With the widely application of the computer network communication technology in the power secondary system, network security problems become more and more striking. Security areaⅠand II of power secondary system are different from the traditional computer network connected to the Internet, and there isn't inside or outside network, but high or low requirement to network security. This article designs safety strategy suitable for security areaⅠand II of power secondary system based on power secondary system safety protection; designs security gateway based on active defense and passive defense, which combines firewall, encryption, intrusion detection and honey net together; designs encryption& decryption module, whose encryption algorithm is based on Logistic map and Tent map, combining m sequence disturbance and cryptograph feedback; designs packet filter rules matching algorithm and the index table of packet filter rules generation algorithm. The designed security gateway and encryption & decryption module reach requirement of designing by experiment verification, and meet real-time requirement. |