Research On Access Control Technology For Information Exchange Between Industrial Control Network And Service Network

With a rapid development of industrial 4.0,industrial control system is more significantly dependent on network,the information interaction between industrial control network and service network is increasing frequency,so security problem is increasingly serious.Access control technology provides very effective protection measures for information security,confidentiality and integrity,and availability of strong protection measures.So,in this paper,we do research on access control technology of the information interaction between industrial control network and service network,focusing on the research of access control model.In this paper,a deterministic network node model is established.Through node natural information,node configuration information and operation information in the application layer,middleware layer and hardware layer of the deterministic model,deterministic network node model is established.Static configuration information and dynamic operation information of nodes in the deterministic network reflect information interaction between industrial control network and service network.In this paper,role and node based access control model is established.RNBAC model is based on RBAC model,introducing the concept of the node,to improve the static authorization problem of RBAC model.Give a formalized definition of the elements,relationships among elements,related functions and authority distribution of RNBAC model.RNBAC model's trust computation model is set up,because the static configuration information property and dynamic operation information property of the node are changing,so the node trust value and user trust value are also changing.According to the static configuration information and dynamic running information of node,calculate the node trust value.According to node trust value,calculate the user trust value and role to access threshold.Comparing role access threshold and user trust value,to determine the user whether can begin to access behavior,whether can continue to access behavior.This paper also designs an example,gives a series of nodes in a deterministic network and its related information,to calculate the node trust value,user trust value and role access threshold.To verify before and in the visit,according to the comparison results of user trust value and role access threshold,can manage the access authority of users dynamically.