CN115150208B - Zero-trust-based Internet of things terminal secure access method and system - Google Patents

Zero-trust-based Internet of things terminal secure access method and system Download PDF

Info

Publication number
CN115150208B
CN115150208B CN202211083477.1A CN202211083477A CN115150208B CN 115150208 B CN115150208 B CN 115150208B CN 202211083477 A CN202211083477 A CN 202211083477A CN 115150208 B CN115150208 B CN 115150208B
Authority
CN
China
Prior art keywords
internet
things
terminal
security
access
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211083477.1A
Other languages
Chinese (zh)
Other versions
CN115150208A (en
Inventor
陈亮
赵彦
张云
陈飞
韩明路
杨晶
李一鸣
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
National Computer Network And Information Security Management Center Beijing Branch
Xinlian Technology Nanjing Co ltd
Original Assignee
National Computer Network And Information Security Management Center Beijing Branch
Xinlian Technology Nanjing Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by National Computer Network And Information Security Management Center Beijing Branch, Xinlian Technology Nanjing Co ltd filed Critical National Computer Network And Information Security Management Center Beijing Branch
Priority to CN202211083477.1A priority Critical patent/CN115150208B/en
Publication of CN115150208A publication Critical patent/CN115150208A/en
Application granted granted Critical
Publication of CN115150208B publication Critical patent/CN115150208B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1425Traffic logging, e.g. anomaly detection
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y30/00IoT infrastructure
    • G16Y30/10Security thereof
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y40/00IoT characterised by the purpose of the information processing
    • G16Y40/50Safety; Security of things, users, data or systems
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0227Filtering policies
    • H04L63/0236Filtering by address, protocol, port number or service, e.g. IP-address or URL
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • H04L63/0272Virtual private networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/168Implementing security features at a particular protocol layer above the transport layer

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computing Systems (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Computer And Data Communications (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)

Abstract

The invention relates to a zero-trust-based safe access method and a zero-trust-based safe access system for an Internet of things terminal, aiming at data access operation between the Internet of things terminal and a corresponding intranet Internet of things server, an Internet of things safe access gateway is deployed at the boundary of the Internet of things, baseline check on the Internet of things terminal is executed before the data access operation, and access control based on identity authentication and safe state evaluation is constructed, so that the access control on the Internet of things terminal is enhanced, and the safety is improved; on the basis of a qualified inspection result, real-time inspection of state abnormity is progressively executed while data access operation is performed, an abnormal terminal can be timely found, dynamic adjustment of access control authority is automatically realized, and safety risks are timely eliminated; therefore, the whole design scheme realizes dynamic and continuous monitoring of the running state of the terminal of the Internet of things, including static information inspection and dynamic information inspection, ensures that the terminal of the Internet of things accessed is credible and compliant, and ensures the safety of data access.

Description

Zero-trust-based Internet of things terminal secure access method and system
Technical Field
The invention relates to a zero trust-based safe access method and system for an Internet of things terminal, and belongs to the technical field of safe access of Internet of things gateways.
Background
The internet of things further expands the connection range and depth between machines, between machines and people and between machines and the environment, meanwhile, the intranet boundary of an enterprise is expanded, and new safety risks are introduced.
A large number of heterogeneous industrial terminals such as intelligent sensors, NB-IoT intelligent gas meters, cameras, routing inspection mobile phones, unmanned aerial vehicles and robots are connected into an enterprise intranet through public networks such as a mobile communication network, a wireless network and a Beidou satellite network, so that malicious application threat penetration is aggravated, the heterogeneous industrial terminals are easy to be utilized to become new attack sources, and the attack surface of the intranet is greatly increased. On the one hand, the capability difference of different terminal devices is large, so that short plates exist in safety protection. Firstly, most industrial embedded terminal devices have low computing resources, so that many security protection functions suitable for general computing devices cannot be realized, and the attack resistance is poor. Secondly, the physical positions of the terminal devices are scattered, a plurality of devices are located outdoors, the terminal devices are unattended, the terminal devices are difficult to manage in a unified mode, and are easy to suffer physical attacks, so that the devices are illegally moved, artificially damaged, sensing nodes are lost, and even the devices cannot work. On the other hand, the massive terminal connection causes the amplification of the network attack influence. The terminal devices, including chips, embedded operating systems, coding specifications, third-party application software, functions and the like, have security problems such as bugs, defects, backdoors and the like, are exposed in a relatively open network, and have a risk of being utilized. Once the terminals are invaded and utilized, a large-scale equipment botnet is formed, the large-scale equipment botnet becomes a novel high-capacity distributed denial of service attack source, and great security threats are brought to an intranet.
Aiming at the safety risk existing in the process that the terminal of the internet of things is accessed into an enterprise intranet through various heterogeneous networks, the existing technical scheme mainly adopts technical means such as terminal identity authentication, network communication encryption, network isolation, service application access control and the like to carry out safety protection. Although the problems of credible terminal identity, communication eavesdropping, unauthorized service access and the like are solved to a certain extent, the defects of lack of dynamic evaluation of terminal security state, insufficient fineness of control granularity of terminal access control authority, incapability of dynamically adjusting authority and the like still exist. The scheme adopted at present is that only the terminal identity is authenticated when the terminal is accessed, the corresponding authority for accessing the intranet application is given to the terminal equipment once after the authentication is passed, and the authority is not changed all the time in the valid period. When the terminal has a safety problem, the terminal can only be found by other monitoring means in the operation process, but the terminal already acquires the corresponding authority and successfully accesses the intranet at the moment, so that great safety threat is brought to the intranet.
Disclosure of Invention
The invention aims to solve the technical problem of providing a zero-trust-based security access method for an Internet of things terminal, and the security policy design is introduced based on an Internet of things security access gateway, so that the security of the Internet of things terminal for data access of an intranet Internet of things server can be effectively improved.
The invention adopts the following technical scheme for solving the technical problems: the invention designs a zero-trust-based safe access method of an internet of things terminal, which is based on an internet of things safe access gateway deployed at the boundary of the internet of things and comprises the following steps of realizing data access of the internet of things terminal to a corresponding intranet internet of things server through the internet of things safe access gateway;
step A, based on the establishment of a secure communication channel between the Internet of things terminal and the Internet of things security access gateway, the Internet of things security access gateway determines a baseline check score corresponding to the Internet of things terminal according to a terminal check result from each baseline check item corresponding to the Internet of things terminal, judges whether the baseline check score exceeds a preset score threshold value, if yes, the Internet of things terminal passes the baseline check, and then the step B is carried out; otherwise, the safe communication channel connection between the Internet of things and the terminal of the Internet of things is disconnected by the Internet of things safe access gateway;
b, the Internet of things security access gateway controls the access authority of the Internet of things terminal to be started, and issues preset state check items corresponding to the terminal type and abnormal state check strategies corresponding to the state check items to the Internet of things terminal through a security communication channel according to the terminal type of the Internet of things terminal;
after the processing based on the step B, simultaneously executing the following step I1, and the steps I2-1 to I2-3 in real time;
step I1, based on the opening state of the access authority of the Internet of things terminal to the Internet of things security access gateway, the Internet of things terminal sends service access data through a security communication channel, the service access data are forwarded to a corresponding intranet Internet of things server through the control of the Internet of things security access gateway, and response data from the intranet Internet of things server are returned to the Internet of things security access gateway for control and forwarding and returned to the Internet of things terminal through the security communication channel, so that real-time data interaction between the Internet of things terminal and the intranet Internet of things server is realized;
i2-1, the Internet of things terminal executes the terminal abnormal check corresponding to each state check item according to the abnormal state check strategy corresponding to each preset state check item from the Internet of things safety access gateway, judges whether the abnormal state check item exists or not, returns the abnormal state check item to the Internet of things safety access gateway through a safety communication channel if the abnormal state check item exists, and enters the step I2-2; otherwise, no processing is carried out;
step I2-2, the Internet of things security access gateway obtains a score corresponding to the abnormal state check item according to a preset state classification value and a preset weight value corresponding to the received abnormal state check item, calculates a result obtained by subtracting the score corresponding to the abnormal state check item from a baseline check score corresponding to the Internet of things terminal, updates the baseline check score corresponding to the Internet of things terminal, and then enters step I2-3;
i2-3, the Internet of things security access gateway judges whether a baseline check score corresponding to the Internet of things terminal exceeds a preset score threshold value, if so, no processing is performed; otherwise, the thing networking security access gateway controls to close the access right of the thing networking terminal, and disconnects the security communication channel connection with the thing networking terminal, namely, the operation of the step I1 is stopped.
As a preferred technical scheme of the invention: when the abnormal state check item check is executed in the step I2-1, the terminal of the Internet of things judges whether a state check item changed from an abnormal state to a non-abnormal state exists according to an abnormal state check strategy respectively corresponding to each preset state check item from the security access gateway of the Internet of things, if so, the state check item is returned to the security access gateway of the Internet of things through the security communication channel, and the step I2-2 is carried out; otherwise, no processing is carried out;
in the step I2-2, while the score reduction is performed on the abnormal state check item, the internet of things security access gateway obtains a score corresponding to the state check item according to a preset state classification value and a preset weight value corresponding to the received state check item changed from the abnormal state to the non-abnormal state, calculates a result of adding the baseline check score corresponding to the internet of things terminal to the score corresponding to the abnormal state check item, and updates the baseline check score corresponding to the internet of things terminal.
As a preferred technical scheme of the invention: the step A comprises the following steps A1 to A3;
a1, based on the establishment of a secure communication channel between the terminal of the Internet of things and the security access gateway of the Internet of things, the security access gateway of the Internet of things issues preset baseline check items corresponding to the terminal type and check strategies corresponding to the baseline check items to the terminal of the Internet of things through the secure communication channel according to the terminal type of the terminal of the Internet of things, and the step A2 is carried out;
a2, the terminal of the Internet of things executes terminal state inspection according to each baseline inspection item from the security access gateway of the Internet of things to obtain the actual state of each baseline inspection item corresponding to the terminal of the Internet of things, further obtains state classification values of each baseline inspection item corresponding to the terminal of the Internet of things according to state classification inspection strategies respectively corresponding to each baseline inspection item, then returns to the security access gateway of the Internet of things through a security communication channel, and enters the step A3;
a3, the Internet of things security access gateway obtains a baseline check score corresponding to the Internet of things terminal according to the state classification value of each corresponding baseline check item from the Internet of things terminal and in combination with a preset weight value corresponding to each baseline check item respectively in a weighting mode, judges whether the baseline check score exceeds a preset score threshold value, if so, indicates that the Internet of things terminal passes the baseline check, and enters the step B; otherwise, the safe access gateway of the internet of things is disconnected from the safe communication channel with the terminal of the internet of things.
As a preferred technical scheme of the invention: and in the step A, a secure communication channel between the terminal of the Internet of things and the security access gateway of the Internet of things is established based on the bidirectional identity authentication of the terminal of the Internet of things and the security access gateway of the Internet of things.
As a preferred technical scheme of the invention: the data transmission between the terminal of the Internet of things and the safety access gateway of the Internet of things adopts encrypted data transmission, and the terminal of the Internet of things performs decryption application on encrypted data from the safety access gateway of the Internet of things through the safety communication channel and performs encryption application on data sent to the safety access gateway of the Internet of things through the safety communication channel; the internet of things security access gateway decrypts and forwards encrypted data from the internet of things terminal through the security communication channel and encrypts and forwards data sent to the internet of things terminal through the security communication channel.
As a preferred embodiment of the present invention, each of the baseline survey items includes the following items:
and (3) permission security perception: security aware of whether the hypervisor is disabled;
and (3) security perception of a system account: security sensing whether the useless account is opened;
firewall opening security perception: whether a firewall is opened or not is subjected to security perception;
and (4) process audit: recording the running and quitting behaviors of the system process, and judging whether a non-white list process appears or not;
port service security awareness: recording opening information of all ports of the Ethernet in real time, and judging whether non-white list ports appear or not;
secure perception of system password strength: carrying out security perception on the system password strength;
internet connection perception: and performing security perception on whether the Internet is connected.
As a preferable embodiment of the present invention, the status check items include the following items:
and (4) terminal operation audit: recording a terminal operation instruction in real time, and judging whether dangerous operation occurs or not;
and (4) process audit: recording the running and quitting behaviors of the system process, and judging whether a non-white list process appears or not;
file/directory protection: carrying out safety monitoring on files or directories to determine whether newly adding, modifying, file name changing, file writing operation and authority changing of key record files/folders occur;
port service security awareness: recording opening information of all ports of the Ethernet in real time, and judging whether non-white list ports appear or not;
secure perception of system password strength: security sensing is carried out on the system password strength;
monitoring system resources: regularly recording the storage, network, CPU and memory resource use information of the system, and judging whether the threshold value is exceeded or not;
peripheral management and control: performing security audit on access behaviors of USB, TF cards and CD-ROM external equipment, configuring an equipment white list, and judging whether untrusted external equipment can be accessed or not;
and (3) network reliability perception: safety monitoring is carried out on the plugging and unplugging behaviors of the network cable, and the plugging, unplugging and external network interface access behaviors of the network cable are reported;
firewall opening security perception: reporting the firewall closing operation;
internet connection perception: and performing security perception on whether the Internet is connected.
In view of the above, the technical problem to be solved by the present invention is to provide a system of a secure access method for a terminal of internet of things based on zero trust, which introduces a security policy design based on a secure access gateway of internet of things, and can effectively improve the security of data access of the terminal of internet of things to an intranet internet of things server.
In order to solve the technical problems, the invention adopts the following technical scheme: the invention designs a system of a zero-trust-based terminal security access method of the Internet of things, which comprises a terminal Agent loaded on the terminal of the Internet of things, wherein the terminal Agent comprises a security communication module, a security baseline check module and a security state monitoring module which are respectively connected with the security communication module; the Internet of things safety access gateway comprises a safety access module and a risk evaluation module which are connected with each other;
the method comprises the steps that a safe communication channel is established between a safe communication module in a terminal Agent and a safe access module in an Internet of things safe access gateway;
a safety baseline inspection module in the terminal Agent is used for realizing terminal state inspection aiming at each baseline inspection item corresponding to the terminal of the Internet of things, transmitting a state inspection result to a safety access module in the security access gateway of the Internet of things through a safety communication module and a safety communication channel, then forwarding the state inspection result to a risk evaluation module by the safety access module to determine a baseline inspection score corresponding to the terminal of the Internet of things and a comparison result with a preset score threshold value, and finally executing on-off control on the safety communication channel between the safety access module and the safety communication module and executing control on data access between the terminal of the Internet of things and the security access gateway of the Internet of things according to the comparison result by the safety access module;
the access authority of the terminal of the Internet of things is controlled to be opened based on the security access module, service access data of the terminal of the Internet of things is sent to the security access module in the security access gateway of the Internet of things through the security communication module in the terminal Agent and the security communication channel, and then the security access module controls the service access data and forwards the service access data to the intranet Internet of things server for data access;
and finally, the safety access module executes on-off control on the safety communication channel between the safety access module and the safety communication module and executes control on data access between the internet of things terminal and the internet of things safety access gateway according to the comparison result.
As a preferred technical scheme of the invention: and an SSL VPN secure communication channel is established between a secure communication module in the terminal Agent and a secure access module in the Internet of things secure access gateway.
Compared with the prior art, the zero trust-based safe access method and system for the Internet of things terminal have the following technical effects by adopting the technical scheme:
according to the zero-trust-based safe access method and system for the terminal of the Internet of things, aiming at data access operation between the terminal of the Internet of things and the corresponding intranet Internet of things server, an Internet of things safe access gateway is deployed at the boundary of the Internet of things, baseline check on the terminal of the Internet of things is executed before the data access operation, access control based on identity authentication and safe state evaluation is constructed, access control on the terminal of the Internet of things is strengthened, and safety is improved; on the basis of a qualified inspection result, real-time inspection of state abnormity is progressively executed while data access operation is performed, an abnormal terminal can be timely found, dynamic adjustment of access control authority is automatically realized, and safety risks are timely eliminated; therefore, the whole design scheme realizes dynamic and continuous monitoring of the running state of the terminal of the Internet of things, including static information inspection and dynamic information inspection, ensures that the terminal of the Internet of things accessed is credible and compliant, and ensures the safety of data access.
Drawings
FIG. 1 is a schematic flow chart of a zero trust-based secure access method for an Internet of things terminal according to the invention;
FIG. 2 is a system module schematic diagram of the zero trust-based secure access method for the terminal of the Internet of things according to the invention;
FIG. 3 is a schematic diagram of an architecture of an IOT terminal in a system for designing a zero-trust-based IOT terminal secure access method according to the present invention;
FIG. 4 is a schematic diagram of an architecture of an IOT security access gateway in a system for designing a zero-trust-based IOT terminal security access method according to the present invention;
fig. 5 is a communication flow diagram illustrating a design method executed by each module in the design system according to the present invention.
Detailed Description
The following description will explain embodiments of the present invention in further detail with reference to the accompanying drawings.
The invention designs a safe access method of an Internet of things terminal based on zero trust, which has the following overall thought:
(1) When the terminal of the Internet of things is accessed, identity authentication is firstly carried out, after the identity authentication is passed, safety evaluation is carried out on the operation environment of the terminal (whether a high-risk port, an abnormal process and dangerous operation exist, whether credible components such as a password card and a password chip can be detected, whether the resource occupation of a CPU (Central processing Unit), a storage, a network and the like exceeds a threshold value and the like), and after the safety risk evaluation is carried out, the authority of accessing an intranet system is granted;
(2) And in the running process of the terminal of the Internet of things, continuously monitoring the safety state of the terminal, carrying out real-time safety trust evaluation, and dynamically adjusting the authority of the terminal for accessing the intranet system according to the evaluation result.
Based on the design of the whole thought, in practical application, based on the internet of things safety access gateway deployed at the boundary of the internet of things, as shown in fig. 1, the following steps are specifically executed, and data access of the internet of things terminal to the corresponding intranet internet of things server through the internet of things safety access gateway is realized.
Step A, based on the establishment of a secure communication channel between the Internet of things terminal and the Internet of things security access gateway, the Internet of things security access gateway determines a baseline check score corresponding to the Internet of things terminal according to a terminal check result from each baseline check item corresponding to the Internet of things terminal, judges whether the baseline check score exceeds a preset score threshold value, if yes, the Internet of things terminal passes the baseline check, and then the step B is carried out; otherwise, the safe communication channel connection between the Internet of things and the terminal of the Internet of things is disconnected by the Internet of things safe access gateway.
In practical applications, the step a includes the following steps A1 to A3.
A1, establishing a secure communication channel between the terminal of the Internet of things and the security access gateway of the Internet of things based on the bidirectional identity authentication of the terminal of the Internet of things and the security access gateway of the Internet of things, wherein the secure access module can adopt an SSL VPN secure communication channel in the actual design execution; and then the Internet of things security access gateway issues preset baseline inspection items corresponding to the terminal type and inspection strategies corresponding to the baseline inspection items to the Internet of things terminal through the security communication channel according to the terminal type of the Internet of things terminal, and the step A2 is carried out.
And step A2, the Internet of things terminal executes terminal state inspection according to each baseline inspection item from the Internet of things security access gateway to obtain the actual state of each baseline inspection item corresponding to the Internet of things terminal, further obtains the state classification value of each baseline inspection item corresponding to the Internet of things terminal according to the state classification inspection strategy respectively corresponding to each baseline inspection item, then returns to the Internet of things security access gateway through the security communication channel, and enters step A3.
A3, the Internet of things safety access gateway obtains a baseline check score corresponding to the Internet of things terminal according to the state classification value of each corresponding baseline check item from the Internet of things terminal and in combination with a preset weight value corresponding to each baseline check item respectively in a weighting mode, judges whether the baseline check score exceeds a preset score threshold value, if so, indicates that the Internet of things terminal passes the baseline check, and enters the step B; otherwise, the safe access gateway of the internet of things is disconnected from the safe communication channel with the terminal of the internet of things.
In practical applications, the baseline inspection items described herein may be specifically designed as follows:
and (3) permission security perception: security aware of whether the hypervisor is disabled;
and (3) security perception of a system account: security sensing whether the useless account is opened;
firewall opening security perception: whether a firewall is opened or not is subjected to security perception;
and (4) process audit: recording the running and quitting behaviors of the system process, and judging whether a non-white list process appears or not;
port service security awareness: recording opening information of all ports of the Ethernet in real time, and judging whether non-white list ports appear or not;
secure perception of system password strength: security sensing is carried out on the system password strength;
internet connection perception: and performing security perception on whether the Internet is connected.
And B, the Internet of things security access gateway controls the access authority of the Internet of things terminal to be started, and issues preset state check items corresponding to the terminal type and abnormal state check strategies corresponding to the state check items to the Internet of things terminal through the security communication channel according to the terminal type of the Internet of things terminal.
After the processing based on step B, the following step I1, and steps I2-1 to I2-3 are simultaneously performed in real time.
Step I1, based on the opening state of the access authority of the terminal of the Internet of things to the Internet of things security access gateway, the terminal of the Internet of things sends service access data through a security communication channel, the service access data are forwarded to a corresponding intranet Internet of things server through the control of the Internet of things security access gateway, response data from the intranet Internet of things server are returned to the Internet of things security access gateway for control and forwarding, and the response data are returned to the terminal of the Internet of things through the security communication channel, so that real-time data interaction between the terminal of the Internet of things and the intranet Internet of things server is realized.
Step I2-1, the Internet of things terminal executes the terminal abnormal check corresponding to each state check item according to the abnormal state check strategy corresponding to each preset state check item from the Internet of things safety access gateway, judges whether the abnormal state check item (namely the safety risk event) exists or not, returns the abnormal state check item to the Internet of things safety access gateway through a safety communication channel if the abnormal state check item exists, and enters the step I2-2; otherwise, no processing is performed.
And step I2-2, the Internet of things security access gateway obtains the score corresponding to the abnormal state check item according to the preset state classification value and the preset weight value corresponding to the received abnormal state check item, calculates the result of subtracting the score corresponding to the abnormal state check item from the baseline check score corresponding to the Internet of things terminal, updates the baseline check score corresponding to the Internet of things terminal, and then enters the step I2-3.
I2-3, the Internet of things security access gateway judges whether a baseline check score corresponding to the Internet of things terminal exceeds a preset score threshold value, if so, no processing is performed; otherwise, the thing networking security access gateway controls to close the access right of the thing networking terminal, and disconnects the security communication channel connection with the thing networking terminal, namely, the operation of the step I1 is stopped.
In the above scheme design, the steps I2-1 to I2-2 consider that, on the basis of the baseline check score corresponding to the internet of things terminal, a score reduction operation is performed for an abnormal state check item that may occur, so as to realize real-time detection of the internet of things terminal, and then, the invention further designs an optimal technical scheme, namely, not only considering the abnormal state check item, but also considering the state check item that is changed from the abnormal state to the non-abnormal state, namely, the steps I2-1 to I2-2 are further specifically designed as follows.
When the abnormal state check item check is executed in the step I2-1, the terminal of the Internet of things judges whether a state check item changed from an abnormal state to a non-abnormal state exists according to an abnormal state check strategy respectively corresponding to each preset state check item from the security access gateway of the Internet of things, if so, the state check item is returned to the security access gateway of the Internet of things through the security communication channel, and the step I2-2 is carried out; otherwise, no processing is performed.
And aiming at the fact that the score of the abnormal state check item is reduced in the step I2-2, the Internet of things safety access gateway obtains the score corresponding to the state check item according to the preset state classification value and the preset weight value corresponding to the state check item which is received and is changed from the abnormal state to the non-abnormal state, calculates the result of the baseline check score corresponding to the Internet of things terminal and the score corresponding to the abnormal state check item, and updates the baseline check score corresponding to the Internet of things terminal.
In practical applications, the status check items described herein may be specifically designed as follows:
and (4) terminal operation audit: recording a terminal operation instruction in real time, and judging whether dangerous operation occurs or not;
and (4) process audit: recording the running and quitting behaviors of the system process, and judging whether a non-white list process appears or not;
file/directory protection: carrying out safety monitoring on files or directories to determine whether newly adding, modifying, file name changing, file writing operation and authority changing of key record files/folders occur;
port service security awareness: recording opening information of all ports of the Ethernet in real time, and judging whether non-white list ports appear or not;
secure perception of system password strength: security sensing is carried out on the system password strength;
monitoring system resources: regularly recording the storage, network, CPU and memory resource use information of the system, and judging whether the threshold value is exceeded or not;
peripheral management and control: performing security audit on access behaviors of USB, TF cards and CD-ROM external equipment, configuring an equipment white list, and judging whether untrusted external equipment can be accessed or not;
and (3) network reliability perception: safety monitoring is carried out on the plugging and unplugging behaviors of the network cable, and the plugging, unplugging and external network interface access behaviors of the network cable are reported;
firewall opening security perception: reporting the firewall closing operation;
internet connection perception: and carrying out security perception on whether the Internet is connected.
In practical application implementation of the scheme, data transmission between the terminal of the internet of things and the security access gateway of the internet of things adopts encrypted data transmission, and the terminal of the internet of things performs decryption application on encrypted data from the security access gateway of the internet of things through the security communication channel and performs encryption application on data sent to the security access gateway of the internet of things through the security communication channel; the internet of things security access gateway decrypts and forwards encrypted data from the internet of things terminal through the security communication channel and encrypts and forwards data sent to the internet of things terminal through the security communication channel.
In practical application, during the process of reporting the security check result and the abnormal behavior by the terminal of the internet of things through the TCP protocol, the security message design structure shown in the following table 1 can be designed and adopted.
TABLE 1
Name (R) Length of Content providing method and apparatus Description of the preferred embodiment
Type (B) 1 01 or 02 1 is a baseline check message, 2 is a security event message
Version(s) 1 01 Key agreement confirmation
Length of 2 N Total length of message (network number)
Checking item number 1 01 Item number of inspection item
Examination results 1 00 or 01 00 is the inspection result is not in expectation, 01 is the inspection result is in expectation
Checking item number 1 02 Item number of inspection item
Examination results 1 00 or 01 00 is the inspection result is not in expectation, 01 is the inspection result is in expectation
Checking item number 1 03 Item number of inspection item
Examination results 1 00 or 01 00 indicates that the inspection result is not in accordance with the expectation, and 01 indicates that the inspection result is in accordance with the expectation
Checking item number 1 N Item number of inspection item
Examination results 1 00 or 01 00 is the inspection result is not in expectation, 01 is the inspection result is in expectation
Regarding the execution of the zero trust-based internet of things terminal security access method in practical application, a system for realizing the method is further designed, as shown in fig. 2, the system comprises a terminal Agent loaded on the internet of things terminal, wherein the terminal Agent comprises a security communication module, a security baseline check module and a security state monitoring module, and the security baseline check module and the security state monitoring module are respectively connected with the security communication module; the Internet of things security access gateway comprises a security access module and a risk assessment module which are connected with each other.
Based on the diagrams in fig. 3, 4 and 5, a secure communication channel is established between a secure communication module in the terminal Agent and a secure access module in the internet of things secure access gateway; and finally, the safety access module executes on-off control on the safety communication channel between the safety access module and the safety communication module and executes control on data access between the internet of things terminal and the internet of things safety access gateway according to the comparison result.
Based on the access permission of the terminal of the internet of things controlled and opened by the security access module based on the fig. 3, fig. 4 and fig. 5, the service access data of the terminal of the internet of things is sent to the security access module in the security access gateway of the internet of things through the security communication module in the terminal Agent and the security communication channel, and then the security access module controls the service access data and forwards the service access data to the intranet internet of things server for data access.
Based on the descriptions in fig. 3, fig. 4, and fig. 5, the security state monitoring module in the terminal Agent is used for implementing terminal anomaly detection for each state detection item corresponding to the terminal of the internet of things in real time, sending a detection result to the security access module in the security access gateway of the internet of things through the security communication module and the security communication channel in real time, forwarding the detection result to the risk evaluation module in real time to update the baseline detection score corresponding to the terminal of the internet of things and the comparison result with the preset score threshold value by the security access module, and finally executing on-off control on the security communication channel between the security access module and the security access gateway of the internet of things and executing control on data access between the terminal of the internet of things and the security access gateway of the internet of things according to the comparison result.
According to the zero-trust-based safe access method and system for the terminal of the Internet of things, aiming at data access operation between the terminal of the Internet of things and the corresponding intranet Internet of things server, an Internet of things safe access gateway is deployed at the boundary of the Internet of things, baseline check on the terminal of the Internet of things is executed before the data access operation, access control based on identity authentication and safe state evaluation is constructed, access control on the terminal of the Internet of things is strengthened, and safety is improved; on the basis of a qualified inspection result, real-time inspection of state abnormity is progressively executed while data access operation is performed, an abnormal terminal can be timely found, dynamic adjustment of access control authority is automatically realized, and safety risks are timely eliminated; therefore, the whole design scheme realizes dynamic and continuous monitoring of the running state of the terminal of the Internet of things, including static information inspection and dynamic information inspection, ensures that the terminal of the Internet of things accessed is credible and compliant, and ensures the safety of data access.
The embodiments of the present invention have been described in detail with reference to the drawings, but the present invention is not limited to the above embodiments, and various changes can be made within the knowledge of those skilled in the art without departing from the gist of the present invention.

Claims (8)

1. A zero trust based Internet of things terminal security access method is characterized in that: based on an Internet of things safety access gateway deployed at the boundary of the Internet of things, the data access of an Internet of things terminal to a corresponding intranet Internet of things server through the Internet of things safety access gateway is realized according to the following steps;
step A, based on the establishment of a secure communication channel between the Internet of things terminal and the Internet of things security access gateway, the Internet of things security access gateway determines a baseline check score corresponding to the Internet of things terminal according to a terminal check result from each baseline check item corresponding to the Internet of things terminal, judges whether the baseline check score exceeds a preset score threshold value, if yes, the Internet of things terminal passes the baseline check, and then the step B is carried out; otherwise, the safe communication channel connection between the Internet of things and the terminal of the Internet of things is disconnected by the Internet of things safe access gateway;
b, the Internet of things security access gateway controls the access authority of the Internet of things terminal to be started, and issues preset state check items corresponding to the terminal type and abnormal state check strategies corresponding to the state check items to the Internet of things terminal through a security communication channel according to the terminal type of the Internet of things terminal;
after the processing based on the step B, simultaneously executing the following step I1, and the steps I2-1 to I2-3 in real time;
step I1, based on the opening state of the access authority of the Internet of things terminal to the Internet of things security access gateway, the Internet of things terminal sends service access data through a security communication channel, the service access data are forwarded to a corresponding intranet Internet of things server through the control of the Internet of things security access gateway, and response data from the intranet Internet of things server are returned to the Internet of things security access gateway for control and forwarding and returned to the Internet of things terminal through the security communication channel, so that real-time data interaction between the Internet of things terminal and the intranet Internet of things server is realized;
i2-1, the Internet of things terminal executes the terminal abnormal check corresponding to each state check item according to the abnormal state check strategy corresponding to each preset state check item from the Internet of things safety access gateway, judges whether the abnormal state check item exists or not, returns the abnormal state check item to the Internet of things safety access gateway through a safety communication channel if the abnormal state check item exists, and enters the step I2-2; otherwise, no processing is carried out;
while executing the abnormal state check item check in the step I2-1, the terminal of the Internet of things judges whether a state check item changed from an abnormal state to a non-abnormal state exists according to an abnormal state check strategy respectively corresponding to each preset state check item from the security access gateway of the Internet of things, if so, the state check item is returned to the security access gateway of the Internet of things through the security communication channel, and the step I2-2 is carried out; otherwise, no processing is carried out;
i2-2, the Internet of things security access gateway obtains a score corresponding to the abnormal state check item according to a preset state classification value and a preset weight value corresponding to the received abnormal state check item, calculates a result obtained by subtracting the score corresponding to the abnormal state check item from a baseline check score corresponding to the Internet of things terminal, and updates the baseline check score corresponding to the Internet of things terminal;
when the score reduction is carried out on the abnormal state inspection item, the Internet of things safety access gateway obtains a score corresponding to the state inspection item according to a preset state classification value and a preset weight value corresponding to the received state inspection item changed from the abnormal state to the non-abnormal state, calculates a result obtained by adding a baseline inspection score corresponding to the Internet of things terminal to a score corresponding to the abnormal state inspection item, and updates the baseline inspection score corresponding to the Internet of things terminal; then entering step I2-3;
i2-3, the Internet of things security access gateway judges whether a baseline check score corresponding to the Internet of things terminal exceeds a preset score threshold value, if so, no processing is performed; otherwise, the Internet of things safety access gateway controls to close the access authority of the Internet of things terminal, the safety communication channel connection with the Internet of things terminal is disconnected, and the operation in the step I1 is stopped.
2. The zero-trust based secure access method for the terminal of the internet of things of claim 1, wherein the method comprises the following steps: the step A comprises the following steps A1 to A3;
a1, based on the establishment of a secure communication channel between the terminal of the Internet of things and the security access gateway of the Internet of things, the security access gateway of the Internet of things issues preset baseline check items corresponding to the terminal type and check strategies corresponding to the baseline check items to the terminal of the Internet of things through the secure communication channel according to the terminal type of the terminal of the Internet of things, and the step A2 is carried out;
a2, the terminal of the Internet of things executes terminal state inspection according to each baseline inspection item from the security access gateway of the Internet of things to obtain the actual state of each baseline inspection item corresponding to the terminal of the Internet of things, further obtains state classification values of each baseline inspection item corresponding to the terminal of the Internet of things according to state classification inspection strategies respectively corresponding to each baseline inspection item, then returns to the security access gateway of the Internet of things through a security communication channel, and enters the step A3;
a3, the Internet of things security access gateway obtains a baseline check score corresponding to the Internet of things terminal according to the state classification value of each corresponding baseline check item from the Internet of things terminal and in combination with a preset weight value corresponding to each baseline check item respectively in a weighting mode, judges whether the baseline check score exceeds a preset score threshold value, if so, indicates that the Internet of things terminal passes the baseline check, and enters the step B; otherwise, the safe access gateway of the internet of things is disconnected from the safe communication channel with the terminal of the internet of things.
3. The zero-trust-based secure access method for the terminal of the internet of things according to claim 1, wherein the secure access method comprises the following steps: and in the step A, a secure communication channel between the terminal of the Internet of things and the security access gateway of the Internet of things is established based on the bidirectional identity authentication of the terminal of the Internet of things and the security access gateway of the Internet of things.
4. The zero-trust-based secure access method for the terminal of the internet of things according to claim 1, wherein the secure access method comprises the following steps: the data transmission between the terminal of the Internet of things and the security access gateway of the Internet of things adopts encrypted data transmission, and the terminal of the Internet of things performs decryption application on encrypted data from the security access gateway of the Internet of things through the security communication channel and performs encryption application on data sent to the security access gateway of the Internet of things through the security communication channel; the Internet of things security access gateway decrypts and forwards encrypted data from the Internet of things terminal through the security communication channel and encrypts and forwards data sent to the Internet of things terminal through the security communication channel.
5. The zero-trust-based secure access method for the terminal of the internet of things according to claim 1, wherein the baseline check items comprise the following items:
and (4) permission security perception: security aware of whether the hypervisor is disabled;
and (3) security perception of a system account: security sensing is carried out on whether the useless account is opened or not;
firewall opening security perception: whether a firewall is opened or not is subjected to security perception;
and (4) process audit: recording the running and quitting behaviors of the system process, and judging whether a non-white list process appears or not;
port service security awareness: recording opening information of all ports of the Ethernet in real time, and judging whether non-white list ports appear or not;
secure perception of system password strength: carrying out security perception on the system password strength;
internet connection perception: and carrying out security perception on whether the Internet is connected.
6. The zero-trust-based secure access method for the terminal of the internet of things according to claim 1, wherein the status check items comprise the following items:
and (4) terminal operation audit: recording a terminal operation instruction in real time, and judging whether dangerous operation occurs or not;
and (4) process audit: recording the running and quitting behaviors of the system process, and judging whether a non-white list process appears or not;
file/directory protection: carrying out safety monitoring on files or directories to determine whether newly adding, modifying, file name changing, file writing operation and authority changing of key record files/folders occur;
port service security awareness: recording opening information of all ports of the Ethernet in real time, and judging whether non-white list ports appear or not;
secure perception of system password strength: security sensing is carried out on the system password strength;
monitoring system resources: regularly recording the storage, network, CPU and memory resource use information of the system, and judging whether the threshold value is exceeded or not;
peripheral management and control: performing security audit on access behaviors of USB, TF cards and CD-ROM external equipment, configuring an equipment white list, and judging whether untrusted external equipment is accessed or not;
network reliability perception: safety monitoring is carried out on the plugging and unplugging behaviors of the network cable, and the plugging, unplugging and external network interface access behaviors of the network cable are reported;
firewall opening security perception: reporting the firewall closing operation;
internet connection perception: and carrying out security perception on whether the Internet is connected.
7. The system for realizing the zero-trust-based secure access method of the terminal of the internet of things according to any one of claims 1 to 6 is characterized in that: the terminal Agent is loaded on the terminal of the Internet of things and comprises a safety communication module, a safety baseline inspection module and a safety state monitoring module, wherein the safety baseline inspection module and the safety state monitoring module are respectively connected with the safety communication module; the Internet of things safety access gateway comprises a safety access module and a risk evaluation module which are connected with each other;
the method comprises the steps that a secure communication channel is established between a secure communication module in a terminal Agent and a secure access module in an Internet of things secure access gateway;
a safety baseline inspection module in the terminal Agent is used for realizing terminal state inspection aiming at each baseline inspection item corresponding to the terminal of the Internet of things, transmitting a state inspection result to a safety access module in the security access gateway of the Internet of things through a safety communication module and a safety communication channel, then forwarding the state inspection result to a risk evaluation module by the safety access module to determine a baseline inspection score corresponding to the terminal of the Internet of things and a comparison result with a preset score threshold value, and finally executing on-off control on the safety communication channel between the safety access module and the safety communication module and executing control on data access between the terminal of the Internet of things and the security access gateway of the Internet of things according to the comparison result by the safety access module;
the access authority of the terminal of the Internet of things is controlled to be opened based on the security access module, service access data of the terminal of the Internet of things is sent to the security access module in the security access gateway of the Internet of things through the security communication module in the terminal Agent and the security communication channel, and then the security access module controls the service access data and forwards the service access data to the intranet Internet of things server for data access;
and finally, the safety access module executes on-off control on the safety communication channel between the safety access module and the safety communication module and executes control on data access between the terminal of the internet of things and the safety access gateway of the internet of things according to the comparison result.
8. The system of the zero-trust based secure access method for the terminal of the internet of things according to claim 7, wherein: and an SSL VPN secure communication channel is established between a secure communication module in the terminal Agent and a secure access module in the Internet of things secure access gateway.
CN202211083477.1A 2022-09-06 2022-09-06 Zero-trust-based Internet of things terminal secure access method and system Active CN115150208B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211083477.1A CN115150208B (en) 2022-09-06 2022-09-06 Zero-trust-based Internet of things terminal secure access method and system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211083477.1A CN115150208B (en) 2022-09-06 2022-09-06 Zero-trust-based Internet of things terminal secure access method and system

Publications (2)

Publication Number Publication Date
CN115150208A CN115150208A (en) 2022-10-04
CN115150208B true CN115150208B (en) 2022-11-25

Family

ID=83416650

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211083477.1A Active CN115150208B (en) 2022-09-06 2022-09-06 Zero-trust-based Internet of things terminal secure access method and system

Country Status (1)

Country Link
CN (1) CN115150208B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115550074B (en) * 2022-11-30 2023-03-03 北京时代亿信科技股份有限公司 Zero trust verification method, device and system and electronic equipment
CN115549932B (en) * 2022-12-06 2023-05-02 信联科技(南京)有限公司 Security access system and access method for massive heterogeneous Internet of things terminals
CN115695053A (en) * 2023-01-03 2023-02-03 国网浙江省电力有限公司金华供电公司 Access system of power distribution internet of things
CN116248277A (en) * 2023-03-10 2023-06-09 深圳市骏捷安全技术有限公司 Zero-trust security processing method and system for authentication encryption of Internet of things equipment

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114726576A (en) * 2022-03-03 2022-07-08 山东鲁软数字科技有限公司 Edge Internet of things agent basic service safety management system

Family Cites Families (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10601844B2 (en) * 2017-07-14 2020-03-24 Guavus, Inc. Non-rule based security risk detection
CN110620768A (en) * 2019-09-16 2019-12-27 北京方研矩行科技有限公司 Baseline safety detection method and device for intelligent terminal of Internet of things
CN110855707A (en) * 2019-11-26 2020-02-28 成都电科信安科技有限公司 Internet of things communication pipeline safety control system and method
CN110958262A (en) * 2019-12-15 2020-04-03 国网山东省电力公司电力科学研究院 Ubiquitous Internet of things safety protection gateway system, method and deployment architecture in power industry
CN114553540B (en) * 2022-02-22 2024-03-08 平安科技(深圳)有限公司 Zero trust-based Internet of things system, data access method, device and medium
CN114726722B (en) * 2022-03-30 2023-10-27 深圳市国电科技通信有限公司 Bian Yun collaborative baseline checking and configuration updating method, system and storage medium

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114726576A (en) * 2022-03-03 2022-07-08 山东鲁软数字科技有限公司 Edge Internet of things agent basic service safety management system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于可信计算构建物联网安全边界;何申等;《电信工程技术与标准化》;20191215(第12期);全文 *

Also Published As

Publication number Publication date
CN115150208A (en) 2022-10-04

Similar Documents

Publication Publication Date Title
Yaacoub et al. Cyber-physical systems security: Limitations, issues and future trends
Panchal et al. Security issues in IIoT: A comprehensive survey of attacks on IIoT and its countermeasures
CN115150208B (en) Zero-trust-based Internet of things terminal secure access method and system
US10003608B2 (en) Automated insider threat prevention
Cazorla et al. Cyber stealth attacks in critical information infrastructures
Radivilova et al. Decrypting SSL/TLS traffic for hidden threats detection
Islam et al. An analysis of cybersecurity attacks against internet of things and security solutions
Rani et al. Cyber security techniques, architectures, and design
Albalawi et al. Assessing and reviewing of cyber-security threats, attacks, mitigation techniques in IoT environment
Okpe et al. Intrusion detection in internet of things (IoT).
CN114629719A (en) Resource access control method and resource access control system
AbuEmera et al. Security framework for identifying threats in smart manufacturing systems using STRIDE approach
Arreaga et al. Security Vulnerability Analysis for IoT Devices Raspberry Pi using PENTEST
Schlicher et al. Towards reducing the data exfiltration surface for the insider threat
Hussain et al. Threats and Vulnerabilities of Wireless Networks in the Internet of Things (IoT)
Kang et al. Whitelists based multiple filtering techniques in SCADA sensor networks
Miloslavskaya et al. Ensuring information security for internet of things
Kandan et al. Network attacks and prevention techniques-a study
Mahlous Threat model and risk management for a smart home iot system
Khandelwal et al. Frontline techniques to prevent web application vulnerability
CN116248405A (en) Network security access control method based on zero trust and gateway system and storage medium adopting same
Choi IoT (Internet of Things) based Solution Trend Identification and Analysis Research
Xiao Research on computer network information security based on big data technology
Damodharan et al. The Performance Analysis of Network Security Management Model in High Speed Computer Networks
Karamagi Comptia Security+ Practice Exams

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant