * 2018-12-07 2019-05-07 深圳供电局有限公司 Main and auxiliary cooperation real-time control interaction method
CN110365478A (en) * 2019-07-05 2019-10-22 上海瀚之友信息技术服务有限公司 A kind of management system and management method of integration protocol authentication means
CN110505240A (en) * 2019-09-12 2019-11-26 山东浪潮人工智能研究院有限公司 One kind being based on server and client side's communication protocol implementation method
CN112104604A (en) * 2020-08-07 2020-12-18 国电南瑞科技股份有限公司 System and method for realizing safety access service based on electric power internet of things management platform
CN112367664A (en) * 2020-09-23 2021-02-12 国家电网有限公司 Method and device for safely accessing external equipment to intelligent electric meter
CN113395352A (en) * 2021-06-21 2021-09-14 国网上海能源互联网研究院有限公司 Detection method and system suitable for distribution Internet of things service safety
CN113839921A (en) * 2021-08-24 2021-12-24 深圳供电局有限公司 Data processing method, data processing device, computer equipment and storage medium
CN114374550A (en) * 2021-12-29 2022-04-19 南方电网海南数字电网研究院有限公司 Electric power measurement platform that possesses high security
CN114401209A (en) * 2021-12-10 2022-04-26 国网浙江省电力有限公司金华供电公司 Main station three-remote debugging device and debugging method

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103095696A (en) * 2013-01-09 2013-05-08 中国电力科学研究院 Identity authentication and key agreement method suitable for electricity consumption information collection system
US9054878B2 (en) * 2012-11-28 2015-06-09 Lsis Co., Ltd. System and method for security authentication of power system
CN106789015A (en) * 2016-12-22 2017-05-31 贵州电网有限责任公司电力科学研究院 A kind of intelligent distribution network communication security system
CN107018134A (en) * 2017-04-06 2017-08-04 北京中电普华信息技术有限公司 A kind of distribution terminal secure accessing platform and its implementation
CN107302428A (en) * 2017-05-26 2017-10-27 北京国电通网络技术有限公司 The machinery of consultation of the cryptographic algorithm of data transport services in a kind of power distribution network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9054878B2 (en) * 2012-11-28 2015-06-09 Lsis Co., Ltd. System and method for security authentication of power system
CN103095696A (en) * 2013-01-09 2013-05-08 中国电力科学研究院 Identity authentication and key agreement method suitable for electricity consumption information collection system
CN106789015A (en) * 2016-12-22 2017-05-31 贵州电网有限责任公司电力科学研究院 A kind of intelligent distribution network communication security system
CN107018134A (en) * 2017-04-06 2017-08-04 北京中电普华信息技术有限公司 A kind of distribution terminal secure accessing platform and its implementation
CN107302428A (en) * 2017-05-26 2017-10-27 北京国电通网络技术有限公司 The machinery of consultation of the cryptographic algorithm of data transport services in a kind of power distribution network

Cited By (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109725565A (en) * 2018-12-07 2019-05-07 深圳供电局有限公司 Main and auxiliary cooperation real-time control interaction method
CN110365478A (en) * 2019-07-05 2019-10-22 上海瀚之友信息技术服务有限公司 A kind of management system and management method of integration protocol authentication means
CN110505240A (en) * 2019-09-12 2019-11-26 山东浪潮人工智能研究院有限公司 One kind being based on server and client side's communication protocol implementation method
CN112104604A (en) * 2020-08-07 2020-12-18 国电南瑞科技股份有限公司 System and method for realizing safety access service based on electric power internet of things management platform
CN112104604B (en) * 2020-08-07 2024-03-29 国电南瑞科技股份有限公司 System and method for realizing secure access service based on electric power Internet of things management platform
CN112367664B (en) * 2020-09-23 2024-03-01 国家电网有限公司 Method and device for safely accessing external equipment into intelligent ammeter
CN112367664A (en) * 2020-09-23 2021-02-12 国家电网有限公司 Method and device for safely accessing external equipment to intelligent electric meter
CN113395352A (en) * 2021-06-21 2021-09-14 国网上海能源互联网研究院有限公司 Detection method and system suitable for distribution Internet of things service safety
CN113839921A (en) * 2021-08-24 2021-12-24 深圳供电局有限公司 Data processing method, data processing device, computer equipment and storage medium
CN113839921B (en) * 2021-08-24 2023-09-15 深圳供电局有限公司 Data processing method, device, computer equipment and storage medium
CN114401209A (en) * 2021-12-10 2022-04-26 国网浙江省电力有限公司金华供电公司 Main station three-remote debugging device and debugging method
CN114401209B (en) * 2021-12-10 2024-04-16 国网浙江省电力有限公司金华供电公司 Master station three-remote debugging device and debugging method
CN114374550A (en) * 2021-12-29 2022-04-19 南方电网海南数字电网研究院有限公司 Electric power measurement platform that possesses high security
CN114374550B (en) * 2021-12-29 2024-07-19 南方电网海南数字电网研究院有限公司 Electric power metering platform with high safety

Similar Documents

Publication Publication Date Title
CN109450854A (en) A kind of distribution terminal communication security protection method and system
CN103067401B (en) Method and system for key protection
US10601801B2 (en) Identity authentication method and apparatus
CN104079581B (en) Identity identifying method and equipment
CN108347419A (en) Data transmission method and device
US9253162B2 (en) Intelligent card secure communication method
CN110532735A (en) Firmware upgrade method
CN103078742B (en) Generation method and system of digital certificate
CN110401615A (en) A kind of identity identifying method, device, equipment, system and readable storage medium storing program for executing
JP2020530726A (en) NFC tag authentication to remote servers with applications that protect supply chain asset management
CN106060078B (en) User information encryption method, register method and verification method applied to cloud platform
CN106416123A (en) Password-based authentication
CN103684766A (en) Private key protection method and system for terminal user
CN109474419A (en) A kind of living body portrait photo encryption and decryption method and encrypting and deciphering system
CN108683674A (en) Verification method, device, terminal and the computer readable storage medium of door lock communication
CN104394172A (en) Single sign-on device and method
WO2021231087A1 (en) Constructing a distributed ledger transaction on a cold hardware wallet
CN111131416A (en) Business service providing method and device, storage medium and electronic device
CN111435390A (en) Safety protection method for operation and maintenance tool of power distribution terminal
CN113868713B (en) Data verification method and device, electronic equipment and storage medium
CN111585995A (en) Method and device for transmitting and processing safety wind control information, computer equipment and storage medium
CN111435389A (en) Power distribution terminal operation and maintenance tool safety protection system
CN110166471A (en) A kind of portal authentication method and device
CN112600667B (en) Key negotiation method, device, equipment and storage medium
CN102571341B (en) A kind of Verification System based on dynamic image and authentication method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20190308

RJ01 Rejection of invention patent application after publication