摘要
随着电力系统数据网络的迅速发展,基于网际协议(IP)的以明文方式传输实时数据的安全问题引起了重视。文中分析了网络环境下电力系统实时数据通信的网络安全和信息安全,结合电力系统实时数据通信的加密需求,阐述了实时数据加密密钥管理和加密的过程。根据电力系统的实际情况,选择了实时数据一时一密的加密方案,并推荐了电力系统所使用的加密算法和密钥长度。对实时数据传输控制协议(TCP)传输,在应用层和TCP层之间引入了加密套接字协议层(SSL)实现加密;对电力系统大多数的用户数据报协议(UDP)实时数据传输,通过返回确认和超时技术保证传输的可靠性,采用密钥分发机制和密钥启动机制保证了传输的保密性和准确性。最后对加密的可行性进行了讨论。
With the rapid development of SPDnet, the information security problem of the real-time data which, transmitted in plain text mode based on IP, is given great attention. First the real-time data communication network security and information security of power systems are analyzed. Then, by taking into account the demand for encryption of real-time data communication, the management of the key and the process of real-time data encryption are elaborated. According to the actual situation of power systems, we choose a scheme of one-key-at-a-time and recommend practicable encryption algorithm and the length of key used in power systems. By using the SSL layer embedded between the application layer and TCP layer, the TCP mode of real-time data transmission is accomplished. For the most frequently used UDP mode in power systems, we introduce the technique of ACK and time-out for the reliability and the mechanism of key distribution and start-up for the confidentiality and accuracv of transmission. Finally, the feasibility of real-time data encryption is discussed.
出处
《电力系统自动化》
EI
CSCD
北大核心
2004年第14期76-81,共6页
Automation of Electric Power Systems
关键词
电力系统
计算机网络安全
实时系统
加密
数据安全
power systems
computer network security
real-time systems
encryption
data security