| All kinds of attacking both inside and outside of power information network system should be prevented along with its widely used. The information secure problem of power information system is even remarkable and it already turns into one important problem which can influence normal running of producing and operating in power system. The network security of power system owns the characteristic of general computer information security and also high security request is even more need to be considered for it is the infrastructure of national economy. Key techniques of information security in power information system are studied in-depth and exploring works are given in this paper, principal results are as follows:1. The architecture of security of power information network is designed aiming at the characteristics of power information network system and increasingly serious problems of information security, and also concrete safety techniques are given in this architecture to ensure the security of network information.2. One key technique, the access control technique, which can influence the normal running of power market operating system is studied: considering the distributing characteristic of the power market members and the operating timeliness of power market, a temporarily-spatially constrained RBAC model is proposed and designed, and the access control algorithm is designed. The request of secure access control of power market can be satisfied with the simulation. A role-and-credibility-based dynamic access control model with role hierarchy relationship is proposed and designed according to the information secrecy of power market, diversity of the user role and polytropy of access authority. The validity of the model is validated by application case.3. The questions to be solved of access control which can influence the remote control of substation and management security of workflow are studied: an attribute based access control model for multi-domains is proposed and designed according to the complex multi-domain environment of power information system. It can adapt well to the heterogeneous environment, satisfy the self-management to their resources and ensure the secure access of system resources for users of interior and outer regions. A distributed RBAC model and algorithm which consisted with international standard ITU-T X.509 and IEC61850 are proposed and designed according to the system structure of substation automation stipulated in IEC61850. The security, feasibility and efficiency of the access control of substation can be improved. An access control model based on organization and task is proposed and the access control algorithm is designed according to characteristic of workflow for power system. The security of workflow for power system can be advanced and its application can be convenient.4. The question to be solved of secure transmission in power information system is studied: a communications method based on message middleware is proposed according to the safety of data transmission requirement between business center and market members in power market operating system, and also the secure data transmission algorithm is designed, data's security can be ensured in transferring process. A mechanism of communication security based on SSL and IEC61850 is proposed and designed according to the safety requirement of communication data in substation, the security of communication data in substation can be improved in the mechanism.5. A single sign-on model based on PKI/PMI in power industry is proposed according to the high safety requirement integrated in power enterprise information system, and corresponding algorithm is given. The integration operating and implementing of secure single sign-on can be satisfied in the model.
|
PDF Full Text Request