CN110855707A - Internet of things communication pipeline safety control system and method - Google Patents
Internet of things communication pipeline safety control system and method Download PDFInfo
- Publication number
- CN110855707A CN110855707A CN201911172226.9A CN201911172226A CN110855707A CN 110855707 A CN110855707 A CN 110855707A CN 201911172226 A CN201911172226 A CN 201911172226A CN 110855707 A CN110855707 A CN 110855707A
- Authority
- CN
- China
- Prior art keywords
- communication
- gateway
- node
- terminal
- internet
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Abstract
The invention relates to a system and a method for controlling the safety of a communication pipeline of the Internet of things, wherein the system comprises: portal unit: a front end unit interfacing with a user; capability lease management unit: the safety management of the communication of the Internet of things is carried out, and the safety management comprises two capacity renting, wherein one capacity is that the system rents other platforms for safety management, and the other capacity is that the other platforms rent the system for safety management; a functional unit: providing a security basic service for the terminal of the Internet of things, and providing a configuration and security policy centralized distribution and verification function for the terminal of the Internet of things through a cloud computing architecture; a processing engine unit: the method comprises the steps of collecting, analyzing and processing the information of the Internet of things, dynamically adjusting a security strategy according to the flow change of the data of the Internet of things, and controlling the terminal of the Internet of things to relieve the impact of burst flow on a network in a peak-staggering uploading mode. The invention obviously reduces the security risk of both communication parties, relieves the impact of burst flow on the network and effectively reduces the resource burden.
Description
Technical Field
The invention relates to a data security control system and a data security control method, in particular to a communication pipeline security control system and a communication pipeline security control method for the Internet of things.
Background
The internet of things is a network extending and expanding on the basis of the internet, and is a further extension of the internet from the digital world to the physical world, and the security threats existing in the traditional internet still exist in the internet of things. Because the number of the internet of things related to the real world is extremely large, the safety risk extends from the original virtual world to the real physical world, and the safety situation is more severe, so that the safety is a cornerstone for the business development of the internet of things. Telecom operators, as important participants of the construction of the internet of things, need to focus on the research on the safety problem of the internet of things in the initial stage of the construction of the internet of things, and lay a solid foundation for the development of the business of the internet of things.
The internet of things comprises a sensing layer, a network layer and an application layer, and different safety risks and safety protection ideas faced by the three layers are analyzed as follows:
a sensing layer: the sensing nodes in the sensing layer are huge in number, and are mostly in an unattended environment and a severe condition, so that the risk of node failure is easy to occur. Most sensing nodes are limited in energy, storage space, computing capacity and the like, high-strength security protocols and algorithms are difficult to apply, and the security protection capability is limited.
The security protection of the perception layer is mainly to ensure the security of information acquisition, and the protection is mainly to design a simplified and safe encryption/decryption algorithm and a key management system in consideration of the factors of the resource limitation of the perception node and the like, so that the authenticity of the acquired node information and issued decision control information is ensured, and tampering, counterfeiting or replay attack is prevented. In addition, the safety protection of the terminal is enhanced, and the sensing node is prevented from being attacked by virus, junk information and the like, inverted and stopped working; meanwhile, safety measures are taken for the card equipment to prevent the SIM/UIM card from being illegally pulled out or replaced.
Network layer: the communication network used by the network layer of the internet of things mainly comprises wired, wireless and satellite channels and the like, the safety problem of the communication network is not a new problem in the research category of the internet of things, a series of standard algorithms, safety protocols and safety protection strategies exist in the industry, and most of safety problems of the communication network of the internet of things can be solved. The network layer is different from the traditional communication network mainly in that the number of required devices of the internet of things is large, a large number of devices are connected to the network in a short time, and network congestion is possibly brought by information flow, so that denial of service attack is generated on the network. Therefore, the network layer needs to be enhanced in resource management and control capability, network resources are managed and controlled in an integral and coordinated manner, and the impact of burst traffic on the network is relieved in modes of peak-shifting uploading and the like. In addition, the conventional communication network authentication is a way of authenticating terminals one by one to generate keys, which consumes a lot of network resources. Therefore, the network layer of the internet of things needs to consider the balance relation between the security and the practicability of the authentication algorithm, so that the problem of large amount of network resource consumption caused by generation of keys through one-by-one authentication is solved.
An application layer: the application layer of the Internet of things mainly provides service for industry application and users by analyzing and processing perception data. In this process, the processing and control of data is a major risk point. Firstly, as a large amount of wireless communication, electronic tags and unattended equipment are used, the security threat problems of user privacy disclosure, malicious privacy information tracking and the like are very prominent; secondly, data control is safe, the Internet of things is the same as the traditional Internet, and the risk of service abuse or malicious use exists, for example, for an automatic entrance guard remote control system of an intelligent home, the alarm can be relieved by disguising the system into an application server, and an entrance guard can be opened to enter a room.
Because the application layer relates to various industrial applications, the difference is large, and personalized security strategies should be formulated according to the characteristics, use scenes, service objects and special requirements of users of various intelligent applications.
Disclosure of Invention
The invention provides a system and a method for controlling the safety of a communication pipeline of the Internet of things, which improve the safety of the access and communication of the Internet of things, improve the safety control capability of a terminal of the Internet of things, reduce the safety risk of the terminal and relieve the impact of burst flow on a network.
The invention relates to a communication pipeline safety control system of the Internet of things, which comprises:
portal unit: a front end unit interfacing with a user;
capability lease management unit: the safety management of the communication of the Internet of things is carried out, and the safety management comprises two capacity renting, wherein one capacity is that the system rents other platforms for safety management, and the other capacity is that the other platforms rent the system for safety management;
a functional unit: the method provides security basic services including user identity authentication and key management for the terminal of the Internet of things, and improves the access and communication security of the Internet of things; the centralized distribution and verification functions of configuration and security policies are provided for the terminal of the Internet of things, the security management and control capability of the terminal of the Internet of things is improved, and the middle-high-end security risk is reduced;
a processing engine unit: the method comprises the steps of collecting, analyzing and processing the information of the Internet of things, dynamically adjusting a security strategy according to the flow change of the data of the Internet of things, and controlling the terminal of the Internet of things to relieve the impact of burst flow on a network in a peak-staggering uploading mode.
Specifically, the portal unit includes an administrator portal module and a general user portal module, which are respectively connected to the administrator and the general user for access.
Specifically, the functional unit is provided with an authentication module, a security policy module, a node management module, an abnormal flow monitoring module, an access control module, a key management module, a security configuration module and a security audit module. Each module corresponds to respective function processing and provides security basic services such as unified identity authentication, key management and the like for the Internet of things terminal.
Specifically, the processing engine unit is provided with an information acquisition module, a feature extraction module and a mass information correlation analysis module.
The invention also provides a method for controlling the safety of the communication pipeline of the Internet of things, which comprises the following steps:
A. one of a user terminal or an application server of the Internet of things initiates an inter-access request;
B. the identity information of an initiator is collected through a processing engine unit, the functional unit performs related authentication including authority according to a security policy, and after the authentication is passed, an access policy is sent to two parties of mutual access;
C. communication keys are classified into two types in consideration of the fact that the security of communication between a terminal node and a gateway node is higher than that of communication between terminal nodes. Respectively generating a gateway communication key for communication between the terminal node and the gateway node of the application server and a node communication key for communication between the terminal nodes in the network by the functional unit, wherein the encryption requirement of the gateway communication key is higher than that of the node communication key, and encrypting a communication channel by the gateway communication key and the node communication key; after both communication parties configure the access strategy, mutual access is realized through a gateway communication key or a node communication key.
Furthermore, in the mutual access process of the step C, the flow information in the Internet of things is collected and analyzed through the processing engine unit, the current security strategy is changed when the flow reaches the set threshold value, the domain gateway is used as the security proxy, and the security proxy of the domain gateway authenticates the flow information within the token validity period, so that the problem of large consumption of network resources caused by a large number of authentication requests, particularly burst requests, is effectively solved.
Specifically, the changing the current security policy includes:
the method comprises the steps that an original certificate of a terminal is authenticated through a functional unit, after the original certificate of the terminal passes the authentication, security configuration information including an authentication token is issued to the terminal through a domain gateway, and a terminal security strategy is issued to the domain gateway;
in the validity period of the authentication token, the terminal is authenticated by a security agent of the domain gateway, and the access requirement of the terminal is directly controlled by the domain gateway according to the security policy of the terminal;
and when the flow is lower than the set threshold value, the functional unit sends re-authentication to the terminal according to the corresponding safety strategy.
Further, when mutual access is required between different terminals or between a terminal and an application server, security policies are dynamically configured for both communication parties, and a minimum access right is opened as required, including: confirming the legality of the identities of both communication parties, verifying the access authority by the functional unit when one party initiates an access request, and issuing a security policy to both parties according to a pre-configured security policy after the authentication, wherein the security policy comprises an access control policy and an access deadline; the two communication parties configure a security policy to realize mutual access. Thereby effectively reducing the security risk. Taking an intelligent home scene as an example, in the existing intelligent home application, a client directly and remotely accesses a home gateway through a terminal, and access control is performed by the gateway. Because the home network generally adopts a dialing mode to access the network, the gateway IP dynamically changes, and the terminal needs to search and set an IP address every time of accessing, so that the use is inconvenient for users. In addition, the IP address of the terminal also changes dynamically, and the home gateway cannot apply an IP address transition security policy, which causes a high security risk. The method of the invention can solve the problems, and the terminal can obtain the home gateway IP through the system and the method of the invention, thereby solving the problem of the dynamic change of the home gateway IP; in addition, the home gateway forbids the access of the terminal by default, and when the terminal needs to be accessed, the corresponding access control strategy is temporarily added according to the security strategy, so that the security risk of the home gateway is greatly reduced.
Further, in step C, the data transmission between the terminal node and the application server is forwarded by the gateway node, the data is divided into two stages for encryption during the forwarding process, the gateway communication key is used for encryption between the terminal node and the gateway node, the gateway receives and decrypts the data, and the data is re-encrypted by using the remote transmission key and forwarded to the application server.
On this basis, in step C, the key sharing mechanism adopted is:
gateway communication key: the method comprises the following steps of 1: n key sharing mechanisms, namely, no more than n terminal nodes sharing the gateway communication key with the gateway node are provided, and n is configured by the functional unit; the smaller n is, the higher the security is, and the higher the requirement of the gateway node for maintaining the gateway communication key is; conversely, the lower the security, the lower the requirement for the gateway node to maintain the gateway communication key; when n is 1, the gateway node shares a unique gateway communication key with each terminal node;
node communication key: adopting a group key mechanism to divide all terminal nodes into a plurality of groups, wherein the terminal nodes in the same group share a node communication key; each terminal node can join at most m groups, and the value of m is controlled by the functional unit; setting an inter-group communication key for communication between terminal nodes of different groups;
in the initial state of the system, a functional unit pre-configures gateway communication keys of each terminal node, and the gateway nodes maintain N gateway keys and M node communication keys; the terminal node can realize normal data uploading by using a gateway communication key;
when different terminal nodes need communication, the terminal nodes of both sides exchange and negotiate a supported key set, if the key set supported by both sides exists, the key set is directly used for encryption, otherwise, a node communication key is applied to the gateway node, the gateway node randomly selects a group of node communication keys from the maintained key set to distribute to both sides, and both sides use the node communication key for encryption; each terminal node can be allocated with m node communication keys at most for controlling the diffusion range of the node communication keys, and when the node communication keys reach m and are required to communicate with terminal nodes without the same node communication keys, the gateway node allocates default inter-group communication keys for both communication parties;
the key management combines pre-configuration and dynamic update, the function unit pre-configures an initial gateway communication key to a gateway node, then issues the initial gateway communication key to each terminal node according to a security policy and a communication key group which are issued to the gateway node, and periodically and dynamically updates a packet and the gateway communication key; the gateway communication key updating mechanism adopts a dynamic grouping strategy based on statistical analysis and a spanning tree algorithm, and the gateway nodes generate forests according to the communication relation between terminal nodes in the network, distribute the node communication keys in the groups and control the distribution range and the efficiency balance of the node communication keys.
The system and the method for controlling the safety of the communication pipeline of the Internet of things have the beneficial effects that:
firstly, the two communication parties dynamically configure the security policy, and open the minimum access right as required, thereby effectively reducing the security risk faced by the two communication parties.
And secondly, dynamically adjusting a security strategy according to the flow change, and controlling the terminal of the Internet of things to relieve the impact of burst flow on the network in modes of off-peak uploading and the like.
And thirdly, the resource burden is effectively reduced through a lightweight encryption mode.
The present invention will be described in further detail with reference to the following examples. This should not be understood as limiting the scope of the above-described subject matter of the present invention to the following examples. Various substitutions and alterations according to the general knowledge and conventional practice in the art are intended to be included within the scope of the present invention without departing from the technical spirit of the present invention as described above.
Drawings
Fig. 1 is a block diagram of a communication pipeline safety control system of the internet of things.
Fig. 2 is a flow chart of a method for use in the system of fig. 1.
Detailed Description
As shown in fig. 1, the internet of things communication pipeline safety control system of the present invention includes:
portal unit: a head end unit to interface with a user. The portal unit comprises an administrator portal module and a common user portal module which are respectively connected with the administrator and the common user for access.
Capability lease management unit: the safety management of the communication of the Internet of things comprises two capacity renting, wherein one capacity is the capacity of renting other platforms for safety management, and the other capacity is the capacity of renting the system for safety management by other platforms.
A functional unit: the method provides security basic services including user identity authentication and key management for the terminal of the Internet of things, and improves the access and communication security of the Internet of things; the configuration and security policy centralized distribution and verification functions are provided for the terminal of the Internet of things, the security management and control capability of the terminal of the Internet of things is improved, and the middle-high-end security risk is reduced. The functional unit is provided with an authentication module, a security policy module, a node management module, an abnormal flow monitoring module, an access control module, a key management module, a security configuration module and a security audit module. Each module corresponds to respective function processing and provides security basic services such as unified identity authentication, key management and the like for the Internet of things terminal.
A processing engine unit: the method comprises the steps of collecting, analyzing and processing the information of the Internet of things, dynamically adjusting a security strategy according to the flow change of the data of the Internet of things, and controlling the terminal of the Internet of things to relieve the impact of burst flow on a network in a peak-staggering uploading mode. The processing engine unit is provided with an information acquisition module, a characteristic extraction module and a mass information correlation analysis module.
As shown in fig. 2, the method for controlling the security of the communication pipeline of the internet of things for the system of the invention includes:
A. one of a user terminal or an application server of the Internet of things initiates an inter-access request;
B. when different terminals or terminals and application server need to access each other, the method dynamically configures security policy for both communication parties, and opens the minimum access right according to the requirements, which comprises the following steps: the validity of the identities of two communication parties is confirmed, when one party initiates an access request, identity information of the initiator is acquired through the processing engine unit, the functional unit performs related authentication including access authority according to the security policy, and after the authentication is passed, the access control policy, the access time limit and other access policies are sent to two parties of mutual access according to the pre-configured security policy, so that the security risk can be effectively reduced;
C. communication keys are classified into two types in consideration of the fact that the security of communication between a terminal node and a gateway node is higher than that of communication between terminal nodes. Respectively generating a gateway communication key for communication between the terminal node and the gateway node of the application server and a node communication key for communication between the terminal nodes in the network by the functional unit, wherein the encryption requirement of the gateway communication key is higher than that of the node communication key, and encrypting a communication channel by the gateway communication key and the node communication key; after both communication parties configure the access strategy, mutual access is realized through a gateway communication key or a node communication key.
In the process of mutual visit, the flow information in the Internet of things is collected and analyzed through the processing engine unit, the current security strategy is changed when the flow reaches a set threshold value, the domain gateway is used as a security proxy, and the security proxy of the domain gateway authenticates the flow information within the token validity period, so that the problem of large consumption of network resources caused by a large number of authentication requests, particularly burst requests, is effectively solved. Wherein the changing the current security policy comprises:
the method comprises the steps that an original certificate of a terminal is authenticated through a functional unit, after the original certificate of the terminal passes the authentication, security configuration information including an authentication token is issued to the terminal through a domain gateway, and a terminal security strategy is issued to the domain gateway;
in the validity period of the authentication token, the terminal is authenticated by a security agent of the domain gateway, and the access requirement of the terminal is directly controlled by the domain gateway according to the security policy of the terminal;
and when the flow is lower than the set threshold value, the functional unit sends re-authentication to the terminal according to the corresponding safety strategy.
In the process of mutual access, data transmission between the terminal node and the application server is forwarded by the gateway node, the data are respectively encrypted in two stages in the forwarding process, the gateway communication key is used for encryption between the terminal node and the gateway node, the gateway receives and decrypts the data, and the data are re-encrypted by adopting the remote transmission key and then forwarded to the application server. The key sharing mechanism adopted by the invention is as follows:
gateway communication key: the method comprises the following steps of 1: n key sharing mechanisms, namely, no more than n terminal nodes sharing the gateway communication key with the gateway node are provided, and n is configured by the functional unit; the smaller n is, the higher the security is, and the higher the requirement of the gateway node for maintaining the gateway communication key is; conversely, the lower the security, the lower the requirement for the gateway node to maintain the gateway communication key; when n is 1, the gateway node shares a unique gateway communication key with each terminal node;
node communication key: adopting a group key mechanism to divide all terminal nodes into a plurality of groups, wherein the terminal nodes in the same group share a node communication key; each terminal node can join at most m groups, and the value of m is controlled by the functional unit; setting an inter-group communication key for communication between terminal nodes of different groups;
in the initial state of the system, a functional unit pre-configures gateway communication keys of each terminal node, and the gateway nodes maintain N gateway keys and M node communication keys; the terminal node can realize normal data uploading by using a gateway communication key;
when different terminal nodes need communication, the terminal nodes of both sides exchange and negotiate a supported key set, if the key set supported by both sides exists, the key set is directly used for encryption, otherwise, a node communication key is applied to the gateway node, the gateway node randomly selects a group of node communication keys from the maintained key set to distribute to both sides, and both sides use the node communication key for encryption; each terminal node can be allocated with m node communication keys at most for controlling the diffusion range of the node communication keys, and when the node communication keys reach m and are required to communicate with terminal nodes without the same node communication keys, the gateway node allocates default inter-group communication keys for both communication parties;
the key management combines pre-configuration and dynamic update, the function unit pre-configures an initial gateway communication key to a gateway node, then issues the initial gateway communication key to each terminal node according to a security policy and a communication key group which are issued to the gateway node, and periodically and dynamically updates a packet and the gateway communication key; the gateway communication key updating mechanism adopts a dynamic grouping strategy based on statistical analysis and a spanning tree algorithm, and the gateway nodes generate forests according to the communication relation between terminal nodes in the network, distribute the node communication keys in the groups and control the distribution range and the efficiency balance of the node communication keys.
According to the method, mutual access between terminals of the Internet of things and between the terminals and the application server is controlled by the system, and as unified security policy control and security policies dynamically configured by both communication sides are implemented, the minimum access authority is opened as required, so that security risks can be effectively reduced, the security control capability of the Internet of things is effectively improved, and the impact of burst flow on the network is relieved.
Example 1:
take the secure communication of a petroleum pipeline industrial control system network as an example. The architecture of the petroleum pipeline industrial control system network comprises a backbone network, a satellite network and various external interconnection interfaces. The system and the method of the invention carry out encryption transmission, authentication access and unified management and control on each layer of network. And meanwhile, the data acquisition and the instruction safety of the production control system are guaranteed by adopting safety measures.
Access authentication management and control:
aiming at the application environment of the petroleum pipeline industrial control system, in order to improve the operation and maintenance safety and strengthen the centralized control capability, a uniform access authentication control protection system is particularly required to be deployed, and uniform identity authentication and authorization management are provided for hosts and users of the whole network access equipment (such as an SCADA system (data acquisition and monitoring control system), an engineer station, an operation station and the like). Authorization to access resource rights is based on a minimum principle.
The access authentication management and control protection applied to the petroleum pipeline industrial control system is based on an autonomous controllable principle, and completely adopts a standard domestic commercial password digital certificate technology. In a deployment environment, the access authentication management and control is located in an industrial control network and is completely isolated from an office network or an information network.
The access authentication management and control protection covers a plurality of safety management sub-modules, and comprises a uniform identity management platform which provides uniform-format and unique identity identification for all users (scheduling personnel, engineers, management personnel and development management) accessed to the industrial control network; the system of the invention provides authenticity authentication management for all users, equipment and systems accessed by the industrial control network; the unified security authorization management platform endows all users accessed to the industrial control network with necessary authority according to the roles of the users, and ensures that the users can only perform operation within the authority range; and the unified access control mode provides authority security authentication for all users, controls access to each system, equipment and software and records access footprints of the systems, the equipment and the software. In addition, multiple safety standards, technical specifications, processes and information system interfaces are integrated in access authentication management and control, and digital certificate management, system audit management, system disaster tolerance and backup, key management and the like are integrated.
And (3) key management:
the key is an important basic component of access authentication protection, and the complexity and coverage range of a petroleum pipeline network mean that large-scale key information assets exist in a control system network, no matter an SCADA system or other business systems, and need to be uniformly protected. It is therefore desirable to ensure the confidentiality, integrity and availability of data through key management.
Service objects for key management include user key management and system key management. The user key management is in butt joint with the access authentication management and control, and uniform identity security authentication management is achieved. The system key management is more complicated, and needs to realize uniform key management service for various network devices and link encryption devices in the petroleum pipeline network, and realizes the full life cycle management of keys from generation, storage, distribution, use, update and abolishment.
In the whole key management, the security of the key is the core of the whole management. The part is realized by a service layer of the system, and the service layer is responsible for building an information processing platform between access and equipment management. The platform interface layer mainly provides various unified development interfaces for the service system; the platform device layer centrally manages all the password devices called by the platform, and dynamically calls the password devices to perform key management operation.
Through more applications and services in the integrated information security technology, a sound security pipeline access authentication management and control service is established for a petroleum pipeline control network. The method comprises the main functions of centralized identity management, unified authentication, unified authorization access control, centralized storage, certificate authentication, password service, system audit and the like. And the whole network architecture is incorporated into a system platform, so that the network architecture can be effectively combed, and unified management is facilitated.
Production network communication security guarantee:
the production network of the petroleum pipeline industrial control system consists of an optical fiber backbone network and a satellite backbone network and is a communication channel between a control center and each station. In order to resist information security risks and prevent network intrusion and eavesdropping, an encryption protection system is constructed for the whole production network, and an encryption gateway, a link encryptor and other security devices are adopted, so that the longitudinal control network communication encryption function of the SCADA control system is realized by facing industrial control system components such as an industrial control device, an industrial control protocol, a data acquisition and monitoring control System (SCADA), a Distributed Control System (DCS), a programmable logic control system (PLC), a remote control unit (RTU), an upper computer, a lower computer, an engineer station, configuration software and the like.
Production data communication security:
although the field control layer and the field device layer of the petroleum pipeline industrial control system cannot be directly connected with an information network or the internet, a safe encryption transmission channel still needs to be adopted in the data transmission process. The data acquisition and production instruction safe issuing and uploading process is guaranteed.
(1) Data acquisition transmission encryption
The industrial safety RTU is adopted, after the data acquisition instruction is obtained, the data instruction is encrypted and protected, end-to-end information source encryption of data acquisition and supervisory control System (SCADA) software is achieved, and data is prevented from being eavesdropped and tampered in the communication process. The industrial safety RTU is provided with a plurality of communication interfaces special for industrial equipment, can analyze and process an industrial communication protocol (used for connection between a device and the industrial equipment), and is suitable for industrial application environments.
(2) Production instruction encryption transmission
In order to ensure the safe and accurate transmission of core instructions and the integrity and non-repudiation of the instructions, a cryptographic technology is adopted to carry out data signature on relevant sensitive instructions of systems such as SCADA, PLC, configuration software and the like, and the deep fusion is carried out on a production system and production equipment through a comprehensive cryptographic safety management platform by depending on a domestic autonomous controllable production system and equipment, so that the signature value is optimized while the normal production is not influenced, the integrity of core service data instructions is ensured, and the safe industrial production is realized.
Claims (10)
1. Thing networking communication pipeline safety control system, its characteristic includes:
portal unit: a front end unit interfacing with a user;
capability lease management unit: the safety management of the communication of the Internet of things is carried out, and the safety management comprises two capacity renting, wherein one capacity is that the system rents other platforms for safety management, and the other capacity is that the other platforms rent the system for safety management;
a functional unit: providing security basic services including user identity authentication and key management for the terminal of the Internet of things, and providing a configuration and security policy centralized distribution and verification function for the terminal of the Internet of things;
a processing engine unit: the method comprises the steps of collecting, analyzing and processing the information of the Internet of things, dynamically adjusting a security strategy according to the flow change of the data of the Internet of things, and controlling the terminal of the Internet of things to relieve the impact of burst flow on a network in a peak-staggering uploading mode.
2. The internet of things communication pipeline safety control system of claim 1, wherein: an administrator portal module and a common user portal module are included in the portal unit.
3. The internet of things communication pipeline safety control system of claim 1, wherein: the functional unit is provided with an authentication module, a security policy module, a node management module, an abnormal flow monitoring module, an access control module, a key management module, a security configuration module and a security audit module.
4. The internet of things communication pipeline safety control system of claim 1, wherein: the processing engine unit is provided with an information acquisition module, a characteristic extraction module and a mass information correlation analysis module.
5. The Internet of things communication pipeline safety control method for the system of any one of claims 1 to 4, characterized by comprising the following steps:
A. one of a user terminal or an application server of the Internet of things initiates an inter-access request;
B. the identity information of an initiator is collected through a processing engine unit, the functional unit performs related authentication including authority according to a security policy, and after the authentication is passed, an access policy is sent to two parties of mutual access;
C. respectively generating a gateway communication key for communication between the terminal node and the gateway node of the application server and a node communication key for communication between the terminal nodes in the network by the functional unit, wherein the encryption requirement of the gateway communication key is higher than that of the node communication key, and encrypting a communication channel by the gateway communication key and the node communication key; after both communication parties configure the access strategy, mutual access is realized through a gateway communication key or a node communication key.
6. The internet of things communication pipeline safety control method as claimed in claim 5, characterized in that: and C, in the mutual visit process of the step C, acquiring and analyzing the flow information in the Internet of things through the processing engine unit, changing the current security strategy when the flow reaches a set threshold value, taking the domain gateway as a security agent, and authenticating by the security agent of the domain gateway within the token validity period.
7. The internet of things communication pipeline safety control method as claimed in claim 6, characterized in that: the changing the current security policy includes:
the method comprises the steps that an original certificate of a terminal is authenticated through a functional unit, after the original certificate of the terminal passes the authentication, security configuration information including an authentication token is issued to the terminal through a domain gateway, and a terminal security strategy is issued to the domain gateway;
in the validity period of the authentication token, the terminal is authenticated by a security agent of the domain gateway, and the access requirement of the terminal is directly controlled by the domain gateway according to the security policy of the terminal;
and when the flow is lower than the set threshold value, the functional unit sends re-authentication to the terminal according to the corresponding safety strategy.
8. The internet of things communication pipeline safety control method as claimed in claim 5, characterized in that: when different terminals or terminals and application server need to make mutual access, the security strategy is dynamically configured for both communication parties, and the minimum access authority is opened as required, which includes: the validity of the identities of both communication parties is confirmed, and when one party initiates an access request, the access authority is verified by the functional unit; after passing the verification, the security policy is issued to both parties according to the pre-configured security policy, including an access control policy and an access deadline; the two communication parties configure a security policy to realize mutual access.
9. The internet of things communication pipeline safety control method as claimed in claim 5, characterized in that: in step C, the data transmission between the terminal node and the application server is forwarded by the gateway node, the data is encrypted respectively in two stages in the forwarding process, the gateway communication key is used for encryption between the terminal node and the gateway node, the gateway receives and decrypts the data, and the data is re-encrypted by adopting the remote transmission key and then forwarded to the application server.
10. The internet of things communication pipeline safety control method as claimed in claim 9, characterized in that: in step C, the key sharing mechanism adopted is:
gateway communication key: the method comprises the following steps of 1: n key sharing mechanisms, namely, no more than n terminal nodes sharing the gateway communication key with the gateway node are provided, and n is configured by the functional unit; the smaller n is, the higher the security is, and the higher the requirement of the gateway node for maintaining the gateway communication key is; conversely, the lower the security, the lower the requirement for the gateway node to maintain the gateway communication key; when n is 1, the gateway node shares a unique gateway communication key with each terminal node;
node communication key: adopting a group key mechanism to divide all terminal nodes into a plurality of groups, wherein the terminal nodes in the same group share a node communication key; each terminal node can join at most m groups, and the value of m is controlled by the functional unit; setting an inter-group communication key for communication between terminal nodes of different groups;
in the initial state of the system, a functional unit pre-configures gateway communication keys of each terminal node, and the gateway nodes maintain N gateway keys and M node communication keys; the terminal node can realize normal data uploading by using a gateway communication key;
when different terminal nodes need communication, the terminal nodes of both sides exchange and negotiate a supported key set, if the key set supported by both sides exists, the key set is directly used for encryption, otherwise, a node communication key is applied to the gateway node, the gateway node randomly selects a group of node communication keys from the maintained key set to distribute to both sides, and both sides use the node communication key for encryption; each terminal node can be allocated with m node communication keys at most for controlling the diffusion range of the node communication keys, and when the node communication keys reach m and are required to communicate with terminal nodes without the same node communication keys, the gateway node allocates default inter-group communication keys for both communication parties;
the key management combines pre-configuration and dynamic update, the function unit pre-configures an initial gateway communication key to a gateway node, then issues the initial gateway communication key to each terminal node according to a security policy and a communication key group which are issued to the gateway node, and periodically and dynamically updates a packet and the gateway communication key; the gateway communication key updating mechanism adopts a dynamic grouping strategy based on statistical analysis and a spanning tree algorithm, and the gateway nodes generate forests according to the communication relation between terminal nodes in the network, distribute the node communication keys in the groups and control the distribution range and the efficiency balance of the node communication keys.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911172226.9A CN110855707A (en) | 2019-11-26 | 2019-11-26 | Internet of things communication pipeline safety control system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911172226.9A CN110855707A (en) | 2019-11-26 | 2019-11-26 | Internet of things communication pipeline safety control system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110855707A true CN110855707A (en) | 2020-02-28 |
Family
ID=69604434
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911172226.9A Pending CN110855707A (en) | 2019-11-26 | 2019-11-26 | Internet of things communication pipeline safety control system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110855707A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113472778A (en) * | 2021-06-30 | 2021-10-01 | 中国人民解放军国防科技大学 | Information network safety protection trust system and method |
| CN114139943A (en) * | 2021-11-30 | 2022-03-04 | 广东电网有限责任公司 | Electric power Internet of things communication safety protection system and method and readable storage medium |
| CN114268508A (en) * | 2021-12-30 | 2022-04-01 | 天翼物联科技有限公司 | Internet of things equipment secure access method, device, equipment and medium |
| CN115150208A (en) * | 2022-09-06 | 2022-10-04 | 信联科技(南京)有限公司 | Zero-trust-based Internet of things terminal secure access method and system |
| CN116367157A (en) * | 2023-06-01 | 2023-06-30 | 深圳市北测检测技术有限公司 | Security authentication method and device based on 5G communication network |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106713301A (en) * | 2016-12-16 | 2017-05-24 | 四川长虹电器股份有限公司 | Internet of Things security defense system for intelligent terminal |
| CN107508869A (en) * | 2017-08-11 | 2017-12-22 | 上海中信信息发展股份有限公司 | Trace back data acquisition method and client |
| CN108198341A (en) * | 2017-12-26 | 2018-06-22 | 金卡智能集团股份有限公司 | Internet of Things instrument settlement method and system based on table end, the double settlement modes in backstage |
| CN110086821A (en) * | 2019-05-07 | 2019-08-02 | 国网江苏省电力有限公司无锡供电分公司 | The authentication method of electric power things-internet gateway and the access of electric power internet-of-things terminal based on block chain |
-
2019
- 2019-11-26 CN CN201911172226.9A patent/CN110855707A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106713301A (en) * | 2016-12-16 | 2017-05-24 | 四川长虹电器股份有限公司 | Internet of Things security defense system for intelligent terminal |
| CN107508869A (en) * | 2017-08-11 | 2017-12-22 | 上海中信信息发展股份有限公司 | Trace back data acquisition method and client |
| CN108198341A (en) * | 2017-12-26 | 2018-06-22 | 金卡智能集团股份有限公司 | Internet of Things instrument settlement method and system based on table end, the double settlement modes in backstage |
| CN110086821A (en) * | 2019-05-07 | 2019-08-02 | 国网江苏省电力有限公司无锡供电分公司 | The authentication method of electric power things-internet gateway and the access of electric power internet-of-things terminal based on block chain |
Non-Patent Citations (2)
| Title |
|---|
| 何明等: "物联网通信管道安全控制方案", 《电信技术》 * |
| 李晓龙等: "石油管道工业控制系统网络通信安全方案", 《仪器仪表标准化与计量》 * |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113472778A (en) * | 2021-06-30 | 2021-10-01 | 中国人民解放军国防科技大学 | Information network safety protection trust system and method |
| CN114139943A (en) * | 2021-11-30 | 2022-03-04 | 广东电网有限责任公司 | Electric power Internet of things communication safety protection system and method and readable storage medium |
| CN114268508A (en) * | 2021-12-30 | 2022-04-01 | 天翼物联科技有限公司 | Internet of things equipment secure access method, device, equipment and medium |
| CN114268508B (en) * | 2021-12-30 | 2023-08-18 | 天翼物联科技有限公司 | Internet of things equipment security access method, device, equipment and medium |
| CN115150208A (en) * | 2022-09-06 | 2022-10-04 | 信联科技(南京)有限公司 | Zero-trust-based Internet of things terminal secure access method and system |
| CN116367157A (en) * | 2023-06-01 | 2023-06-30 | 深圳市北测检测技术有限公司 | Security authentication method and device based on 5G communication network |
| CN116367157B (en) * | 2023-06-01 | 2023-08-01 | 深圳市北测检测技术有限公司 | Security authentication method and device based on 5G communication network |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110855707A (en) | Internet of things communication pipeline safety control system and method | |
| CN101094056B (en) | Security system of wireless industrial control network, and method for implementing security policy | |
| Yang et al. | Blockchain-enabled tripartite anonymous identification trusted service provisioning in industrial IoT | |
| Vijayakumaran et al. | A reliable next generation cyber security architecture for industrial internet of things environment | |
| Tawde et al. | Cyber security in smart grid SCADA automation systems | |
| CN106992984A (en) | A kind of method of the mobile terminal safety access information Intranet based on electric power acquisition net | |
| CN106027463A (en) | Data transmission method | |
| CN106027466B (en) | A kind of identity card cloud Verification System and card-reading system | |
| CN113872944A (en) | Block chain-oriented zero-trust security architecture and cluster deployment framework thereof | |
| CN106027476B (en) | A kind of identity card cloud Verification System and card-reading system | |
| CN111988328A (en) | Safety guarantee method and system for acquiring terminal data of power generation unit of new energy plant station | |
| CN105991647A (en) | Data transmission method | |
| US20150312216A1 (en) | Legacy device securitization within a microgrid system | |
| CN115549932B (en) | Security access system and access method for massive heterogeneous Internet of things terminals | |
| Irfan et al. | A novel secure SDN/LTE based architecture for smart grid security | |
| Zhang et al. | An adaptive encryption-as-a-service architecture based on fog computing for real-time substation communications | |
| Xu et al. | Software defined intelligent building | |
| Akkaya et al. | Software defined networking for wireless local networks in smart grid | |
| Faisal et al. | Cyber security and key management issues for internet of things: Techniques, requirements, and challenges | |
| US20230328047A1 (en) | Platform and Method for Automated Moving Target Defense | |
| Terruggia et al. | Secure IoT and cloud based infrastructure for the monitoring of power consumption and asset control | |
| US11716626B2 (en) | Network access control system | |
| Garlapati | Blockchain for IOT-based NANs and HANs in smart grid | |
| CN110086750A (en) | A kind of encryption system based on optical fiber data link road network and satellite communication network | |
| CN114024767B (en) | Method for constructing password definition network security system, system architecture and data forwarding method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200228 |
|
| RJ01 | Rejection of invention patent application after publication |