CN210578645U - Encryption communication device and terminal - Google Patents
Encryption communication device and terminal Download PDFInfo
- Publication number
- CN210578645U CN210578645U CN201921297724.1U CN201921297724U CN210578645U CN 210578645 U CN210578645 U CN 210578645U CN 201921297724 U CN201921297724 U CN 201921297724U CN 210578645 U CN210578645 U CN 210578645U
- Authority
- CN
- China
- Prior art keywords
- module
- encryption
- terminal
- communication device
- interface
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000004891 communication Methods 0.000 title claims abstract description 115
- 238000012545 processing Methods 0.000 claims abstract description 14
- 230000005540 biological transmission Effects 0.000 claims abstract description 11
- 238000006243 chemical reaction Methods 0.000 claims abstract description 11
- 230000003993 interaction Effects 0.000 claims description 12
- 238000005516 engineering process Methods 0.000 description 10
- 238000007726 management method Methods 0.000 description 6
- 238000012544 monitoring process Methods 0.000 description 5
- 238000000034 method Methods 0.000 description 3
- 238000013519 translation Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 210000004556 brain Anatomy 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 239000008358 core component Substances 0.000 description 1
- 238000013496 data integrity verification Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
- Small-Scale Networks (AREA)
Abstract
The utility model discloses an encryption communication device and a terminal, wherein the encryption communication device comprises an encryption module which is used for encrypting and/or decrypting data to be transmitted; the communication module is used for accessing the encrypted communication device to a wireless public network so as to realize remote high-speed transmission of the data to be transmitted; the central processing unit module is respectively connected with the communication module and the encryption module and is used for receiving an operation instruction sent by the terminal and controlling the communication module and the encryption module according to the operation instruction; and the power supply conversion module is connected with the terminal and used for converting the voltage grade provided by the automatic terminal into the voltage grade required by the communication module, the encryption module and the central processing module. The utility model provides an encrypt communication device and terminal treats transmission data at the IP layer and encrypts, realizes the safe tunnel transmission of data, provides network safety protection function for the terminal.
Description
Technical Field
The utility model relates to the field of communication technology, especially indicate an encrypt communication device and terminal.
Background
Along with the annual increase of the metering automation terminals in the power system, the running stability of the power system is improved, and the power supply quality is guaranteed. The metering automation terminal adopts a remote communication module to upload data to an automation master station, receives a master station command, executes related management operation, and performs services such as load control, metering charging and the like. The existing remote communication device only carries out encryption verification and processing on key services, and does not carry out encryption processing on general services and non-important data, so that certain potential safety hazards exist in remote communication to some extent.
SUMMERY OF THE UTILITY MODEL
In view of this, the present invention provides an encryption communication device and a terminal, which improve the security of information interaction.
Based on the above object, the first aspect of the present invention provides an encryption communication apparatus for a terminal, including:
the encryption module is used for encrypting and/or decrypting data to be transmitted;
the communication module is used for accessing the encrypted communication device to a wireless public network so as to realize remote high-speed transmission of the data to be transmitted;
the central processing unit module is respectively connected with the communication module and the encryption module and is used for receiving an operation instruction sent by the terminal and controlling the communication module and the encryption module according to the operation instruction;
and the power supply conversion module is connected with the terminal and used for converting the voltage grade provided by the automatic terminal into the voltage grade required by the communication module, the encryption module and the central processing module.
Optionally, the encryption communication device further includes an interface module, and the encryption communication device is connected to the automation terminal through the interface module, and is configured to implement information interaction between the terminal and the intranet master station.
Optionally, the interface module is provided with an RS232 interface, and the terminal is connected to the encryption communication device through the RS232 interface.
Optionally, the encryption includes symmetric encryption and asymmetric encryption.
Optionally, the encryption module is further configured to perform identity authentication, where the identity authentication includes generating and/or verifying a digital signature.
Optionally, the central processor module is configured as a virtual private network compliant with internet security protocol.
Optionally, an antenna interface is disposed on the communication module, and the encryption communication device is connected to a base station of a communication service operator through the antenna interface.
Optionally, a power supply interface is arranged on the power conversion module and used for connecting the power conversion module and the automation terminal.
A second aspect of the present invention provides a terminal, which includes the encryption communication apparatus as described above.
From the above, can see, the utility model provides an encryption communication device and terminal through set up encryption communication device in the terminal, can encrypt the processing at the IP layer to adopt IPSec (Internet protocol security, Internet safety protocol) VPN (Virtual Private Network ) technique, establish safe tunnel, erect Virtual Private Network, provide the guarantee for the information interaction of the safety of terminal and main website.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, it is obvious that the drawings in the following description are only some embodiments of the present invention, and for those skilled in the art, other drawings can be obtained according to these drawings without creative efforts.
Fig. 1 is a schematic structural diagram of an encryption communication apparatus according to an embodiment of the present invention;
fig. 2 is a schematic view of an application scenario of the encryption communication apparatus provided in the embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention will be described in detail with reference to the accompanying drawings.
The utility model provides an encrypt an embodiment of communication device can realize the encryption of data package at the IP aspect, provides network safety protection engineering, security, reliability, the legitimacy of guarantee data for the terminal that inserts encryption communication device. Referring to fig. 1, the encryption communication apparatus, applied to a terminal, includes:
the encryption module is used for encrypting and/or decrypting data to be transmitted; optionally, the encryption includes symmetric encryption and asymmetric encryption.
And the communication module is used for accessing the encrypted communication device into a wireless public network so as to realize remote high-speed transmission of the data to be transmitted.
And the central processing unit module is respectively connected with the communication module and the encryption module and is used for receiving the operation instruction sent by the terminal and controlling the communication module and the encryption module according to the operation instruction.
And the power supply conversion module is connected with the terminal and used for converting the voltage grade provided by the automatic terminal into the voltage grade required by the communication module, the encryption module and the central processing module.
According to the above embodiment, the utility model provides an encrypt communication device through set up encryption communication device in the terminal, and set up the encryption module that has encryption function on the device, carries out the encryption of IP aspect to the data packet based on IPSec VPN technique, realizes the safe tunnel transmission of network data packet, provides network safety protection function for the terminal that inserts encryption communication device.
It should be noted that the terminal provided in this embodiment may be a metering automation terminal, and may also be other types of metering terminals or power distribution monitoring terminals; meanwhile, when the available voltage and the communication interface of the terminal are consistent with the encryption communication device, the device can also be applied to all terminals to realize the function of encrypting data packets. The encryption communication device encrypts the network data packet, does not limit application layer service data, does not cause change of the service data, is suitable for encryption of all services transmitted through a network, and has good universality.
In some optional embodiments, referring to fig. 1, the encryption communication device further includes an interface module, and the encryption communication device is connected to the automation terminal through the interface module, and is configured to implement information interaction between the automation terminal and an intranet master station. It should be noted that, the interface module not only can implement a local function, i.e., transceiving or converting data, but also can implement a remote communication function, i.e., implement remote communication between the metering automation terminal and the monitoring master station. Therefore, the information interaction process not only includes the transceiving or conversion of local data, but also includes the remote communication between the terminal and the master station or between the terminal and the terminal.
Optionally, an RS232 interface is arranged on the interface module, the automation terminal is connected to the encryption communication device through the RS232 interface, and the RS232 interface can realize data and information interaction between the master station and the metering automation terminal, and realize related service operations such as remote control and metering charging. It should be noted that, besides the implementation mode that the RS232 interface is arranged on the interface module to realize the remote connection between the device and the terminal, the encryption communication device can be adapted to different terminals by adjusting the interface type; in addition, the RS232 interface can be eliminated, and the encryption communication device can be directly connected with the metering automation terminal. It can be known that the existence of the RS232 interface depends on the type of the interface supported by the metering automation terminal, and if the encryption communication device can be directly connected to the metering automation terminal through a Central Processing Unit (CPU) port, the RS232 interface can be eliminated.
Optionally, the RS232 interface is used to implement a communication function of connecting the metering automation terminal with the encryption communication device, the encryption communication device is connected with the metering automation terminal through the RS232 interface, and receives a service packet sent by the metering automation terminal, and the service packet is encrypted by the encryption module and then sent to the encryption gateway through the wireless public network; meanwhile, after the data packet sent by the encryption gateway is decrypted and verified by the encryption module, the decrypted plaintext is sent to the metering automation terminal, so that the interaction of the metering automation terminal and the data of the main station is realized.
In some optional embodiments, the encryption module is further configured to perform identity authentication, where the identity authentication includes generating and/or verifying a digital signature. It should be noted that generating and/or verifying a digital signature can be used to authenticate whether the data has been modified illegally. The encryption module provides commercial cryptographic algorithms such as SM1, SM2, SM3 and SM4 which meet the cryptographic industry standard of the people's republic of China, is used for carrying out symmetric encryption, asymmetric encryption, generation and verification of digital signatures and the like, is a key module of an encryption communication device, and is a basis for providing power service safety guarantee.
In some optional embodiments, the communication module employs a fourth generation mobile communication technology (4G) for implementing a remote high-speed network communication function. Optionally, the encryption communication device is accessed to a wireless public network through a 4G communication module, and performs secure tunnel transmission on data to be transmitted by using an IPSec VPN technology, and after passing through an encryption gateway, the encryption communication device is safely accessed to an intranet data acquisition server platform, and after being processed by a server, the data is presented to an intranet master station monitoring system, so that remote communication and information interaction with a master station are realized. It should be noted that, besides the 4G technology, the communication module may also adopt a 5G technology according to actual needs, so as to implement a higher-speed network communication function. It should be noted that the communication module may be integrally assembled with other modules, and may also be external, that is, not integrally assembled with other modules.
Optionally, an antenna interface is disposed on the communication module, and the encryption communication device is connected to a base station of a communication service operator through the antenna interface and acquires a high-speed network signal, so that the metering automation terminal is quickly and safely connected to the IPSec VPN encryption gateway through a network, and then safely accesses the master station system of the intranet through the IPSec VPN encryption gateway, and finally performs remote communication with the master station platform to implement interaction between service data and information. It should be noted that the antenna interface may be changed to a 4G antenna interface or a 5G antenna interface according to whether the communication module adopts a 4G or 5G antenna interface. In addition, because the antenna interface is an external interface, the stability of the encryption communication device can be influenced to a certain extent, so that the external antenna interface can be cancelled, and an internal antenna is changed, and the stability of the structure of the encryption communication device is improved.
In some optional embodiments, the central processor module is configured to comply with an internet security protocol (IPSec) Virtual Private Network (VPN) for performing task scheduling, resource management, communication management functions; the central processing unit module is also used for realizing the coordination control management function of each module, is a brain core component of the encryption communication device, and is a key point for realizing the function application of the encryption communication device. It should be noted that, the task scheduling adopts different scheduling strategies for different situations; the resource management refers to performing arithmetic operation and logic operation on data or performing other information processing; the communication management includes: the system comprises a multi-network function, a multi-protocol function and the like, wherein the multi-network function can configure different communication interface cards according to the actual use network condition to form various network structures required by a user; the multi-protocol function can realize various international and domestic promulgated communication protocols and internal communication protocols provided by other equipment manufacturers. In addition, the IPSec protocol can provide data integrity verification to identify whether data is illegally modified; and authenticating the data source to ensure the reliability of the data source. By the VPN technology, a virtual private Network can be constructed, and a secure tunnel is provided to implement NAT (Network address translation), which is a technology for implementing translation of an internal private Network address to an internet Network address.
In some optional embodiments, a power supply interface is arranged on the power conversion module and is used for connecting the power conversion module and the automation terminal, converting 5V voltage provided by the automation terminal into 3.8V required by the communication module and 3.3V required by the central processing unit module, the encryption module and the interface module, and providing power guarantee for normal operation of each module. The RS232 interface has a high voltage level (5V), so that the current loss can be reduced, and the anti-interference capability and the practicability are high.
After the encryption communication device supporting the IPSec VPN technology is applied to an actual scene, a safety tunnel can be constructed in a wireless public network environment, a virtual private network is erected, the safety tunnel is provided for network communication of a metering automation terminal, the encryption communication device has a firewall function, data can quickly and safely reach a main station through the tunnel, and guarantee is provided for safe interaction of the terminal and the main station. Optionally, referring to fig. 2, the encryption communication device accesses a wireless public network through a communication module, performs secure tunnel transmission by using the IPSec VPN technology, and after passing through an encryption gateway, the encryption communication device securely accesses an intranet data acquisition server platform, and after being processed by a server, data is presented to an intranet master station monitoring system, so as to implement remote communication with a master station and interaction of service information. It should be noted that the encryption communication device itself is a micro encryption gateway, and has a hardware firewall function; the access of the encryption communication device enables the metering automation terminal which does not have the firewall function to have the firewall function, and improves the safety, reliability and legality of data transmission. A data packet sent by a terminal enters a wireless public network after being encrypted by an encryption communication device, then enters an encryption gateway and is transmitted to an intranet environment, so that the safety of information transmitted into the intranet is ensured; meanwhile, the encrypted data packet sent by the monitoring master station is decrypted and transmitted back to the terminal.
The utility model also provides an embodiment of terminal, including as aforesaid the arbitrary embodiment of encryption communication device. By accessing the encryption communication device in the terminal, the IP layer encryption of the data packet based on the IPSec VPN technology can be realized, the safe tunnel transmission of the network data packet is realized, and the network safety protection performance of the terminal is improved.
Those of ordinary skill in the art will understand that: the discussion of any embodiment above is meant to be exemplary only, and is not intended to intimate that the scope of the disclosure, including the claims, is limited to these examples; within the idea of the invention, also combinations between technical features in the above embodiments or in different embodiments are possible, and there are many other variations of the different aspects of the invention as described above, which are not provided in detail for the sake of brevity. Therefore, any omission, modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included within the protection scope of the present invention.
Claims (9)
1. An encryption communication apparatus, applied to a terminal, comprising:
the encryption module is used for encrypting and/or decrypting data to be transmitted;
the communication module is used for accessing the encrypted communication device to a wireless public network so as to realize remote high-speed transmission of the data to be transmitted;
the central processing unit module is respectively connected with the communication module and the encryption module and is used for receiving an operation instruction sent by the terminal and controlling the communication module and the encryption module according to the operation instruction;
and the power supply conversion module is connected with the terminal and is used for converting the voltage grade provided by the automatic terminal into the voltage grade required by the communication module, the encryption module and the central processing module.
2. The encrypted communication device according to claim 1, further comprising an interface module, wherein the encrypted communication device is connected to the automation terminal through the interface module, and is configured to implement information interaction between the terminal and an intranet master station.
3. The encrypted communication device according to claim 2, wherein the interface module is provided with an RS232 interface, and the terminal and the encrypted communication device are connected through the RS232 interface.
4. The encrypted communications device of claim 1, wherein the encryption comprises symmetric encryption and asymmetric encryption.
5. The cryptographic communication apparatus of claim 1, wherein the cryptographic module is further configured to perform identity authentication, the identity authentication comprising generating and/or verifying a digital signature.
6. The cryptographic communication device of claim 1, wherein the central processor module is configured as a virtual private network compliant with an internet security protocol.
7. The encryption communication device according to claim 1, wherein an antenna interface is provided on the communication module, and the encryption communication device is connected with a base station of a communication service operator through the antenna interface.
8. The encryption communication device according to claim 1, wherein a power supply interface is disposed on the power conversion module for connecting the power conversion module and an automation terminal.
9. A terminal, characterized in that it comprises an encrypted communication device according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201921297724.1U CN210578645U (en) | 2019-08-12 | 2019-08-12 | Encryption communication device and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201921297724.1U CN210578645U (en) | 2019-08-12 | 2019-08-12 | Encryption communication device and terminal |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN210578645U true CN210578645U (en) | 2020-05-19 |
Family
ID=70638211
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201921297724.1U Active CN210578645U (en) | 2019-08-12 | 2019-08-12 | Encryption communication device and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN210578645U (en) |
-
2019
- 2019-08-12 CN CN201921297724.1U patent/CN210578645U/en active Active
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11736304B2 (en) | Secure authentication of remote equipment | |
| CN110267270B (en) | Identity authentication method for sensor terminal access edge gateway in transformer substation | |
| KR101575862B1 (en) | Security association system between heterogeneous power devices | |
| CN110636052B (en) | Power consumption data transmission system | |
| CN115085943B (en) | Edge computing method and platform for safe encryption of electric power Internet of things in north and south directions | |
| CN113127914A (en) | Electric power Internet of things data security protection method | |
| EP2706717A1 (en) | Method and devices for registering a client to a server | |
| CN112422560A (en) | Lightweight substation secure communication method and system based on secure socket layer | |
| WO2019237576A1 (en) | Method and apparatus for verifying communication performance of virtual machine | |
| CN114422256B (en) | High-performance security access method and device based on SSAL/SSL protocol | |
| CN108966217B (en) | Secret communication method, mobile terminal and secret gateway | |
| CN104038931A (en) | LTE (Long Term Evolution) network based power distribution and utilization communication system and communication method thereof | |
| CN111064752B (en) | Preset secret key sharing system and method based on public network | |
| WO2016000473A1 (en) | Business access method, system and device | |
| CN210578645U (en) | Encryption communication device and terminal | |
| CN114301967B (en) | Control method, device and equipment for narrowband Internet of things | |
| CN105530687B (en) | A kind of wireless network access controlling method and access device | |
| CN113051548A (en) | Industrial safety control system of light-weight undisturbed formula | |
| Eissa et al. | Wi-Fi protected access for secure power network protection scheme | |
| Hua et al. | Design and implementation of integrated access VPN gateway | |
| Yan et al. | Study of WAPI technology and security | |
| US20240171555A1 (en) | Access control method, client proxy apparatus, gateway device, and related system | |
| Han et al. | Lightweight Encryption Authentication Technology for Interconnection of Edge Devices in PDIoT | |
| CN104994096A (en) | Configuration method of security reinforcing mechanism module dynamically loaded on intelligent substation communication manager | |
| CN105450418A (en) | IKE authentication method, IKE initiating terminal, IKE response terminal and IKE authentication system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |