| Remote Monitoring and Control Systems (RMCS) based on Internet completes the monitoring and control tasks based on network, by which the monitoring and control range can be greatly extended, and moreover the control technology will be more networkized, more distributed and more open. However, along with the popularization of the RMCS based on Internet, security has become very important because it may meet danger of the inside and outside network attack, which may cause the failure of the fieldbus devices, even big accidents. Therefore, it is important to study the security of the RMCS based on Internet. Normally, a complete security system includes entity security, network security, application security and management security. This paper focus on the network security of the RMCS.The security scheme of the RMCS based distributed firewalls is using the network firewalls to protect the inside network from the outside network attack, using the host firewalls to protect the RMCS from the inside network attack, using strategy center to makes the rules for the firewalls and collects the logs from the firewalls. This schema can protect the RMCS from the inside and outside network attack. The strategy center is the key component in the schema, if it has been attacked to fail to work, then the whole security scheme will fail.To solve the problem described above, this paper develops a distributed strategy center model based Lightweight Directory Access Protocol(LDAP). In this model, the firewalls are divided into the different groups by the demand difference of the security level or difference of the protecting applications. One or more sub centers are responsible for a security group. The logs collecting, storing and analysis work is responsible by a special sub center. Every center is composed by a LDAP server and a strategy center management platform. The LDAP server is not only responsible for storing kinds of information, but also responsible for authorization and authentication. The strategy center management platform not only provides the manager to makes rules, and manages kinds of information by a graphical interface,but also security the communication with the clients. Those separate sub centers become a distributed system by using the LDAP distributed technology. Because the LDAP is a standard protocol, so every center has the platform independence, therefore every center can install on different platforms. In the distributed strategy center system, even if one or more sub centers failed, the whole distributed firewall system will not fail, therefore the distributed strategy center system enhanced the security of the RMCS.In the end, this paper presented an example of the distributed strategy center system which includes two sub centers by using some free tools and software. |
PDF Full Text Request