CN113193977A - Safe and trusted system based on block chain technology - Google Patents

Safe and trusted system based on block chain technology Download PDF

Info

Publication number
CN113193977A
CN113193977A CN202110270503.0A CN202110270503A CN113193977A CN 113193977 A CN113193977 A CN 113193977A CN 202110270503 A CN202110270503 A CN 202110270503A CN 113193977 A CN113193977 A CN 113193977A
Authority
CN
China
Prior art keywords
unit
data
module
block chain
credible
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202110270503.0A
Other languages
Chinese (zh)
Inventor
胡洋
周汉宾
戴佳杙
周叶芬
刘阳
刘永亮
何抗
罗皎娇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Industrial Cloud Manufacturing Sichuan Innovation Center Co ltd
Original Assignee
Industrial Cloud Manufacturing Sichuan Innovation Center Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Industrial Cloud Manufacturing Sichuan Innovation Center Co ltd filed Critical Industrial Cloud Manufacturing Sichuan Innovation Center Co ltd
Priority to CN202110270503.0A priority Critical patent/CN113193977A/en
Publication of CN113193977A publication Critical patent/CN113193977A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/06Management of faults, events, alarms or notifications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/16Threshold monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1441Countermeasures against malicious traffic
    • H04L63/145Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/50Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols using hash chains, e.g. blockchains or hash trees

Abstract

The invention discloses a safe and credible system based on a block chain technology, which comprises a credible data collection and storage module, a credible data transmission module, a safe setting module, an early warning module and credible equipment, wherein the safe setting module comprises a risk analysis feedback unit, a risk detection unit, a risk evaluation unit and a safety defense unit, and is used for realizing the visual plan of users with different identities on a block chain platform, realizing the combination of data communication between different block chain safety systems and credible equipment by utilizing an open standard interface and realizing the combination of the block chain and the credible equipment by utilizing system adaptation, realizing the data communication between the different block chain safety systems and the system adaptation by utilizing the open standard interface, pushing standard services with a safety protection mechanism to the block chain technical platform, improving the safety performance and simultaneously formulating a safe and credible system mechanism, the bottleneck that data are incompatible between the existing block chains is solved, and the expansibility of the block chains is greatly improved.

Description

Safe and trusted system based on block chain technology
Technical Field
The invention belongs to the technical field of block chain technology, and particularly relates to a safe and trusted system based on block chain technology.
Background
Blockchains are a term of art in information technology. In essence, the system is a shared database, and the data or information stored in the shared database has the characteristics of 'unforgeability', 'whole-course trace', 'traceability', 'public transparency', 'collective maintenance', and the like. Based on the characteristics, the block chain technology lays a solid trust foundation, creates a reliable cooperation mechanism, has wide application prospect, gradually approaches to maturity of management technologies such as related networks and devices along with the birth and the development of computer networks, and has continuously perfect functions of a standard device management system and a related network management protocol. For each field, the equipment management system is gradually improved, and a relatively advanced informatization technology can be adopted aiming at the aspects of equipment basic information statistics, maintenance record management and the like, so that the equipment static information can be maintained and managed, and the operation such as equipment dynamic operation modification and the like can be monitored in real time. The trusted management of the equipment data is adopted by utilizing the advanced technology, so that the equipment is favorably maintained and diagnosed, faults are eliminated, the equipment is ensured to be in the optimal state, and the actions of monitoring the equipment and the like are realized.
At present, a data trusted configuration management system is mainly based on the use modes of a C/S (client/server) and a B/S (browser/server), and an administrator accesses the server through a browser/terminal program and performs configuration management on a network and a device. However, with the increasing background and system and the increasing complexity of the network structure, some problems are also caused:
1) data in the existing data configuration management system is easy to tamper, high in safety risk and difficult to supervise;
2) the existing data configuration management system lacks a configuration abnormal service tracing and responsibility confirmation means;
3) the configuration management efficiency of the existing data configuration management system is still to be further improved, the data storage is centralized, and a distributed efficient safe data configuration management means and a presentation mode are lacked.
Therefore, a safety monitoring and protection system for an industrial internet platform system is provided.
Disclosure of Invention
The invention aims to provide a safe and trusted system based on a block chain technology, which aims to solve the problems that the background technology proposes that the network structure is more and more complex along with the increasing of backgrounds and systems: data in the existing data configuration management system is easy to tamper, high in safety risk and difficult to supervise; the existing data configuration management system lacks a configuration abnormal service tracing and responsibility confirmation means; the existing data configuration management system has the problems that the configuration management efficiency is still required to be further improved, the data storage is centralized, and a distributed efficient and safe data configuration management means and a presentation mode are lacked.
In order to achieve the purpose, the invention adopts the following technical scheme:
a safe and trusted system based on a block chain technology comprises a trusted data collection and storage module, a trusted data transmission module, a safety setting module, an early warning module and trusted equipment, wherein the safety setting module comprises a risk analysis feedback unit, a risk detection unit, a risk evaluation unit and a safety defense unit and is used for realizing the visual plan of users with different identities on a block chain platform;
the credible data collection and storage module is one of core modules of the whole platform and is also a main module; in the process of setting the block chain safety information, different cloud platforms and various block chain platforms are selected according to the needs of a user, the data transmission module is provided with an open standard interface, and data communication and system adaptation among different block chain safety systems are realized by utilizing the open standard interface;
the credible-based data transmission module can be adapted to support of various infrastructures and various cloud platforms, combination of a block chain and credible equipment is achieved, and the block chain is used as an initial unit of a credible software basic platform.
Preferably, the risk analysis feedback unit divides the risk into four levels of a blue risk, a yellow risk, an orange risk and a red risk, and the detection result determines the risk level according to the corresponding threshold range.
Preferably, the trusted device includes a writing unit and a converting unit, and is configured to receive trusted internet of things data of at least one entity unit, and write primary trusted internet of things data of the at least one entity unit into the block chain; the conversion unit is used for processing the credible Internet of things data of the at least one entity unit to obtain corresponding credible data, and writing the credible data into the block chain.
Preferably, the writing unit comprises at least one storage medium for storing computer instructions and at least one processor; the at least one processor is configured to execute the computer instructions to implement the trusted processing of blockchain-based data method as in any one of the preceding claims.
Preferably, the trusted data reflects a production operation condition of a corresponding trusted internet of things data entity unit or reflects an assets state of a corresponding entity unit, and the trusted data is data protected by at least one information security technology, wherein the production operation condition of the unit and the assets state of the corresponding entity unit can be simultaneously reflected.
Preferably, the early warning unit comprises a log server, an information processing unit, a comparison unit, a matching unit, a merging association unit, an analysis unit, an alarm unit, an evaluation unit, a virus processing unit and a policy server, wherein the log server is used for collecting and acquiring log information and alarm information of network equipment of different manufacturers.
Preferably, the information processing module is configured to perform unified formatting processing on the information acquired by the log server, compare the processed data with data of a preset knowledge base in the policy server through the comparison module, perform matching through the matching module, eliminate irrelevant information and redundant information therein, and merge and associate the processed information through the merging association module.
Preferably, the log server adopts an rsyslog protocol; the virus processing module is used for processing the invading virus, the concrete mode comprises virus killing and patch installation, the model of the information processing module is CP341, the model of the analysis module is TDS3AAM, as a preferred technical scheme of the invention, the model of the evaluation module is INA199 EVM.
Preferably, the matching module is configured to perform feature comparison on the data potentially invading the host and the network virus data stored in the network virus storage module.
Preferably, the trusted device further comprises a temperature sensor and a displacement sensor which are installed on the monitored host; the temperature sensor is used for sensing the temperature of the monitored host and monitoring the on-off state of the controlled host; and the displacement sensor sends the host positioning information to the network security inspection module.
The invention has the technical effects and advantages that: compared with the prior art, the safe and trusted system based on the block chain technology realizes the combination of the block chain and trusted equipment, and simultaneously starts to use the block chain as a trusted software basic platform. The data transmission module is provided with an open standard interface, data communication and system adaptation among different block chain safety systems are achieved through the open standard interface, a standard service with a safety protection mechanism is pushed to a block chain technology platform, safety performance is improved, meanwhile, a safe and credible system mechanism is formulated, the bottleneck that data are incompatible among existing block chains is solved, and expansibility of the block chains is greatly improved.
Drawings
FIG. 1 is a block diagram of the system of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, rather than all embodiments, and the specific embodiments described herein are only used for explaining the present invention and are not used for limiting the present invention, and all other embodiments obtained by a person of ordinary skill in the art without creative efforts based on the embodiments of the present invention belong to the protection scope of the present invention.
The invention provides a safe and trusted system based on a block chain technology, which is shown in figure 1 and comprises a trusted data set storage module, a trusted data transmission module, a security setting module, an early warning module and trusted equipment, and is characterized in that: the safety setting module comprises a risk analysis feedback unit, a risk detection unit, a risk evaluation unit and a safety defense unit and is used for realizing the visual plan of users with different identities on a block chain platform;
the credible data collection and storage module is one of core modules of the whole platform and is also a main module; in the process of setting the block chain safety information, different cloud platforms and various block chain platforms are selected according to the needs of a user, the data transmission module is provided with an open standard interface, and data communication and system adaptation among different block chain safety systems are realized by utilizing the open standard interface;
the credible-based data transmission module can be adapted to support of various infrastructures and various cloud platforms, combination of a block chain and credible equipment is achieved, and the block chain is used as an initial unit of a credible software basic platform.
Specifically, the risk analysis feedback unit divides the risk into four levels of a blue risk, a yellow risk, an orange risk and a red risk, and the detection result determines the risk level according to the corresponding threshold range.
Specifically, the trusted device includes a writing unit and a converting unit, and is configured to receive trusted internet of things data of at least one entity unit and write first-level trusted internet of things data of the at least one entity unit into a block chain; the conversion unit is used for processing the credible Internet of things data of the at least one entity unit to obtain corresponding credible data, and writing the credible data into the block chain.
Specifically, the writing unit includes at least one storage medium and at least one processor, where the at least one storage medium is used for storing computer instructions; the at least one processor is configured to execute the computer instructions to implement the trusted processing of blockchain-based data method as in any one of the preceding claims.
Specifically, the credible data reflects the production operation condition of the corresponding credible internet of things data entity unit or reflects the assets state of the corresponding entity unit, and the credible data can also reflect the production operation condition of the unit and reflect the assets state of the corresponding entity unit at the same time, wherein the credible data refers to data protected by at least one information security technology.
Specifically, the early warning unit comprises a log server, an information processing unit, a comparison unit, a matching unit, a merging association unit, an analysis unit, an alarm unit, an evaluation unit, a virus processing unit and a policy server, wherein the log server is used for collecting and acquiring log information and alarm information of network equipment of different manufacturers.
Specifically, the information processing module is used for performing unified formatting processing on the information acquired by the log server, comparing the processed data with the data of a preset knowledge base in the policy server through the comparison module, matching through the matching module, eliminating irrelevant information and redundant information in the data, and merging and associating the processed information through the merging association module.
Specifically, the log server adopts an rsyslog protocol; the virus processing module is used for processing the invading virus, the concrete mode comprises virus killing and patch installation, the model of the information processing module is CP341, the model of the analysis module is TDS3AAM, as a preferred technical scheme of the invention, the model of the evaluation module is INA199 EVM.
Specifically, the matching module is configured to perform feature comparison on the data potentially invading the host and the network virus data stored in the network virus storage module.
Specifically, the trusted device further comprises a temperature sensor and a displacement sensor which are installed on the monitored host; the temperature sensor is used for sensing the temperature of the monitored host and monitoring the on-off state of the controlled host; and the displacement sensor sends the host positioning information to the network security inspection module.
In summary, the present invention realizes the combination of the blockchain and the trusted device, and simultaneously, the blockchain is also the beginning of the trusted software base platform. The data transmission module is provided with an open standard interface, data communication and system adaptation among different block chain safety systems are achieved through the open standard interface, a standard service with a safety protection mechanism is pushed to a block chain technology platform, safety performance is improved, meanwhile, a safe and credible system mechanism is formulated, the bottleneck that data are incompatible among existing block chains is solved, and expansibility of the block chains is greatly improved.
Finally, it should be noted that: although the present invention has been described in detail with reference to the foregoing embodiments, it will be apparent to those skilled in the art that modifications may be made to the embodiments or portions thereof without departing from the spirit and scope of the invention.

Claims (10)

1. A safe and trusted system based on a block chain technology comprises a trusted data collection and storage module, a trusted data transmission module, a safety setting module, an early warning module and trusted equipment, and is characterized in that: the safety setting module comprises a risk analysis feedback unit, a risk detection unit, a risk evaluation unit and a safety defense unit and is used for realizing the visual plan of users with different identities on a block chain platform;
the credible data collection and storage module is one of core modules of the whole platform and is also a main module; in the process of setting the block chain safety information, different cloud platforms and various block chain platforms are selected according to the needs of a user, the data transmission module is provided with an open standard interface, and data communication and system adaptation among different block chain safety systems are realized by utilizing the open standard interface;
the credible-based data transmission module can be adapted to support of various infrastructures and various cloud platforms, combination of a block chain and credible equipment is achieved, and the block chain is used as an initial unit of a credible software basic platform.
2. A secure trusted system based on blockchain technology according to claim 1, wherein: the risk analysis feedback unit divides the risk into four levels of blue risk, yellow risk, orange risk and red risk, and the detection result determines the risk level according to the corresponding threshold range.
3. A secure trusted system based on blockchain technology according to claim 1, wherein: the trusted device comprises a writing unit and a conversion unit, and is used for receiving trusted Internet of things data of at least one entity unit and writing primary trusted Internet of things data of the at least one entity unit into a block chain; the conversion unit is used for processing the credible Internet of things data of the at least one entity unit to obtain corresponding credible data, and writing the credible data into the block chain.
4. A secure trusted system based on blockchain technology according to claim 3, wherein: the writing unit comprises at least one storage medium and at least one processor, the at least one storage medium is used for storing computer instructions; the at least one processor is configured to execute the computer instructions to implement the trusted processing of blockchain-based data method as in any one of the preceding claims.
5. A secure trusted system based on blockchain technology according to claim 3, wherein: the credible data reflects the production operation condition of the corresponding credible Internet of things data entity unit or reflects the assets state of the corresponding entity unit, and the credible data can also reflect the production operation condition of the unit and reflect the assets state of the corresponding entity unit at the same time, wherein the credible data refers to data protected by at least one information security technology.
6. A secure trusted system based on blockchain technology according to claim 1, wherein: the early warning unit comprises a log server, an information processing unit, a comparison unit, a matching unit, a merging association unit, an analysis unit, a warning unit, an evaluation unit, a virus processing unit and a policy server, wherein the log server is used for collecting and acquiring log information and warning information of network equipment of different manufacturers.
7. A secure trusted system based on blockchain technology according to claim 6, wherein: the information processing module is used for uniformly formatting the information acquired by the log server, comparing the processed data with the data of a preset knowledge base in the policy server through the comparison module, matching through the matching module, eliminating irrelevant information and redundant information, and merging and associating the processed information through the merging association module.
8. A secure trusted system based on blockchain technology according to claim 6, wherein: the log server adopts an rsyslog protocol; the virus processing module is used for processing the invading virus, the concrete mode comprises virus killing and patch installation, the model of the information processing module is CP341, the model of the analysis module is TDS3AAM, as a preferred technical scheme of the invention, the model of the evaluation module is INA199 EVM.
9. A secure trusted system based on blockchain technology according to claim 6, wherein: and the matching module is used for comparing the characteristics of the data of the potential invading host with the network virus data stored in the network virus storage module.
10. A secure trusted system based on blockchain technology according to claim 1, wherein: the trusted device also comprises a temperature sensor and a displacement sensor which are arranged on the monitored host; the temperature sensor is used for sensing the temperature of the monitored host and monitoring the on-off state of the controlled host; and the displacement sensor sends the host positioning information to the network security inspection module.
CN202110270503.0A 2021-03-12 2021-03-12 Safe and trusted system based on block chain technology Pending CN113193977A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110270503.0A CN113193977A (en) 2021-03-12 2021-03-12 Safe and trusted system based on block chain technology

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110270503.0A CN113193977A (en) 2021-03-12 2021-03-12 Safe and trusted system based on block chain technology

Publications (1)

Publication Number Publication Date
CN113193977A true CN113193977A (en) 2021-07-30

Family

ID=76973262

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110270503.0A Pending CN113193977A (en) 2021-03-12 2021-03-12 Safe and trusted system based on block chain technology

Country Status (1)

Country Link
CN (1) CN113193977A (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108200067A (en) * 2018-01-05 2018-06-22 国网山东省电力公司聊城供电公司 Big data information network adaptive security guard system based on trust computing
CN109005168A (en) * 2018-07-25 2018-12-14 安徽三实信息技术服务有限公司 A kind of network security warning system and method for early warning
CN110225065A (en) * 2019-07-16 2019-09-10 广东申立信息工程股份有限公司 A kind of network security warning system
WO2020226979A2 (en) * 2019-04-30 2020-11-12 Intel Corporation Multi-entity resource, security, and service management in edge computing deployments
CN112437133A (en) * 2020-11-11 2021-03-02 支付宝(杭州)信息技术有限公司 Data credible processing method and system based on block chain

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108200067A (en) * 2018-01-05 2018-06-22 国网山东省电力公司聊城供电公司 Big data information network adaptive security guard system based on trust computing
CN109005168A (en) * 2018-07-25 2018-12-14 安徽三实信息技术服务有限公司 A kind of network security warning system and method for early warning
WO2020226979A2 (en) * 2019-04-30 2020-11-12 Intel Corporation Multi-entity resource, security, and service management in edge computing deployments
CN110225065A (en) * 2019-07-16 2019-09-10 广东申立信息工程股份有限公司 A kind of network security warning system
CN112437133A (en) * 2020-11-11 2021-03-02 支付宝(杭州)信息技术有限公司 Data credible processing method and system based on block chain

Similar Documents

Publication Publication Date Title
CN107566163B (en) Alarm method and device for user behavior analysis association
CN104662517B (en) Security Vulnerability Detection
CN109739203B (en) Industrial network boundary protection system
US20070050777A1 (en) Duration of alerts and scanning of large data stores
WO2023216641A1 (en) Security protection method and system for power terminal
CN112073389B (en) Cloud host security situation awareness system, method, device and storage medium
CN109583711B (en) Safety risk assessment overall process management system
CA2611871A1 (en) Duration of alerts and scanning of large data stores
CN113671909A (en) Safety monitoring system and method for steel industrial control equipment
KR20140035146A (en) Apparatus and method for information security
CN114553537A (en) Abnormal flow monitoring method and system for industrial Internet
CN113794276A (en) Power distribution network terminal safety behavior monitoring system and method based on artificial intelligence
CN113132318A (en) Active defense method and system for information safety of power distribution automation system master station
CN115378711A (en) Industrial control network intrusion detection method and system
CN112350858A (en) Cloud intelligent home data security management system
CN116257021A (en) Intelligent network security situation monitoring and early warning platform for industrial control system
CN111147488A (en) Safety monitoring system for network engineering
CN110798353A (en) Network behavior risk perception and defense method based on behavior characteristic big data analysis
CN113672912A (en) Network security monitoring system based on computer hardware indication and behavior analysis
RU166348U1 (en) INFORMATION SECURITY EVENT CORRELATION DEVICE
CN109359251A (en) Audit method for early warning, device and the terminal device of application system service condition
CN104104666B (en) Method of detecting abnormal cloud service and device
CN113193977A (en) Safe and trusted system based on block chain technology
CN113691498B (en) Electric power internet of things terminal safety state evaluation method and device and storage medium
CN112839029B (en) Botnet activity degree analysis method and system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20210730

RJ01 Rejection of invention patent application after publication