CN112565279A - Sensor signal processing system based on safety network - Google Patents
Sensor signal processing system based on safety network Download PDFInfo
- Publication number
- CN112565279A CN112565279A CN202011445394.3A CN202011445394A CN112565279A CN 112565279 A CN112565279 A CN 112565279A CN 202011445394 A CN202011445394 A CN 202011445394A CN 112565279 A CN112565279 A CN 112565279A
- Authority
- CN
- China
- Prior art keywords
- network
- module
- data
- unit
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1408—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
- H04L63/1416—Event detection, e.g. attack signature detection
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/20—Network architectures or network communication protocols for network security for managing network security; network security policies in general
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/01—Protocols
- H04L67/12—Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Virology (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention discloses a sensor signal processing system based on a secure network, which comprises a sensor module, a sensor interface unit, a data transmission unit, a data processing unit, a data encryption unit, a data transmission unit, a secure network module, a network protection module, an identity authentication module, a security management module, a network repair module, a network detection module and a network authentication module, wherein after the data of the sensor module is processed by the data processing unit, the data transmission unit transmits the data through the secure network module, the network used for transmitting the data is protected and detected through the network protection module and the network detection module, the data is encrypted by the data encryption unit, and the security information of a user and the network is authenticated through the identity authentication module and the network authentication module, so that the security of the data in the process of transmitting through the network is ensured, data loss or leakage is avoided, and data transmission safety of the sensor module is improved.
Description
Technical Field
The invention relates to the technical field of sensor signal processing, in particular to a sensor signal processing system based on a secure network.
Background
The sensor is a detection device which can sense the measured information and convert the sensed information into an electric signal or other information in a required form according to a certain rule to output so as to meet the requirements of information transmission, processing, storage, display, recording, control and the like. The sensor features include: miniaturization, digitalization, intellectualization, multifunction, systematization and networking. The method is the first link for realizing automatic detection and automatic control. The existence and development of the sensor enable the object to have the senses of touch, taste, smell and the like, and the object slowly becomes alive. Generally, the security network is classified into ten categories, i.e., a thermosensitive element, a photosensitive element, a gas-sensitive element, a force-sensitive element, a magnetic-sensitive element, a humidity-sensitive element, an acoustic-sensitive element, a radiation-sensitive element, a color-sensitive element, and a taste-sensitive element, according to their basic sensing functions. Or a secure network during transmission, the sensor data may be transmitted using the network during transmission.
In the use process of the existing sensor signal processing system, after the data of the sensor is processed, in the process of transmitting the data of the sensor through the network, the security of the network cannot be guaranteed, so that the data is easy to attack by an external network in the transmission process, the data is lost or leaked, and the transmission security of the data of the sensor is reduced.
Disclosure of Invention
The present invention is directed to a sensor signal processing system for secure network, which solves the above problems of the related art.
In order to achieve the purpose, the invention provides the following technical scheme: a sensor signal processing system based on a secure network comprises a sensor module, a sensor interface unit, a data transmission unit, a data processing unit, a data encryption unit, a data transmission unit, a secure network module, a network protection module, an identity authentication module, a security management module, a network repair module, a network detection module and a network authentication module, wherein the sensor module is connected with the sensor interface unit, the data interface unit is connected with the data transmission unit, the data transmission unit is connected with the data processing unit, the data processing unit is connected with the data encryption unit, the data encryption unit is connected with the data transmission unit, the data transmission unit is connected with the secure network module, the secure network module is interactively connected with the network protection module, and the secure network module is interactively connected with the identity authentication module, the safety network module is interactively connected with the safety management module, the safety network module is interactively connected with the network repair module, the safety network module is interactively connected with the network detection module, and the safety network module is interactively connected with the network authentication module;
the sensor interface unit is used for receiving data detected by the sensor module;
the data transmission unit is used for transmitting the data detected by the sensor to the data processing unit;
the data processing unit is used for processing the data in the data transmission unit;
the data encryption unit is used for encrypting the data processed by the data processing unit;
the data sending unit is used for sending the data encrypted by the data encryption unit;
the network protection module is used for protecting a network used for data transmission;
the identity authentication module is used for carrying out identity authentication on a user using a network;
the security management module is used for analyzing the network state;
the network repairing module is used for repairing the network;
the network detection module is used for detecting the security problem of the network;
and the network authentication module is used for authenticating the used network.
As further preferable in the present technical solution: the network protection module is interactively connected with a firewall unit;
the firewall unit is used for controlling data access among networks, and the firewall technology monitors and checks data packet communication among a plurality of networks according to a set security policy to determine whether the communication behavior is allowed or not, allows data communication among trusted sites authenticated by the security policy, prevents data communication of dangerous sites, and analyzes communication data.
As further preferable in the present technical solution: the identity authentication module is interactively connected with an authentication unit;
the authentication unit is used for ensuring the reliability of the access user through accurate identity authentication and positioning, the user authentication system provides a network access control function aiming at the network access behavior of the user, and simultaneously, the static binding, the dynamic binding and the automatic binding of a user account, a user IP, a user MAC, an equipment IP and an equipment port ensure the uniqueness of the network access identity of the user.
As further preferable in the present technical solution: the security management module is interactively connected with a policy unit;
the strategy unit is used for managing the security equipment and the system security strategy in the security network module, realizing the uniform configuration, distribution and management of the security strategy of the whole system, realizing the centralized management of the network security equipment, collecting and managing all security logs and security events in the security network module in a centralized manner, realizing the centralized log analysis, audit and report, carrying out the centralized analysis and audit, and discovering potential attack symptoms and security development trends.
As further preferable in the present technical solution: the network repair module is interactively connected with a repair unit;
the repair unit is used for tracking the change of the security vulnerability, effectively performing system patching and virus feature codes on the secure network module, and automatically and forcibly distributing and deploying the patch program according to different security strategies.
As further preferable in the present technical solution: the network detection module is interactively connected with a monitoring unit;
the interception unit is used for detecting and intercepting behaviors which are not consistent with the established security policy in the security network module, and performing behavior prevention and information protection according to a preset rule for operations which can threaten network information.
As further preferable in the present technical solution: the network authentication module is interactively connected with an authentication unit;
the authentication unit is used for authenticating the authenticity of the information sending source, verifying whether both communication parties hold correct communication keys or communication passwords, and verifying the communication information, wherein the data is not tampered.
As further preferable in the present technical solution: the data encryption unit encrypts the data by using a key or an encryption function and converts the data into a ciphertext, so that the ciphertext can be restored into a plaintext by using the transmitted data only by using a decryption key or a decryption function in response, and the actual content of the transmitted data is obtained.
Compared with the prior art, the invention has the beneficial effects that: in the using process of the invention, after the data processing unit processes the data of the sensor module, the data sending unit transmits the data through the security network module, the network used for transmitting the data is protected and detected through the network protection module and the network detection module, meanwhile, the data is encrypted through the data encryption unit, and the security information of the user and the network is authenticated through the identity authentication module and the network authentication module, so that the security of the data in the network transmission process is ensured, the data loss or leakage is avoided, and the data transmission security of the sensor module is improved.
Drawings
FIG. 1 is a block diagram of a system according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Examples
Referring to fig. 1, the present invention provides a technical solution: a sensor signal processing system based on a safety network comprises a sensor module, a sensor interface unit, a data transmission unit, a data processing unit, a data encryption unit, a data transmission unit, a safety network module, a network protection module, an identity authentication module, a safety management module, a network repair module, a network detection module and a network authentication module, wherein the sensor module is connected with the sensor interface unit, the data interface unit is connected with the data transmission unit, the data transmission unit is connected with the data processing unit, the data processing unit is connected with the data encryption unit, the data encryption unit is connected with the data transmission unit, the data transmission unit is connected with the safety network module, the safety network module is interactively connected with the network protection module, the safety network module is interactively connected with the identity authentication module, and the safety network module is interactively connected with the safety management module, the safety network module is interactively connected with the network repairing module, the safety network module is interactively connected with the network detecting module, and the safety network module is interactively connected with the network authentication module;
the sensor interface unit is used for receiving data detected by the sensor module;
the data transmission unit is used for transmitting the data detected by the sensor to the data processing unit;
the data processing unit is used for processing the data in the slave data transmission unit;
the data encryption unit is used for encrypting the data processed by the data processing unit;
the data sending unit is used for sending the data encrypted by the data encryption unit;
the network protection module is used for protecting the network used for data transmission;
the identity authentication module is used for carrying out identity authentication on a user using the network;
the safety management module is used for analyzing the network state;
the network repairing module is used for repairing the network;
the network detection module is used for detecting the security problem of the network;
and the network authentication module is used for authenticating the used network.
In this embodiment, specifically: the network protection module is interactively connected with a firewall unit;
and the firewall unit is used for controlling data access among networks, and the firewall technology monitors and checks data packet communication among a plurality of networks according to a set security policy so as to determine whether the communication behavior is allowed or not, allow data communication among trusted sites authenticated by the security policy, prevent data communication of dangerous sites and analyze communication data.
In this embodiment, specifically: the identity authentication module is interactively connected with an authentication unit;
the authentication unit is used for ensuring the reliability of the access user through accurate identity authentication and positioning, the user authentication system provides a network access control function aiming at the network access behavior of the user, and simultaneously, the static binding, the dynamic binding and the automatic binding of a user account, a user IP, a user MAC, an equipment IP and an equipment port ensure the uniqueness of the network access identity of the user.
In this embodiment, specifically: the safety management module is interactively connected with a strategy unit;
the strategy unit is used for managing the security equipment and the system security strategy in the security network module, realizing the uniform configuration, distribution and management of the security strategy of the whole system, realizing the centralized management of the network security equipment, collecting and managing all security logs and security events in the security network module in a centralized manner, realizing the centralized log analysis, audit and report, carrying out the centralized analysis and audit, and discovering potential attack symptoms and security development trends.
In this embodiment, specifically: the network repair module is interactively connected with a repair unit;
and the repairing unit is used for tracking the change of the security vulnerability, effectively performing system patching and virus feature codes on the secure network module, and automatically and forcibly distributing and deploying the patch program according to different security strategies.
In this embodiment, specifically: the network detection module is interactively connected with a monitoring unit;
and the interception unit is used for detecting and intercepting behaviors which are not consistent with the established security policy in the security network module, and performing behavior prevention and information protection according to a preset rule on operations which can threaten network information.
In this embodiment, specifically: the network authentication module is interactively connected with an authentication unit;
and the authentication unit is used for authenticating the authenticity of the information sending source, verifying whether both communication parties hold correct communication keys or communication passwords, and verifying the communication information, wherein the data is not tampered.
In this embodiment, specifically: and the data encryption unit is used for encrypting the data by using the key or the encryption function and converting the data into the ciphertext, so that the ciphertext can be restored into the plaintext only by using the decryption key or the decryption function which responds to the transmitted data, and the actual content of the transmitted data is obtained.
When the sensor module is used, after the data processing unit processes the data of the sensor module, the data sending unit transmits the data through the safety network module, the network protection module and the network detection module are used for protecting and detecting the network used for transmitting the data, the data encryption unit is used for encrypting the data, and the identity authentication module and the network authentication module are used for authenticating the safety information of a user and the network, so that the safety of the data in the network transmission process is ensured, the data loss or leakage is avoided, and the data transmission safety of the sensor module is improved.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (8)
1. The utility model provides a sensor signal processing system for based on secure network, includes sensor module, sensor interface unit, data transmission unit, data processing unit, data encryption unit, data transmission unit, secure network module, network protection module, identity authentication module, safety management module, network repair module, network detection module and network authentication module, its characterized in that: the sensor module is connected with the sensor interface unit, the data interface unit is connected with the data transmission unit, the data transmission unit is connected with the data processing unit, the data processing unit is connected with the data encryption unit, the data encryption unit is connected with the data transmission unit, the data transmission unit is connected with the safety network module, the safety network module is interactively connected with the network protection module, the safety network module is interactively connected with the identity authentication module, the safety network module is interactively connected with the safety management module, the safety network module is interactively connected with the network repair module, the safety network module is interactively connected with the network detection module, and the safety network module is interactively connected with the network authentication module;
the sensor interface unit is used for receiving data detected by the sensor module;
the data transmission unit is used for transmitting the data detected by the sensor to the data processing unit;
the data processing unit is used for processing the data in the data transmission unit;
the data encryption unit is used for encrypting the data processed by the data processing unit;
the data sending unit is used for sending the data encrypted by the data encryption unit;
the network protection module is used for protecting a network used for data transmission;
the identity authentication module is used for carrying out identity authentication on a user using a network;
the security management module is used for analyzing the network state;
the network repairing module is used for repairing the network;
the network detection module is used for detecting the security problem of the network;
and the network authentication module is used for authenticating the used network.
2. The secure network-based sensor signal processing system of claim 1, wherein: the network protection module is interactively connected with a firewall unit;
the firewall unit is used for controlling data access among networks, and the firewall technology monitors and checks data packet communication among a plurality of networks according to a set security policy to determine whether the communication behavior is allowed or not, allows data communication among trusted sites authenticated by the security policy, prevents data communication of dangerous sites, and analyzes communication data.
3. The secure network-based sensor signal processing system of claim 1, wherein: the identity authentication module is interactively connected with an authentication unit;
the authentication unit is used for ensuring the reliability of the access user through accurate identity authentication and positioning, the user authentication system provides a network access control function aiming at the network access behavior of the user, and simultaneously performs static binding, dynamic binding and automatic binding on a user account, a user IP, a user MAC, an equipment IP and an equipment port.
4. The secure network-based sensor signal processing system of claim 1, wherein: the security management module is interactively connected with a policy unit;
the strategy unit is used for managing the security equipment and the system security strategy in the security network module, realizing the uniform configuration, distribution and management of the security strategy of the whole system, realizing the centralized management of the network security equipment, collecting and managing all security logs and security events in the security network module in a centralized manner, realizing the centralized log analysis, audit and report, carrying out the centralized analysis and audit, and discovering potential attack symptoms and security development trends.
5. The secure network-based sensor signal processing system of claim 1, wherein: the network repair module is interactively connected with a repair unit;
and the repair unit is used for tracking the change of the security vulnerability, performing system patching and virus feature codes on the secure network module, and automatically and forcibly distributing and deploying the patch program according to different security strategies.
6. The secure network-based sensor signal processing system of claim 1, wherein: the network detection module is interactively connected with a monitoring unit;
the interception unit is used for detecting and intercepting behaviors which are not consistent with the established security policy in the security network module, and performing behavior prevention and information protection according to a preset rule for operations which can threaten network information.
7. The secure network-based sensor signal processing system of claim 1, wherein: the network authentication module is interactively connected with an authentication unit;
the authentication unit is used for authenticating the authenticity of the information sending source, verifying whether both communication parties hold correct communication keys or communication passwords, and verifying the communication information, wherein the data is not tampered.
8. The secure network-based sensor signal processing system of claim 1, wherein: the data encryption unit encrypts the data by using a key or an encryption function and converts the data into a ciphertext, so that the ciphertext can be restored into a plaintext by using the transmitted data only by using a decryption key or a decryption function in response, and the actual content of the transmitted data is obtained.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011445394.3A CN112565279A (en) | 2020-12-09 | 2020-12-09 | Sensor signal processing system based on safety network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011445394.3A CN112565279A (en) | 2020-12-09 | 2020-12-09 | Sensor signal processing system based on safety network |
Publications (1)
Publication Number | Publication Date |
---|---|
CN112565279A true CN112565279A (en) | 2021-03-26 |
Family
ID=75062895
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011445394.3A Pending CN112565279A (en) | 2020-12-09 | 2020-12-09 | Sensor signal processing system based on safety network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112565279A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115021964A (en) * | 2022-04-29 | 2022-09-06 | 北京旋极安辰计算科技有限公司 | Distributed security supervision engine system based on trusted verification |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916968A (en) * | 2012-10-29 | 2013-02-06 | 北京天诚盛业科技有限公司 | Identity authentication method, identity authentication server and identity authentication device |
CN105282178A (en) * | 2015-11-29 | 2016-01-27 | 国网江西省电力公司信息通信分公司 | Cloud computing security technology platform |
CN108683549A (en) * | 2018-06-08 | 2018-10-19 | 湖北鑫英泰系统技术股份有限公司 | A kind of network security applied in electric power monitoring system monitors system |
US10419931B1 (en) * | 2016-08-25 | 2019-09-17 | EMC IP Holding Company LLC | Security for network computing environment using centralized security system |
CN111756693A (en) * | 2020-05-20 | 2020-10-09 | 国网河北省电力有限公司电力科学研究院 | Encryption type electric power monitored control system network safety monitoring device |
-
2020
- 2020-12-09 CN CN202011445394.3A patent/CN112565279A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102916968A (en) * | 2012-10-29 | 2013-02-06 | 北京天诚盛业科技有限公司 | Identity authentication method, identity authentication server and identity authentication device |
CN105282178A (en) * | 2015-11-29 | 2016-01-27 | 国网江西省电力公司信息通信分公司 | Cloud computing security technology platform |
US10419931B1 (en) * | 2016-08-25 | 2019-09-17 | EMC IP Holding Company LLC | Security for network computing environment using centralized security system |
CN108683549A (en) * | 2018-06-08 | 2018-10-19 | 湖北鑫英泰系统技术股份有限公司 | A kind of network security applied in electric power monitoring system monitors system |
CN111756693A (en) * | 2020-05-20 | 2020-10-09 | 国网河北省电力有限公司电力科学研究院 | Encryption type electric power monitored control system network safety monitoring device |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115021964A (en) * | 2022-04-29 | 2022-09-06 | 北京旋极安辰计算科技有限公司 | Distributed security supervision engine system based on trusted verification |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
EP1436937B1 (en) | Arrangement and method for execution of code | |
CN112217835B (en) | Message data processing method and device, server and terminal equipment | |
CN103903187A (en) | Fast detection method for potential safety hazards of power distribution automation system information | |
AU2020104272A4 (en) | Blockchain-based industrial internet data security monitoring method and system | |
JP2015534681A (en) | Server-side application assurance against security vulnerabilities | |
CN114338019B (en) | Network communication method, system, device and storage medium based on quantum key distribution | |
CN106685775A (en) | Self-inspection type invasion prevention method and system for intelligent household electrical appliance | |
CN111314381A (en) | Safety isolation gateway | |
CN106341819A (en) | Phishing WiFi identification system and method based on honeypot technology | |
Essa et al. | Cyber physical sensors system security: threats, vulnerabilities, and solutions | |
Mendel | Smart grid cyber security challenges: Overview and classification | |
Flå et al. | Tool-assisted threat modeling for smart grid cyber security | |
CN112565279A (en) | Sensor signal processing system based on safety network | |
CN112202773B (en) | Computer network information security monitoring and protection system based on internet | |
Gao | Cyberthreats, attacks and intrusion detection in supervisory control and data acquisition networks | |
Patel et al. | Analysis of SCADA Security models | |
CN114024957A (en) | Method for carrying out risk judgment on user behavior in zero trust architecture | |
Ravindrababu et al. | Analysis of Vulnerability Trends and Attacks in OT Systems | |
Sorge | IT Security measures and their relation to data protection | |
CN117390708B (en) | Privacy data security protection method and system | |
CN109450644A (en) | Home energy source management system protecting information safety scheme Internet-based | |
Kiuchi et al. | Security technologies, usage and guidelines in SCADA system networks | |
Conte de Leon et al. | Cybersecurity | |
Cunha | Cybersecurity Threats for a Web Development | |
CN117252599B (en) | Dual security authentication method and system for intelligent POS machine |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20210326 |
|
WD01 | Invention patent application deemed withdrawn after publication |