CN117579336A - Access control method and system of power system based on wireless protocol - Google Patents
Access control method and system of power system based on wireless protocol Download PDFInfo
- Publication number
- CN117579336A CN117579336A CN202311527911.5A CN202311527911A CN117579336A CN 117579336 A CN117579336 A CN 117579336A CN 202311527911 A CN202311527911 A CN 202311527911A CN 117579336 A CN117579336 A CN 117579336A
- Authority
- CN
- China
- Prior art keywords
- power system
- data
- level
- terminal
- authority
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 34
- 238000005259 measurement Methods 0.000 claims abstract description 32
- 230000005540 biological transmission Effects 0.000 claims abstract description 27
- 230000002159 abnormal effect Effects 0.000 claims abstract description 15
- 238000012795 verification Methods 0.000 claims description 33
- 238000004590 computer program Methods 0.000 claims description 18
- 238000003860 storage Methods 0.000 claims description 17
- 238000012545 processing Methods 0.000 claims description 9
- 238000002955 isolation Methods 0.000 claims description 7
- 238000013475 authorization Methods 0.000 claims description 6
- 241000700605 Viruses Species 0.000 claims description 4
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 claims description 4
- 230000008569 process Effects 0.000 claims description 4
- 230000006870 function Effects 0.000 description 3
- 238000011161 development Methods 0.000 description 2
- 230000009467 reduction Effects 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000009826 distribution Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000010248 power generation Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000009466 transformation Effects 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0815—Network architectures or network communication protocols for network security for authentication of entities providing single-sign-on or federations
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/12—Applying verification of the received information
- H04L63/126—Applying verification of the received information the source of the received data
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses an access control method and system of a power system based on a wireless protocol, wherein the method comprises the following steps: responding to a network access request of a requester on a first system terminal to a power system, verifying a data source of the power system, and if the data source of the power system is not abnormal, determining the authority of the requester according to account information of the requester; matching the authority of the requester with the access authority of the first system terminal; the power system is logged in the first system terminal, and the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal; if the authority of the requester is greater than or equal to the access authority of the first system terminal, accessing and calling the data of the power system by utilizing a wireless protocol transmission mode according to the network access request so as to improve the credibility measurement of the power system and the running stability and the safety of the power system.
Description
Technical Field
The present invention relates to the field of power systems, and in particular, to a method, a system, and a storage medium for controlling access to a power system based on a wireless protocol.
Background
At present, in an intelligent power system, big data penetrates through all links of power generation, power transmission, power transformation, power distribution, power utilization, scheduling and other power production and management, meanwhile, the development speed of the power system is faster and faster, and the structure and operation mode of a network are also more and more complex.
The power big data has typical "3V" and "3E" features, namely: large Volume (Volume), fast speed (Velocity), multiple types (Variety) and data Energy (Energy), data interaction (Exchange), data co-occurrence (Empath), while typical "HDC" attributes of power data, namely data heterogeneity (heterogeneity), dynamic data system (Dynamic), complexity (Complexity) are easily found from the features. Therefore, a large amount of unreliable data is necessarily filled in the power data set, and the existence of the unreliable data can cause failure of power system state estimation, affect a dispatcher to make an erroneous decision, further affect normal operation of the smart grid system, and even possibly threaten the safety of the whole power system. And with the development of a data transmission mode of the power system based on a wireless protocol, the data of the power system is easy to insert, tamper and attack the external unreliable data, so that the operation stability of the power system is greatly reduced, and the stable and safe use of the power system is not facilitated.
Disclosure of Invention
The invention provides an access control method, an access control system and a storage medium of a power system based on a wireless protocol, which are used for improving the credibility measurement of the power system and improving the operation stability and the safety of the power system.
The invention provides an access control method of a power system based on a wireless protocol, which comprises the following steps: responding to a network access request of a requester on a first system terminal to a power system, verifying a data source of the power system, and if the data source of the power system is not abnormal, determining the authority of the requester according to account information of the requester;
matching the authority of the requester with the access authority of the first system terminal; the power system is logged in the first system terminal, and the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal; and if the authority of the requester is greater than or equal to the access authority of the first system terminal, accessing and calling the data of the power system by utilizing a wireless protocol transmission mode according to the network access request.
Further, the data source of the power system is verified, specifically:
detecting data acquisition equipment of various devices inside the power system, an external part system of the power system and network intrusion data of the power system; the network intrusion data includes: virus programs, trojan horses, and malicious attack programs; if no network intrusion data exists, determining that the data source of the power system is not abnormal; if network intrusion data exists, determining that the data source of the power system is abnormal.
Further, before matching the authority of the requester with the access authority of the first system terminal, the method further includes:
logging in a power system in a first system terminal, and if the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal, allowing the power system to log in.
Further, the trusted metric level of the first system terminal includes: a high-level confidence measure, a medium-level confidence measure, and a low-level confidence measure;
the system terminal of the high-level credibility measurement level is used for overall calling operation of internal data of the power system and controlling the system terminals of the medium-level credibility measurement level and the low-level credibility level;
the system terminal of the medium-level credibility level is used for carrying out the operation of calling non-important and non-confidentiality data in the power system and controlling the low-level credibility level terminal;
the system terminal with the low-level credibility level is used for calling the data of the power system in the single power division station.
Further, the authority of the requester is matched with the access authority of the first system terminal, specifically:
if the account authority information of the requester is greater than or equal to the authority of the system access module, the access of the power system can be performed, otherwise, the system terminal is controlled to access the power system.
Further, the wireless protocol transmission mode is utilized to access and call the data of the power system, specifically:
receiving data with verification information transmitted to a power system based on different wireless protocols; performing decoding operation on the received data; if the decoded data contains appointed verification information, judging the data to be trusted information, and determining the trusted level of the data according to the length of the verification information.
Further, the credibility level of the data is determined according to the length of the verification information, specifically:
if the data is the data information of the power system, which is transmitted to the preset first position by the preset first device based on the preset first wireless protocol and has complete internal verification information, determining the data as first-level trusted information;
if the data is data information obtained by transmitting the data to a preset second position by a preset second device based on a preset second wireless protocol and the intermediate flow is unknown in the power system, and the internal verification information loss of the data is lower than half, determining that the data is secondary trusted information;
if the data is data information obtained by transmitting the data to a preset third position by a preset third device based on a preset third wireless protocol and lacking one or two processes in the power system, and the internal verification information loss of the data is less than half, determining that the data is three-level trusted information;
and if the data is data information from an unknown position in the power system and the internal verification information is not available, determining that the data is unreliable information.
Further, after determining the trust level of the data according to the length of the verification information, the method further comprises:
classifying and storing data with a trusted level not being unreliable information; and isolating the data of the credible level of the unreliable information.
As the preferable scheme, the terminal and the data of the power system are subjected to the credibility grading, and the terminal based on different credibility grading performs the calling operation on different data credibility, so that the limitation on the power data which can be called by the terminal of the power system with different grades is avoided effectively, the reduction of the data feasibility caused by the terminal of the power system is avoided effectively, the credibility measurement of the power system is improved, and the running stability and the safety of the power system are improved.
Correspondingly, the invention also provides an access control system of the power system based on the wireless protocol, which comprises: the system comprises a system authentication module, a system authorization module, a system access module, a system processing module, a system isolation module and a wireless transmission module;
the system authentication module is used for responding to a network access request of a requester on a power system initiated at a first system terminal and verifying a data source of the power system;
the system authorization module is used for logging in the power system in the first system terminal, and if the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal, the power system is allowed to log in;
the system access module is used for determining the authority of the requester according to the account information of the requester if the data source of the power system is not abnormal; matching the authority of the requester with the access authority of the first system terminal; the power system is logged in the first system terminal, and the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal;
the system processing module is used for accessing and calling the data of the power system by utilizing a wireless protocol transmission mode according to the network access request if the authority of the requester is greater than or equal to the access authority of the first system terminal;
the system isolation module is used for isolating the data of the credible level of the unreliable information;
the wireless transmission module is used for transmitting various data in the power system based on a wireless protocol, and comprises a wireless receiving device and a wireless transmission device.
Accordingly, the present invention also provides a computer-readable storage medium including a stored computer program; the computer program controls the equipment where the computer readable storage medium is located to execute the access control method of the power system based on the wireless protocol according to the invention when running.
Drawings
Fig. 1 is a schematic flow chart of an embodiment of an access control method of a power system based on a wireless protocol provided by the present invention;
fig. 2 is a schematic structural diagram of an embodiment of an access control system of a power system based on a wireless protocol according to the present invention.
Detailed Description
The following description of the embodiments of the present invention will be made clearly and completely with reference to the accompanying drawings, in which it is apparent that the embodiments described are only some embodiments of the present invention, but not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
Referring to fig. 1, an access control method for a power system based on a wireless protocol according to an embodiment of the present invention includes steps S101-S102:
step S101: responding to a network access request of a requester on a first system terminal to a power system, verifying a data source of the power system, and if the data source of the power system is not abnormal, determining the authority of the requester according to account information of the requester;
further, the data source of the power system is verified, specifically:
detecting data acquisition equipment of various devices inside the power system, an external part system of the power system and network intrusion data of the power system; the network intrusion data includes: virus programs, trojan horses, and malicious attack programs; if no network intrusion data exists, determining that the data source of the power system is not abnormal; if network intrusion data exists, determining that the data source of the power system is abnormal.
Further, before matching the authority of the requester with the access authority of the first system terminal, the method further includes:
logging in a power system in a first system terminal, and if the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal, allowing the power system to log in.
Further, the trusted metric level of the first system terminal includes: a high-level confidence measure, a medium-level confidence measure, and a low-level confidence measure;
the system terminal of the high-level credibility measurement level is used for overall calling operation of internal data of the power system and controlling the system terminals of the medium-level credibility measurement level and the low-level credibility level;
the system terminal of the medium-level credibility level is used for carrying out the operation of calling non-important and non-confidentiality data in the power system and controlling the low-level credibility level terminal;
the system terminal with the low-level credibility level is used for calling the data of the power system in the single power division station.
In the embodiment, the source of the network access request data of the power system and the identity information of the requester are verified, so that the integrity state of the power system platform is detected, and the normal operation of the power system is ensured.
In this embodiment, a trusted measurement level is established for the power system terminal, so that the power system terminal is given a permission level that can log in the power system based on a wireless protocol, and hierarchical trusted control for different system terminals is implemented, including a high-level trusted measurement level, a medium-level trusted measurement level, and a low-level trusted measurement level. When the system is specifically used, the authority level of the appointed power system can only be logged in at the terminal which is equal to or smaller than the credible measurement level of the system, so that the control of the authority and the credible measurement by the terminal is realized.
Step S102: matching the authority of the requester with the access authority of the first system terminal; the power system is logged in the first system terminal, and the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal; and if the authority of the requester is greater than or equal to the access authority of the first system terminal, accessing and calling the data of the power system by utilizing a wireless protocol transmission mode according to the network access request.
Further, the authority of the requester is matched with the access authority of the first system terminal, specifically:
if the account authority information of the requester is greater than or equal to the authority of the system access module, the access of the power system can be performed, otherwise, the system terminal is controlled to access the power system.
Further, the wireless protocol transmission mode is utilized to access and call the data of the power system, specifically:
receiving data with verification information transmitted to a power system based on different wireless protocols; performing decoding operation on the received data; if the decoded data contains appointed verification information, judging the data to be trusted information, and determining the trusted level of the data according to the length of the verification information.
Further, the credibility level of the data is determined according to the length of the verification information, specifically:
if the data is the data information of the power system, which is transmitted to the preset first position by the preset first device based on the preset first wireless protocol and has complete internal verification information, determining the data as first-level trusted information;
if the data is data information obtained by transmitting the data to a preset second position by a preset second device based on a preset second wireless protocol and the intermediate flow is unknown in the power system, and the internal verification information loss of the data is lower than half, determining that the data is secondary trusted information;
if the data is data information obtained by transmitting the data to a preset third position by a preset third device based on a preset third wireless protocol and lacking one or two processes in the power system, and the internal verification information loss of the data is less than half, determining that the data is three-level trusted information;
and if the data is data information from an unknown position in the power system and the internal verification information is not available, determining that the data is unreliable information.
Further, after determining the trust level of the data according to the length of the verification information, the method further comprises:
classifying and storing data with a trusted level not being unreliable information; and isolating the data of the credible level of the unreliable information.
In this embodiment, the data and the error data which are confirmed to be not in compliance with the trusted policy of the power system are isolated, so that the untrusted data is isolated from the outside of the power system, and damage to the power system is reduced.
In this embodiment, the wireless transmission module includes a wireless receiving device and a wireless transmission device, where the wireless transmission device in the wireless transmission module is used to perform a sending operation on data based on different wireless protocols, and the wireless receiving device in the wireless transmission module may perform a receiving operation on data based on different wireless protocols.
The implementation of the embodiment of the invention has the following effects:
according to the invention, the terminal and the data of the power system are subjected to reliability classification, and different data reliability is called based on the terminals with different reliability classification, so that the data of the power system which can be called by the terminals of the power system with different levels is limited, the data feasibility reduction caused by the terminals of the power system is effectively avoided, the reliability measurement of the power system is improved, and the running stability and the safety of the power system are improved.
Example two
Referring to fig. 2, an access control system of a power system based on a wireless protocol according to an embodiment of the present invention includes: a system authentication module 201, a system authorization module 202, a system access module 203, a system processing module 204, a system isolation module 205, and a wireless transmission module 206;
the system authentication module 201 is configured to respond to a network access request to a power system initiated by a requester at a first system terminal, and verify a data source of the power system;
the system authorization module 202 is configured to log in a power system in a first system terminal, and if a login authority level of the power system is equal to or less than a trusted measurement level of the first system terminal, allow the power system to log in;
the trusted measurement level of the first system terminal comprises: a high-level confidence measure, a medium-level confidence measure, and a low-level confidence measure;
the system terminal of the high-level credibility measurement level is used for overall calling operation of internal data of the power system and controlling the system terminals of the medium-level credibility measurement level and the low-level credibility level;
the system terminal of the medium-level credibility level is used for carrying out the operation of calling non-important and non-confidentiality data in the power system and controlling the low-level credibility level terminal;
the system terminal with the low-level credibility level is used for calling the data of the power system in the single power division station.
The system access module 203 is configured to determine, if the data source of the power system is not abnormal, a right of the requester according to account information of the requester; matching the authority of the requester with the access authority of the first system terminal; the power system is logged in the first system terminal, and the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal;
the system processing module 204 is configured to access and retrieve data of the power system by using a wireless protocol transmission mode according to the network access request if the authority of the requester is greater than or equal to the access authority of the first system terminal;
the system isolation module 205 is configured to perform an isolation operation on data of a trusted level of the untrusted information;
the wireless transmission module 206 is configured to perform a transmission operation on each item of data in the power system based on a wireless protocol, and includes a wireless receiving device and a wireless transmission device.
The system authentication module comprises a verification unit; the verification unit is used for detecting data acquisition equipment of various equipment in the power system, an external part system of the power system and network intrusion data of the power system; the network intrusion data includes: virus programs, trojan horses, and malicious attack programs; if no network intrusion data exists, determining that the data source of the power system is not abnormal; if network intrusion data exists, determining that the data source of the power system is abnormal.
The system access module comprises: an access unit; the access unit is used for accessing the power system if the account authority information of the requester is greater than or equal to the authority of the system access module, otherwise, controlling the system terminal to access the power system.
The system processing module comprises a data credibility level determining unit and a storage unit;
the data credibility level determining unit is used for determining that the data is one-level credibility information if the data is data information which is transmitted to a preset first position by a preset first device based on a preset first wireless protocol and has complete internal verification information in the power system;
if the data is data information obtained by transmitting the data to a preset second position by a preset second device based on a preset second wireless protocol and the intermediate flow is unknown in the power system, and the internal verification information loss of the data is lower than half, determining that the data is secondary trusted information;
if the data is data information obtained by transmitting the data to a preset third position by a preset third device based on a preset third wireless protocol and lacking one or two processes in the power system, and the internal verification information loss of the data is less than half, determining that the data is three-level trusted information;
and if the data is data information from an unknown position in the power system and the internal verification information is not available, determining that the data is unreliable information.
The storage unit is used for classifying and storing data with the credibility level not being the unreliable information.
The access control system of the power system based on the wireless protocol can implement the access control method of the power system based on the wireless protocol in the method embodiment. The options in the method embodiments described above are also applicable to this embodiment and will not be described in detail here. The rest of the embodiments of the present application may refer to the content of the method embodiments described above, and in this embodiment, no further description is given.
Example III
Correspondingly, the invention further provides a computer readable storage medium, which comprises a stored computer program, wherein the computer program controls equipment where the computer readable storage medium is located to execute the access control method of the wireless protocol-based power system according to any embodiment.
The computer program may be divided into one or more modules/units, which are stored in the memory and executed by the processor to accomplish the present invention, for example. The one or more modules/units may be a series of computer program instruction segments capable of performing the specified functions, which instruction segments are used for describing the execution of the computer program in the terminal device.
The terminal equipment can be computing equipment such as a desktop computer, a notebook computer, a palm computer, a cloud server and the like. The terminal device may include, but is not limited to, a processor, a memory.
The processor may be a central processing unit (Central Processing Unit, CPU), other general purpose processors, digital signal processors (Digital Signal Processor, DSP), application specific integrated circuits (Application Specific Integrated Circuit, ASIC), field programmable gate arrays (Field-Programmable Gate Array, FPGA) or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, or the like. The general purpose processor may be a microprocessor or the processor may be any conventional processor or the like, which is a control center of the terminal device, and which connects various parts of the entire terminal device using various interfaces and lines.
The memory may be used to store the computer program and/or the module, and the processor may implement various functions of the terminal device by running or executing the computer program and/or the module stored in the memory and invoking data stored in the memory. The memory may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function, and the like; the storage data area may store data created according to the use of the mobile terminal, etc. In addition, the memory may include high-speed random access memory, and may also include non-volatile memory, such as a hard disk, memory, plug-in hard disk, smart Media Card (SMC), secure Digital (SD) Card, flash Card (Flash Card), at least one disk storage device, flash memory device, or other volatile solid-state storage device.
Wherein the terminal device integrated modules/units may be stored in a computer readable storage medium if implemented in the form of software functional units and sold or used as stand alone products. Based on such understanding, the present invention may implement all or part of the flow of the method of the above embodiment, or may be implemented by a computer program to instruct related hardware, where the computer program may be stored in a computer readable storage medium, and when the computer program is executed by a processor, the computer program may implement the steps of each of the method embodiments described above. Wherein the computer program comprises computer program code which may be in source code form, object code form, executable file or some intermediate form etc. The computer readable medium may include: any entity or device capable of carrying the computer program code, a recording medium, a U disk, a removable hard disk, a magnetic disk, an optical disk, a computer Memory, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), an electrical carrier signal, a telecommunications signal, a software distribution medium, and so forth.
The foregoing embodiments have been provided for the purpose of illustrating the general principles of the present invention, and are not to be construed as limiting the scope of the invention. It should be noted that any modifications, equivalent substitutions, improvements, etc. made by those skilled in the art without departing from the spirit and principles of the present invention are intended to be included in the scope of the present invention.
Claims (10)
1. An access control method for a power system based on a wireless protocol, comprising:
responding to a network access request of a requester on a first system terminal to a power system, verifying a data source of the power system, and if the data source of the power system is not abnormal, determining the authority of the requester according to account information of the requester;
matching the authority of the requester with the access authority of the first system terminal; the power system is logged in the first system terminal, and the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal; and if the authority of the requester is greater than or equal to the access authority of the first system terminal, accessing and calling the data of the power system by utilizing a wireless protocol transmission mode according to the network access request.
2. The access control method for a power system based on a wireless protocol according to claim 1, wherein the verification of the data source of the power system is specifically:
detecting data acquisition equipment of various devices inside the power system, an external part system of the power system and network intrusion data of the power system; the network intrusion data includes: virus programs, trojan horses, and malicious attack programs; if no network intrusion data exists, determining that the data source of the power system is not abnormal; if network intrusion data exists, determining that the data source of the power system is abnormal.
3. The access control method of a wireless protocol-based power system according to claim 1, further comprising, before matching the rights of the requester with the access rights of the first system terminal:
logging in a power system in a first system terminal, and if the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal, allowing the power system to log in.
4. A method of access control for a wireless protocol based power system as claimed in claim 3 wherein the level of trust metric for the first system terminal comprises: a high-level confidence measure, a medium-level confidence measure, and a low-level confidence measure;
the system terminal of the high-level credibility measurement level is used for overall calling operation of internal data of the power system and controlling the system terminals of the medium-level credibility measurement level and the low-level credibility level;
the system terminal of the medium-level credibility level is used for carrying out the operation of calling non-important and non-confidentiality data in the power system and controlling the low-level credibility level terminal;
the system terminal with the low-level credibility level is used for calling the data of the power system in the single power division station.
5. The access control method of a power system based on a wireless protocol according to claim 1, wherein the matching the rights of the requester with the access rights of the first system terminal is specifically:
if the account authority information of the requester is greater than or equal to the authority of the system access module, the access of the power system can be performed, otherwise, the system terminal is controlled to access the power system.
6. The access control method for a power system based on a wireless protocol according to claim 1, wherein the accessing and the calling of the data of the power system by using the wireless protocol transmission mode are specifically as follows:
receiving data with verification information transmitted to a power system based on different wireless protocols; performing decoding operation on the received data; if the decoded data contains appointed verification information, judging the data to be trusted information, and determining the trusted level of the data according to the length of the verification information.
7. The access control method of a power system based on a wireless protocol according to claim 6, wherein the determining the trusted level of the data according to the length of the verification information is specifically:
if the data is the data information of the power system, which is transmitted to the preset first position by the preset first device based on the preset first wireless protocol and has complete internal verification information, determining the data as first-level trusted information;
if the data is data information obtained by transmitting the data to a preset second position by a preset second device based on a preset second wireless protocol and the intermediate flow is unknown in the power system, and the internal verification information loss of the data is lower than half, determining that the data is secondary trusted information;
if the data is data information obtained by transmitting the data to a preset third position by a preset third device based on a preset third wireless protocol and lacking one or two processes in the power system, and the internal verification information loss of the data is less than half, determining that the data is three-level trusted information;
and if the data is data information from an unknown position in the power system and the internal verification information is not available, determining that the data is unreliable information.
8. The access control method of a wireless protocol-based power system according to claim 7, wherein after determining the trust level of the data according to the length of the authentication information, further comprising:
classifying and storing data with a trusted level not being unreliable information; and isolating the data of the credible level of the unreliable information.
9. An access control system for a wireless protocol-based power system, comprising: the system comprises a system authentication module, a system authorization module, a system access module, a system processing module, a system isolation module and a wireless transmission module;
the system authentication module is used for responding to a network access request of a requester on a power system initiated at a first system terminal and verifying a data source of the power system;
the system authorization module is used for logging in the power system in the first system terminal, and if the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal, the power system is allowed to log in;
the system access module is used for determining the authority of the requester according to the account information of the requester if the data source of the power system is not abnormal; matching the authority of the requester with the access authority of the first system terminal; the power system is logged in the first system terminal, and the login authority level of the power system is equal to or smaller than the credibility measurement level of the first system terminal;
the system processing module is used for accessing and calling the data of the power system by utilizing a wireless protocol transmission mode according to the network access request if the authority of the requester is greater than or equal to the access authority of the first system terminal;
the system isolation module is used for isolating the data of the credible level of the unreliable information;
the wireless transmission module is used for transmitting various data in the power system based on a wireless protocol, and comprises a wireless receiving device and a wireless transmission device.
10. A computer readable storage medium, wherein the computer readable storage medium comprises a stored computer program; wherein the computer program, when run, controls a device in which the computer-readable storage medium is located to perform an access control method of a wireless protocol based power system according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311527911.5A CN117579336A (en) | 2023-11-15 | 2023-11-15 | Access control method and system of power system based on wireless protocol |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311527911.5A CN117579336A (en) | 2023-11-15 | 2023-11-15 | Access control method and system of power system based on wireless protocol |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117579336A true CN117579336A (en) | 2024-02-20 |
Family
ID=89885573
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311527911.5A Pending CN117579336A (en) | 2023-11-15 | 2023-11-15 | Access control method and system of power system based on wireless protocol |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117579336A (en) |
-
2023
- 2023-11-15 CN CN202311527911.5A patent/CN117579336A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11075761B2 (en) | Hypervisor supported secrets compartment | |
| US9769266B2 (en) | Controlling access to resources on a network | |
| US9270467B1 (en) | Systems and methods for trust propagation of signed files across devices | |
| US9960912B2 (en) | Key management for a rack server system | |
| KR20200085899A (en) | Identity verification method and apparatus | |
| US11757924B2 (en) | Third-party application risk assessment in an authorization service | |
| WO2021008118A1 (en) | Service system access method and device | |
| CN112511618B (en) | Edge Internet of things agent protection method and power Internet of things dynamic security trusted system | |
| US20200074121A1 (en) | Cryptographic Operation Processing Methods, Apparatuses, and Systems | |
| CN109902493B (en) | Script issuing method and server | |
| US11411997B2 (en) | Active fingerprinting for transport layer security (TLS) servers | |
| CN109145651B (en) | Data processing method and device | |
| CN107819768B (en) | Method for server to actively disconnect illegal long connection, terminal equipment and storage medium | |
| CN108965108B (en) | Message pushing method and related equipment | |
| CN114567678B (en) | Resource calling method and device for cloud security service and electronic equipment | |
| US11671422B1 (en) | Systems and methods for securing authentication procedures | |
| CN117579336A (en) | Access control method and system of power system based on wireless protocol | |
| CN116208364A (en) | Authority filtering method, device, equipment and medium based on zero trust gateway | |
| CN111459899B (en) | Log sharing method and device and terminal equipment | |
| US11501002B2 (en) | Protocol security system | |
| CN113992366A (en) | Network data transmission method, device, equipment and storage medium | |
| CN113672888A (en) | Cloud platform access method, device and system and cloud platform server | |
| CN116158103A (en) | Techniques for device-to-device authentication | |
| CN114745162B (en) | Access control method, device, terminal equipment and storage medium | |
| CN114978737B (en) | Comprehensive management system for Doppler weather radar data |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |