CN117692143B - Communication key management method - Google Patents
Communication key management method Download PDFInfo
- Publication number
- CN117692143B CN117692143B CN202410148197.7A CN202410148197A CN117692143B CN 117692143 B CN117692143 B CN 117692143B CN 202410148197 A CN202410148197 A CN 202410148197A CN 117692143 B CN117692143 B CN 117692143B
- Authority
- CN
- China
- Prior art keywords
- analysis
- leakage
- safety
- communication key
- marking
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 title claims abstract description 125
- 238000007726 management method Methods 0.000 title claims abstract description 124
- 238000004458 analytical method Methods 0.000 claims abstract description 142
- 238000004364 calculation method Methods 0.000 claims abstract description 13
- 238000005457 optimization Methods 0.000 claims description 67
- 238000000034 method Methods 0.000 claims description 26
- 238000013433 optimization analysis Methods 0.000 claims description 7
- 230000005856 abnormality Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000012545 processing Methods 0.000 description 2
- 230000001960 triggered effect Effects 0.000 description 2
- 238000007792 addition Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Landscapes
- Storage Device Security (AREA)
Abstract
The invention belongs to the technical field of communication, and aims to solve the problem that a communication key management method in the prior art cannot analyze safety influence factors when a communication key is leaked, and particularly relates to a communication key management method for safely managing a communication key, which comprises the following steps: generating a management period, and judging whether the safety of a communication key in the management period meets the requirement or not through a safety coefficient AQ of the management period; security analysis is carried out on management data of the communication key: marking a communication key with leakage in a management period as an analysis object, forming a leakage set by leakage values of all the analysis objects, performing variance calculation on the leakage set to obtain a concentration coefficient, and judging whether the analysis object has leakage concentration or not through the concentration coefficient; the invention can carry out safety management on the communication secret key, and evaluate the operation safety of the communication secret key in the management period through the safety coefficient, thereby timely feeding back when the safety is unqualified.
Description
Technical Field
The invention belongs to the technical field of communication, and particularly relates to a communication key management method.
Background
Communication key management is a key link for ensuring data communication safety, effective communication key management can prevent unauthorized access and data leakage, and protect the safety and integrity of a communication system, and the communication key management involves a series of complex processes including communication key generation, distribution, storage, updating and destruction.
The communication key management method in the prior art cannot analyze safety influence factors when the communication key is leaked, so that the generation, storage and updating processes of the communication key cannot be optimized in a targeted manner, and the operation safety of the communication key cannot be improved.
Disclosure of Invention
The invention aims to provide a communication key management method which is used for solving the problem that the communication key management method in the prior art cannot analyze safety influence factors when a communication key is leaked.
The aim of the invention can be achieved by the following technical scheme:
a communication key management method comprising the steps of:
step one: the communication key is safely managed: generating a management period, acquiring leakage data XL, use data SY and storage data CC in the management period, performing numerical calculation to obtain a safety coefficient AQ of the management period, and judging whether the safety of a communication key in the management period meets the requirement or not through the safety coefficient AQ;
step two: security analysis is carried out on management data of the communication key: marking a communication key with leakage in a management period as an analysis object, marking the leakage times of the analysis object in the management period as leakage values of the analysis object, forming a leakage set by the leakage values of all the analysis objects, performing variance calculation on the leakage set to obtain a concentration coefficient, and judging whether the analysis object has leakage concentration or not by the concentration coefficient;
step three: detecting and analyzing the initial generation process of the analysis object: the communication key and the analysis object generated by adopting the random generation mode are marked as a random object and a random marked object respectively, the ratio of the number of the random marked objects to the number of the random objects is marked as a random influence coefficient, the communication key and the analysis object generated by adopting the deterministic generation mode are marked as a determined object and a determined marked object respectively, the ratio of the number of the determined marked objects to the number of the determined objects is marked as a determined influence coefficient, the absolute value of the difference value between the random influence coefficient and the determined influence coefficient is marked as an influence deviation value, and the necessity of optimizing the system is judged by the influence deviation value.
As a preferred embodiment of the present invention, the leakage data XL is the number of times of communication key leakage occurring in the management period, the usage data SY is the sum of the number of times of all communication keys used in the management period, and the storage data CC is the number of communication keys stored in the management period.
As a preferred embodiment of the present invention, the specific process of determining whether the security of the communication key in the management period satisfies the requirement includes: the safety threshold AQmax is obtained through the storage module, and the safety coefficient AQ of the management period is compared with the safety threshold AQmax: if the safety coefficient AQ is smaller than the safety threshold AQmax, judging that the safety of the communication key in the management period meets the requirement; if the safety coefficient AQ is greater than or equal to the safety threshold AQmax, judging that the safety of the communication key in the management period does not meet the requirement, generating a safety analysis signal and sending the safety analysis signal to a server, and after receiving the safety analysis signal, the server sends the safety analysis signal to a safety analysis module.
As a preferred embodiment of the present invention, the specific process for determining whether an analysis object has leakage concentration includes: marking the leakage times of the analysis objects in the management period as leakage values of the analysis objects, forming a leakage set by the leakage values of all the analysis objects, performing variance calculation on the leakage set to obtain a concentration coefficient, acquiring a concentration threshold value through a storage module, and comparing the concentration coefficient with the concentration threshold value: if the concentration coefficient is smaller than the concentration threshold, judging that the analysis object does not have leakage concentration, generating an initial analysis signal and sending the initial analysis signal to a server, and after receiving the initial analysis signal, the server sends the initial analysis signal to an initial analysis module; and if the concentration coefficient is greater than or equal to the concentration threshold, judging that the analysis object has leakage concentration, and performing management optimization analysis on the analysis object.
As a preferred embodiment of the present invention, the specific process of performing management optimization analysis on an analysis object includes: the communication key updated in the time interval is marked as a time update object, the update time interval of the time update object is marked as a time length value of the time update object, a time length range is formed by the maximum value and the minimum value of the time length value, the time length range is divided into a plurality of time length sections, the total number of times that the communication key leaks in the management period of all the time update objects with the time length value positioned in the time length sections is obtained and marked as a time leakage value of the time length section, and the time length section with the minimum time leakage value is marked as a time length optimization range.
As a preferred embodiment of the present invention, the specific process of performing management optimization analysis on an analysis object further includes: marking a communication key with an updating mode of using the number of times as an updating object, marking the using number of the number of times as a number of times value of the updating object, forming a number of times range by a maximum value and a minimum value of the number of times value, dividing the number of times range into a plurality of number of times intervals, acquiring the total number of times of communication key leakage of the number of times updating object with the number of times value in the number of times interval in a management period, marking the total number of times of communication key leakage of the number of times updating object as a number of times interval, and marking the number of times interval with the minimum number of times of time leakage value as a number of times optimizing range;
and sending the duration optimization range and the frequency optimization range to a server, and optimizing the updating rule of the communication key through the duration optimization range and the frequency optimization range by the server.
As a preferred embodiment of the present invention, the specific process for determining the necessity of system optimization includes: obtaining an influence deviation threshold value through a storage module, and comparing the influence deviation value with the influence deviation threshold value: if the influence deviation value is smaller than the influence deviation threshold value, generating a system optimization signal and sending the system optimization signal to a server, and after receiving the system optimization signal, the server sends the system optimization signal to a mobile phone terminal of a manager; if the influence deviation value is greater than or equal to the influence deviation threshold value, comparing the random influence coefficient with the determined influence coefficient: if the random influence coefficient is larger than the determined influence coefficient, marking the deterministic generation mode as an initial optimization mode; if the random influence coefficient is smaller than the determined influence coefficient, marking the random generation mode as an initial optimization mode; the initial optimization mode is sent to a server, and the server receives the initial optimization mode and then sends the initial optimization mode to a storage module for storage.
The invention is applied to a communication key management system, and comprises a server, wherein the server is in communication connection with a security management module, a security analysis module, an initial analysis module and a storage module;
the safety management module is used for carrying out safety management on the communication secret key and judging whether the safety of the communication secret key in the management period meets the requirement or not, and sending a safety analysis signal to the safety analysis module through the server when the safety of the communication secret key does not meet the requirement;
the safety analysis module is used for carrying out safety analysis on management data of the communication key and judging whether an analysis object has leakage concentration, and when the analysis object does not have the leakage concentration, an initial analysis signal is sent to the initial analysis module through the server; acquiring a duration optimization range and a frequency optimization range when the analysis object has leakage concentration, and transmitting the duration optimization range and the frequency optimization range to a server;
the initial analysis module is used for detecting and analyzing an initial generation process of the analysis object and judging the necessity of system optimization, and marking an initial optimization mode when the management period does not have the necessity of system optimization.
The invention has the following beneficial effects:
the communication secret key can be safely managed through the safety management module, multiple safety parameters of the communication secret key are obtained in a management period, comprehensive analysis and calculation are carried out to obtain a safety coefficient, and the operation safety of the communication secret key in the management period is evaluated through the safety coefficient, so that feedback is timely carried out when the safety is unqualified, and a safety analysis flow is triggered;
the management data of the communication key can be subjected to safety analysis through the safety analysis module, the leakage frequency difference of all analysis objects is analyzed, decision analysis is carried out on the processing mode of safety abnormality through the analysis result, the duration optimization range and the frequency optimization range are obtained by combining with the updating mode of the communication key, and the updating rationality of the communication key in the next management period is improved;
the initial analysis module can detect and analyze the initial generation process of the analysis object, obtain a random influence coefficient and a determined influence coefficient, obtain an initial optimization mode through data comparison, and generate a communication key in the next management period by adopting the initial optimization mode, thereby improving the management security of the communication key.
Drawings
In order to more clearly illustrate the embodiments of the invention or the technical solutions in the prior art, the drawings that are required in the embodiments or the description of the prior art will be briefly described, it being obvious that the drawings in the following description are only some embodiments of the invention, and that other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.
Fig. 1 is a system block diagram of a first embodiment of the present invention.
Fig. 2 is a flowchart of a method according to a second embodiment of the invention.
Detailed Description
The technical solutions of the present invention will be clearly and completely described in connection with the embodiments, and it is obvious that the described embodiments are only some embodiments of the present invention, not all embodiments. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
Example 1
As shown in fig. 1, a communication key management system includes a server, and the server is communicatively connected with a security management module, a security analysis module, an initial analysis module and a storage module.
The security management module is used for performing security management on the communication key: generating a management period, acquiring leakage data XL, use data SY and storage data CC in the management period, wherein the leakage data XL is the frequency of communication key leakage in the management period, the use data SY is the sum of the frequency of all communication keys in the management period, and the storage data CC is the number of communication keys stored in the management period; the safety coefficient AQ of the management period is obtained by the formula AQ= (XL x alpha 1)/(SYx alpha 2+CC x alpha 3), wherein alpha 1, alpha 2 and alpha 3 are all proportional coefficients, and alpha 1 is more than alpha 2 is more than alpha 3 is more than 1; the safety threshold AQmax is obtained through the storage module, and the safety coefficient AQ of the management period is compared with the safety threshold AQmax: if the safety coefficient AQ is smaller than the safety threshold AQmax, judging that the safety of the communication key in the management period meets the requirement; if the safety coefficient AQ is greater than or equal to the safety threshold AQmax, judging that the safety of the communication key in the management period does not meet the requirement, generating a safety analysis signal and sending the safety analysis signal to a server, and sending the safety analysis signal to a safety analysis module after the server receives the safety analysis signal; and carrying out safety management on the communication key, acquiring a plurality of safety parameters of the communication key in a management period, comprehensively analyzing and calculating to obtain a safety coefficient, and evaluating the operation safety of the communication key in the management period through the safety coefficient, so that feedback is timely carried out and a safety analysis flow is triggered when the safety is unqualified.
The security analysis module is used for performing security analysis on management data of the communication key: marking a communication key with leakage in a management period as an analysis object, marking the leakage times of the analysis object in the management period as leakage values of the analysis object, forming a leakage set by the leakage values of all the analysis objects, performing variance calculation on the leakage set to obtain a concentration coefficient, acquiring a concentration threshold by a storage module, and comparing the concentration coefficient with the concentration threshold: if the concentration coefficient is smaller than the concentration threshold, judging that the analysis object does not have leakage concentration, generating an initial analysis signal and sending the initial analysis signal to a server, and after receiving the initial analysis signal, the server sends the initial analysis signal to an initial analysis module; if the concentration coefficient is greater than or equal to the concentration threshold, judging that the analysis object has leakage concentration, and performing management optimization analysis on the analysis object: marking a communication key updated in a time interval as a time update object, marking an update time interval of the time update object as a time value of the time update object, forming a time range by a maximum value and a minimum value of the time value, dividing the time range into a plurality of time intervals, acquiring the total number of times of communication key leakage of all time update objects with the time value in the time interval in a management period, marking the time leakage value of the time interval as a time leakage value, and marking the time interval with the minimum time leakage value as a time optimization range; marking a communication key with an updating mode of using the number of times as an updating object, marking the using number of the number of times as a number of times value of the updating object, forming a number of times range by a maximum value and a minimum value of the number of times value, dividing the number of times range into a plurality of number of times intervals, acquiring the total number of times of communication key leakage of the number of times updating object with the number of times value in the number of times interval in a management period, marking the total number of times of communication key leakage of the number of times updating object as a number of times interval, and marking the number of times interval with the minimum number of times of time leakage value as a number of times optimizing range; the method comprises the steps that a duration optimization range and a frequency optimization range are sent to a server, and the server optimizes updating rules of a communication key through the duration optimization range and the frequency optimization range; and carrying out security analysis on management data of the communication key, analyzing the leakage frequency difference of all analysis objects, carrying out decision analysis on a processing mode of security abnormality through an analysis result, acquiring a duration optimization range and a frequency optimization range by combining with an updating mode of the communication key, and improving updating rationality of the communication key in the next management period.
The initial analysis module is used for detecting and analyzing the initial generation process of the analysis object: the method comprises the steps of marking a communication key and an analysis object which are generated in a random generation mode as a random object and a random marking object respectively, marking the ratio of the number of the random marking objects to the number of the random objects as a random influence coefficient, marking the communication key and the analysis object which are generated in a deterministic generation mode as a determination object and a determination marking object respectively, marking the ratio of the number of the determination marking objects to the number of the determination object as a determination influence coefficient, marking the absolute value of the difference value between the random influence coefficient and the determination influence coefficient as an influence deviation value, acquiring an influence deviation threshold value through a storage module, and comparing the influence deviation value with the influence deviation threshold value: if the influence deviation value is smaller than the influence deviation threshold value, generating a system optimization signal and sending the system optimization signal to a server, and after receiving the system optimization signal, the server sends the system optimization signal to a mobile phone terminal of a manager; if the influence deviation value is greater than or equal to the influence deviation threshold value, comparing the random influence coefficient with the determined influence coefficient: if the random influence coefficient is larger than the determined influence coefficient, marking the deterministic generation mode as an initial optimization mode; if the random influence coefficient is smaller than the determined influence coefficient, marking the random generation mode as an initial optimization mode; the initial optimization mode is sent to a server, and the server receives the initial optimization mode and then sends the initial optimization mode to a storage module for storage; and detecting and analyzing the initial generation process of the analysis object, obtaining a random influence coefficient and a determined influence coefficient, obtaining an initial optimization mode through data comparison, and generating a communication key in the next management period by adopting the initial optimization mode, thereby improving the management security of the communication key.
Example two
As shown in fig. 2, a communication key management method is applied to the communication key management system, and includes the following steps:
step one: the communication key is safely managed: generating a management period, acquiring leakage data XL, use data SY and storage data CC in the management period, performing numerical calculation to obtain a safety coefficient AQ of the management period, and judging whether the safety of a communication key in the management period meets the requirement or not through the safety coefficient AQ;
step two: security analysis is carried out on management data of the communication key: marking a communication key with leakage in a management period as an analysis object, marking the leakage times of the analysis object in the management period as leakage values of the analysis object, forming a leakage set by the leakage values of all the analysis objects, performing variance calculation on the leakage set to obtain a concentration coefficient, and judging whether the analysis object has leakage concentration or not by the concentration coefficient;
step three: detecting and analyzing the initial generation process of the analysis object: the communication key and the analysis object generated by adopting the random generation mode are marked as a random object and a random marked object respectively, the ratio of the number of the random marked objects to the number of the random objects is marked as a random influence coefficient, the communication key and the analysis object generated by adopting the deterministic generation mode are marked as a determined object and a determined marked object respectively, the ratio of the number of the determined marked objects to the number of the determined objects is marked as a determined influence coefficient, the absolute value of the difference value between the random influence coefficient and the determined influence coefficient is marked as an influence deviation value, and the necessity of optimizing the system is judged by the influence deviation value.
The communication key management method comprises the steps of generating a management period, acquiring leakage data XL, usage data SY and stored data CC in the management period, performing numerical calculation to obtain a safety coefficient AQ of the management period, and judging whether the safety of the communication key in the management period meets the requirement or not through the safety coefficient AQ; marking a communication key with leakage in a management period as an analysis object, marking the leakage times of the analysis object in the management period as leakage values of the analysis object, forming a leakage set by the leakage values of all the analysis objects, performing variance calculation on the leakage set to obtain a concentration coefficient, and judging whether the analysis object has leakage concentration or not by the concentration coefficient; the communication key and the analysis object generated by adopting the random generation mode are marked as a random object and a random marked object respectively, the ratio of the number of the random marked objects to the number of the random objects is marked as a random influence coefficient, the communication key and the analysis object generated by adopting the deterministic generation mode are marked as a determined object and a determined marked object respectively, the ratio of the number of the determined marked objects to the number of the determined objects is marked as a determined influence coefficient, the absolute value of the difference value between the random influence coefficient and the determined influence coefficient is marked as an influence deviation value, and the necessity of optimizing the system is judged by the influence deviation value.
The foregoing is merely illustrative of the structures of this invention and various modifications, additions and substitutions for those skilled in the art can be made to the described embodiments without departing from the scope of the invention or from the scope of the invention as defined in the accompanying claims.
The formulas are all formulas obtained by collecting a large amount of data for software simulation and selecting a formula close to a true value, and coefficients in the formulas are set by a person skilled in the art according to actual conditions; such as: the formula aq= (xlxα1)/(SY xα2+cc xα3); collecting a plurality of groups of sample data by a person skilled in the art and setting a corresponding safety coefficient for each group of sample data; substituting the set safety coefficient and the acquired sample data into a formula, forming a ternary one-time equation set by any three formulas, screening the calculated coefficient, and taking an average value to obtain values of alpha 1, alpha 2 and alpha 3 which are 3.52, 2.68 and 2.13 respectively.
The size of the coefficient is a specific numerical value obtained by quantizing each parameter, so that the subsequent comparison is convenient, and the size of the coefficient depends on the number of sample data and the corresponding safety coefficient is preliminarily set for each group of sample data by a person skilled in the art; as long as the proportional relation between the parameter and the quantized value is not affected, for example, the safety coefficient is in direct proportion to the value of the leakage data.
In the description of the present specification, the descriptions of the terms "one embodiment," "example," "specific example," and the like, mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the present invention. In this specification, schematic representations of the above terms do not necessarily refer to the same embodiments or examples. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The preferred embodiments of the invention disclosed above are intended only to assist in the explanation of the invention. The preferred embodiments are not intended to be exhaustive or to limit the invention to the precise form disclosed. Obviously, many modifications and variations are possible in light of the above teaching. The embodiments were chosen and described in order to best explain the principles of the invention and the practical application, to thereby enable others skilled in the art to best understand and utilize the invention. The invention is limited only by the claims and the full scope and equivalents thereof.
Claims (3)
1. A method of communication key management comprising the steps of:
step one: the communication key is safely managed: generating a management period, acquiring leakage data XL, use data SY and storage data CC in the management period, performing numerical calculation to obtain a safety coefficient AQ of the management period, and judging whether the safety of a communication key in the management period meets the requirement or not through the safety coefficient AQ;
step two: security analysis is carried out on management data of the communication key: marking a communication key with leakage in a management period as an analysis object, marking the leakage times of the analysis object in the management period as leakage values of the analysis object, forming a leakage set by the leakage values of all the analysis objects, performing variance calculation on the leakage set to obtain a concentration coefficient, and judging whether the analysis object has leakage concentration or not by the concentration coefficient;
step three: detecting and analyzing the initial generation process of the analysis object: marking a communication key and an analysis object which are generated in a random generation mode as a random object and a random marking object respectively, marking the ratio of the number of the random marking objects to the number of the random objects as a random influence coefficient, marking the communication key and the analysis object which are generated in a deterministic generation mode as a determination object and a determination marking object respectively, marking the ratio of the number of the determination marking objects to the number of the determination objects as a determination influence coefficient, marking the absolute value of the difference value of the random influence coefficient and the determination influence coefficient as an influence deviation value, and judging the system optimization necessity through the influence deviation value; the leakage data XL is the number of times of communication key leakage in a management period, the usage data SY is the sum of the number of times of all communication keys in the management period, and the storage data CC is the number of communication keys stored in the management period; the specific process for judging whether the safety of the communication key in the management period meets the requirement comprises the following steps: the safety threshold AQmax is obtained through the storage module, and the safety coefficient AQ of the management period is compared with the safety threshold AQmax: if the safety coefficient AQ is smaller than the safety threshold AQmax, judging that the safety of the communication key in the management period meets the requirement; if the safety coefficient AQ is greater than or equal to the safety threshold AQmax, judging that the safety of the communication key in the management period does not meet the requirement, generating a safety analysis signal and sending the safety analysis signal to a server, and sending the safety analysis signal to a safety analysis module after the server receives the safety analysis signal; the specific process for judging whether the analysis object has leakage concentration comprises the following steps: marking the leakage times of the analysis objects in the management period as leakage values of the analysis objects, forming a leakage set by the leakage values of all the analysis objects, performing variance calculation on the leakage set to obtain a concentration coefficient, acquiring a concentration threshold value through a storage module, and comparing the concentration coefficient with the concentration threshold value: if the concentration coefficient is smaller than the concentration threshold, judging that the analysis object does not have leakage concentration, generating an initial analysis signal and sending the initial analysis signal to a server, and after receiving the initial analysis signal, the server sends the initial analysis signal to an initial analysis module; if the concentration coefficient is greater than or equal to the concentration threshold, judging that the analysis object has leakage concentration, and performing management optimization analysis on the analysis object; the specific process for performing management optimization analysis on the analysis object comprises the following steps: marking a communication key updated in a time interval as a time update object, marking an update time interval of the time update object as a time value of the time update object, forming a time range by a maximum value and a minimum value of the time value, dividing the time range into a plurality of time intervals, acquiring the total number of times of communication key leakage of all time update objects with the time value in the time interval in a management period, marking the time leakage value of the time interval as a time leakage value, and marking the time interval with the minimum time leakage value as a time optimization range;
the duration optimization range is sent to a server, and the server optimizes the updating rule of the communication key through the duration optimization range; the specific process of performing management optimization analysis on the analysis object further comprises the following steps: marking a communication key with an updating mode of using the number of times as an updating object, marking the using number of the number of times as a number of times value of the updating object, forming a number of times range by a maximum value and a minimum value of the number of times value, dividing the number of times range into a plurality of number of times intervals, acquiring the total number of times of communication key leakage of the number of times updating object with the number of times value in the number of times interval in a management period, marking the total number of times of communication key leakage of the number of times updating object as a number of times interval, and marking the number of times interval with the minimum number of times of time leakage value as a number of times optimizing range;
and sending the frequency optimization range to a server, and optimizing the updating rule of the communication key through the frequency optimization range by the server.
2. The communication key management method according to claim 1, wherein the specific process of determining the necessity of system optimization comprises: obtaining an influence deviation threshold value through a storage module, and comparing the influence deviation value with the influence deviation threshold value: if the influence deviation value is smaller than the influence deviation threshold value, generating a system optimization signal and sending the system optimization signal to a server, and after receiving the system optimization signal, the server sends the system optimization signal to a mobile phone terminal of a manager; if the influence deviation value is greater than or equal to the influence deviation threshold value, comparing the random influence coefficient with the determined influence coefficient: if the random influence coefficient is larger than the determined influence coefficient, marking the deterministic generation mode as an initial optimization mode; if the random influence coefficient is smaller than the determined influence coefficient, marking the random generation mode as an initial optimization mode; the initial optimization mode is sent to a server, and the server receives the initial optimization mode and then sends the initial optimization mode to a storage module for storage.
3. The method for managing a communication key according to any one of claims 1 to 2, wherein the method is applied to a communication key management system and comprises a server, and the server is communicatively connected with a security management module, a security analysis module, an initial analysis module and a storage module;
the safety management module is used for carrying out safety management on the communication secret key and judging whether the safety of the communication secret key in the management period meets the requirement or not, and sending a safety analysis signal to the safety analysis module through the server when the safety of the communication secret key does not meet the requirement;
the safety analysis module is used for carrying out safety analysis on management data of the communication key and judging whether an analysis object has leakage concentration, and when the analysis object does not have the leakage concentration, an initial analysis signal is sent to the initial analysis module through the server; acquiring a duration optimization range and a frequency optimization range when the analysis object has leakage concentration, and transmitting the duration optimization range and the frequency optimization range to a server;
the initial analysis module is used for detecting and analyzing an initial generation process of the analysis object and judging the necessity of system optimization, and marking an initial optimization mode when the management period does not have the necessity of system optimization.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202410148197.7A CN117692143B (en) | 2024-02-02 | 2024-02-02 | Communication key management method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202410148197.7A CN117692143B (en) | 2024-02-02 | 2024-02-02 | Communication key management method |
Publications (2)
Publication Number | Publication Date |
---|---|
CN117692143A CN117692143A (en) | 2024-03-12 |
CN117692143B true CN117692143B (en) | 2024-04-12 |
Family
ID=90128553
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202410148197.7A Active CN117692143B (en) | 2024-02-02 | 2024-02-02 | Communication key management method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN117692143B (en) |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20080029602A (en) * | 2006-09-29 | 2008-04-03 | 한국전자통신연구원 | Method and apparatus for preventing confidential information leak |
CN115514500A (en) * | 2022-11-23 | 2022-12-23 | 江苏荣泽信息科技股份有限公司 | Rapid verification method for CA certificate revocation list |
CN116542665A (en) * | 2023-04-19 | 2023-08-04 | 福州年盛信息科技有限公司 | Payment data safety protection system based on cloud computing |
CN116599639A (en) * | 2022-12-21 | 2023-08-15 | 北京理工大学 | Method and system for quantitatively measuring information leakage of cryptographic chip side based on clustering |
Family Cites Families (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN111294366B (en) * | 2020-05-13 | 2020-07-28 | 西南石油大学 | Statistical analysis method for aggregation of encrypted data for resisting secret key leakage in smart power grid |
-
2024
- 2024-02-02 CN CN202410148197.7A patent/CN117692143B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20080029602A (en) * | 2006-09-29 | 2008-04-03 | 한국전자통신연구원 | Method and apparatus for preventing confidential information leak |
CN115514500A (en) * | 2022-11-23 | 2022-12-23 | 江苏荣泽信息科技股份有限公司 | Rapid verification method for CA certificate revocation list |
CN116599639A (en) * | 2022-12-21 | 2023-08-15 | 北京理工大学 | Method and system for quantitatively measuring information leakage of cryptographic chip side based on clustering |
CN116542665A (en) * | 2023-04-19 | 2023-08-04 | 福州年盛信息科技有限公司 | Payment data safety protection system based on cloud computing |
Non-Patent Citations (4)
Title |
---|
Efficient Identity-Based Data Integrity Auditing With Key-Exposure Resistance for Cloud Storage;W.Shen等;《IEEE Transactions on Dependable and Secure Computing》;20221219;第20卷(第06期);第4593-4606页 * |
基于属性基加密与阈值秘密共享的智能电表密钥管理方法;肖勇等;《南方电网技术》;20200120;第14卷(第01期);第31-38页 * |
有限长量子密钥分配认证的信息泄露研究;鲍皖苏等;《信息安全研究》;20170105;第03卷(第01期);第2-12页 * |
量子密钥分发技术在城市轨道交通通信系统中的应用方案研究;王思佳等;《铁道通信信号》;20240123;第1-8页 * |
Also Published As
Publication number | Publication date |
---|---|
CN117692143A (en) | 2024-03-12 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
TWI595375B (en) | Anomaly detection using adaptive behavioral profiles | |
CN108833416B (en) | SCADA system information security risk assessment method and system | |
Pavlenko et al. | Sustainability of cyber-physical systems in the context of targeted destructive influences | |
CN116366374B (en) | Security assessment method, system and medium for power grid network management based on big data | |
CN108108624B (en) | Product and service-based information security quality assessment method and device | |
CN112560046B (en) | Assessment method and device for business data security index | |
CN108092985B (en) | Network security situation analysis method, device, equipment and computer storage medium | |
Qin et al. | Association analysis-based cybersecurity risk assessment for industrial control systems | |
CN117614978A (en) | Information security communication management system for digital workshop | |
CN107360047A (en) | Network safety evaluation method based on CIA attributes | |
Ma et al. | Two-stage Bayesian sequential change diagnosis | |
CN117692143B (en) | Communication key management method | |
Bektemyssova et al. | Time series forecasting by the arima method | |
CN116896476A (en) | Safety evaluation model and method for remote management system of digital energy air compression station | |
Ling et al. | Estimating the Time-To-Compromise of Exploiting Industrial Control System Vulnerabilities. | |
Shah et al. | Statistical Development of the VSQ‐Control Chart for Extreme Data with an Application to the Carbon Fiber Industry | |
CN115314288B (en) | Data tracing system and method based on encryption verification technology | |
CN114444933A (en) | Danger source analysis method, equipment and medium based on constructional engineering | |
CN117573494B (en) | Software operation data background storage management system based on artificial intelligence | |
CN118094531B (en) | Safe operation and maintenance real-time early warning integrated system | |
Abidin et al. | Conceptual Model of Risk Assessment for Insider Threats Detection | |
CN116248413B (en) | Flow detection method, device and medium for webshell file | |
CN118070341B (en) | Big data management method and big data management system | |
KR102470364B1 (en) | A method for generating security event traning data and an apparatus for generating security event traning data | |
Shen et al. | Security Situation Assessment Method Based on States Transition |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |