摘要
针对现有配电网数据安全防护方案中配电主站和PKI系统数字证书管理负担过重的问题,根据配电网结构和通信方式特征设计了基于PKC和IBC的配电网数据加密认证方案。该方案的特征是将主站的部分配电功能分配到了子站,且子站所辖范围的终端不需要数字证书的管理,从而减轻了主站配电和PKI证书管理负担。然后对该方案的安全性和通信效率进行了分析,结果表明,该方案满足了配电网的安全性需求,当采用国密标准算法时,其单次通信的数据量不超过1K字节,满足配电网通信带宽需求。
In view of the problem that current data security schemes for distribution grid bring too much burden to distribution master station and PKI digital certificate management, according to the characteristics of distribution grid structure and communication mode, this article presents a data encryption and authentication scheme based on PKC and IBC. The scheme splits the distribution function from master station to substations, and terminals man-aged by sub-stations do not require the management of digital certificates, thus reducing the burden of master station and PKI certificate management. Then the security and availability of the scheme are analyzed. The results show that the scheme satisfies the security requirements of distribution grid, when utilizing the national cryptography al-gorithm standard, the data quantity of single communication does not exceed IK bytes, satisfying the communica-tion bandwidth requirements in distribution grid.
出处
《软件》
2017年第6期17-23,共7页
Software
基金
基金项目:基于多形态无线自组织技术的配用电通信系统研究及应用(546806160008)
关键词
配电网
PKC
IBC
数据加密认证
Distribution grid
PKC
IBC
Data encryption and authentication
