| 基于可信计算的配电自动化终端安全防护方法研究 |
| |
| 引用本文: | 常方圆,李二霞,王金丽,孟晓丽,张浩男. 基于可信计算的配电自动化终端安全防护方法研究[J]. 电力信息与通信技术, 2020, 0(2): 37-42 |
| |
| 作者姓名: | 常方圆 李二霞 王金丽 孟晓丽 张浩男 |
| |
| 作者单位: | 中国电力科学研究院有限公司;中国农业大学 |
| |
| 基金项目: | 国家电网有限公司科技项目资助“配电自动化系统业务安全可信分析与防御关键技术研究”(PDB17201800158) |
| |
| 摘 要: | 点多面广、户外运行的配电终端因安全防护措施薄弱,存在被恶意入侵以及业务交互数据被非法截获、篡改的风险。文章提出一种融合可信计算和数字证书技术的配电终端安全防护方法,通过内嵌一颗可信芯片,实现终端的安全启动以及终端接入过程中与主站的双向身份鉴别和数据机密性、完整性保护,有效防止配电终端硬件软件被非法篡改、病毒/恶意代码植入以及以配电终端为跳板导致的配电自动化系统被恶意渗透和破坏,提高配电终端的主动防御能力。
|
| 关 键 词: | 可信计算 配电自动化终端 身份认证 安全防护 |
Research on Security Protection Method of Distribution Automation Terminal Based on Trusted Computing |
| |
| CHANG Fangyuan,LI Erxia,WANG Jinli,MENG Xiaoli,ZHANG Haonan. Research on Security Protection Method of Distribution Automation Terminal Based on Trusted Computing[J]. Electric Power Information and Communication Technology, 2020, 0(2): 37-42 |
| |
| Authors: | CHANG Fangyuan LI Erxia WANG Jinli MENG Xiaoli ZHANG Haonan |
| |
| Affiliation: | (China Electric Power Research Institute Co.,Ltd.,Beijing 100192,China;China Agricultural University,Beijing 100083,China) |
| |
| Abstract: | Because of the weak security protection measures,the distribution terminals working in a wide range of places and outdoors are at risk of malicious intrusion and illegal interception and tampering of business interaction data.This paper proposes a power distribution terminal security protection method with trusted computing and digital certificate technology.By embedding a trusted chip,it can effectively prevent illegal tampering of hardware and software of distribution terminals,virus/malicious code implantation,as well as malicious infiltration and destruction of distribution automation system caused by the use of distribution terminals as springboards and improve the active defense capability of the distribution terminals. |
| |
| Keywords: | trusted computing distribution automation terminal identity authentication security protection |
| 本文献已被 维普 等数据库收录! |
|
