EAST远程等离子体控制门户系统的安全管理

EAST装置是世界上第一个非圆截面全超导托卡马克核聚变实验装置，已经发展成为国际上重要的合作实验平台.为扩大和方便合作单位参与实验，提出开发EAST远程等离子体控制系统，系统采用Web开发模式，其功能是为远程客户提供获取实验数据、即时控制服务和放电方案设置服务.其门户系统设计主要负责身份验证与授权、请求格式检查和技术数据检查等安全性功能.身份验证与授权阶段采用三阶段验证，主要采用VPN，数字证书和随机验证码等网络安全技术.请求格式检查和技术数据检查采用模块化技术，针对不同放电方案单独编写模块，保证系统的可扩展性.

Security Management of EAST Remote Plasma Control Portal System

EAST device is the world''s first non-circular cross-section superconducting Tokamak nuclear fusion experimental device, and has developed into an important international cooperation experimental platform. In order to expand and facilitate the cooperation unit to participate in the experiment, the development of EAST remote plasma control system is proposed, the system uses Web development model, functioning to provide remote customers with access to experimental data, real-time control services, and discharge program settings services. The portal system design is mainly responsible for authentication and authorization, request format inspection and technical data check, and other security features. Authentication and authorization phase use three-stage verification, the main technology includes VPN, digital certificates, random verification code, and other network security technology. Request format check and technical data check use modular technology, for different discharge program, a separate module is written to ensure system scalability.