CN1750534A - EPA network safety management entity ad safety processing method - Google Patents
EPA network safety management entity ad safety processing method Download PDFInfo
- Publication number
- CN1750534A CN1750534A CN 200510057339 CN200510057339A CN1750534A CN 1750534 A CN1750534 A CN 1750534A CN 200510057339 CN200510057339 CN 200510057339 CN 200510057339 A CN200510057339 A CN 200510057339A CN 1750534 A CN1750534 A CN 1750534A
- Authority
- CN
- China
- Prior art keywords
- epa
- message
- network
- equipment
- safety
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
This invention provides EPA network safety management unit and process method, which contains pointing out layered and classified safety strategy, establishing relative EPA network safety management system according to network environment, different measurer can be carried by EPA network safety management unit, IP message control management unit and EPA safety information base, said safety measure containing EPA cipher key production and management method, EPA equipment identifying, EPA message check, EPA message enciphering, EPA accessing authorization, and EPA message filtering etc.
Description
Technical field
The present invention relates to a kind of safe practice that is applicable to industrial control network, particularly the Security Architecture of industrial control network, security control algorithm and security management entity.
Background technology
EPA may be invaded, be damaged as an open system or the threat of malice such as playback or non-malice, has brought the safety problem at control networking, as virus, leakage of information and distort, system can not use or the like.For this reason, must take necessary security measure and instrument, in open environment, can move safely, system, resource and the normal production order that protection is inner to guarantee the EPA system.And because industry spot network equipment real-time, reliability, stability requirement height such as transducer, actuator and controllers, and computational resource and computing capability are very limited, how to guarantee the safety of industrial control networks such as EPA, just become current urgent problem.
Summary of the invention
The present invention is directed to the isomerism of industrial control network, distributivity, the characteristics of real-time and resource and operational capability finiteness, propose to adapt to the Security Architecture of EPA network, the classification security strategy, EPA message control and management agreement, IP message control and management agreement and EPA equipment are differentiated, the EPA message checking, the EPA message encryption, the structure and the implementation method of security control algorithms such as EPA access authorization and security management entity, under the prerequisite that satisfies the industrial control network performance requirement, guarantee the confidentiality and the integrality of process control parameters, require high with effective solution EPA Control Network real-time, problem between device interior shortage of resources and the data communications security, move normally with safeguards system, or when receiving attack, can promptly find and take corresponding safety measure, make the security loss of system reduce to minimum, and after under attack, can promptly recover.
The technical solution adopted in the present invention is: according to the hierarchical structure of EPA network, make up the EPA network security management system, implement different safety measures by EPA network security application management entity, EPA message control and management entity, IP message control and management entity, EPA Security Management Information Base.Wherein, EPA network security application management entity part, be positioned under the client layer of EPA agreement, on the EPA application layer, be used for the user data of EPA is carried out delivering to the EPA application entity after the safe handling, safety measure to the EPA network application layer manages, and safety measure comprises generation and management method, the discriminating of EPA equipment, EPA message checking, EPA message encryption and the EPA access authorization of EPA key;
EPA message control and management entity part is used for the message at data link layer control EPA, comprises the filtration of EPA message, the control of non-EPA message;
IP message control and management entity part is used to control the non real-time application process data that enter the EPA network by the IT application agreement, promptly controls the non real-time application process data that enter the EPA network by the IT application agreement, comprises ip packet filter, IPSec etc.;
The EPA Security Management Information Base as the interface of EPA safety measure and each layer protocol of EPA, is deposited the required information of safety management system, and these information exist with the form of object, and can carry out corresponding operational processes to it.
The invention allows for a kind of EPA network security processing method, this method adopts the classification safeguard construction to make up the EPA network security management system according to the hierarchical structure of EPA network; Set up Security Management Information Base; System produced a shared secret table at random before configuration; Obtain key or check code at random; Utilize check code that user data to be sent or that receive is carried out verification, obtain check digit; Message to transmit leg/recipient carries out encrypt/decrypt; Parameter attribute that the comparison transmit leg is sent and the relevant parameter attribute in recipient's Access Control List (ACL), determining whether provides service to transmit leg.
The present invention can effectively solve the problem between EPA Control Network real-time requirement height, device interior shortage of resources and the data communications security; in guarantee in the environment of an opening, can operate safely; system, resource and the normal production order that protection is inner; or when receiving attack, can promptly find and take corresponding safety measure; make the security loss of system reduce to minimum, and after under attack, can promptly recover.
Description of drawings
Fig. 1 EPA system layer safeguard construction schematic diagram
The EPA equipment block diagram of the integrated EPA secure communication of network of Fig. 2 model
Fig. 3 EPA network safety management entity structure
The production process of Fig. 4 EPA system key
Fig. 5 EPA message checking flow chart
Fig. 6 EPA message encryption decryption work flow chart
Fig. 7 EPA equipment is differentiated workflow diagram
Fig. 8 access control workflow
The secure communication model of Fig. 9 EPA equipment room
Embodiment
One, EPA network hierarchy safety control system structure
Figure 1 shows that EPA system layer safeguard construction schematic diagram, 1) EPA supervisory layers fire compartment wall is the safe interface equipment of external network (containing the business administration network) visit EPA Control Network, to EPA system implementation boundary protection.
2) EPA safety bridge is the safe interface equipment between connection procedure supervisory layers and the scene equipment level; scene equipment level is implemented boundary protection; the EPA safety bridge that has also possesses protocol conversion function, and EPA safety bridge can be placed in EPA bridge, EPA switch or the EPA hub on the scene equipment level L1 network segment.
3) EPA safety bridge has double properties as the interface between process monitoring layer and the scene equipment level, and to the process monitoring layer L2 network segment, the EPA bridge is a process monitoring equipment; To the scene equipment level L1 network segment, the EPA bridge is a field apparatus.
EPA system safety structure adopts the classification safeguard construction.It is made up of process monitoring layer L2 and two network segments of scene equipment level L1, wherein, the scene equipment level L1 network segment be used between the various field apparatuss (as transmitter, actuator, analytical instrument etc.) at industrial production scene and field apparatus and the L2 network segment between be connected; The process monitoring layer L2 network segment is mainly used in the connection between control room instrument, device and the man-machine interface.According to EPA topology of networks and characteristics thereof, the cohesive process supervisory layers L2 network segment and the scene equipment level L1 network segment and extraneous tightness degree of communicating by letter.Prevent the security threat of external network by EPA process monitoring layer fire compartment wall, and according to the safety measure in the network environment selection course supervisory layers equipment of EPA system; Prevent security threat beyond the field apparatus level by EPA safety bridge, and safety measure in the field apparatus is set according to the approach of visit field apparatus.
Two, EPA network hierarchy classification safety method
Different running environment according to the EPA network; the different security threat of systems face with have different safe class requirements; take different security mechanisms at the L1 network segment in the EPA network hierarchy structure and the L2 network segment respectively, implement the communication security measure of different boundary protection scheme and equipment room as shown in table 1.Because equipment real-time, reliability, stability requirement height on the scene equipment level L1 network segments such as transducer, actuator and controller, and computational resource and computing capability are very limited, so emphasize the security boundary measure more, and except that the situation that allows public network visit field layer, communication security adopts that computational resource requires less, computational speed is fast on the L1 network segment, and simple and practical safety measure.
Table 1 EPA network hierarchy classification safety method
| The EPA network safety grade | Lever 0 | Lever 1 | Lever 2 | Lever 3 | |
| The EPA networking operational environment | EPA network independently | Allow supervising the network access monitoring layer | Allow public network access monitoring layer | Allow public network visit field layer | |
| The security mechanism of the process monitoring layer L2 network segment | Boundary protection | Do not have | Packet filter firewall | Status firewall | Application level firewall |
| The communication security measure of process monitoring layer L2 network segment equipment room | Equipment is differentiated | Equipment discriminating, access control, message checking, XOR are encrypted | Equipment discriminating, access control, message checking, AES encrypt | Equipment discriminating, access control, message checking, AES encrypt, IPSec | |
| The security mechanism of the scene equipment level L1 network segment | Boundary protection | EPA packet filtering bridge | EPA packet filtering bridge | Protocol conversion and Packet Filtering bridge | IPSec conversion and Packet Filtering bridge |
| The communication security measure of the scene equipment level L1 network segment | Equipment is differentiated | Equipment is differentiated | Equipment discriminating, access control, message checking | Equipment discriminating, access control, message checking, AES encrypt | |
Three, EPA secure communication of network model
As shown in Figure 2, each EPA equipment is made up of several sections such as at least one functional block example, EPA network security application management entity, EPA application entity, EPA system management entity, EPA socket mapping entity, EPA linked object, communication scheduling management entity and UDP/IP agreements.According to the hierarchical structure of EPA network, set up EPA secure communication of network model, except that IT security protocol assembly (as IPSec, SSL, VLAN), IT application protocol component, also comprise following major part in the model:
EPA network security application management entity
EPA message control and management entity
IP message control and management entity
The EPA Security Management Information Base
Security Management Information Base in the EPA secure communication of network model is the interface of each security management entity of EPA and each layer protocol of EPA, deposits the required information of safety management system; EPA network security application management entity is arranged under the EPA network client layer, on the EPA application layer, is used for the user data of EPA is carried out delivering to the EPA application entity after the safe handling, guarantees the safety of EPA network application layer; EPA message control and management entity is used for the message at data link layer control EPA; IP message control and management entity (comprising: ARP, RARP, ICMP, IGMP) is used to control the non real-time application process data that enter the EPA network by the IT application agreement.
1, EPA network security application management entity
EPA network security application management entity is positioned under the EPA agreement client layer, and on the EPA protocol application layer, the user data that is used for EPA carries out delivering to the EPA application entity after the safe handling, and the safety measure of EPA network application layer is managed.
Be illustrated in figure 3 as EPA network security application management entity structure schematic diagram, EPA network security application management entity is made up of EPA equipment discriminating part, EPA message checking part, EPA message encryption part and EPA access authorization four parts.
EPA network security application management entity is used for the user data of EPA is carried out delivering to the EPA application entity after the safe handling, sends ICP/IP protocol to by EPA socket mapping entity again, guarantees the safety of EPA network application layer; EPA network security application management entity manages the safety measure of EPA network application layer, and safety measure comprises the discriminating of EPA equipment, EPA message checking, EPA message encryption and EPA access authorization; Wherein EPA equipment differentiates it is the most basic safety measure, and security intensity is high gradually with the order of EPA access authorization, EPA message checking, EPA message encryption.
2, EPA message control and management entity
EPA message control and management entity is used for the message at data link layer control EPA, comprises the filtration of EPA message, the control of non-EPA message.Realize control of EPA message and management by Security Management Information Base.As filter the EPA message: filter the EPA message by EPA sign (0x88BC), even length/type (LENGTH/TYPE) field is EPA ident value (0x88BC) in the message frame form, then receives this message; Otherwise abandon or do other processing.
3, IP message control and management entity
IP message control and management entity is used to control the non real-time application process data that enter the EPA network by the IT application agreement, and IP message control measure comprise: ip packet filter, IPSec etc.Realize the control and the management of IP message by Security Management Information Base, as filter authorization data packets, set up the Packet Filtering rule list according to IP address, the port numbers of authorized user visit in advance, when receiving message, resolution data packet header, and mate with the packet filtering rules table, if do not match then refuse these packets; Otherwise accept these packets.
4, Security Management Information Base
EPA secure communication of network of the present invention modelling has the interface of EPA Security Management Information Base (table 2) as EPA safety measure and each layer protocol of EPA, realizes the safeguard protection to the EPA network.Security Management Information Base belongs to the part of EPA management information bank, has deposited the required information of security management entity, and these information exist with the form of object, and can carry out corresponding operational processes to it.By all right self-defined other safety measure of Security Management Information Base user, can expand other safety measure easily.
Table 2 EPA management information bank
| The EPA object | Object Object ID | Explanation |
| EPA MIB Header | 1 | The stem object in EPA device management information storehouse |
| EPA Device Descriptor | 2 | EPA device description object |
| Clock Synchronization | 3 | The time synchronized object |
| Max Response Time | 4 | Confirm the service maximum response time |
| Communication Schedule Management | 5 | The communication scheduling management object |
| Device Application information | 6 | Equipment application message object |
| FB Appl ication information Header | 7 | Functional block application message object stem |
| Link Object Header | 8 | The linked object stem |
| Domain Application Object Header | 9 | Territory application stem |
| Security Management Object Header | 10 | Safety management object stem |
| …… | ||
| FB Application information 1 | 2000 | Functional block application message object 1 |
| FB Application information 2 | 2001 | Functional block application message object 2 |
| Next coming in order increase progressively | ||
| Domain Application Object 1 | 4000 | Territory application 1 |
| Domain Application Object 2 | 4001 | Territory application 2 |
| …… | Next coming in order increase progressively | |
| Link Object 1 | 5000 | Linked object 1 |
| Link Object 2 | 5001 | Linked object 2 |
| …… | Next coming in order increase progressively | |
| Security Management Object1 | 6000 | Safety management object 1 |
| Security Management Object2 | 6001 | Safety management object 2 |
| …… | Next coming in order increase progressively |
All EPA network security management objects all are placed in the EPA management information bank, for the ease of maintenance to the network security management object, in management information bank, add all information that a safety management object is described the network security management object, the number, the safety management object number of instantiation, the call number of first safety management object in management information bank that comprise the safety management object, following coding schedule are exactly the interface of definition EPA safety measure and each layer protocol of EPA and the data structure in management information bank.
Table 3 safety management information heading object coding table:
| Sequence number | Attribute-name | Read-write properties | Data type | Coding site departs from (unit: byte) | Byte length | Explanation |
| 1 | Object ID | Read-only | Unsigned16 | 0 | 2 | The index of this object in management information bank |
| 2 | SMIB Resivion Number | Read-only | Unsigned16 | 2 | 2 | Revision this shop |
| 3 | Number of Security Measurement | Read-only | Unsigned16 | 4 | 2 | Used the Security Object number |
| 4 | Total Number of | Read-only | Unsigned16 | 6 | 2 | The safety measure of instantiation is total |
| Security Management | Number | |||||
| 5 | First Number of Security Management Object | Read-only | Unsigned16 | 8 | 2 | The call number of first safety management object |
Table 4 key management object coding table:
| Sequence number | Attribute-name | Read-write properties | Data type | Coding site departs from (unit: byte) | Byte length | Explanation |
| 1 | Object ID | Read-only | Unsigned16 | 0 | 2 | The index of key management object in management information bank |
| 2 | Version Number | Read-only | Unsigned16 | 2 | 2 | The version number of key management |
| 3 | TimeLimit | Read-only | Unsigned16 | 4 | 2 | The effective time of key |
| 4 | Create Mode | Read-only | Unsigned8 | 6 | 1 | The producing method 0 of key---user sets; 1---generate at random; 2---distribute from KMC |
| 5 | KeyLength | Read-only | Unsigned32 | 7 | 4 | Key length |
| 6 | CryptoAlgorithmID | Read-only | Unsigned16 | 11 | 2 | The index position of corresponding cryptographic algorithm object in management information bank |
| 7 | Reserved | Read-only | Unsigned16 | 13 | 2 | Reserved field |
Table 5 cryptographic algorithm object coding table:
| Sequence number | Attribute-name | Read-write properties | Data type | Coding site departs from | Byte | Explanation |
| (unit: byte) | Length | |||||
| 1 | Object ID | Read-only | Unsigned16 | 0 | 2 | The index of key management object in management information bank |
| 2 | Version Number | Read-only | Unsigned16 | 2 | 2 | The version number of key management |
| 3 | Crypto Mode | Read-only | Unsigned8 | 4 | 1 | The cryptographic algorithm type, 0---data encryption; 1---equipment is differentiated; 2---data integrity; |
| 4 | Algorithm Module | Read-only | Unsigned32 | 5 | 4 | The cryptographic algorithm module |
| 5 | Key ID index | Read-only | Unsigned16 | 9 | 2 | The index position of counterpart keys management object in management information bank |
| 6 | Reserved | Read-only | Unsigned16 | 11 | 2 | Reserved field |
Table 6 access control object coding table
| Sequence number | Attribute-name | Read-write properties | Data type | Coding site departs from (unit: byte) | Byte length | Explanation |
| 1 | Object ID | Read-only | Unsigned16 | 0 | 2 | The index of access control object in management information bank |
| 2 | Version Number | Read-only | Unsigned16 | 2 | 2 | The version number of access control |
| 6 | AccessControl Mode | Read-only | Unsigned8 | 4 | 1 | The access control type; 0-access to netwoks control; The control of 1-data access; |
| 8 | Access Control List | Read-only | Unsigned32 | 5 | 4 | Access Control List (ACL) |
| 9 | Reserved | Read-only | Unsigned16 | 9 | 2 | Reserved field |
Table 7 security protocol management object coding schedule:
| Sequence number | Attribute-name | Read-write properties | Data type | Coding site departs from (unit: byte) | Byte length | Explanation |
| 1 | Object ID | Read-only | Unsigned16 | 0 | 2 | The index of access control object in management information bank |
| 2 | Version Number | Read-only | Unsigned16 | 2 | 2 | The version number of consultative management |
| 3 | Link Time Limit | Read-only | Unsigned16 | 4 | 2 | The time bar that connects |
| 4 | Run Mode | Read-only | Unsigned8 | 6 | 1 | Operational mode |
| 5 | Link Mode | Read-only | Unsigned8 | 7 | 1 | Connection mode |
| 6 | Authentication Mode | Read-only | Unsigned8 | 8 | 1 | Certification mode |
| 7 | CryptoAlgorithmID | Read-only | Unsigned16 | 9 | 2 | The index position of corresponding cryptographic algorithm object in management information bank |
| 8 | Key ID index | Read-only | Unsigned16 | 11 | 2 | The index position of counterpart keys management object in management information bank |
| 9 | Protocol Type | Read-only | Unsigned8 | 13 | 1 | Type of security protocol |
| 10 | Reserved | Read-only | Unsigned16 | 14 | 2 | Reserved field |
The present invention implements different safety measures by EPA network security application management entity, EPA message control and management entity, IP message control and management entity, EPA Security Management Information Base, safety measure to the EPA network application layer manages, and safety measure comprises generation and management, the discriminating of EPA equipment, EPA message checking, EPA message encryption and the EPA access authorization of EPA key.
1.EPA the generation of key and management
1) generation of password table and management
System produced the key list chart[8 of a 8*8 byte at random before configuration] [8], in a single day the password table produces all shared this password table of whole system, as changing the password table, then the necessary Change Password table simultaneously of all devices of system is same with the password epiphase that guarantees whole system.
2) generation of key (or check code)
The production process of EPA system key (or check code) as shown in Figure 4.
According to the 8*8 byte key list chart[8 in the equipment] [8], generate 20 ranks by the linear congruence algorithm and count x[20], the linear congruence algorithm is:
x[n+1]=(a*x[n]+b+Timestamp)mod 8
Timestamp is a system time when wherein encrypting, and this time also is simultaneously the timestamp that sends with message; Timestamp is the timestamp that obtains from message during deciphering, and a, b are any set point.
Then from x[n] obtain n1=Timestamp mod 20, n2=(Timestamp+3) mod 20 and be cipher key index, in the password table, get chart[x[n1]] [] OK, chart[] [x[n2]] row, then the ranks that take out are formed array-Epa_Key[16 that a length is 16 bytes], this promptly is the key (also being check code) that generates.
2.EPA message checking
EPA message checking process as shown in Figure 5.Transmitting terminal obtains check code by above-mentioned described method, and the protocol Data Unit (PDU) that utilizes this check code that client layer is paid carries out verification (XOR processing) and obtains check digit; Then, user data, check digit and timestamp being added in the safe packet head as the message body hands over application entity to send afterwards.
Receiving terminal is handled by above-mentioned described method the timestamp in the safe packet head and is obtained check code, uses this check code and the user data that receives to carry out verification (XOR processing), obtains check digit.This check digit and the check digit that receives in the message are compared,, determine that this message is legal and accept packet if the identical data that then illustrate are not distorted or destroyed.Otherwise abandon this packet, and whether decision returns Negative Acknowledgment according to EPA service identifiers (SeviceID).
3.EPA message encryption
EPA message encryption process as shown in Figure 6.Transmit leg obtains encryption key (EPAKey) by the method described in the above-mentioned part 1, to message encryption, then, hands over application entity to send after the user data after encrypting is added in the safe packet head as the message body by XOR algorithm or aes algorithm.
Receiving terminal is handled by the method described in the above-mentioned part 1 the timestamp in the safe packet head and is obtained decruption key (EPAKey), use this key (EPAKey) that the user's message that receives is carried out XOR algorithm or aes algorithm deciphering, user data after obtaining deciphering, and with the data upload client layer.
4.EPA equipment is differentiated
Equipment differentiates it is device identifier (Device ID), equipment physics item (PD Tag) and equipment redundancy number sign such as (Redundancy Number) the keyword EPA authorisation device of utilizing equipment, judge the legitimacy of this equipment by authentication scheme, thereby guarantee that EPA equipment carries out safety operation in the EPA network.EPA equipment is differentiated workflow diagram as shown in Figure 7.
1. EPA equipment identification algorithm: utilize device identifier (Device ID), equipment physics item (PD Tag) and three keywords of equipment redundancy number (Redundancy Number) of EPA equipment to differentiate EPA equipment, judge the legitimacy of this equipment by authentication scheme.
After transmit leg obtains encryption key EPAKey, utilizing this encryption key that the value of the device identifier in the recognition of devices attribute (Device ID), equipment physics item (PD Tag) and equipment redundancy number (RedundancyNumber) is carried out XOR encrypts, leave the ciphertext after encrypting in equipment as authentication code and differentiate in the service message, differentiate that with equipment service message sends.Receiving terminal is handled the timestamp in the safe packet head and is obtained decruption key EPAKey, use this key that the check code in the user's message that receives is carried out the deciphering of XOR algorithm, authentication code after obtaining deciphering, authentication code after the deciphering and the device identifier in the device management information storehouse, equipment physics item and equipment redundancy number are compared, if identical then this equipment can carry out subsequent operation by differentiating; Otherwise abandon this packet, and be insincere the device definition of device identifier, equipment physics item and equipment redundancy number sign.
2. not configuration equipment or the discriminating when needing again the configuration device start:
A) for the equipment of configuration not or need again the equipment of configuration before carrying out configuration, to need to obtain earlier the password table, this password table should with password epiphase in the user configuration program with;
B) after the EPA device power, as do not have the IP address, will obtain a dynamic IP addressing, after EPA equipment obtains an IP address, start the EPA communication stack by DynamicHost configuration agreement (DHCP);
C) EPA equipment does not have the device asserts request primitive message that confirms by one of EPA device asserts (EM_DeviceAnnunciation) seeervice cycle property repeated broadcast and does not have the equipment that confirms and differentiate service request messages in system, under default situation, EPA equipment is regularly replayed once, up to receiving the startup configuration info;
D) after the user configuration program is received the statement of EPA equipment and is differentiated by equipment, send the startup configuration info to this equipment, the equipment physics item of finding this EPA equipment as the user configuration program is for empty, then call and EPA device attribute (EM_SetDeviceAttribute) service is set request is set to this EPA equipment transmitting apparatus attribute, to comprising that equipment item number, assert packet repeat the transmission cycle, device attribute such as equipment redundancy number, redundant state, redundant side slogan is provided with; The equipment physics item of finding this EPA equipment as the user configuration program is a non-NULL, then need again this EPA equipment of configuration, at first use the service of removing EPA device attribute to send the removing request message that sets a property to this equipment, the EPA equipment state changes not configuration (Unconfigured) state into, subsequently, configuration program just can call and EPA device attribute service is set to this EPA equipment transmitting apparatus attribute request is set;
E) after EPA equipment receives and starts configuration info, configuration info to local EPA equipment is made amendment, with the Data Update local data in the startup configuration message that receives, as equipment item number, statement is set repeats the transmission cycle, equipment redundancy number, redundant state, redundant side slogan etc.;
F) EPA equipment enters operable state;
3. the discriminating during the configuration device start,
A) after the EPA device power, as do not have the IP address, will obtain a dynamic IP addressing, after EPA equipment obtains an IP address, start the EPA communication stack by DynamicHost configuration agreement (DHCP);
B) EPA equipment does not have the device asserts request primitive message that confirms by one of EPA device asserts (EM_DeviceAnnunciation) seeervice cycle property repeated broadcast and does not have the equipment that confirms and differentiate service request messages in system.Under default situation, EPA equipment was replayed once in per 15 seconds, but up to receiving operation information, entered operable state.
5, EPA access authorization
At first set up Access Control List (ACL), parameter and implication in this Access Control List (ACL) are as shown in the table.
| The access control list parameter | Meaning of parameters |
| SourceIP | Source device IP address |
| SourceAppID | Source functional block instance identification |
| SourceObjectID | Source parameter object index |
| DestinationIP | Destination device IP address |
| DestinationAppID | Purpose functional block instance identification |
| DestinationObjectID | Purpose parameter object index |
| Password | Decide password, referring to territory ASE, incident ASE and variable in the EPA standard traffic model specification |
| The Password. of ASE | |
| Access Groups | Object member in specific access group.If relevant position is set up, then to liking the member of access group, referring to the Access Groups of territory ASE, incident ASE and variable in the EPA standard traffic model specification |
| Access Rights | The power of access object.If relevant bits is set up, then Dui Ying access right is licensed, referring to the Access Rights. of territory ASE, incident ASE and variable in the EPA standard traffic model specification |
EPA access authorization workflow as shown in Figure 8.Object member (AccessGroups) in the access right regulation password (Password) that transmit leg interpolation process XOR behind User Agreement data unit message body (PDUBody) is encrypted, the specific access group, three fields formation of authority (AccessRights) the security protocol data unit message body (SPDU Body) of access object send to the EPA application entity.The recipient receives after the SPDU of EPA application entity transmission, object member in access right regulation password after PDU Body is at first deciphered in the XOR processing, the specific access group, three fields of authority of access object, search Access Control List (ACL) then, whether above-mentioned three fields that judgement is sent by transmit leg are consistent with these three field attributes in the Access Control List (ACL), if it is consistent, carry out the service of EPA service identifiers (SeviceID) sign, and just return according to the EPA service identifiers and to respond; Otherwise abandon this packet, and whether decision returns Negative Acknowledgment according to the EPA service identifiers.
The secure communication process of EPA equipment room as shown in Figure 9.Communication initiator: after the EPA network security management partly receives client layer protocol data unit message (PDU), handle the PDU message and be packaged into security protocol data unit message (SPDU) according to the servicing property of Secure Application entity services of selecting for use and EPA service identifiers (ServiceID) representative, pass to application layer entity down then, application layer entity sends to the recipient according to service specified with message.
The communication receiver: after the EPA application entity receives message and disposes, send the message after handling to the Secure Application entity, the Secure Application entity is handled the message that receives according to corresponding security service, and the processing of message in two kinds of situation.
One submits to client layer by Secure Application entity message, client layer judges whether to respond according to the application entity EPA service identifiers that is called, for confirming service, then return the plus or minus response of client layer, if be non-confirmation service then need not to return any information;
--not by Secure Application entity message then according to the application entity EPA service identifiers that is called, judge whether to respond, for confirming service, then make the Negative Acknowledgment of not checking, if be non-confirmation service then need not to return any information by the Secure Application entity.
Claims (8)
1, EPA network security management system according to the hierarchical structure of EPA network, adopts the classification safeguard construction to make up the EPA network security management system, it is characterized in that this EPA network security management system comprises:
EPA network security applicant management section is positioned under the client layer of EPA agreement, on the application layer, is used for the user data of EPA is carried out delivering to the EPA application entity after the safe handling, guarantees the safety of EPA network application layer;
EPA message control and management part is used for the message at data link layer control EPA, comprises the filtration of EPA message, the control of non-EPA message;
IP message control and management part is used to control the non real-time application process data that enter the EPA network by the IT application agreement;
The EPA Security Management Information Base as the interface of EPA safety measure and each layer protocol of EPA, is deposited the required information of safety management system.
2, EPA network security management system according to claim 1, it is characterized in that, described classification safeguard construction is made up of process monitoring layer L2 and two network segments of scene equipment level L1, wherein, the L1 network segment be used between the various field apparatuss and field apparatus and the L2 network segment between be connected; The L2 network segment is used for the connection between control room instrument, device and the man-machine interface.
3, EPA network security management system according to claim 1 is characterized in that, described EPA network security applicant management section also specifically comprises with the lower part:
EPA equipment is differentiated part, utilizes the keyword of EPA equipment to differentiate EPA equipment, judges the legitimacy of this equipment by authentication scheme;
EPA message checking part utilizes check code that the user data that sends or receive is carried out verification, obtains check digit;
EPA message encryption part is carried out encrypt/decrypt by the key that obtains at random to transmit leg/recipient's message;
EPA access authorization part is carried out encrypt/decrypt by the key that obtains at random to transmit leg/recipient's property parameters; Property parameters that the comparison transmit leg is sent and the property parameters in the Access Control List (ACL), determining whether provides service and which type of service is provided EPA equipment.
4, EPA network security management system according to claim 1 is characterized in that, the information in the described EPA Security Management Information Base exists with the form of object, and the user can self-defined other safety measure.
5, EPA network security processing method is characterized in that, its step comprises: according to the hierarchical structure of EPA network, adopt the classification safeguard construction to make up the EPA network security management system; Set up Security Management Information Base; System produced a shared secret table at random before configuration; Obtain key or check code at random; Utilize check code that user data to be sent or that receive is carried out verification, obtain check digit; Message to transmit leg/recipient carries out encrypt/decrypt; Parameter attribute that the comparison transmit leg is sent and the relevant parameter attribute in recipient's Access Control List (ACL), determining whether provides service to transmit leg.
6, EPA network security processing method according to claim 5 is characterized in that, described classification safeguard construction is divided into process monitoring layer L2 and two network segments of scene equipment level L1.
7, EPA network security processing method according to claim 5 is characterized in that, described password table is transmission on the net not.
8, EPA network security processing method according to claim 5 is characterized in that, described key or check code utilize system time or timestamp to carry out the linear congruence algorithm and obtain at random.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100573396A CN100349448C (en) | 2005-10-21 | 2005-10-21 | EPA network safety management entity ad safety processing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2005100573396A CN100349448C (en) | 2005-10-21 | 2005-10-21 | EPA network safety management entity ad safety processing method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1750534A true CN1750534A (en) | 2006-03-22 |
| CN100349448C CN100349448C (en) | 2007-11-14 |
Family
ID=36605795
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2005100573396A Expired - Fee Related CN100349448C (en) | 2005-10-21 | 2005-10-21 | EPA network safety management entity ad safety processing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100349448C (en) |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101159718B (en) * | 2007-08-03 | 2010-06-16 | 重庆邮电大学 | Embedded type industry ethernet safety gateway |
| CN101094056B (en) * | 2007-05-30 | 2011-05-11 | 重庆邮电大学 | Security system of wireless industrial control network, and method for implementing security policy |
| CN102106114A (en) * | 2008-05-28 | 2011-06-22 | 兹斯卡勒公司 | Distributed security provisioning |
| CN102377740A (en) * | 2010-08-12 | 2012-03-14 | 西门子公司 | Industrial access control method and device |
| CN101582895B (en) * | 2009-06-18 | 2012-07-04 | 重庆邮电大学 | EPA-based embedded industrial wireless WIA-PA gateway |
| CN101572702B (en) * | 2009-05-27 | 2012-07-25 | 大连理工计算机控制工程有限公司 | Method for scheduling high-speed bus master and slave network communication |
| CN111741034A (en) * | 2020-08-27 | 2020-10-02 | 北京安帝科技有限公司 | Data transmission method, first terminal and second terminal |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US6119236A (en) * | 1996-10-07 | 2000-09-12 | Shipley; Peter M. | Intelligent network security device and method |
| WO2002015463A1 (en) * | 2000-08-15 | 2002-02-21 | Polycom Israel Ltd. | A multimedia communication control unit as a secure device for multimedia communication between lan users and other network users |
| JP4582682B2 (en) * | 2002-07-08 | 2010-11-17 | 株式会社日立製作所 | Security wall system |
| CN2618377Y (en) * | 2003-05-09 | 2004-05-26 | 上海浦东国际集装箱码头有限公司 | Port e-business information network devices |
| CN100337170C (en) * | 2003-06-02 | 2007-09-12 | 浙江中控技术股份有限公司 | Network separated industrial controller on spot and realizing method thereof |
-
2005
- 2005-10-21 CN CNB2005100573396A patent/CN100349448C/en not_active Expired - Fee Related
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101094056B (en) * | 2007-05-30 | 2011-05-11 | 重庆邮电大学 | Security system of wireless industrial control network, and method for implementing security policy |
| CN101159718B (en) * | 2007-08-03 | 2010-06-16 | 重庆邮电大学 | Embedded type industry ethernet safety gateway |
| CN102106114A (en) * | 2008-05-28 | 2011-06-22 | 兹斯卡勒公司 | Distributed security provisioning |
| CN102106114B (en) * | 2008-05-28 | 2014-10-22 | 兹斯卡勒公司 | Distributed security provisioning method and its system |
| CN101572702B (en) * | 2009-05-27 | 2012-07-25 | 大连理工计算机控制工程有限公司 | Method for scheduling high-speed bus master and slave network communication |
| CN101582895B (en) * | 2009-06-18 | 2012-07-04 | 重庆邮电大学 | EPA-based embedded industrial wireless WIA-PA gateway |
| CN102377740A (en) * | 2010-08-12 | 2012-03-14 | 西门子公司 | Industrial access control method and device |
| CN111741034A (en) * | 2020-08-27 | 2020-10-02 | 北京安帝科技有限公司 | Data transmission method, first terminal and second terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100349448C (en) | 2007-11-14 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110996318B (en) | Safety communication access system of intelligent inspection robot of transformer substation | |
| Hameed et al. | Security issues in IoT: A survey | |
| CN1949765B (en) | Method and system for obtaining SSH host computer public key of device being managed | |
| CN101094056B (en) | Security system of wireless industrial control network, and method for implementing security policy | |
| CN200962604Y (en) | Vertical encryption authentication gateway device special for power | |
| US10257161B2 (en) | Using neighbor discovery to create trust information for other applications | |
| CN101159718B (en) | Embedded type industry ethernet safety gateway | |
| US8082574B2 (en) | Enforcing security groups in network of data processors | |
| CN1750534A (en) | EPA network safety management entity ad safety processing method | |
| CN105930642A (en) | Cyber-physical system hierarchical structure model | |
| CN108712364B (en) | Security defense system and method for SDN (software defined network) | |
| CN111447067A (en) | Encryption authentication method for power sensing equipment | |
| CN115549932B (en) | Security access system and access method for massive heterogeneous Internet of things terminals | |
| CN103441983A (en) | Information protection method and device based on link layer discovery protocol | |
| CN111447283A (en) | Method for realizing information security of power distribution station room system | |
| CN111770092A (en) | Numerical control system network security architecture and secure communication method and system | |
| CN111988328A (en) | Safety guarantee method and system for acquiring terminal data of power generation unit of new energy plant station | |
| CN101282208B (en) | Method for updating safety connection association master key as well as server and network system | |
| CN102546184A (en) | Method and system for message secure transmission or key distribution in sensor network | |
| CN103227742B (en) | A kind of method of ipsec tunnel fast processing message | |
| US20080072033A1 (en) | Re-encrypting policy enforcement point | |
| Benomar et al. | A Fog-based Architecture for Latency-sensitive Monitoring Applications in Industrial Internet of Things | |
| CN1728637A (en) | Method for identifying physical uniqueness of networked terminal, and access authentication system for terminals | |
| KR102219018B1 (en) | Blockchain based data transmission method in internet of things | |
| Benkahla et al. | Security analysis in enhanced LoRaWAN duty cycle |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20071114 Termination date: 20131021 |