基于身份的密码体制在智能变电站中的应用Application of Identify-based Cryptosystem in Smart Substations
张静,吴锦婵,单超
ZHANG Jing,WU Jing chan,SHAN Chao
摘要(Abstract):
变电站信息安全体系要应对欺骗、重放、篡改等安全威胁,并且需要具备一定的拒绝服务攻击能力。依据电力系统数据与通信安全标准IEC 62351,讨论基于身份的密码体制在智能变电站中的应用,详细介绍在智能变电站层、间隔层和过程层之间实现安全通信的方法,结合变电站的实际情况,讨论了基于身份的密码体制的实现方法和步骤以及应用实例。研究结果对在智能变电站自动化系统中实施IEC 62351标准具有重要的参考意义。
Smart substations information security system needs to deal with deceit, replay, tampering and other security threats, and it requires a certain ability to deal with denial of service attack. In accordance with power system data and communication safety standard IEC 62351, the paper discusses the application of identitybased cryptosystem and elaborates on the way of safe communication among smart substation layer, interval layer and process layer. By combining practical situation of substations, the paper expounds the implementation method, procedure and application examples of identify-based cryptosystem. The research result can pro vide importance reference for implementation of IEC 62351 standard in automation system of smart substations.
关键词(KeyWords):
智能变电站;信息安全;密码体制;IEC 61850;IEC 62351
smart substation;information security;identity-based cryptosystem;IEC 61850;IEC 62351
基金项目(Foundation):
作者(Author):
张静,吴锦婵,单超
ZHANG Jing,WU Jing chan,SHAN Chao
DOI: 10.19585/j.zjdl.2013.10.002
参考文献(References):
- [1]伍军.变电站自动化远程通信安全体系研究[D].湘潭:湘潭大学,2005.
- [2]BAIGENT D,ADAMIAK M,MACKIEWICZ R.IEC 61850Communication Networks and Systems In Substations:An Overv-iew for Users[DB/OL].[2011-05-30].http://www.sisconet.com.
- [3]丁杰,奚后玮,陈爱林,等.基于IEC 62351安全体系的变电站自动化系统[J].电网技术,2006,30(增刊):345-348.
- [4]周蓉.面向变电站数据通信的安全防护机制研究[D].保定:华北电力大学,2008.
- [5]段斌,王键.变电站自动化信息交换安全认证体系[J].电力系统自动化,2005,29(9):55-59.
- [6]廖建容,段斌,谭步学,等.基于口令的变电站数据与通信安全认证[J].电力系统自动化,2007,31(10):71-75.
- [7]曾院辉,徐成斌.基于令牌的遥控加密实现方法[J].继电器,2007,35(1):51-53.
- [8]IEC 62351-3,Power systems management and associated information exchange-Data and communications security-Part 3[S]:Communication network and system securityProfiles including TCP/IP.2007
- [9]IEC 62351-4,Power systems management and associated information exchange-Data and communications security-Part 4[S]:Profiles including MMS.2007
- [10]IEC 62351-6,Power systems management and associated information exchange-Data and communications security-Part 6[S]:Security for IEC 61850.2007
- [11]王进.基于身份密码体制及其应用的研究[D].济南:山东大学,2007.
- [12]徐丽娟.基于身份密码体制的研究及应用[D].济南:山东大学,2007.
- [13]杨浩森.基于身份密码学关键技术的研究及应用[D].成都:电子科技大学,2008.
- [14]彭长艳,张权,唐朝京.基于IBC的TLS握手协议设计与分析1[J].计算机应用,2009,29(3):633-637.