摘要
为了解决配网自动化系统现场终端集中管理和Web通信安全两大问题,针对配网终端Web服务器和Web浏览器的安全技术作深入研究,设计出一种受传输层安全和国密安全保护的配电自动化终端Web安全通信架构。结合安全通信架构,创新地设计出具有主动防护能力的嵌入式组件,并适配到配网终端Web通信中。基于RFC5246和国密算法,通过安全性分析、试验对比、工程批量化应用,证实其配网终端Web加密和认证模型具备主动防护能力,使得该配网终端Web安全架构具有较强的安全性。该研究成果可避免国际密码算法不安全和未知后门问题的发生,突出了国密算法的安全性和高效性,为配网终端Web、自动化仪表安全接入提供参考。
To solve the two major problems of centralized management of field terminals of distribution automation systems and Web communication security,in-depth research on the security technology of Web servers and Web browsers of distribution terminals is conducted,and a secure Web communication architecture of distribution automation terminals protected by transport layer security and national secret security is designed.In conjunction with the secure communication architecture,an innovative embedded component with active protection capability is designed and adapted to the Web communication of distribution terminals.Based on RFC5246 and the national security algorithm,the security analysis,test comparison and engineering batch application confirm that its distribution terminal Web encryption and authentication model has active protection capability,making the distribution terminal Web security architecture highly secure.The research results can avoid the problem of insecurity and unknown backdoor of international cryptographic algorithm and highlight the security and efficiency of the national cryptographic algorithm,which provides reference for the security access of distribution terminal Web and automation instrument.
作者
李露
魏学明
李峰
LI Lu;WEI Xueming;LI Feng(CYG SUNRI Co.,Ltd.,Shenzhen 518057,China;TCL Huaxing Photoelectric Technology Co.,Ltd.,Shenzhen 518131,China;Shenzhen Fengyong Technology Co.,Ltd.,Shenzhen 518115,China)
出处
《自动化仪表》
CAS
2022年第12期86-91,共6页
Process Automation Instrumentation
基金
国家重点研发计划基金资助项目(2018YFB0904903)。
关键词
配网终端
国密算法
传输层安全
加密认证
WEB安全
信息安全
仪表安全
Distribution network terminal
National security algorithm
Transport layer security
Cryptographic authentication
Web security
Information security
Instrumentation security
