CN114065286A - Industrial control equipment instruction desensitization method based on block chain intelligent contract - Google Patents

Industrial control equipment instruction desensitization method based on block chain intelligent contract Download PDF

Info

Publication number
CN114065286A
CN114065286A CN202111367636.6A CN202111367636A CN114065286A CN 114065286 A CN114065286 A CN 114065286A CN 202111367636 A CN202111367636 A CN 202111367636A CN 114065286 A CN114065286 A CN 114065286A
Authority
CN
China
Prior art keywords
industrial control
control equipment
desensitization
block chain
instruction
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111367636.6A
Other languages
Chinese (zh)
Inventor
陈水全
张金波
陈军
陈凤
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Chengdu Jiweilian Group Co ltd
Original Assignee
Chengdu Jiweilian Group Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Chengdu Jiweilian Group Co ltd filed Critical Chengdu Jiweilian Group Co ltd
Priority to CN202111367636.6A priority Critical patent/CN114065286A/en
Publication of CN114065286A publication Critical patent/CN114065286A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • G06F21/6254Protecting personal data, e.g. for financial or medical purposes by anonymising data, e.g. decorrelating personal data from the owner's identification
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/23Updating
    • G06F16/2365Ensuring data consistency and integrity
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/20Information retrieval; Database structures therefor; File system structures therefor of structured data, e.g. relational data
    • G06F16/27Replication, distribution or synchronisation of data between databases or within a distributed database system; Distributed database system architectures therefor
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Databases & Information Systems (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Computing Systems (AREA)
  • Medical Informatics (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Abstract

The invention relates to the field of industrial control equipment data desensitization, in particular to an industrial control equipment instruction desensitization method based on a block chain intelligent contract, which greatly improves the safety of transmission of industrial control equipment control instructions between a service system and equipment. The invention relates to an industrial control equipment instruction desensitization method based on a block chain intelligent contract, which comprises the following steps: the industrial control equipment is registered on the block chain industrial control equipment management platform, registration information of the industrial control equipment is obtained, a request for obtaining operation information to be executed by the industrial control equipment is sent to an industrial control system, the industrial control system generates the operation information corresponding to the industrial control equipment and sends the operation information to the block chain industrial control equipment management platform, the block chain industrial control equipment management platform selects an intelligent contract to perform desensitization operation on the registration information of the industrial control equipment and the operation information corresponding to the industrial control equipment, an industrial control instruction corresponding to the industrial control equipment is obtained after desensitization, and the industrial control equipment analyzes and executes the industrial control instruction after obtaining the industrial control instruction. The invention is suitable for instruction transmission between the industrial control equipment and the industrial control system.

Description

Industrial control equipment instruction desensitization method based on block chain intelligent contract
Technical Field
The invention relates to the field of industrial control equipment data desensitization, in particular to an industrial control equipment instruction desensitization method based on a block chain intelligent contract.
Background
The existing equipment control system mainly carries out instruction scheduling through an industrial control service system, and instructions are directly issued to corresponding industrial control equipment through an http interface or a socket interface to carry out equipment control. Therefore, great security problems exist, such as that data is easily tampered by a third party in the transmission process of the instruction, and the third party takes the place of the data after intercepting the data.
Disclosure of Invention
The invention aims to provide an industrial control equipment instruction desensitization method based on a block chain intelligent contract, which greatly improves the safety of transmission of industrial control equipment control instructions between a service system and equipment.
The invention adopts the following technical scheme to realize the purpose, and the industrial control equipment instruction desensitization method based on the block chain intelligent contract comprises the following steps:
step 1, registering industrial control equipment on a block chain industrial control equipment management platform to acquire registration information of the industrial control equipment;
step 2, the block chain industrial control equipment management platform initiates a request for acquiring operation information to be executed by the industrial control equipment to the industrial control system;
step 3, the industrial control system generates operation information corresponding to the industrial control equipment and sends the operation information to the block chain industrial control equipment management platform;
step 4, the block chain industrial control equipment management platform selects an intelligent contract to perform desensitization operation on the registration information of the industrial control equipment and the operation information of the corresponding industrial control equipment to obtain an industrial control instruction of the corresponding industrial control equipment;
and 5, after the industrial control equipment acquires the industrial control instruction on the block chain industrial control equipment management platform, the industrial control instruction is reversely analyzed based on the corresponding intelligent contract, and the analyzed industrial control instruction is executed.
Further, in step 4, the construction process of the intelligent contract specifically includes:
step 401, registering the industrial control equipment on the block chain industrial control equipment management platform, and after registration, generating a pair of public key and private key by the block chain industrial control equipment management platform, wherein the public key is used as an address of the industrial control equipment on the block chain industrial control equipment management platform, and the private key is used as a unique key for operating the address;
step 402, determining an industrial control instruction desensitization protocol according to the requirement of the actual industrial control instruction of each industrial control device, wherein the desensitization protocol comprises desensitization rules and desensitization ranges, and then signing the industrial control instruction desensitization protocol through a private key of each industrial control device;
and step 403, storing the signed desensitization protocol in the block chain network.
Further, in step 403, the specific method for storing the signed desensitization protocol in the blockchain network includes:
the signed desensitization protocol is diffused in the whole block chain network in a P2P network mode, each node receives one copy, and a verification node in the block chain stores the received contract in a memory first and then waits for triggering the protocol;
after the desensitization protocol is triggered, the verification node packs the desensitization protocol into a protocol set, calculates the Hash value of the protocol set, and finally assembles the Hash value of the protocol set into a block structure to be diffused to the whole network;
after receiving the block structure, other verification nodes take out the Hash of the protocol set contained in the block structure, compare the Hash with the protocol set stored by the other verification nodes and simultaneously send a protocol set approved by the other verification nodes;
by verifying the comparison, agreement is reached and the agreed desensitization protocol is spread to the whole network in blocks.
Further, in step 402, the desensitization range includes registration information of the industrial control device and operation information of the corresponding industrial control device.
Further, random values and data replacement rules are adopted for the registration information of the industrial control equipment to perform data desensitization, and symmetric encryption rules are adopted for the operation information of the industrial control equipment to perform data desensitization.
Further, in step 4, the specific method for obtaining the industrial control instruction corresponding to the industrial control device after the desensitization operation includes:
after desensitization operation, calling a compression algorithm to compress the desensitized industrial control instruction, and recording an algorithm identifier of the compression algorithm; and calling an encryption algorithm, carrying out encryption operation on the compressed industrial control instruction and the corresponding algorithm identification, and encrypting to obtain the industrial control instruction corresponding to the industrial control equipment.
Further, the compression algorithm is an LZ77 compression algorithm or an LZMA compression algorithm or a DEFLATE compression algorithm.
Further, the encryption operation is an AES symmetric encryption operation or an RSA asymmetric encryption operation.
The method comprises the steps that after desensitization is carried out on registration information of industrial control equipment and operation information to be executed by the industrial control equipment, corresponding industrial control instructions are generated, and the industrial control equipment acquires the corresponding industrial control instructions and executes the instructions after analysis; the safety of the industrial control instruction in the transmission process is greatly improved; performing instruction desensitization through a blockchain intelligent contract; when an intelligent contract is constructed, a desensitization protocol is determined according to the requirements of actual industrial control instructions of each industrial control device, desensitization rules and ranges are specified, and finally the agreed desensitization protocols are stored in a block form, so that the efficiency of instruction desensitization and the compatibility of instruction desensitization are improved.
Drawings
FIG. 1 is a flow chart of the method for desensitizing instructions of an industrial control device based on a blockchain intelligent contract according to the present invention.
Detailed Description
The industrial control equipment instruction desensitization method based on the block chain intelligent contract, as shown in figure 1, comprises the following steps:
step S1, registering the industrial control equipment on the block chain industrial control equipment management platform to acquire the registration information of the industrial control equipment;
step S2, the block chain industrial control equipment management platform sends a request for obtaining operation information to be executed by the industrial control equipment to the industrial control system;
step S3, the industrial control system generates operation information corresponding to the industrial control equipment and sends the operation information to the block chain industrial control equipment management platform;
step S4, the block chain industrial control equipment management platform selects an intelligent contract to perform desensitization operation on the registration information of the industrial control equipment and the operation information of the corresponding industrial control equipment;
step S5, obtaining an industrial control instruction corresponding to the industrial control equipment after desensitization;
and step S6, after the industrial control command is obtained by the industrial control equipment on the block chain industrial control equipment management platform, reversely analyzing the industrial control command based on the corresponding intelligent contract, and executing the analyzed industrial control command.
In step S4, the construction process of the intelligent contract specifically includes:
step 401, registering the industrial control equipment on the block chain industrial control equipment management platform, and after registration, generating a pair of public key and private key by the block chain industrial control equipment management platform, wherein the public key is used as an address of the industrial control equipment on the block chain industrial control equipment management platform, and the private key is used as a unique key for operating the address;
step 402, determining an industrial control instruction desensitization protocol according to the requirement of the actual industrial control instruction of each industrial control device, wherein the desensitization protocol comprises desensitization rules and desensitization ranges, and then signing the industrial control instruction desensitization protocol through a private key of each industrial control device;
and step 403, storing the signed desensitization protocol in the block chain network.
In step 403, the specific method for storing the signed desensitization protocol in the block chain network includes:
the signed desensitization protocol is diffused in the whole block chain network in a P2P network mode, each node receives one copy, and a verification node in the block chain stores the received contract in a memory first and then waits for triggering the protocol;
after the desensitization protocol is triggered, the verification node packs the desensitization protocol into a protocol set, calculates the Hash value of the protocol set, and finally assembles the Hash value of the protocol set into a block structure to be diffused to the whole network;
after receiving the block structure, other verification nodes take out the Hash of the protocol set contained in the block structure, compare the Hash with the protocol set stored by the other verification nodes and simultaneously send a protocol set approved by the other verification nodes;
by verifying the comparison, agreement is reached and the agreed desensitization protocol is spread to the whole network in blocks.
In step 402, the desensitization range includes registration information of the industrial control device and operation information of the corresponding industrial control device.
And carrying out data desensitization on the registration information of the industrial control equipment by adopting a random value and a data replacement rule, and carrying out data desensitization on the operation information of the industrial control equipment by adopting a symmetric encryption rule.
In step S5, the specific method for obtaining the industrial control instruction corresponding to the industrial control device after desensitization includes:
after desensitization, calling a compression algorithm to compress the desensitized industrial control instruction, and recording an algorithm identifier of the compression algorithm; and calling an encryption algorithm, carrying out encryption operation on the compressed industrial control instruction and the corresponding algorithm identification, and encrypting to obtain the industrial control instruction corresponding to the industrial control equipment.
The compression algorithm may employ an LZ77 compression algorithm or an LZMA compression algorithm or a DEFLATE compression algorithm.
The encryption operation can adopt AES symmetric encryption operation or RSA asymmetric encryption operation.
In conclusion, the invention greatly improves the safety of the transmission of the control instruction of the industrial control equipment between the service system and the equipment and reduces the possibility that the industrial control instruction is stolen and stolen in the transmission process.

Claims (9)

1. The industrial control equipment instruction desensitization method based on the block chain intelligent contract is characterized by comprising the following steps:
step 1, registering industrial control equipment on a block chain industrial control equipment management platform to acquire registration information of the industrial control equipment;
step 2, the block chain industrial control equipment management platform initiates a request for acquiring operation information to be executed by the industrial control equipment to the industrial control system;
step 3, the industrial control system generates operation information corresponding to the industrial control equipment and sends the operation information to the block chain industrial control equipment management platform;
step 4, the block chain industrial control equipment management platform selects an intelligent contract to perform desensitization operation on the registration information of the industrial control equipment and the operation information of the corresponding industrial control equipment to obtain an industrial control instruction of the corresponding industrial control equipment;
and 5, after the industrial control equipment acquires the industrial control instruction on the block chain industrial control equipment management platform, the industrial control instruction is reversely analyzed based on the corresponding intelligent contract, and the analyzed industrial control instruction is executed.
2. The industrial control equipment instruction desensitization method based on the blockchain intelligent contract according to claim 1, wherein in the step 4, the construction process of the intelligent contract specifically includes:
step 401, registering the industrial control equipment on the block chain industrial control equipment management platform, and after registration, generating a pair of public key and private key by the block chain industrial control equipment management platform, wherein the public key is used as an address of the industrial control equipment on the block chain industrial control equipment management platform, and the private key is used as a unique key for operating the address;
step 402, determining an industrial control instruction desensitization protocol according to the requirement of the actual industrial control instruction of each industrial control device, wherein the desensitization protocol comprises desensitization rules and desensitization ranges, and then signing the industrial control instruction desensitization protocol through a private key of each industrial control device;
and step 403, storing the signed desensitization protocol in the block chain network.
3. The method for desensitizing instructions of industrial control equipment according to the blockchain-based intelligent contract of claim 2, wherein the step 403 of storing the signed desensitization protocol in the blockchain network comprises:
the signed desensitization protocol is diffused in the whole block chain network in a P2P network mode, each node receives one copy, and a verification node in the block chain stores the received contract in a memory first and then waits for triggering the protocol;
after the desensitization protocol is triggered, the verification node packs the desensitization protocol into a protocol set, calculates the Hash value of the protocol set, and finally assembles the Hash value of the protocol set into a block structure to be diffused to the whole network;
after receiving the block structure, other verification nodes take out the Hash of the protocol set contained in the block structure, compare the Hash with the protocol set stored by the other verification nodes and simultaneously send a protocol set approved by the other verification nodes;
by verifying the comparison, agreement is reached and the agreed desensitization protocol is spread to the whole network in blocks.
4. The method for desensitizing instructions of industrial control equipment according to claim 2, wherein in step 402, the desensitization range includes registration information of the industrial control equipment and operation information of the corresponding industrial control equipment.
5. The industrial control equipment instruction desensitization method based on the blockchain intelligent contract according to claim 4, wherein data desensitization is performed on registration information of the industrial control equipment by using a random value and a rule of data replacement.
6. The industrial control equipment instruction desensitization method based on the blockchain intelligent contract according to claim 4, wherein data desensitization is performed on operation information of the industrial control equipment by adopting a symmetric encryption rule.
7. The industrial control equipment instruction desensitization method based on the blockchain intelligent contract according to claim 1, wherein in the step 4, the specific method for obtaining the industrial control instruction of the corresponding industrial control equipment after the desensitization operation comprises:
after desensitization operation, calling a compression algorithm to compress the desensitized industrial control instruction, and recording an algorithm identifier of the compression algorithm; and calling an encryption algorithm, carrying out encryption operation on the compressed industrial control instruction and the corresponding algorithm identification, and encrypting to obtain the industrial control instruction corresponding to the industrial control equipment.
8. The method of claim 7, wherein the compression algorithm is an LZ77 compression algorithm or an LZMA compression algorithm or a DEFLATE compression algorithm.
9. The method of claim 7, wherein the encryption operation is an AES symmetric encryption operation or an RSA asymmetric encryption operation.
CN202111367636.6A 2021-11-18 2021-11-18 Industrial control equipment instruction desensitization method based on block chain intelligent contract Pending CN114065286A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111367636.6A CN114065286A (en) 2021-11-18 2021-11-18 Industrial control equipment instruction desensitization method based on block chain intelligent contract

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111367636.6A CN114065286A (en) 2021-11-18 2021-11-18 Industrial control equipment instruction desensitization method based on block chain intelligent contract

Publications (1)

Publication Number Publication Date
CN114065286A true CN114065286A (en) 2022-02-18

Family

ID=80277733

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111367636.6A Pending CN114065286A (en) 2021-11-18 2021-11-18 Industrial control equipment instruction desensitization method based on block chain intelligent contract

Country Status (1)

Country Link
CN (1) CN114065286A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115022377A (en) * 2022-07-22 2022-09-06 国网浙江省电力有限公司电力科学研究院 High-elasticity power grid data transmission method, device, equipment and medium

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115022377A (en) * 2022-07-22 2022-09-06 国网浙江省电力有限公司电力科学研究院 High-elasticity power grid data transmission method, device, equipment and medium

Similar Documents

Publication Publication Date Title
KR101630582B1 (en) Key agreement for wireless communication
CN107749848B (en) Internet of things data processing method and device and Internet of things system
EP2779524A1 (en) Secure data transmission method, device and system
CN109194625B (en) Client application protection method and device based on cloud server and storage medium
CA2820502C (en) Key agreement using a key derivation key
CN106464499A (en) Communication network system, transmission node, reception node, message checking method, and computer program
US11303453B2 (en) Method for securing communication without management of states
CN111010367A (en) Data storage method and device, computer equipment and storage medium
CN110601815B (en) Block chain data processing method and equipment
CN104753674A (en) Application identity authentication method and device
CN109729000B (en) Instant messaging method and device
CN114065286A (en) Industrial control equipment instruction desensitization method based on block chain intelligent contract
CN116668200A (en) Internet of things data security transmission method and system
CN113259336B (en) Communication method based on block chain technology
HanataniI et al. A study on computational formal verification for practical cryptographic protocol: the case of synchronous RFID authentication
CN111586688B (en) Method for generating and verifying identity based on environment perception
CN117640150A (en) Terminal authentication method, carbon emission supervision integrated platform and terminal authentication device
CN116743481A (en) Service security management and control method, device, equipment and storage medium
CN103780605B (en) Fast encryption and decryption method and gateway
CN111181730A (en) User identity generation and updating method and device, storage medium and node equipment
CN116471008A (en) Interface access security control method and system based on hybrid encryption
CN113672955B (en) Data processing method, system and device
CN115988468A (en) Bluetooth transmission method and system based on linkage of software, terminal equipment and server
CN105681364B (en) A kind of IPv6 mobile terminal attack resistance method based on enhancing binding
CN113901140A (en) Industrial control equipment data chaining method based on block chain

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination