Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Universal network safe access area system applicable to electric power private network and message processing method

A secure access, general network technology, applied in the field of general network security access area system and message processing, can solve the problems of heavy development workload, unfavorable program maintenance protocol expansion, increased communication process delay, etc., to achieve shortened transmission Delay, simplify operation and maintenance work, reduce the effect of secondary development

Inactive Publication Date: 2018-11-13
NR ELECTRIC CO LTD +1
View PDF4 Cites 9 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

For complex protocols, the development workload is heavy, and the complexity of the program is not conducive to later maintenance and protocol expansion
On the other hand, after the access server and proxy server convert the message into a file, they need to wait for the scanning cycle of the supporting software of the power-specific forward network isolation device or the power-specific reverse network isolation device before transferring the file to the other side. This undoubtedly increases the delay of the entire communication process

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Universal network safe access area system applicable to electric power private network and message processing method
  • Universal network safe access area system applicable to electric power private network and message processing method
  • Universal network safe access area system applicable to electric power private network and message processing method

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0051]A general network security access area system suitable for electric power private network, used for connection and communication between the internal network area and the external network area, including a general access device, a power-specific forward network isolation device and a power-specific reverse network Isolation device:

[0052] refer to figure 2 As shown, the universal access device includes a host connection terminal (C), a message input terminal (B), a message output terminal (A) and a message processing module; the number of universal access devices is 2, and two universal access devices The host connection port of the device is respectively connected to the internal network host and the external network host; the internal network port and the external network port of the power dedicated forward network isolation device are respectively connected to the message output port of the universal access device on the internal network side and the general interf...

Embodiment 2

[0065] On the basis of Embodiment 1, in this embodiment, the universal access device also includes an encrypted UKEY connection port and an authentication UKEY connection port, and the message data processing module detects the access state of the encrypted UKEY, and utilizes the encrypted UKEY that has been accessed to The packet data stripped by the network protocol / proprietary protocol is encrypted / decrypted. The message data processing module detects the access status of the authentication UKEY, and uses the accessed authentication UKEY to authenticate and sign the message data before the private protocol is encapsulated, or to authenticate and verify the message data after the private protocol is stripped. The security of data transmission can be further improved.

[0066] When the encryption UKEY and the authentication UKEY are connected at the same time, for the message after the network protocol is stripped, the message is encrypted first, then the authentication signa...

Embodiment 3

[0069] This embodiment is a message processing method based on the above general network security access area applicable to the electric power private network:

[0070] A. When the packet transmission direction is from the external network area / intranet area to the secure access area, refer to Figure 6 shown, including:

[0071] S11. Obtain a network protocol message output by the host on the external network / host on the internal network;

[0072] S12, performing network protocol stripping on the network protocol message;

[0073] S13, detecting whether there is an encrypted UKEY access, and if so, encrypting the message data after protocol stripping by using the encrypted UKEY;

[0074] S14, detecting whether there is an authentication UKEY access, and if so, using the authentication UKEY to perform signature authentication on the encrypted message data;

[0075] S15. Encapsulate the message data with a private protocol according to the private communication protocol of ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The present invention discloses a universal network safe access area system applicable to an electric power private network and a message processing method. The safe access area system includes two identical universal access devices, a forward network isolating device for electric power and a reverse network isolating device for electric power. The universal access devices are used as message agents of an internal network area host and an external network area host to convert an original message into a message that can pass through the forward network isolating device for electric power and the reverse network isolating device for electric power, thus realizing non-inductive access to the internal network area host and the external network area host. The forward / reverse network isolating devices for electric power are used as physical isolation and protocol conversion. The present invention has the advantages that the system structure is simple, the original access method is not affected, the access difficulty is reduced, the universal access devices are free of configuration, the risk of network failure is lowered, and it is convenient to operate and maintain, thus providing protection for safe access of the internal network area when longitudinal connection of an internal network area and an external network area is required.

Description

technical field [0001] The invention relates to the technical field of power system data communication security, in particular to a general network security access area system and a message processing method suitable for a private power network. Background technique [0002] Individual business systems or their functional modules (or subsystems) in the production control area use wireless communication networks, other data networks of power companies (non-power dispatching data networks) or virtual private networks of external public data networks in the vertical connection with their terminals If the communication is carried out by means of VPN (VPN), etc., and its security protection level is lower than that of other systems in the production control area, a security access area shall be established. The connection between the safety access area and other parts of the production control area must be equipped with a special horizontal one-way safety isolation device for pow...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L29/06H04L12/46
CPCH04L12/4633H04L63/0209H04L63/0428H04L63/12H04L63/205
Inventor 曹翔张阳宋林川尤小明林青潘磊汤震宇张春合胡绍谦
Owner NR ELECTRIC CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com