CN112333212B - Encryption management method and device for business data of power Internet of things - Google Patents

Encryption management method and device for business data of power Internet of things Download PDF

Info

Publication number
CN112333212B
CN112333212B CN202110010097.4A CN202110010097A CN112333212B CN 112333212 B CN112333212 B CN 112333212B CN 202110010097 A CN202110010097 A CN 202110010097A CN 112333212 B CN112333212 B CN 112333212B
Authority
CN
China
Prior art keywords
service data
identity
data
node
storage
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110010097.4A
Other languages
Chinese (zh)
Other versions
CN112333212A (en
Inventor
王琳
林英喜
李玮棠
马凤鸣
刘毅
陈名峰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangzhou Jixiang Technology Co Ltd
Original Assignee
Guangzhou Jixiang Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangzhou Jixiang Technology Co Ltd filed Critical Guangzhou Jixiang Technology Co Ltd
Priority to CN202110010097.4A priority Critical patent/CN112333212B/en
Publication of CN112333212A publication Critical patent/CN112333212A/en
Application granted granted Critical
Publication of CN112333212B publication Critical patent/CN112333212B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y10/00Economic sectors
    • G16Y10/35Utilities, e.g. electricity, gas or water
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y30/00IoT infrastructure
    • G16Y30/10Security thereof
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/50Safety; Security of things, users, data or systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/06Network architectures or network communication protocols for network security for supporting key management in a packet data network
    • H04L63/062Network architectures or network communication protocols for network security for supporting key management in a packet data network for key distribution, e.g. centrally by trusted party
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/10Protocols in which an application is distributed across nodes in the network
    • H04L67/1097Protocols in which an application is distributed across nodes in the network for distributed storage of data in networks, e.g. transport arrangements for network file system [NFS], storage area networks [SAN] or network attached storage [NAS]

Landscapes

  • Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Development Economics (AREA)
  • Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The embodiment of the application discloses an encryption management method and device for business data of an electric power Internet of things. According to the technical scheme provided by the embodiment of the application, an encryption key and a decryption key are pre-constructed by a designated third party, when the service data are stored, the intelligent electric meter splits the service data into a plurality of mutually redundant service data packets, encrypts the service data packets by using the encryption key, and stores each service data packet to each storage node in a distributed manner; when the service data of the intelligent electric meter are extracted, the data management node extracts corresponding service data packets from each storage node according to the corresponding timestamp information and the identity of the intelligent electric meter, inquires decryption information according to the identity, extracts corresponding decryption keys to decrypt the service data packets, and acquires the service data. By adopting the technical means, the data management efficiency can be guaranteed, meanwhile, the data storage safety is improved in an adaptive mode, and the business data management of the power internet of things is optimized.

Description

Encryption management method and device for business data of power Internet of things
Technical Field
The embodiment of the application relates to the technical field of power internet of things, in particular to an encryption management method and device for service data of the power internet of things.
Background
At present, with the development of the internet of things technology, more power systems are introduced into the internet of things technology to construct a power internet of things system so as to provide more convenient and flexible power operation management. The electric power internet of things is an intelligent service system which is characterized in that modern information technologies such as mobile interconnection, artificial intelligence and the like and advanced communication technologies are fully applied around all links of an electric power system, all things interconnection and man-machine interaction of all links of the electric power system are achieved, and the intelligent service system has the advantages of comprehensive state sensing, efficient information processing and convenient and flexible application. In the power internet of things, automatic collection of user power consumption data is generally realized through an intelligent electric meter, and the collected power consumption data is uploaded to a background server to perform system services such as data management and the like.
However, the mode of the existing power internet of things for storing and managing power consumption data is single, and better safety management is lacked.
Disclosure of Invention
The embodiment of the application provides an encryption management method and device for business data of an electric power internet of things, which can guarantee data management efficiency, improve data storage safety adaptively and optimize business data management of the electric power internet of things.
In a first aspect, an embodiment of the present application provides an encryption management method for service data of an internet of things for electric power, including:
a third party is appointed to generate a corresponding key pair according to an identity of the intelligent electric meter, wherein the key pair comprises an encryption key and a decryption key, the encryption key is extracted from the key pair and is sent to the intelligent electric meter corresponding to the identity, the decryption key is extracted from the key pair, the decryption key and the identity are bound to generate decryption information, and the decryption information is sent to a data management node;
when storing service data, the intelligent ammeter divides the service data into a plurality of mutually redundant service data packets, encrypts the service data packets by using the encryption key, and stores each service data packet to each storage node in a distributed manner, wherein the service data packets comprise the identity of the intelligent ammeter and timestamp information corresponding to the service data;
when the service data of the intelligent electric meter are extracted, the data management node extracts the corresponding service data packet from each storage node according to the corresponding timestamp information and the identity of the intelligent electric meter, inquires the decryption information according to the identity, extracts the corresponding decryption key to decrypt the service data packet, and acquires the service data.
Further, after the encryption key is extracted from the key pair and sent to the smart meter corresponding to the identity, the decryption key is extracted from the key pair, the decryption key and the identity are bound to generate decryption information, and the decryption information is sent to the data management node, the method further includes:
and the appointed third party updates the key pair every other key management period, and correspondingly updates the encryption key of the intelligent electric meter and the decryption information of the data management node according to the updated key pair.
Further, the distributively storing each service data packet to each storage node includes:
and the intelligent electric meter randomly selects a plurality of storage nodes from all the storage nodes to store the service data packet.
Further, the distributively storing each service data packet to each storage node includes:
the intelligent electric meter obtains the storage states of all the storage nodes, and selects a plurality of the storage nodes to store the service data packet based on a storage balancing principle.
Further, after distributively storing each service data packet to each storage node, the method further includes:
generating a storage address list according to a storage node storing the service data packet, and storing the timestamp information and the identity corresponding to the storage address list to the data management node;
correspondingly, the data management node extracts the corresponding service data packet from each storage node according to the corresponding timestamp information and the identity of the smart meter, and the method includes:
and the data management node determines the corresponding storage address list according to the corresponding timestamp information and the identity of the intelligent electric meter, and extracts the service data packet from the corresponding storage node according to the timestamp information and the identity.
Further, the data management node extracts the corresponding service data packet from each storage node according to the corresponding timestamp information and the identity of the smart meter, including:
the data management node sends a data request to each storage node, wherein the data request comprises the identity identifier and the corresponding timestamp information;
and each storage node responds to the data request to carry out identity verification on the data management node, judges whether the identity of the data management node is legal or not, and returns the corresponding service data packet to the data management node if the identity of the data management node is judged to be legal.
Further, each storage node performs identity authentication on the data management node in response to the data request, and determines whether the identity of the data management node is legal, including:
the storage nodes verify the identity of the data management node according to prestored verification information, generate a first identity verification result, and gather the first identity verification result to a designated consensus node, wherein the consensus node is selected from the storage nodes in advance, and the verification information is stored in the storage nodes by the data management node in advance;
and the consensus node generates a consensus verification result based on each first identity verification result, and determines whether the identity of the data management node is legal or not based on the consensus verification result.
In a second aspect, an embodiment of the present application provides an encryption management apparatus for business data of an electric power internet of things, including:
the sending module is used for generating a corresponding key pair according to the identity of the intelligent electric meter by an appointed third party, wherein the key pair comprises an encryption key and a decryption key, extracting the encryption key from the key pair and sending the encryption key to the intelligent electric meter corresponding to the identity, extracting the decryption key from the key pair, binding the decryption key and the identity to generate decryption information, and sending the decryption information to a data management node;
the storage module is used for splitting the service data into a plurality of mutually redundant service data packets through the intelligent electric meter when the service data are stored, encrypting the service data packets by using the encryption key, and storing each service data packet to each storage node in a distributed manner, wherein each service data packet comprises the identity of the intelligent electric meter and timestamp information corresponding to the service data;
and the extraction module is used for extracting the corresponding service data packet from each storage node through the data management node according to the corresponding timestamp information and the identity of the intelligent electric meter when the service data of the intelligent electric meter is extracted, inquiring the decryption information according to the identity, extracting the corresponding decryption key to decrypt the service data packet, and acquiring the service data.
In a third aspect, an embodiment of the present application provides an electronic device, including:
a memory and one or more processors;
the memory for storing one or more programs;
when the one or more programs are executed by the one or more processors, the one or more processors implement the encryption management method for the service data of the power internet of things according to the first aspect.
In a fourth aspect, the present application provides a computer-readable storage medium, where the computer-executable instructions are executed by a computer processor to perform the encryption management method for the service data of the power internet of things according to the first aspect.
According to the method, a third party is appointed to generate a corresponding key pair according to the identity of the intelligent electric meter, the key pair comprises an encryption key and a decryption key, the encryption key is extracted from the key pair and sent to the intelligent electric meter corresponding to the identity, the decryption key is extracted from the key pair, the decryption key and the identity are bound to generate decryption information, and the decryption information is sent to a data management node; when the service data are stored, the intelligent ammeter divides the service data into a plurality of mutually redundant service data packets, encrypts the service data packets by using an encryption key, and stores each service data packet to each storage node in a distributed manner, wherein each service data packet comprises an identity of the intelligent ammeter and timestamp information corresponding to the service data; when the service data of the intelligent electric meter are extracted, the data management node extracts corresponding service data packets from each storage node according to the corresponding timestamp information and the identity of the intelligent electric meter, inquires decryption information according to the identity, extracts corresponding decryption keys to decrypt the service data packets, and acquires the service data. By adopting the technical means, the data management efficiency can be guaranteed, meanwhile, the data storage safety is improved in an adaptive mode, and the business data management of the power internet of things is optimized.
Drawings
Fig. 1 is a flowchart of an encryption management method for business data of an internet of things for electric power according to an embodiment of the present application;
FIG. 2 is a schematic structural diagram of an electric power Internet of things system in the first embodiment of the present application;
FIG. 3 is a flowchart of a business data extraction according to a first embodiment of the present application;
fig. 4 is a flowchart of a business data storage and extraction process in the first embodiment of the present application;
fig. 5 is a schematic structural diagram of an encryption management device for business data of an electric power internet of things according to a second embodiment of the present application;
fig. 6 is a schematic structural diagram of an electronic device according to a third embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, specific embodiments of the present application will be described in detail with reference to the accompanying drawings. It is to be understood that the specific embodiments described herein are merely illustrative of the application and are not limiting of the application. It should be further noted that, for the convenience of description, only some but not all of the relevant portions of the present application are shown in the drawings. Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although a flowchart may describe the operations (or steps) as a sequential process, many of the operations can be performed in parallel, concurrently or simultaneously. In addition, the order of the operations may be re-arranged. The process may be terminated when its operations are completed, but may have additional steps not included in the figure. The processes may correspond to methods, functions, procedures, subroutines, and the like.
The first embodiment is as follows:
fig. 1 is a flowchart of an encryption management method for business data of an electric power internet of things provided in an embodiment of the present application, where the encryption management method for business data of an electric power internet of things provided in this embodiment may be executed by an encryption management device for business data of an electric power internet of things, the encryption management device for business data of an electric power internet of things may be implemented in a software and/or hardware manner, and the encryption management device for business data of an electric power internet of things may be formed by two or more physical entities or may be formed by one physical entity. Generally, the encryption management device for the service data of the power internet of things can be a power internet of things system.
The following description will be given by taking the encryption management device of the power internet of things service data as an example of a main body of the encryption management method for executing the power internet of things service data. Referring to fig. 1, the encryption management method for the service data of the power internet of things specifically includes:
s110, a third party is appointed to generate a corresponding key pair according to the identity of the intelligent electric meter, the key pair comprises an encryption key and a decryption key, the encryption key is extracted from the key pair and sent to the intelligent electric meter corresponding to the identity, the decryption key is extracted from the key pair, the decryption key and the identity are bound to generate decryption information, and the decryption information is sent to a data management node.
The encryption management method for the business data of the power internet of things aims to generate a key pair for encryption and decryption of the business data through a trusted appointed third party, store the business data packets to each storage node in a distributed mode through an intelligent electric meter, and extract the business data packets for decryption through the data management node, so that the safety and the integrity of the business data can be guaranteed. And the generation of the data key pair is processed by a trusted appointed third party, so that a key management process of the power internet of things is omitted, and the service data management efficiency is optimized.
Specifically, referring to fig. 2, in the electric power internet of things system, each smart meter 11 is in signal connection with a storage node 12, and is used for storing service data of the smart meter 11. The storage nodes 12 are provided in a plurality, and when the smart meter 11 stores the service data, the service data is stored in the plurality of storage nodes 12 in a split manner, so that distributed storage of the service data is realized. Correspondingly, the data management node 13 is in signal connection with the storage node 12, and is configured to extract service data stored in the storage node 12, so as to perform processing on related services of the power internet of things. The intelligent electric meter 11 is arranged corresponding to each power consumption unit, and collects and stores relevant service data generated in the household power consumption process. In addition, the power internet of things system further comprises a trusted designated third party 14, and the designated third party 14 is used as a server for generating key pairs and is used for generating the key pairs of the service data of the intelligent electric meters. The key pairs are generated according to the identity marks of the intelligent electric meters, and one identity mark corresponds to one key pair. It can be understood that the identity of the smart meter is the unique identification information, and the key pair is also unique, so that the key pairs of different nodes can be prevented from being used in a mixed manner, and the risk of key cracking is reduced. Further, the appointed third party sends the encryption key in the key pair to the intelligent electric meter with the corresponding identity based on the generated key pair, and the encryption key is used for encrypting the service data of the subsequent intelligent electric meter. Correspondingly, the appointed third party further sends the decryption key in the key pair to the data management node, so that the subsequent data management node can decrypt the service data conveniently. It should be noted that, because the data management node needs to manage the service data of the plurality of smart meters, when the decryption key is stored in the data management node, the decryption key needs to be bound with the identity of the corresponding smart meter to generate decryption information, and the decryption key is stored in the data management node in the form of the decryption information, so that the subsequent data management node queries the decryption key according to the smart meter corresponding to the service data to be extracted, and extracts the decryption key through the corresponding identity to decrypt the service data. It can be understood that, in the embodiment of the application, the data is stored by encrypting the data, so that the difficulty of stealing the data can be increased, and the security of data storage and extraction is further improved.
In one embodiment, the designated third party updates the key pair every other key management period, and correspondingly updates the encryption key of the smart meter and the decryption information of the data management node according to the updated key pair. Specifically, the key pair is updated corresponding to each smart meter, and the newly generated encryption key is sent to the smart meter corresponding to the identity identifier after the key pair is updated, so as to update the original encryption key. And generating decryption information corresponding to the newly generated decryption key and the corresponding identity, and updating the decryption information to the data management node. Correspondingly, the data management node updates and replaces the decryption information according to the identity of the decryption information, so as to ensure real-time updating and use of the decryption key. It can be understood that, by periodically updating the encryption key and the decryption key of the service data, the situation that the data encryption key and the decryption key are easily broken, which causes the service data to be stolen and leaked can be avoided. Therefore, the difficulty of stealing the service data is increased, the safety of data storage and extraction is improved, and the operation of the power internet of things is optimized.
S120, when storing the service data, the intelligent electric meter splits the service data into a plurality of mutually redundant service data packets, encrypts the service data packets by using the encryption key, and stores each service data packet to each storage node in a distributed manner, wherein the service data packets comprise the identity of the intelligent electric meter and timestamp information corresponding to the service data.
After the pre-configuration storage of the encryption key and the decryption key is completed, the smart electric meter further performs a data storage process based on the service data generated in real time. It can be understood that the smart meter generates a lot of service data during the daily operation. The data types of the service data comprise user identity information, a home address, power consumption data, an electric meter operation log, safety monitoring data and the like, wherein part of the service data related to user privacy, such as the user identity information, the home address, the power consumption data and the like, is private, and in order to avoid data leakage and data stealing caused by network attack on the part of the service data, the part of the service data needs to be encrypted and stored in a storage node. In addition, in consideration of the fact that the risk that data is cracked is easily increased when a single storage node stores business data, the business data is stored in a distributed storage mode, and the difficulty of data stealing is increased by storing the business data through multiple storage nodes. Therefore, the fault tolerance of service data storage can be improved, the conditions that data is easy to steal and lose due to single node storage are avoided, and the safety of service data storage is guaranteed. Based on this, when storing the real-time service data, the service data is divided into a plurality of service data packets, and the service data packets are stored in the corresponding storage nodes. It should be noted that each service data packet includes a part of service data, and each service data packet further includes a part of service data that is mutually redundant, so as to further improve the fault tolerance of the service data storage. It can be understood that, by redundantly backing up part of the service data through each service data packet, even if the service data of one storage node is lost or the storage node is failed, the service data packets of the other storage nodes can be extracted, and the complete service data can be restored through the redundantly backed up service data. After the intelligent electric meter splits the service data into a plurality of service data packets, each service data packet is further stored to each storage node. It should be noted that each service data packet needs to include the identity of the smart meter and the timestamp information of the service data. And the subsequent data management node can conveniently inquire and extract the service data according to the corresponding identity and the timestamp information. Moreover, it can be understood that, in order to ensure the security of data storage and extraction and avoid an illegal node from obtaining the service data to steal the user privacy information, when the service data packet is stored in each storage node, the smart meter encrypts the service data packet by using the encryption key issued in advance in the step S110, so that the storage of the service data is safer. It can be understood that, since the service data is stored in the storage node in the form of an encrypted service data packet, the storage node cannot acquire the essential content of the service data, only the data management node side having the corresponding decryption key can decrypt the service data packet, and through the architectural setting of the storage node, the integrity and the fault tolerance of the service data storage are guaranteed, and the security of the service data storage is further improved.
In one embodiment, when the smart meter distributively stores each service data packet to each storage node, the smart meter randomly selects a plurality of storage nodes from all the storage nodes to store the service data packet. It can be understood that according to the actual service data storage requirement, the power internet of things can be provided with a large number of storage nodes, and in order to avoid the problem that the subsequent data packet decryption and data merging and restoration processes are long due to the fact that a large number of service data packets are split, in the embodiment of the application, a plurality of storage nodes are randomly selected from the plurality of storage nodes to store the service data packets, so that the proper splitting and storage amount of the data packets can be guaranteed, and the processing efficiency of the data extraction, decryption and restoration processes is guaranteed while the fault tolerance and integrity of data storage are guaranteed.
In one embodiment, when the smart meter stores each service data packet to each storage node in a distributed manner, the smart meter obtains storage states of all the storage nodes, and selects a plurality of the storage nodes to store the service data packets based on a storage balancing principle. It can be understood that by acquiring the storage states of all the storage nodes, the smart meter can ascertain the specific conditions of the storage space of each storage node, and select a plurality of storage nodes with idle storage spaces to store the service data packets according to the storage balancing principle, so that the storage of the service data packets can be ensured to be more balanced, the condition that the internal memory is short due to more service data packets stored by a single storage node is avoided, and the storage management of the service data is optimized.
It should be noted that, in order to facilitate subsequent data management nodes to extract a service data packet, in the embodiment of the present application, a storage address list is generated according to a storage node that stores the service data packet, and the storage address list is stored to the data management node corresponding to the timestamp information and the identity identifier. It can be understood that by recording the storage nodes storing the service data packets, generating a storage address list, and sending the storage address list to the data management node, the data management node can conveniently know the storage position of the current service data, subsequently extract the timestamp of the service data as needed and the identity of the intelligent electric meter to which the service data packet belongs, and the data management node requests the service data packet from each storage node in the list according to the corresponding storage address list. Therefore, the data management node can conveniently trace the storage position of the service data packet, and the extraction efficiency of the service data packet is improved.
S130, when the service data of the intelligent electric meter are extracted, the data management node extracts the corresponding service data packet from each storage node according to the corresponding timestamp information and the identity of the intelligent electric meter, inquires the decryption information according to the identity, extracts the corresponding decryption key to decrypt the service data packet, and acquires the service data.
After the storage of the service data is completed, when the data management node needs to extract the corresponding service data, the data management node sends a data request to the corresponding storage node. The data management node determines the corresponding storage address list according to the corresponding timestamp information and the identity of the smart meter, and extracts the service data packet from the corresponding storage node according to the timestamp information and the identity. Specifically, the data request includes timestamp information of the service data to be requested and an identity corresponding to the smart meter, so that the storage node returns a corresponding service data packet based on the timestamp information and the identity.
Specifically, referring to fig. 3, a flow chart for extracting service data is provided, where the flow of extracting service data includes:
s1301, the data management node sends a data request to each storage node, wherein the data request comprises the identity and the corresponding timestamp information;
s1302, each storage node responds to the data request to perform identity verification on the data management node, judges whether the identity of the data management node is legal, and returns the corresponding service data packet to the data management node if the identity of the data management node is judged to be legal.
According to the data management node, the identity identification of the intelligent electric meter and the timestamp information of the corresponding service data are added in the data request, so that the storage node can clarify the service data which needs to be extracted by the data management node. Correspondingly, after each storage node receives the data request, the data request is responded correspondingly. In consideration of ensuring the security of data storage and extraction, the identity of the data management node needs to be verified when responding to a data request. The storage node firstly queries the service data packet stored inside according to the timestamp information and the identity identifier in the data request, further verifies the validity of the identity of the data management node, and returns the corresponding service data packet to the data management node when the identity of the data management node is verified to be valid. Specifically, verifying the validity of the data management node identity includes:
s13021, verifying the identity of the data management node by each storage node according to prestored verification information, generating a first identity verification result, and summarizing the first identity verification result to a designated consensus node, wherein the consensus node is selected from a plurality of storage nodes in advance, and the verification information is stored in each storage node by the data management node in advance;
s13022, the consensus node generates a consensus verification result based on each first identity verification result, and determines whether the identity of the data management node is legal based on the consensus verification result.
The embodiment of the application adopts a block chain-based consensus verification mode to carry out identity verification on the data management node. Before this, the legal data management node stores the authentication information of its own identity in each storage node in advance for the subsequent authentication of the storage node. When the data request response of the data management node is carried out, the storage node compares the verification information provided by the data management node in real time based on the verification information stored by the storage node, and the verification information can be sent to the storage node together with the data request. And judging whether the two are consistent according to the verification information comparison result, and further outputting a corresponding first identity verification result. Considering that a single storage node has network attack and manipulation influences, the embodiment of the present application does not directly use the authentication result of the single storage node as the final authentication result. But performs consensus verification based on the first authentication results of the storage nodes to determine a final authentication result. And the consensus node summarizes the first identity verification result of each storage node to perform consensus verification. And the common identification verification adopts a few majority-obeying modes, and if the first identity verification result judges that the identity of the current data management node is legal to exceed 50%, the identity of the data management node is determined to be legal. Otherwise, the current data management node is considered to be illegal, the data request is ignored, and no data request response is carried out on the data request. After the data management node is verified to be legal, each storage node extracts the corresponding service data packet and sends the service data packet to the data management node, so that the response of the data request is completed.
Further, after the data management node extracts each service data packet, the data management node queries the pre-stored decryption information of the data management node through the identity of the intelligent electric meter corresponding to the service data packet, obtains the corresponding decryption key, and decrypts the service data packet by using the decryption key. Furthermore, since the service data packets contain mutually redundant service data, the data management node needs to screen out the mutually redundant data, and then restore to obtain complete service data. It can be understood that, because each service data packet includes mutually redundant partial service data, when the complete service data is restored according to the service data packet, the data management node obtains the complete service data by screening out the redundant partial service data among the service data packets, and performs processing on the related service of the power internet of things based on the service data.
Referring to fig. 4, in the embodiment of the application, a third party is designated to generate a corresponding key pair according to an identity of a smart meter, the key pair includes an encryption key and a decryption key, the encryption key is extracted from the key pair and sent to the smart meter corresponding to the identity, the decryption key is extracted from the key pair, the decryption key and the identity are bound to generate decryption information, and the decryption information is sent to a data management node; when the service data are stored, the intelligent ammeter divides the service data into a plurality of mutually redundant service data packets, encrypts the service data packets by using an encryption key, and stores each service data packet to each storage node in a distributed manner, wherein each service data packet comprises an identity of the intelligent ammeter and timestamp information corresponding to the service data; when the service data of the intelligent electric meter are extracted, the data management node extracts corresponding service data packets from each storage node according to the corresponding timestamp information and the identity of the intelligent electric meter, inquires decryption information according to the identity, extracts corresponding decryption keys to decrypt the service data packets, and acquires the service data. By adopting the technical means, the data management efficiency can be guaranteed, meanwhile, the data storage safety is improved in an adaptive mode, and the business data management of the power internet of things is optimized.
Example two:
on the basis of the foregoing embodiment, fig. 5 is a schematic structural diagram of an encryption management device for business data of an electric power internet of things according to a second embodiment of the present application. Referring to fig. 5, the encryption management apparatus for service data of the internet of things for electric power provided by this embodiment specifically includes: a sending module 21, a storage module 22 and an extraction module 23.
The sending module 21 is configured to generate a corresponding key pair according to an identity of the smart meter by using a designated third party, where the key pair includes an encryption key and a decryption key, extract the encryption key from the key pair and send the encryption key to the smart meter corresponding to the identity, extract the decryption key from the key pair, bind the decryption key and the identity to generate decryption information, and send the decryption information to the data management node;
the storage module 22 is configured to, when storing service data, split the service data into a plurality of mutually redundant service data packets through the smart meter, encrypt the service data packets using the encryption key, and store each service data packet to each storage node in a distributed manner, where the service data packet includes the identity of the smart meter and timestamp information corresponding to the service data;
the extracting module 23 is configured to, when the service data of the smart meter is extracted, extract, by the data management node, the corresponding service data packet from each storage node according to the corresponding timestamp information and the identity of the smart meter, query the decryption information according to the identity, extract the corresponding decryption key to decrypt the service data packet, and obtain the service data.
The third party is appointed to generate a corresponding key pair according to the identity of the intelligent electric meter, the key pair comprises an encryption key and a decryption key, the encryption key is extracted from the key pair and is sent to the intelligent electric meter corresponding to the identity, the decryption key is extracted from the key pair, the decryption key and the identity are bound to generate decryption information, and the decryption information is sent to the data management node; when the service data are stored, the intelligent ammeter divides the service data into a plurality of mutually redundant service data packets, encrypts the service data packets by using an encryption key, and stores each service data packet to each storage node in a distributed manner, wherein each service data packet comprises an identity of the intelligent ammeter and timestamp information corresponding to the service data; when the service data of the intelligent electric meter are extracted, the data management node extracts corresponding service data packets from each storage node according to the corresponding timestamp information and the identity of the intelligent electric meter, inquires decryption information according to the identity, extracts corresponding decryption keys to decrypt the service data packets, and acquires the service data. By adopting the technical means, the data management efficiency can be guaranteed, meanwhile, the data storage safety is improved in an adaptive mode, and the business data management of the power internet of things is optimized.
The encryption management device for the business data of the power internet of things provided by the second embodiment of the application can be used for executing the encryption management method for the business data of the power internet of things provided by the first embodiment of the application, and has corresponding functions and beneficial effects.
Example three:
an embodiment of the present application provides an electronic device, and with reference to fig. 6, the electronic device includes: a processor 31, a memory 32, a communication module 33, an input device 34, and an output device 35. The number of processors in the electronic device may be one or more, and the number of memories in the electronic device may be one or more. The processor, memory, communication module, input device, and output device of the electronic device may be connected by a bus or other means.
The memory 32 is a computer-readable storage medium, and can be used for storing software programs, computer-executable programs, and modules, such as program instructions/modules corresponding to the encryption management method for the service data of the power internet of things according to any embodiment of the present application (for example, a sending module, a storage module, and an extraction module in the encryption management device for the service data of the power internet of things). The memory can mainly comprise a program storage area and a data storage area, wherein the program storage area can store an operating system and an application program required by at least one function; the storage data area may store data created according to use of the device, and the like. Further, the memory may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other non-volatile solid state storage device. In some examples, the memory may further include memory located remotely from the processor, and these remote memories may be connected to the device over a network. Examples of such networks include, but are not limited to, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The communication module 33 is used for data transmission.
The processor 31 executes various functional applications and data processing of the device by running software programs, instructions and modules stored in the memory, that is, the encryption management method of the service data of the power internet of things is realized.
The input device 34 may be used to receive entered numeric or character information and to generate key signal inputs relating to user settings and function controls of the apparatus. The output device 35 may include a display device such as a display screen.
The electronic device provided by the embodiment can be used for executing the encryption management method for the business data of the power internet of things provided by the embodiment one, and has corresponding functions and beneficial effects.
Example four:
an embodiment of the present application further provides a computer-readable storage medium, where the computer-executable instructions, when executed by a computer processor, are configured to perform a method for encryption management of service data of an internet of things of electric power, where the method for encryption management of service data of an internet of things of electric power includes: a third party is appointed to generate a corresponding key pair according to an identity of the intelligent electric meter, wherein the key pair comprises an encryption key and a decryption key, the encryption key is extracted from the key pair and is sent to the intelligent electric meter corresponding to the identity, the decryption key is extracted from the key pair, the decryption key and the identity are bound to generate decryption information, and the decryption information is sent to a data management node; when storing service data, the intelligent ammeter divides the service data into a plurality of mutually redundant service data packets, encrypts the service data packets by using the encryption key, and stores each service data packet to each storage node in a distributed manner, wherein the service data packets comprise the identity of the intelligent ammeter and timestamp information corresponding to the service data; when the service data of the intelligent electric meter are extracted, the data management node extracts the corresponding service data packet from each storage node according to the corresponding timestamp information and the identity of the intelligent electric meter, inquires the decryption information according to the identity, extracts the corresponding decryption key to decrypt the service data packet, and acquires the service data.
Storage medium-any of various types of memory devices or storage devices. The term "storage medium" is intended to include: mounting media such as CD-ROM, floppy disk, or tape devices; computer system memory or random access memory such as DRAM, DDR RAM, SRAM, EDO RAM, Lanbas (Rambus) RAM, etc.; non-volatile memory such as flash memory, magnetic media (e.g., hard disk or optical storage); registers or other similar types of memory elements, etc. The storage medium may also include other types of memory or combinations thereof. In addition, the storage medium may be located in a first computer system in which the program is executed, or may be located in a different second computer system connected to the first computer system through a network (such as the internet). The second computer system may provide program instructions to the first computer for execution. The term "storage medium" may include two or more storage media residing in different locations, e.g., in different computer systems connected by a network. The storage medium may store program instructions (e.g., embodied as a computer program) that are executable by one or more processors.
Of course, the computer-readable storage medium provided in the embodiments of the present application has computer-executable instructions that are not limited to the above-described encryption management method for business data of the power internet of things, and may also perform related operations in the encryption management method for business data of the power internet of things provided in any embodiment of the present application.
The encryption management device, the storage medium, and the electronic device for the business data of the power internet of things provided in the foregoing embodiments may execute the encryption management method for the business data of the power internet of things provided in any embodiment of the present application, and reference may be made to the encryption management method for the business data of the power internet of things provided in any embodiment of the present application without detailed technical details in the foregoing embodiments.
The foregoing is considered as illustrative of the preferred embodiments of the invention and the technical principles employed. The present application is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present application has been described in more detail with reference to the above embodiments, the present application is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present application, and the scope of the present application is determined by the scope of the claims.

Claims (8)

1. An encryption management method for business data of an electric power Internet of things is characterized by comprising the following steps:
a third party is appointed to generate a corresponding key pair according to an identity of the intelligent electric meter, wherein the key pair comprises an encryption key and a decryption key, the encryption key is extracted from the key pair and is sent to the intelligent electric meter corresponding to the identity, the decryption key is extracted from the key pair, the decryption key and the identity are bound to generate decryption information, and the decryption information is sent to a data management node;
when storing service data, the intelligent ammeter divides the service data into a plurality of mutually redundant service data packets, encrypts the service data packets by using the encryption key, and stores each service data packet to each storage node in a distributed manner, wherein the service data packets comprise the identity of the intelligent ammeter and timestamp information corresponding to the service data;
when the service data of the intelligent electric meter are extracted, the data management node extracts the corresponding service data packet from each storage node according to the corresponding timestamp information and the identity of the intelligent electric meter, inquires the decryption information according to the identity, extracts the corresponding decryption key to decrypt the service data packet, and acquires the service data;
the data management node extracts the corresponding service data packet from each storage node according to the corresponding timestamp information and the identity of the smart meter, and the method comprises the following steps:
the data management node sends a data request to each storage node, wherein the data request comprises the identity identifier and the corresponding timestamp information;
each storage node responds to the data request to carry out identity verification on the data management node, judges whether the identity of the data management node is legal or not, and returns the corresponding service data packet to the data management node if the identity of the data management node is judged to be legal;
each storage node responds to the data request to perform identity verification on the data management node, and judges whether the identity of the data management node is legal or not, wherein the method comprises the following steps:
the storage nodes verify the identity of the data management node according to prestored verification information, generate a first identity verification result, and gather the first identity verification result to a designated consensus node, wherein the consensus node is selected from the storage nodes in advance, and the verification information is stored in the storage nodes by the data management node in advance;
and the consensus node generates a consensus verification result based on each first identity verification result, and determines whether the identity of the data management node is legal or not based on the consensus verification result.
2. The encryption management method for business data of the internet of things in electric power according to claim 1, wherein after the encryption key is extracted from the key pair and sent to the smart meter corresponding to the identity, the decryption key is extracted from the key pair, the decryption key is bound to the identity to generate decryption information, and the decryption information is sent to the data management node, the encryption management method further comprises:
and the appointed third party updates the key pair every other key management period, and correspondingly updates the encryption key of the intelligent electric meter and the decryption information of the data management node according to the updated key pair.
3. The encryption management method for business data of the internet of things in electric power according to claim 1, wherein the step of storing each business data packet in a distributed manner to each storage node comprises:
and the intelligent electric meter randomly selects a plurality of storage nodes from all the storage nodes to store the service data packet.
4. The encryption management method for business data of the internet of things in electric power according to claim 1, wherein the step of storing each business data packet in a distributed manner to each storage node comprises:
the intelligent electric meter obtains the storage states of all the storage nodes, and selects a plurality of the storage nodes to store the service data packet based on a storage balancing principle.
5. The encryption management method for business data of the power internet of things according to any one of claims 3 to 4, wherein after the business data packets are distributively stored in the storage nodes, the encryption management method further comprises:
generating a storage address list according to a storage node storing the service data packet, and storing the timestamp information and the identity corresponding to the storage address list to the data management node;
correspondingly, the data management node extracts the corresponding service data packet from each storage node according to the corresponding timestamp information and the identity of the smart meter, and the method includes:
and the data management node determines the corresponding storage address list according to the corresponding timestamp information and the identity of the intelligent electric meter, and extracts the service data packet from the corresponding storage node according to the timestamp information and the identity.
6. The utility model provides an electric power thing networking service data's encryption management device which characterized in that includes:
the sending module is used for generating a corresponding key pair according to the identity of the intelligent electric meter by an appointed third party, wherein the key pair comprises an encryption key and a decryption key, extracting the encryption key from the key pair and sending the encryption key to the intelligent electric meter corresponding to the identity, extracting the decryption key from the key pair, binding the decryption key and the identity to generate decryption information, and sending the decryption information to a data management node;
the storage module is used for splitting the service data into a plurality of mutually redundant service data packets through the intelligent electric meter when the service data are stored, encrypting the service data packets by using the encryption key, and storing each service data packet to each storage node in a distributed manner, wherein each service data packet comprises the identity of the intelligent electric meter and timestamp information corresponding to the service data;
the extraction module is used for extracting the corresponding service data packets from the storage nodes through the data management node according to the corresponding timestamp information and the identification of the intelligent electric meter when the service data of the intelligent electric meter is extracted, inquiring the decryption information according to the identification, extracting the corresponding decryption keys to decrypt the service data packets, and acquiring the service data;
the data management node extracts the corresponding service data packet from each storage node according to the corresponding timestamp information and the identity of the smart meter, and the method comprises the following steps:
the data management node sends a data request to each storage node, wherein the data request comprises the identity identifier and the corresponding timestamp information;
each storage node responds to the data request to carry out identity verification on the data management node, judges whether the identity of the data management node is legal or not, and returns the corresponding service data packet to the data management node if the identity of the data management node is judged to be legal;
each storage node responds to the data request to perform identity verification on the data management node, and judges whether the identity of the data management node is legal or not, wherein the method comprises the following steps:
the storage nodes verify the identity of the data management node according to prestored verification information, generate a first identity verification result, and gather the first identity verification result to a designated consensus node, wherein the consensus node is selected from the storage nodes in advance, and the verification information is stored in the storage nodes by the data management node in advance;
and the consensus node generates a consensus verification result based on each first identity verification result, and determines whether the identity of the data management node is legal or not based on the consensus verification result.
7. An electronic device, comprising:
a memory and one or more processors;
the memory for storing one or more programs;
when the one or more programs are executed by the one or more processors, the one or more processors are enabled to implement the encryption management method for the business data of the power internet of things as set forth in any one of claims 1 to 5.
8. A computer-readable storage medium, wherein the computer-executable instructions, when executed by a computer processor, are configured to perform the method for encryption management of power internet of things service data according to any one of claims 1 to 5.
CN202110010097.4A 2021-01-06 2021-01-06 Encryption management method and device for business data of power Internet of things Active CN112333212B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110010097.4A CN112333212B (en) 2021-01-06 2021-01-06 Encryption management method and device for business data of power Internet of things

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110010097.4A CN112333212B (en) 2021-01-06 2021-01-06 Encryption management method and device for business data of power Internet of things

Publications (2)

Publication Number Publication Date
CN112333212A CN112333212A (en) 2021-02-05
CN112333212B true CN112333212B (en) 2021-03-26

Family

ID=74302313

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110010097.4A Active CN112333212B (en) 2021-01-06 2021-01-06 Encryption management method and device for business data of power Internet of things

Country Status (1)

Country Link
CN (1) CN112333212B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113065841A (en) * 2021-03-10 2021-07-02 广西东信易联科技有限公司 Life cycle management method and system of Internet of things embedded equipment
CN113194012B (en) * 2021-04-27 2022-05-31 上海德衡数据科技有限公司 Multi-agent management method, device, equipment and storage medium based on Internet of things
CN114650188A (en) * 2022-05-20 2022-06-21 广州万协通信息技术有限公司 Data secure transmission method and device based on proxy node
CN116226943A (en) * 2023-01-09 2023-06-06 宁夏隆基宁光仪表股份有限公司 Smart electric meter data storage device and smart electric meter data storage method based on cloud platform
CN115955321B (en) * 2023-03-15 2023-06-20 浙江宇视科技有限公司 Data management method, device, system and computer readable storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110879897A (en) * 2019-12-03 2020-03-13 广东电网有限责任公司 Block chain-based power data security protection method
CN110971656A (en) * 2018-10-01 2020-04-07 施耐德电器工业公司 Secure storage of data in blockchains
CN111770060A (en) * 2020-06-01 2020-10-13 中国电力科学研究院有限公司 Data transmission method for power internet of things and power internet of things
CN111769632A (en) * 2019-04-01 2020-10-13 中国电力科学研究院有限公司 Distributed power supply safety communication method and system adopting NB-IOT technology

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10291395B1 (en) * 2018-01-25 2019-05-14 Fortress Cyber Security, LLC Secure storage of data via a distributed ledger system
CN108449389A (en) * 2018-02-27 2018-08-24 江苏理工学院 A kind of safety monitoring big data processing method and system based on cloud computing
CN111917763A (en) * 2020-07-28 2020-11-10 魅豚智慧科技(深圳)有限公司 Method, device and system for generating control scheme of Internet of things equipment

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110971656A (en) * 2018-10-01 2020-04-07 施耐德电器工业公司 Secure storage of data in blockchains
CN111769632A (en) * 2019-04-01 2020-10-13 中国电力科学研究院有限公司 Distributed power supply safety communication method and system adopting NB-IOT technology
CN110879897A (en) * 2019-12-03 2020-03-13 广东电网有限责任公司 Block chain-based power data security protection method
CN111770060A (en) * 2020-06-01 2020-10-13 中国电力科学研究院有限公司 Data transmission method for power internet of things and power internet of things

Also Published As

Publication number Publication date
CN112333212A (en) 2021-02-05

Similar Documents

Publication Publication Date Title
CN112333212B (en) Encryption management method and device for business data of power Internet of things
CN112333213B (en) Privacy protection method and device for business data of power Internet of things
CN109450638B (en) Block chain-based electronic component data management system and method
US10728229B2 (en) Method and device for communicating securely between T-box device and ECU device in internet of vehicles system
CN111930851B (en) Control data processing method, device, medium and electronic equipment of block chain network
CN111786785B (en) Block chain-based power distribution Internet of things node switching method and device
CN111371588A (en) SDN edge computing network system based on block chain encryption, encryption method and medium
CN110990111B (en) Method and system for verifying virtual trusted root in cloud environment
CN112350875B (en) Centralized management configuration method and device for configuration data
CN112559251B (en) Configuration data management method and device for electric power Internet of things
CN112559250B (en) Configuration data backup method and device for electric power Internet of things
CN112559252B (en) Configuration data management method and device based on attribute classification
CN113452519B (en) Key synchronization method and device, computer equipment and storage medium
CN112468350B (en) Operation parameter configuration management method and device of power Internet of things
CN112507301B (en) Internet of things equipment control method, device, equipment and storage medium
CN112506705B (en) Distributed storage configuration information backup method and device
CN112333036B (en) Multi-storage-node-based power Internet of things configuration data backup method and device
CN112560097B (en) Storage management method and device for power business data
CN114692174A (en) Electronic certificate service system, method, device, medium and equipment
CN111953683A (en) Equipment authentication method, device, storage medium and authentication system
CN112506703B (en) Backup method and device for configuration information of terminal of Internet of things
CN112560098B (en) Service data management method and device of electric power Internet of things
CN112506704B (en) Configuration information backup method and device for gateway of Internet of things
CN112787864B (en) Grouping configuration method and device of power internet of things
CN112650630B (en) Distributed backup method and device for operating parameters of intelligent electric meter

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant