CN116614307A - Data security transmission method and system suitable for power edge computing chip - Google Patents

Data security transmission method and system suitable for power edge computing chip Download PDF

Info

Publication number
CN116614307A
CN116614307A CN202310768585.0A CN202310768585A CN116614307A CN 116614307 A CN116614307 A CN 116614307A CN 202310768585 A CN202310768585 A CN 202310768585A CN 116614307 A CN116614307 A CN 116614307A
Authority
CN
China
Prior art keywords
data
target
field
sub
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202310768585.0A
Other languages
Chinese (zh)
Inventor
辛明勇
徐长宝
王宇
林呈辉
习伟
高吉普
杨婧
姚浩
祝健杨
何雨旻
冯起辉
张历
金学军
邓松
谈竹奎
吕黔苏
徐玉韬
古庭赟
申彧
文贤馗
汪明媚
孟令雯
李博文
张后谊
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guizhou Power Grid Co Ltd
Original Assignee
Guizhou Power Grid Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guizhou Power Grid Co Ltd filed Critical Guizhou Power Grid Co Ltd
Priority to CN202310768585.0A priority Critical patent/CN116614307A/en
Publication of CN116614307A publication Critical patent/CN116614307A/en
Pending legal-status Critical Current

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a data security transmission method and a system suitable for an electric power edge computing chip, wherein the method comprises the steps that a main controller obtains target data to be transmitted, and splits the target data to obtain target sub-data which is suitable for the number of service sub-nodes; determining a target service child node for transmitting corresponding target child data according to the size of the target child data; analyzing target sub-data to be transmitted to obtain a plurality of analysis fields; acquiring an encryption key, and encrypting the analysis field through the encryption key to obtain a corresponding encryption field; the encryption fields are randomly ordered and integrated to obtain corresponding encryption data; and transmitting the encrypted data to a data receiving end, and decrypting the encrypted data by the data receiving end. The method effectively solves the problem that data is illegally invaded in the interaction process by screening the size of the data, constructing an energy consumption estimation model, analyzing, encrypting and decrypting by a receiving end.

Description

Data security transmission method and system suitable for power edge computing chip
Technical Field
The application relates to the technical field of data security transmission method and system suitable for an electric power edge computing chip.
Background
Under the drive of a double-carbon target, the digital transformation becomes urgent in the power grid industry, and an intelligent terminal based on a power edge computing chip, namely the power terminal is one of key technologies for supporting the development of a digital power grid and the construction of a novel power system, and the application scene of the intelligent terminal comprises a new energy system with a low voltage level, a micro-grid with a medium voltage level and a virtual power plant, and even a wide area distributed intelligent power grid covering multiple voltage levels.
However, the processing capability of the chip is limited, and in some cases, data interaction with the server is required, for example, data uploading and data log reporting cannot be performed through edge calculation, and in these data interaction scenarios, problems currently exist including that transmission data is easy to be intercepted, an invader easily falsifies the identity of the server to perform illegal data transaction, and end-to-end data may be monitored and tampered, if an effective way cannot be adopted to avoid illegal intrusion problems in the interaction process, this will bring huge loss to enterprises.
Disclosure of Invention
This section is intended to outline some aspects of embodiments of the application and to briefly introduce some preferred embodiments. Some simplifications or omissions may be made in this section as well as in the description of the application and in the title of the application, which may not be used to limit the scope of the application.
The application is provided in view of the problems that the existing power edge computing chip is easy to intercept, forge, monitor and tamper data.
Therefore, the present application aims to provide a data security transmission method and system suitable for a power edge computing chip, and the purpose of the present application is to: through screening the size of target sub-data, constructing an energy consumption estimation model, analyzing and encrypting the data, and decrypting the data by a receiving end, the problem that the data is illegally invaded in the interaction process is effectively prevented.
In order to solve the technical problems, the application provides the following technical scheme:
in a first aspect, the present application provides a data security transmission method suitable for a power edge computing chip, which includes that a main controller obtains target data to be transmitted, and splits the target data to obtain a plurality of target sub-data adapted to the number of service sub-nodes; determining a target service sub-node for transmitting corresponding target sub-data according to the size of each target sub-data; the target service sub-node analyzes target sub-data to be transmitted to obtain a plurality of analysis fields; the target service child node obtains an encryption key, and encrypts the analysis field through the encryption key to obtain a corresponding encryption field; the encryption fields are randomly ordered and integrated through the target service child node to obtain corresponding encryption data; and the target service sub-node transmits the encrypted data to a data receiving end, and the data receiving end decrypts the encrypted data.
As a preferable scheme of the data security transmission method suitable for the power edge computing chip, the application comprises the following steps: determining a target service sub-node for transmitting corresponding target sub-data according to the size of each target sub-data comprises the following steps: the main controller determines target resource information to be consumed for transmitting data according to the size of the corresponding target sub-data respectively; the method comprises the steps that a main controller obtains real-time available resource information of each service child node in a preset period; comparing the size of the target resource information with the size of the real-time available resource information of all the child nodes in a preset period, and judging whether the target resource information accords with the data transmission condition; if the size of the target resource information is smaller than 80% of the size of the real-time available resource information, determining that the target resource information accords with the primary condition of data transmission; if the size of the target resource information is greater than 80% of the size of the real-time available resource information and less than 90% of the size of the real-time available resource information, determining that the target resource information meets the secondary condition of data transmission; otherwise, the data transmission conditions are not met until the data transmission conditions are met; the main controller determines a target service sub-node for transmitting the corresponding target sub-data based on the comparison result.
As a preferable scheme of the data security transmission method suitable for the power edge computing chip, the application comprises the following steps: the main controller can selectively construct an energy consumption estimation model based on the real-time available resource information, the size and transmission length of target sub-data and energy consumption parameters, estimate residual energy based on the energy consumption estimation model, and screen target service sub-nodes based on the residual energy; the specific form of the energy consumption estimation model is as follows:where α is real-time available resource information, β is the size of the target sub-data, l is the transmission length, ε i For the ith energy consumption parameter, θ is the transmission attenuation coefficient, and δ is the residual energy.
As a preferable scheme of the data security transmission method suitable for the power edge computing chip, the application comprises the following steps: the target service sub-node analyzes target sub-data to be transmitted to obtain a plurality of analysis fields, and the method comprises the following steps: the method comprises the steps that a target service sub-node obtains a data analysis template, analyzes target sub-data to be transmitted according to the data analysis template, and obtains an initial analysis field, wherein a field length division rule and a field construction rule are defined in the data analysis template; the target service sub-node evaluates the integrity of the initial analysis field, and when the integrity of the initial analysis field is less than 0.6 and accords with the secondary condition of data transmission, the initial analysis field is an incomplete field and needs to be analyzed again; when the integrity of the initial analysis field is more than 0.6 and less than 0.85 and accords with the two-level condition of data transmission, the field is a supplementary field; if the analysis field contains a complete construction field and corresponding target sub-data, the definition of the field length division rule is carried out again; if the analysis field contains a complete length division field and corresponding target sub-data, the definition of the field construction rule is carried out again; when the integrity of the initial analysis field is larger than a preset value of 0.85 and accords with the data transmission secondary condition, the analysis field is a valid field, so that a corresponding target analysis field is obtained.
As a preferable scheme of the data security transmission method suitable for the power edge computing chip, the application comprises the following steps: the encryption processing comprises the following specific steps: when the target service child node establishes first connection with the data receiving end, the target service child node acquires a public key-private key pair sent by the data receiving end; the target service child node obtains a signature of a public key and verifies the legitimacy of the public key-private key pair based on the signature of the public key; when the verification is confirmed to pass, the currently received public key is used as an encryption key, and each analysis field is encrypted through the encryption key to obtain a corresponding encryption field.
As a preferable scheme of the data security transmission method suitable for the power edge computing chip, the application comprises the following steps: the head of the encrypted data is provided with a sequencing identifier for indicating the sequencing order of the fields, and the data receiving end decrypts the encrypted data, and comprises the following steps: the data receiving end decrypts the encrypted data based on a pre-generated private key to obtain corresponding initial decrypted data; and extracting a sorting identifier from the initial decryption data by a data receiving end, and sorting and adjusting the decryption fields based on the sorting identifier to obtain target decryption data.
In a second aspect, an embodiment of the present application provides a data security transmission system applicable to a power edge computing chip, including a data processing module, a data transmission module, and a data encryption module; the data processing module splits the target data to obtain a plurality of target sub-data which are adaptive to the number of the service sub-nodes; analyzing target sub-data to be transmitted to obtain a plurality of analysis fields; randomly sequencing and integrating the obtained multiple encryption fields to obtain corresponding encryption data; the data transmission module is used for determining a target service sub-node for transmitting corresponding target sub-data according to the size of each target sub-data; transmitting the encrypted data to a data receiving end, and decrypting the encrypted data by the data receiving end; the data encryption module acquires an encryption key, and encrypts each analysis field through the encryption key to obtain a corresponding encryption field.
As a preferable scheme of the data security transmission system suitable for the power edge computing chip, the application comprises the following steps: the data encryption module acquires a public key-private key pair sent by the data receiving end when establishing primary connection with the data receiving end; triggering a target service child node to acquire a signature of a public key, and verifying the legitimacy of the public key-private key pair based on the signature of the public key; when the target service sub-node is triggered to pass verification, the currently received public key is used as an encryption key, and each analysis field is encrypted through the encryption key to obtain a corresponding encryption field.
In a third aspect, embodiments of the present application provide a computer apparatus comprising a memory and a processor, the memory storing a computer program, wherein: and the processor executes any step of the data security transmission method of the power edge computing chip when executing the computer program.
In a fourth aspect, embodiments of the present application provide a computer-readable storage medium having a computer program stored thereon, wherein: the computer program, when executed by the processor, implements any step of the data security transmission method of the power edge computing chip.
The application has the beneficial effects that: the problems of illegal invasion of data in the interaction process are effectively solved by screening the size of target sub-data, constructing an energy consumption estimation model, analyzing and encrypting the data and decrypting the data by a receiving end.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are needed in the description of the embodiments will be briefly described below, it being obvious that the drawings in the following description are only some embodiments of the present application, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art. Wherein:
fig. 1 is a schematic overall flow chart of a data security transmission method of a power edge computing chip of the present application.
Fig. 2 is a schematic flow chart of a data security transmission method of the power edge computing chip of the present application.
Fig. 3 is a schematic structural diagram of a data security transmission system of the power edge computing chip of the present application.
Detailed Description
In order that the above-recited objects, features and advantages of the present application will become more readily apparent, a more particular description of the application will be rendered by reference to specific embodiments thereof which are illustrated in the appended drawings.
In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present application, but the present application may be practiced in other ways other than those described herein, and persons skilled in the art will readily appreciate that the present application is not limited to the specific embodiments disclosed below.
Further, reference herein to "one embodiment" or "an embodiment" means that a particular feature, structure, or characteristic can be included in at least one implementation of the application. The appearances of the phrase "in one embodiment" in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments.
Further, in describing the embodiments of the present application in detail, the cross-sectional view of the device structure is not partially enlarged to a general scale for convenience of description, and the schematic is only an example, which should not limit the scope of protection of the present application. In addition, the three-dimensional dimensions of length, width and depth should be included in actual fabrication.
Example 1
Referring to fig. 1-3, for a first embodiment of the present application, a method and a system for data security transmission suitable for a power edge computing chip are provided, where the method includes the following steps:
s1: the main controller acquires target data to be transmitted, splits the target data and obtains target sub-data which is suitable for the number of the service sub-nodes.
S2: and determining a target service child node for transmitting the corresponding target child data according to the size of the target child data.
Which comprises the following steps:
and the main controller determines target resource information to be consumed for transmitting the data according to the size of the corresponding target sub-data.
The main controller acquires real-time available resource information of each service child node in a preset period.
And comparing the size of the target resource information with the size of the real-time available resource information of all the child nodes in a preset period, and judging whether the target resource information meets the data transmission condition.
If the size of the target resource information is smaller than 80% of the size of the real-time available resource information, determining that the target resource information accords with the primary condition of data transmission; if the size of the target resource information is greater than 80% of the size of the real-time available resource information and less than 90% of the size of the real-time available resource information, determining that the target resource information meets the secondary condition of data transmission; otherwise, the data is not met until the data is matched with the data transmission condition.
The main controller determines a target service sub-node for transmitting corresponding target sub-data based on the comparison result.
The main controller can select to construct an energy consumption estimation model based on real-time available resource information, the size of target sub-data, the transmission length and the energy consumption parameter, estimate the residual energy based on the energy consumption estimation model, and screen the target service sub-node based on the residual energy.
The specific form of the energy consumption estimation model is as follows:
where α is real-time available resource information, β is the size of the target sub-data, l is the transmission length, ε i For the ith energy consumption parameter, θ is the transmission attenuation coefficient, and δ is the residual energy.
S3: the target service sub-node analyzes target sub-data to be transmitted to obtain a plurality of analysis fields.
S4: and the target service child node acquires the encryption key, and encrypts the analysis field through the encryption key to obtain a corresponding encryption field.
The method comprises the following steps:
the target service sub-node acquires a data analysis template, analyzes target sub-data to be transmitted according to the data analysis template, and obtains an initial analysis field, wherein a field length division rule and a field construction rule are defined in the data analysis template.
The target service sub-node evaluates the integrity of the initial analysis field, and when the integrity of the initial analysis field is less than 0.6 and accords with the two-level condition of data transmission, the initial analysis field is an incomplete field, and analysis is needed again.
When the integrity of the initial analysis field is more than 0.6 and less than 0.85 and accords with the two-level condition of data transmission, the field can be supplemented.
If the analysis field contains a complete construction field and corresponding target sub-data, establishing a corresponding relation between the ID and the construction field, and executing the supplement of the corresponding relation.
If the analysis field contains a complete length division field and corresponding target sub-data, establishing the corresponding relation between the ID and the length division field, and executing the supplement of the corresponding relation.
Supplement of correspondence: searching the established corresponding relation according to the ID or the known analysis field, and matching and establishing a complete analysis field according to the established corresponding relation.
When the integrity of the initial analysis field is larger than a preset value of 0.85 and accords with the data transmission secondary condition, the analysis field is a valid field, so that a corresponding target analysis field is obtained.
S5: and randomly sequencing and integrating the encrypted fields through the target service child nodes to obtain corresponding encrypted data.
The encryption processing comprises the following specific steps:
when the target service child node establishes first connection with the data receiving end, the target service child node acquires a public key-private key pair sent by the data receiving end.
The target service child node obtains the signature of the public key and verifies the legitimacy of the public-private key pair based on the signature of the public key.
When the verification is confirmed to pass, the currently received public key is used as an encryption key, and each analysis field is encrypted through the encryption key to obtain a corresponding encryption field.
S6: the target service sub-node transmits the encrypted data to the data receiving end, and the data receiving end decrypts the encrypted data.
The head of the encrypted data is provided with a sequencing mark for indicating the sequencing order of the fields, and the data receiving end decrypts the encrypted data, and comprises the following steps:
and the data receiving end decrypts the encrypted data based on the pre-generated private key to obtain corresponding initial decrypted data.
And extracting a sorting identifier from the initial decrypted data by the data receiving end, and sorting and adjusting the decrypted fields based on the sorting identifier to obtain target decrypted data.
Further, the embodiment also provides a data security transmission system suitable for the power edge computing chip, which comprises a data processing module, a data transmission module and a data encryption module.
The data processing module splits the target data to obtain a plurality of target sub-data which are adaptive to the number of the service sub-nodes; analyzing target sub-data to be transmitted to obtain a plurality of analysis fields; and randomly sequencing and integrating the obtained multiple encrypted fields to obtain corresponding encrypted data.
The data transmission module is used for determining target service sub-nodes for transmitting corresponding target sub-data according to the size of each target sub-data respectively; and transmitting the encrypted data to a data receiving end, and decrypting the encrypted data by the data receiving end.
And the data encryption module acquires the encryption key, and encrypts each analysis field through the encryption key to obtain a corresponding encryption field.
The data encryption module acquires a public key-private key pair sent by the data receiving end when the first connection is established with the data receiving end; triggering a target service child node to acquire a signature of a public key, and verifying the legitimacy of a public key-private key pair based on the signature of the public key; when the target service sub-node is triggered to pass verification, the currently received public key is used as an encryption key, and each analysis field is encrypted through the encryption key to obtain a corresponding encryption field.
The embodiment also provides a computer device, which is suitable for the case of a data security transmission method of a power edge computing chip, and includes: a memory and a processor; the memory is used for storing computer executable instructions, and the processor is used for executing the computer executable instructions to realize the data security transmission method of the power edge computing chip according to the embodiment.
The computer device may be a terminal comprising a processor, a memory, a communication interface, a display screen and input means connected by a system bus.
Wherein the processor of the computer device is configured to provide computing and control capabilities.
The memory of the computer device includes a non-volatile storage medium and an internal memory.
The non-volatile storage medium stores an operating system and a computer program.
The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media.
The communication interface of the computer device is used for carrying out wired or wireless communication with an external terminal, and the wireless mode can be realized through WIFI, an operator network, near field communication NFC or other technologies.
The display screen of the computer equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the computer equipment can be a touch layer covered on the display screen, can also be keys, a track ball or a touch pad arranged on the shell of the computer equipment, and can also be an external keyboard, a touch pad or a mouse and the like.
The present embodiment also provides a storage medium having stored thereon a computer program which, when executed by a processor, implements the data security transmission method suitable for a power edge computing chip as set forth in the above embodiments.
The storage medium according to the present embodiment belongs to the same inventive concept as the data storage method according to the above embodiment, and technical details not described in detail in the present embodiment can be seen in the above embodiment, and the present embodiment has the same advantageous effects as the above embodiment.
In summary, the problem that the data is illegally invaded in the interaction process is effectively solved by screening the size of the target sub-data, constructing an energy consumption estimation model, analyzing and encrypting the data and decrypting the data by a receiving end; based on the system support of the application, the data processing, transmission and encryption processes of the method are realized, thereby more effectively protecting the integrity and correctness of the data.
Example 2
Referring to fig. 2, a second embodiment of the present application is shown, which differs from the first embodiment in that: another specific embodiment of the present application is provided.
The method comprises the following steps:
s1: the main controller acquires target data to be transmitted, splits the target data and obtains target sub-data which is suitable for the number of the service sub-nodes.
Specifically, the main controller splits the target data according to the number of the service sub-nodes to obtain corresponding target sub-data.
S2: and determining a target service child node for transmitting the corresponding target child data according to the size of the target child data.
Further, the main controller determines the size of each target sub-data first, and further determines the resources required to be consumed for transmitting the data. And subsequently, screening the transmission nodes based on the determined consumed resources.
Which comprises the following steps:
and the main controller determines target resource information to be consumed for transmitting the data according to the size of the corresponding target sub-data.
The main controller acquires real-time available resource information of each service child node in a preset period.
And comparing the size of the target resource information with the size of the real-time available resource information of all the child nodes in a preset period, and judging whether the target resource information meets the data transmission condition.
If the size of the target resource information is smaller than 80% of the size of the real-time available resource information, determining that the target resource information accords with the primary condition of data transmission; if the size of the target resource information is greater than 80% of the size of the real-time available resource information and less than 90% of the size of the real-time available resource information, determining that the target resource information meets the secondary condition of data transmission; otherwise, the data is not met until the data is matched with the data transmission condition.
The main controller determines a target service sub-node for transmitting corresponding target sub-data based on the comparison result.
The main controller can select to construct an energy consumption estimation model based on real-time available resource information, the size of target sub-data, the transmission length and the energy consumption parameter, estimate the residual energy based on the energy consumption estimation model, and screen the target service sub-node based on the residual energy.
The specific form of the energy consumption estimation model is as follows:
where α is real-time available resource information, β is the size of the target sub-data, l is the transmission length, ε i For the ith energy consumption parameter, θ is the transmission attenuation coefficient, and δ is the residual energy.
S3: the target service sub-node analyzes target sub-data to be transmitted to obtain a plurality of analysis fields.
S4: and the target service child node acquires the encryption key, and encrypts the analysis field through the encryption key to obtain a corresponding encryption field.
The method comprises the following steps:
the target service sub-node acquires a data analysis template, analyzes target sub-data to be transmitted according to the data analysis template, and obtains an initial analysis field, wherein a field length division rule and a field construction rule are defined in the data analysis template.
The target service sub-node evaluates the integrity of the initial analysis field, and when the integrity of the initial analysis field is less than 0.6 and accords with the two-level condition of data transmission, the initial analysis field is an incomplete field, and analysis is needed again.
When the integrity of the initial analysis field is more than 0.6 and less than 0.85 and accords with the two-level condition of data transmission, the field can be supplemented.
If the analysis field contains a complete construction field and corresponding target sub-data, establishing a corresponding relation between the ID and the construction field, and executing the supplement of the corresponding relation.
If the analysis field contains a complete length division field and corresponding target sub-data, establishing the corresponding relation between the ID and the length division field, and executing the supplement of the corresponding relation.
Supplement of correspondence: searching the established corresponding relation according to the ID or the known analysis field, and matching and establishing a complete analysis field according to the established corresponding relation.
When the integrity of the initial analysis field is larger than a preset value of 0.85 and accords with the data transmission secondary condition, the analysis field is a valid field, so that a corresponding target analysis field is obtained.
The target service sub-node encrypts the data to be transmitted based on an encryption rule pre-negotiated with the data receiving end, for example, by using a first public key-private key pair pre-generated by the obtained data receiving end, and after receiving the encrypted data, the subsequent data receiving end decrypts the encrypted data based on the first private key, so that the required data can be obtained.
Or, the target service sub-node may transmit the pre-generated second public key-private key pair to the data receiving end in advance, and the data receiving end receives the corresponding encrypted data and then decrypts the data based on the second private key.
S5: and randomly sequencing and integrating the encrypted fields through the target service child nodes to obtain corresponding encrypted data.
The encryption processing comprises the following specific steps:
when the target service child node establishes first connection with the data receiving end, the target service child node acquires a public key-private key pair sent by the data receiving end.
The target service child node obtains the signature of the public key and verifies the legitimacy of the public-private key pair based on the signature of the public key.
When the verification is confirmed to pass, the currently received public key is used as an encryption key, and each analysis field is encrypted through the encryption key to obtain a corresponding encryption field.
In particular, in the implementation process, the target service sub-node may consider to adopt a field selection tool and a field ordering tool, and after the corresponding field is selected by the field selection tool, the selected field is further input into the field ordering tool for random ordering integration.
S6: the target service sub-node transmits the encrypted data to the data receiving end, and the data receiving end decrypts the encrypted data.
The head of the encrypted data is provided with a sequencing mark for indicating the sequencing order of the fields, and the data receiving end decrypts the encrypted data, and comprises the following steps:
and the data receiving end decrypts the encrypted data based on the pre-generated private key to obtain corresponding initial decrypted data.
And extracting a sorting identifier from the initial decrypted data by the data receiving end, and sorting and adjusting the decrypted fields based on the sorting identifier to obtain target decrypted data.
Preferably, after the data receiving end initially obtains the corresponding decrypted data, the current data is disordered, so that the original data is required to be restored, the ordering rule is required to be known, and the ordering adjustment is carried out according to the ordering rule.
In order to verify the encryption and decryption efficiency and the effect of resisting the intrusion attack, the encryption and decryption method of the application performs 5 times of encryption and decryption on a field with 256 bytes in length by using an RSA encryption algorithm and an ELGamal encryption algorithm, simultaneously introduces a pseudo public key-private key pair attack, and records the time consumption of operation and the condition of resisting the attack, as shown in a table 1.
Table 1 comparison of the consumption and the attack resistance of the encryption algorithm
As can be seen from Table 1, in the aspect of encryption and decryption time consumption, the encryption and decryption time consumption of the method is longer than that of an RSA encryption algorithm, but the anti-attack effect is more obvious, and the method has safer performance, although the ELGamal encryption algorithm is adopted. The method can also resist attack, but has long time consumption of encryption and decryption, and the method has short time consumption of encryption and decryption, and can successfully resist attack, so that the data transmission process is safer and more reliable.
In this embodiment 2, the association record of the sorting identifier and the sorting rule is performed in the public database in advance, and the data receiving end further triggers the association acquisition of the corresponding sorting rule from the public database after extracting the sorting identifier, and then performs sorting adjustment to realize the recovery of the unordered data.
In summary, the method of the application considers that the big data transmission is performed in a distributed transmission mode, so that the flow of data transmission by the master node is omitted, and the transmission efficiency is improved. On the other hand, before data transmission, a specific encryption key is adopted to carry out data encryption processing, and the ordering sequence of each field in the data is disturbed, so that risks of decoding and illegal theft in the data transmission process are reduced, and the safety of data transmission is ensured.
It should be noted that the above embodiments are only for illustrating the technical solution of the present application and not for limiting the same, and although the present application has been described in detail with reference to the preferred embodiments, it should be understood by those skilled in the art that the technical solution of the present application may be modified or substituted without departing from the spirit and scope of the technical solution of the present application, which is intended to be covered in the scope of the claims of the present application.

Claims (10)

1. The data security transmission method suitable for the power edge computing chip is characterized by comprising the following steps of: the specific steps include that,
the method comprises the steps that a main controller obtains target data to be transmitted, splits the target data and obtains target sub-data which are suitable for the number of service sub-nodes;
determining a target service child node for transmitting corresponding target child data according to the size of the target child data;
the target service sub-node analyzes target sub-data to be transmitted to obtain a plurality of analysis fields;
the target service child node obtains an encryption key, and encrypts the analysis field through the encryption key to obtain a corresponding encryption field;
the encryption fields are randomly ordered and integrated through the target service child node to obtain corresponding encryption data;
and the target service sub-node transmits the encrypted data to a data receiving end, and the data receiving end decrypts the encrypted data.
2. The data security transmission method applicable to the power edge computing chip according to claim 1, wherein: the determining the target service sub-node for transmitting the corresponding target sub-data according to the size of the target sub-data comprises the following steps:
the main controller determines target resource information to be consumed for transmitting data according to the size of the corresponding target sub-data respectively;
the method comprises the steps that a main controller obtains real-time available resource information of each service child node in a preset period;
comparing the size of the target resource information with the size of the real-time available resource information of all the child nodes in a preset period, and judging whether the target resource information accords with the data transmission condition;
if the size of the target resource information is smaller than 80% of the size of the real-time available resource information, determining that the target resource information accords with the primary condition of data transmission; if the size of the target resource information is greater than 80% of the size of the real-time available resource information and less than 90% of the size of the real-time available resource information, determining that the target resource information meets the secondary condition of data transmission; otherwise, the data transmission conditions are not met until the data transmission conditions are met;
the main controller determines a target service sub-node for transmitting the corresponding target sub-data based on the comparison result.
3. The data security transmission method applicable to the power edge computing chip according to claim 2, wherein: the main controller can selectively construct an energy consumption estimation model based on the real-time available resource information, the size and transmission length of target sub-data and energy consumption parameters, estimate residual energy based on the energy consumption estimation model, and screen target service sub-nodes based on the residual energy;
the specific form of the energy consumption estimation model is as follows:
where α is real-time available resource information, β is the size of the target sub-data, l is the transmission length, ε i For the ith energy consumption parameter, θ is the transmission attenuation coefficient, and δ is the residual energy.
4. The data security transmission method applicable to the power edge computing chip according to claim 3, wherein: the target service sub-node analyzes target sub-data to be transmitted to obtain a plurality of analysis fields, and the method comprises the following steps:
the method comprises the steps that a target service sub-node obtains a data analysis template, analyzes target sub-data to be transmitted according to the data analysis template, and obtains an initial analysis field, wherein a field length division rule and a field construction rule are defined in the data analysis template;
the target service sub-node evaluates the integrity of the initial analysis field, and when the integrity of the initial analysis field is less than 0.6 and accords with the secondary condition of data transmission, the initial analysis field is an incomplete field and needs to be analyzed again;
when the integrity of the initial analysis field is more than 0.6 and less than 0.85 and accords with the two-level condition of data transmission, the field is a supplementary field;
if the analysis field contains a complete construction field and corresponding target sub-data, establishing a corresponding relation between the ID and the construction field, and executing the supplement of the corresponding relation;
if the analysis field contains a complete length division field and corresponding target sub-data, establishing a corresponding relation between the ID and the length division field, and executing the supplement of the corresponding relation;
and supplementing the corresponding relation: searching the established corresponding relation according to the ID or the known analysis field, and matching and establishing a complete analysis field according to the established corresponding relation;
when the integrity of the initial analysis field is larger than a preset value of 0.85 and accords with the data transmission secondary condition, the analysis field is a valid field, so that a corresponding target analysis field is obtained.
5. The data security transmission method applicable to the power edge computing chip according to claim 4, wherein: the encryption processing comprises the following specific steps:
when the target service child node establishes first connection with the data receiving end, the target service child node acquires a public key-private key pair sent by the data receiving end;
the target service child node obtains a signature of a public key and verifies the legitimacy of the public key-private key pair based on the signature of the public key;
when the verification is confirmed to pass, the currently received public key is used as an encryption key, and each analysis field is encrypted through the encryption key to obtain a corresponding encryption field.
6. The method for securely transmitting data suitable for use in a power edge computing chip of claim 5, further comprising: the head of the encrypted data is provided with a sequencing identifier for indicating the sequencing order of the fields, and the data receiving end decrypts the encrypted data, and comprises the following steps:
the data receiving end decrypts the encrypted data based on a pre-generated private key to obtain corresponding initial decrypted data;
and extracting a sorting identifier from the initial decryption data by the data receiving end, and sorting and adjusting the decryption fields based on the sorting identifier to obtain target decryption data.
7. A data security transmission system suitable for a power edge computing chip, based on the data security transmission method suitable for a power edge computing chip according to any one of claims 1 to 6, characterized in that: the system comprises a data processing module, a data transmission module and a data encryption module;
the data processing module splits the target data to obtain a plurality of target sub-data which are adaptive to the number of the service sub-nodes; analyzing target sub-data to be transmitted to obtain a plurality of analysis fields; randomly sequencing and integrating the obtained multiple encryption fields to obtain corresponding encryption data;
the data transmission module is used for determining a target service sub-node for transmitting corresponding target sub-data according to the size of each target sub-data; transmitting the encrypted data to a data receiving end, and decrypting the encrypted data by the data receiving end;
the data encryption module acquires an encryption key, and encrypts each analysis field through the encryption key to obtain a corresponding encryption field.
8. The data security transmission system suitable for a power edge computing chip of claim 7, wherein: the data encryption module acquires a public key-private key pair sent by the data receiving end when first connection is established with the data receiving end; triggering a target service child node to acquire a signature of a public key, and verifying the legitimacy of a public key-private key pair based on the signature of the public key; when the target service sub-node is triggered to pass verification, the currently received public key is used as an encryption key, and each analysis field is encrypted through the encryption key to obtain a corresponding encryption field.
9. A computer device comprising a memory and a processor, the memory storing a computer program, characterized in that: the steps of the data security transmission method of the power edge computing chip according to any one of claims 1 to 6 are realized when the processor executes the computer program.
10. A computer-readable storage medium having stored thereon a computer program, characterized by: the computer program when executed by a processor implements the steps of the data security transmission method of the power edge computing chip of any one of claims 1 to 6.
CN202310768585.0A 2023-06-27 2023-06-27 Data security transmission method and system suitable for power edge computing chip Pending CN116614307A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202310768585.0A CN116614307A (en) 2023-06-27 2023-06-27 Data security transmission method and system suitable for power edge computing chip

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202310768585.0A CN116614307A (en) 2023-06-27 2023-06-27 Data security transmission method and system suitable for power edge computing chip

Publications (1)

Publication Number Publication Date
CN116614307A true CN116614307A (en) 2023-08-18

Family

ID=87678395

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202310768585.0A Pending CN116614307A (en) 2023-06-27 2023-06-27 Data security transmission method and system suitable for power edge computing chip

Country Status (1)

Country Link
CN (1) CN116614307A (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117040913A (en) * 2023-09-13 2023-11-10 广州成浩信息科技有限公司 Cloud resource sharing data security transmission method and system

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117040913A (en) * 2023-09-13 2023-11-10 广州成浩信息科技有限公司 Cloud resource sharing data security transmission method and system
CN117040913B (en) * 2023-09-13 2024-01-30 广州成浩信息科技有限公司 Cloud resource sharing data security transmission method and system

Similar Documents

Publication Publication Date Title
CN109903433B (en) Access control system and access control method based on face recognition
CN105656859B (en) Tax control equipment software safety online upgrading method and system
EP2856695B1 (en) A method and system for transferring firmware or software to a plurality of devices
CN116980230B (en) Information security protection method and device
CN102842001A (en) System and method for detecting computer security information based on U disc authentication
CN109040079A (en) The establishment of live streaming chained address and verification method and related device
CN113079140B (en) Cooperative spectrum sensing position privacy protection method based on block chain
CN112989416A (en) Anonymous multidimensional data aggregation privacy protection method facing smart power grid
CN113114668A (en) Information transmission method, mobile terminal, storage medium and electronic equipment
CN116614307A (en) Data security transmission method and system suitable for power edge computing chip
CN111245783A (en) Isolated environment data transmission device and method based on digital encryption technology
CN115037556B (en) Authorized sharing method for encrypted data in smart city system
CN115314889A (en) Multi-level security authentication method and system for power regulation and control terminal, memory and equipment
CN112398861B (en) Encryption system and method for sensitive data in web configuration system
CN101118639A (en) Safety electric national census system
CN110647733A (en) Identity authentication method and system based on fingerprint identification
CN113225180A (en) Method and system for protecting communication key
CN111291398B (en) Block chain-based authentication method and device, computer equipment and storage medium
CN113094743A (en) Power grid data storage method based on improved Byzantine consensus algorithm
CN111586125A (en) Internet of things system
Guo et al. Event-oriented dynamic security service for demand response in smart grid employing mobile networks
CN115865461A (en) Method and system for distributing data in high-performance computing cluster
CN113872979B (en) Login authentication method, login authentication device, electronic equipment and computer readable storage medium
CN113259348A (en) Heterogeneous data processing method and device, computer equipment and storage medium
CN112468493A (en) Data transmission method, identity recognition method and system based on field bus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination