CN109862028B - Data security access system - Google Patents
Data security access system Download PDFInfo
- Publication number
- CN109862028B CN109862028B CN201910159179.8A CN201910159179A CN109862028B CN 109862028 B CN109862028 B CN 109862028B CN 201910159179 A CN201910159179 A CN 201910159179A CN 109862028 B CN109862028 B CN 109862028B
- Authority
- CN
- China
- Prior art keywords
- time data
- real
- data
- access server
- messages
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Alarm Systems (AREA)
- Computer And Data Communications (AREA)
Abstract
The invention provides a data security access system, which comprises a plurality of monitoring devices, intelligent electronic equipment and a security access server; each monitored device is connected with a plurality of monitoring devices, and the monitoring devices are used for acquiring various real-time data from the monitored devices; packaging the real-time data which accord with a preset safety rule, and acquiring and uploading various real-time data messages to the intelligent electronic equipment; the intelligent electronic equipment is connected with the monitoring devices and is used for receiving various real-time data messages and uploading the various real-time data messages to the safety access server; the safety access server is connected with the intelligent electronic equipment and is used for receiving various real-time data messages; unpacking the multiple real-time data messages according to multiple preset model files corresponding to the multiple real-time data messages to obtain multiple real-time data; when one of the real-time data is not in the preset range, the abnormal data alarm data is output, so that the abnormal data can be found in time, and the system vulnerability is solved.
Description
Technical Field
The invention relates to the field of data security, in particular to a data security access system.
Background
At present, the existing access mode of data is: data acquired by the monitoring device of each manufacturer are uploaded to the background server of the manufacturer through the protocol converter, and the background server of each manufacturer pushes the data to the upper system. Due to the fact that a background server of a manufacturer is not maintained timely in the later period, system bugs frequently occur, abnormal data cannot be found timely, and certain safety risks are brought to safe operation of the system.
Disclosure of Invention
The embodiment of the invention mainly aims to provide a data security access system, discover abnormal data in time and solve system bugs.
In order to achieve the above object, an embodiment of the present invention provides a data security access system, which is connected to a plurality of monitored devices, and includes: the system comprises a plurality of monitoring devices, intelligent electronic equipment and a safety access server; wherein each monitored device is connected with a plurality of monitoring devices of different types;
the monitoring device is used for:
acquiring various real-time data from monitored equipment; judging whether each real-time data accords with a preset safety rule or not; when the real-time data accords with a preset safety rule, packaging the real-time data to obtain various real-time data messages; uploading various real-time data messages to the intelligent electronic equipment;
the intelligent electronic equipment is connected with a plurality of monitoring devices for: receiving various real-time data messages, and uploading the various real-time data messages to the secure access server;
the safety access server is connected with the intelligent electronic equipment and used for: receiving various real-time data messages; unpacking the multiple real-time data messages according to multiple preset model files corresponding to the multiple real-time data messages to obtain multiple real-time data; judging whether each real-time data is in a corresponding preset range; and when one of the real-time data is not in the preset range, outputting abnormal data alarm data.
In one embodiment, the secure access server is further configured to:
judging whether a real-time data message is lacked according to the model file; and when the real-time data message is lacked, outputting data missing alarm data.
In one embodiment, the secure access server is further configured to:
and when the real-time data message is not lacked and each kind of real-time data is within a preset range, storing each kind of real-time data.
In one embodiment, the data security access system further includes: the master station server is connected with the safe access server;
the secure access server is further configured to: uploading the real-time data to a master station server;
the master station server is used for: checking whether the real-time data is qualified; and when the real-time data is qualified, storing the real-time data.
In one embodiment, the model file is an intelligent electronic device performance description model file.
In one embodiment, the monitoring device is specifically configured to:
and packaging the multiple real-time data according to the IEC61850 communication protocol to obtain multiple real-time data messages.
The data security access system of the embodiment of the invention comprises: the system comprises a plurality of monitoring devices, intelligent electronic equipment and a safety access server; each monitored device is connected with a plurality of monitoring devices of different types; the monitoring device is used for acquiring real-time data from the monitored device; when the real-time data accords with a preset safety rule, packaging the real-time data to obtain a real-time data message; the intelligent electronic equipment is connected with the monitoring devices and is used for receiving various real-time data messages and uploading the various real-time data messages to the safety access server; the safety access server is connected with the intelligent electronic equipment and is used for unpacking various real-time data messages according to a preset model file corresponding to the real-time data messages to obtain various real-time data; judging whether each real-time data is in a corresponding preset range; when one of the real-time data is not in the preset range, the abnormal data alarm data is output, so that the abnormal data can be found in time, the abnormal information is provided for operation and maintenance personnel, and the system loophole is solved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art that other drawings can be obtained based on these drawings without creative efforts.
Fig. 1 is a schematic structural diagram of a data security access system in an embodiment of the present invention;
fig. 2 is a schematic structural diagram of a data security access system in another embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
In view of the fact that the existing data access mode cannot find abnormal data and system bugs in time at present, and brings certain security risks to the safe operation of the system, the embodiment of the invention provides a data secure access system which can find abnormal data in time and solve the system bugs. The present invention will be described in detail below with reference to the accompanying drawings.
Fig. 1 is a schematic structural diagram of a data security access system in an embodiment of the present invention. As shown in fig. 1, the data security access system is connected to a plurality of monitored devices, and includes: the system comprises a plurality of monitoring devices, intelligent electronic equipment and a safety access server; wherein each monitored apparatus is connected to a plurality of different types of monitoring devices (not shown in fig. 1);
the monitoring device is used for:
acquiring various real-time data from monitored equipment; judging whether each real-time data accords with a preset safety rule or not; when the real-time data accords with a preset safety rule, packaging the real-time data to obtain various real-time data messages; uploading various real-time data messages to the intelligent electronic equipment;
the intelligent electronic equipment is connected with a plurality of monitoring devices for: receiving various real-time data messages, and uploading the various real-time data messages to the secure access server;
the safety access server is connected with the intelligent electronic equipment and used for: receiving various real-time data messages; unpacking the multiple real-time data messages according to multiple preset model files corresponding to the multiple real-time data messages to obtain multiple real-time data; judging whether each real-time data is in a corresponding preset range; and when one of the real-time data is not in the preset range, outputting abnormal data alarm data.
In one embodiment, the secure access server is further configured to:
judging whether a real-time data message is lacked according to the model file; and when the real-time data message is lacked, outputting data missing alarm data. The data missing alarm data can be output to a display connected with the safety access server for displaying.
In specific implementation, because the type of the model file corresponds to the type of the real-time data message, whether the real-time data message is missing can be judged according to the model file, and data missing alarm data is output to a display connected with the safety access server for displaying according to the missing message, so that a worker can conveniently maintain the corresponding monitored equipment or monitoring device according to the data missing alarm data.
In one embodiment, the secure access server is further configured to:
and when the real-time data message is not lacked and each kind of real-time data is within a preset range, storing each kind of real-time data. The display can call the real-time data for the staff to view.
The real-time data are all stored in an SQL Server database corresponding to an IP address, a user name and a password. In the prior art, the server of each manufacturer corresponds to one IP address, so that monitoring data are uploaded to a plurality of station-side servers, a plurality of IP addresses are occupied, and the operation and maintenance of the system in the later period are not facilitated. The method and the system have the advantages that only one safety access server corresponds to one IP address, the user name and the password, and useless ports are forbidden uniformly, so that the server is convenient to maintain in the later period, the maintenance cost is reduced, and the maintenance fund is saved.
Fig. 2 is a schematic structural diagram of a data security access system in another embodiment of the present invention. As shown in fig. 2, the data security access system further includes: the master station server is connected with the safe access server;
the secure access server is further configured to: and uploading the real-time data to the master station server. The real-time data is stored in an SQL Server database.
The master station server is used for: checking whether the real-time data is qualified; and when the real-time data is qualified, storing the real-time data, otherwise refusing to accept the real-time data.
In one embodiment, the model file is an intelligent electronic device Capability Description (ICD) model file.
In one embodiment, the monitoring device is specifically configured to:
and packaging the multiple real-time data according to the IEC61850 communication protocol to obtain multiple real-time data messages.
In one embodiment, the intelligent electronic device may be connected to the secure access server via a network (e.g., an optical fiber), and the secure access server may be connected to the master station server via a network within the power system.
The specific process of the embodiment of the invention is as follows:
1. the monitoring device acquires various real-time data from the monitored equipment and judges whether each real-time data meets a preset safety rule or not.
2. When the real-time data accord with preset safety rules, the monitoring device packs various real-time data according to the IEC61850 communication protocol to obtain various real-time data messages, and uploads the various real-time data messages to the intelligent electronic equipment.
3. The intelligent electronic equipment receives various real-time data messages and uploads the various real-time data messages to the security access server.
4. The safety access server receives various real-time data messages, unpacks the various real-time data messages according to various preset intelligent electronic equipment performance description model files corresponding to the various real-time data messages, and obtains various real-time data.
5. The safety access server judges whether the real-time data message is lacked or not according to the model file; and when the real-time data message is lacked, outputting data missing alarm data to a display connected with the safe access server for displaying.
6. The safety access server judges whether each real-time data is in a corresponding preset range; and when one of the real-time data is not in the preset range, outputting abnormal data alarm data to a display connected with the safety access server for displaying.
7. And when the real-time data message is not lacked and each kind of real-time data is within a preset range, the safety access Server stores each kind of real-time data into the SQL Server database and uploads the real-time data to the master station Server.
8. The master station server checks whether the real-time data is qualified or not; and when the real-time data is qualified, storing the real-time data.
To sum up, the data security access system of the embodiment of the present invention includes: the system comprises a plurality of monitoring devices, intelligent electronic equipment and a safety access server; each monitored device is connected with a plurality of monitoring devices of different types; the monitoring device is used for acquiring real-time data from the monitored device; when the real-time data accords with a preset safety rule, packaging the real-time data to obtain a real-time data message; the intelligent electronic equipment is connected with the monitoring devices and is used for receiving various real-time data messages and uploading the various real-time data messages to the safety access server; the safety access server is connected with the intelligent electronic equipment and is used for unpacking various real-time data messages according to a preset model file corresponding to the real-time data messages to obtain various real-time data; judging whether each real-time data is in a corresponding preset range; when one of the real-time data is not in the preset range, the abnormal data alarm data is output, so that the abnormal data can be found in time, the abnormal information is provided for operation and maintenance personnel, and the system loophole is solved.
The above-mentioned embodiments are intended to illustrate the objects, technical solutions and advantages of the present invention in further detail, and it should be understood that the above-mentioned embodiments are only exemplary embodiments of the present invention, and are not intended to limit the scope of the present invention, and any modifications, equivalent substitutions, improvements and the like made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (6)
1. A data security access system for connection to a plurality of monitored devices, the data security access system comprising: the system comprises a plurality of monitoring devices, intelligent electronic equipment and a safety access server; wherein each monitored device is connected with a plurality of monitoring devices of different types;
the monitoring device is used for:
acquiring various real-time data from monitored equipment; judging whether each real-time data accords with a preset safety rule or not; when the real-time data accords with a preset safety rule, packaging the real-time data to obtain various real-time data messages; uploading various real-time data messages to the intelligent electronic equipment;
the intelligent electronic device is connected with the plurality of monitoring devices and is used for: receiving various real-time data messages, and uploading the various real-time data messages to the secure access server;
the safety access server is connected with the intelligent electronic equipment and used for: receiving various real-time data messages; unpacking the various real-time data messages according to various preset model files corresponding to the various real-time data messages to obtain various real-time data; judging whether each real-time data is in a corresponding preset range; and when one of the real-time data is not in the preset range, outputting abnormal data alarm data.
2. The system of claim 1, wherein the secure access server is further configured to:
judging whether the real-time data message is lacked according to the model file; and outputting data missing alarm data when the real-time data message is absent.
3. The system of claim 2, wherein the secure access server is further configured to:
and when the real-time data message is not lacked and each kind of real-time data is within a preset range, storing each kind of real-time data.
4. The data security access system of claim 1, further comprising: the master station server is connected with the safety access server;
the secure access server is further configured to: uploading the real-time data to the master station server;
the master station server is used for: checking whether the real-time data is qualified; and when the real-time data is qualified, storing the real-time data.
5. The data security access system of claim 1, wherein the model file is an intelligent electronic device performance description model file.
6. The data security access system of claim 1, wherein the monitoring device is specifically configured to:
and packaging the multiple real-time data according to the IEC61850 communication protocol to obtain multiple real-time data messages.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910159179.8A CN109862028B (en) | 2019-03-04 | 2019-03-04 | Data security access system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910159179.8A CN109862028B (en) | 2019-03-04 | 2019-03-04 | Data security access system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109862028A CN109862028A (en) | 2019-06-07 |
| CN109862028B true CN109862028B (en) | 2021-03-12 |
Family
ID=66899771
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910159179.8A Active CN109862028B (en) | 2019-03-04 | 2019-03-04 | Data security access system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109862028B (en) |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104182818A (en) * | 2014-07-21 | 2014-12-03 | 国网山东省电力公司青岛供电公司 | Method and system for collecting substation information automatically and intelligently |
| CN105207354A (en) * | 2015-06-30 | 2015-12-30 | 许继集团有限公司 | Data transmission method for gateway and smart substation monitoring system data center |
| CN105515180A (en) * | 2015-07-14 | 2016-04-20 | 国家电网公司 | Intelligent substation communication network dynamic monitoring system and monitoring method thereof |
| CN105956410A (en) * | 2016-07-01 | 2016-09-21 | 中国南方电网有限责任公司 | Rapid universal detection method for IEC61850 full model |
| CN106204326A (en) * | 2016-07-11 | 2016-12-07 | 国网浙江省电力公司杭州供电公司 | A kind of distribution terminal IED equipment detection method for distribution system |
| CN106982235A (en) * | 2017-06-08 | 2017-07-25 | 江苏省电力试验研究院有限公司 | A kind of power industry control network inbreak detection method and system based on IEC 61850 |
| CN108063492A (en) * | 2017-12-07 | 2018-05-22 | 全球能源互联网研究院有限公司 | A kind of integrated system and application process of anti-work of combating typhoon of power grid |
-
2019
- 2019-03-04 CN CN201910159179.8A patent/CN109862028B/en active Active
Patent Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104182818A (en) * | 2014-07-21 | 2014-12-03 | 国网山东省电力公司青岛供电公司 | Method and system for collecting substation information automatically and intelligently |
| CN105207354A (en) * | 2015-06-30 | 2015-12-30 | 许继集团有限公司 | Data transmission method for gateway and smart substation monitoring system data center |
| CN105515180A (en) * | 2015-07-14 | 2016-04-20 | 国家电网公司 | Intelligent substation communication network dynamic monitoring system and monitoring method thereof |
| CN105956410A (en) * | 2016-07-01 | 2016-09-21 | 中国南方电网有限责任公司 | Rapid universal detection method for IEC61850 full model |
| CN106204326A (en) * | 2016-07-11 | 2016-12-07 | 国网浙江省电力公司杭州供电公司 | A kind of distribution terminal IED equipment detection method for distribution system |
| CN106982235A (en) * | 2017-06-08 | 2017-07-25 | 江苏省电力试验研究院有限公司 | A kind of power industry control network inbreak detection method and system based on IEC 61850 |
| CN108063492A (en) * | 2017-12-07 | 2018-05-22 | 全球能源互联网研究院有限公司 | A kind of integrated system and application process of anti-work of combating typhoon of power grid |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109862028A (en) | 2019-06-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN105490839B (en) | A kind of alarm method and device of website data safety | |
| CN101388903B (en) | Mobile enterprise IT standardization management platform | |
| EP2566102A1 (en) | Security event logging and conversion of security event messages in process control | |
| CN106911685B (en) | Intelligent control system of thing networking light traffic case | |
| CN110752951A (en) | Industrial network flow monitoring and auditing method, device and system | |
| CN102195813A (en) | Method and device for intelligently creating operation and maintenance worksheet | |
| CN104811433A (en) | Distributed IoT (Internet of Things) solution scheme of C/S configuration | |
| CN106789254A (en) | A kind of industrial Internet of Things method for remote management and its system | |
| CN108880943A (en) | A kind of monitoring system of isomery cloud platform | |
| CN110347694B (en) | Equipment monitoring method, device and system based on Internet of things | |
| CN103259684A (en) | Internet service monitoring method and system | |
| US20240056463A1 (en) | Method and system to detect abnormal message transactions on a network | |
| CN103096038B (en) | The method for supervising of the fusion video monitoring system of multi-protocol video watch-dog access | |
| CN111064656A (en) | Data management method, device, system, storage medium and electronic equipment | |
| CN109862028B (en) | Data security access system | |
| CN117061368A (en) | Automatic recognition method, device, equipment and medium for bypassing fort machine behaviors | |
| CN115361273B (en) | Power operation and maintenance safety supervision and emergency management and control system and method based on block chain | |
| CN111106956A (en) | Sensor information adding method, device, equipment and storage medium of Internet of things | |
| CN102868559A (en) | Method and system for generating weblog data | |
| CN113013992B (en) | Method and device for monitoring functions of information-protecting master station | |
| CN115333791A (en) | Cloud-based vehicle safety protection method and related equipment | |
| CN115001772A (en) | Power transmission line Internet of things gateway control method, control system and computer readable storage medium | |
| CN209746400U (en) | IT equipment monitoring and management system | |
| CN114338368A (en) | Network supervision method, equipment and medium based on unidirectional import equipment | |
| CN210348767U (en) | Security alarm system based on GPRS and cloud server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |