CN114205121A - Information access security protection method for power grid data - Google Patents

Abstract

The invention belongs to the technical field of information safety, and discloses an information access safety protection method for power grid data, which comprises a physical safety design, a network safety design and a host safety design, and further comprises an application safety design, a data backup safety design and a middleware safety design. According to the invention, through the data backup safety design, the data and information of the system operation can be stored and backed up in time when an error occurs in the safety design of the early stage, so that the data and information can be conveniently looked up in the later stage of repair, and the recovery of the system data after the repair is facilitated; the stability of backup data and information can be improved through the safety design of the middleware, and further the condition that the backup data are wrong per se during daily backup can be avoided through the regular test of the backup data, so that the success rate of restoring the backup data when the backup data are restored later is further ensured.

Description

Information access security protection method for power grid data

Technical Field

The invention belongs to the technical field of information security, and particularly relates to an information access security protection method for power grid data.

Background

At present, information of various countries in the world is rapidly developed, the application of information technology promotes the innovation of the optimal configuration and development mode of global resources, the influence of the internet on politics, economy, society and culture is deeper, the information permeates into various fields of national life, a network and an information system become key infrastructure and even nerve centers of the whole economy and society, and the international competition surrounding information acquisition, utilization and control is intensified day by day; data security has therefore moved from storage and processing security of the data itself to security and data protection security and security of the data itself.

The safety protection of data is taken as the 'last kilometer' of an information safety protection task, and the importance of the data is accepted by more and more departments; with the continuous expansion of southern power grid company data centers and the continuous increase of external security threats, it is necessary to construct a data-centric full link security protection system in combination with the security protection current situation of the company data centers, so as to form scientific and practical 'systematic security protection capability, normalized security management capability, and comprehensive security operation capability', ensure the data security to be known, controllable, manageable and searchable in the whole process, and provide strict data security guarantee for the data base and the cloud construction of the company data centers.

Therefore, the development of the functions of a data security management product is realized, a data security management product with independent intellectual property rights is formed, unified identity authentication of data access, refined access control and authorization are realized, real-time dynamic desensitization is carried out on important sensitive data, and a manageable and controllable data security protection system for realizing the whole life cycle of the data is urgent.

Disclosure of Invention

The present invention is directed to a method for protecting information access security for power grid data, so as to solve the problems mentioned in the background art.

In order to achieve the above purpose, the invention provides the following technical scheme: the information access safety protection method for the power grid data further comprises an application safety design, a data backup safety design and a middleware safety design.

Preferably, the physical security design specifically includes:

selecting a geographic position: whether the location of the system is in an area where disasters frequently occur or not is determined, and the center and the safe position of the system are determined in the floor, and meanwhile, the safety facilities and the equipment in the system are ensured to be placed at proper positions, so that the passing of personnel in the equipment area is reduced to the minimum;

peripheral precaution: an infrared defense system is arranged, and a closed circuit television is arranged at the same time;

safety control: necessary control measures are taken, the conditions of theft, fire, explosion, smoke, electromagnetic radiation and the like are reduced, meanwhile, the power supply failure of equipment is prevented, other abnormal power supply phenomena are prevented, and the safety of a communication line is ensured through safety control measures;

safe division: firstly, the equipment is placed according to different protection levels, then a specific safety area is isolated for the protection equipment, and the safety area is controlled in an all-around manner according to the protection levels by clearly dividing the area through physical separation, so that the threats from personnel and nature are reduced;

determining a recovery strategy; according to the possible loss calculation caused by the cost and risk of disaster recovery resources, the disaster recovery strategy of each key business function is determined, different business functions can adopt different disaster recovery strategies, physical safety design is the easiest step to operate in most safety designs, but is the easiest part to forget, the operation is simple, most of initial potential safety hazards can be isolated, and therefore the loss caused by equipment damage is avoided.

Preferably, the network security design specifically includes:

controlling access; deploying access control equipment at the boundary of an internal network and an external network, starting an access control function, providing clear access permission/denial capability for data streams according to session state information, controlling the granularity to be at a port level, determining to permit or deny a user to access resources of a research data safety management product according to an access permission rule between the user and the system, controlling the user, accessing the network in a dialing mode or a VPN mode and the like, adopting a strong authentication mode, strictly controlling the access authority of the user, and limiting the number of the users with the access authority of dialing, VPN and the like;

and (4) safety audit: when the platform is operated safely, log records should be carried out on the equipment operation state, network flow, user behavior and the like in the research data safety management product, and the audit records should include: date and time of the event, user information, event type, whether the event was successful, and other audit related information;

and (3) boundary checking: the secure operating platform should be able to check that the internal user present in the internal network has not been privately connected to the external network by permission;

and (3) intrusion prevention: the secure execution platform should monitor the following aggressive behaviors at the network boundary: port scanning, brute force attack, trojan backdoor attack, denial of service attack, buffer overflow attack, IP fragment attack and network worm attack;

code precaution: detecting and clearing the malicious codes at the network boundary, and maintaining the upgrade of a malicious code library and the update of a detection system;

network precaution: the method comprises the steps of carrying out identity authentication on a user logging in the network equipment, limiting a login address of an administrator of the network equipment, enabling the identification of the network equipment to be unique, enabling the identification of the user of the same network equipment to be unique, prohibiting a plurality of persons from sharing an account, enabling identity authentication information not to be easily faked, enabling password complexity to meet requirements and be changed regularly, modifying default users and passwords, avoiding using passwords which lack the same, enabling the length of the passwords to be not less than 8 bits, requiring that the mixture of letters and numbers or special characters is not the same as a user name, enabling the passwords to be changed regularly and encrypted for storage, and adopting necessary measures to prevent the authentication information from being intercepted in the network transmission process when the system hardware equipment is remotely managed.

Preferably, the host security design specifically includes:

identity authentication: determining the uniqueness of the account name in the system and setting the complexity of the password;

and (3) access control: forbidding a root account, logging in by using other users to obtain the root authority, and forbidding a default account and redundant useless accounts;

and (3) intrusion prevention: all system components, protocols and system services which are not required to be used, especially network services, do not need to be installed, and meanwhile, the prevention of malicious codes is paid attention to;

and (4) safety audit: starting an audit log function or realizing audit requirements by adopting a third-party security audit product operation, and recommending the log type to be written into a file;

and (3) resource control: the third-party terminal login information is displayed through the firewall, the overtime locking function is set, the overtime TIMEOUT value is set to be 600s, the host security design and the network security design are more complex compared with the physical security design, correspondingly, the potential safety hazards capable of being resisted by the host security design and the network security design are more complex, and the caused faults are more difficult to repair, so that the complex fault rate can be reduced greatly by designing the host security design and the network security design.

Preferably, the application security design includes not only identity authentication, access control and resource control, but also the following security operations:

self-protection: an injection attack protection design, a vulnerability exploitation protection design and an anti-tampering design;

application auditing: the system stores the message content of each request and the message content of the push in a database, only registered request information is required to be processed, the system records the content, time and event type of the message, the sender account is in the database, and the storage time is not less than 6 months;

software fault tolerance: effective filtering and coding are carried out on the special characters, the system is prevented from abnormally leaking sensitive information, effective fault quick recovery measures are provided, and the key service of the application system is ensured not to be interrupted and quickly recovered;

and (4) remaining information protection: the system clears the identification information such as session and cookie while the user exits, thereby effectively preventing the user from being held, effectively clearing the files, directories and database records in the system before distributing to other users, and preventing the important information of the system from being stolen

And (4) system vulnerability: the method comprises the steps of auditing source codes of an application system, forming a source code auditing report, carrying out safety test on the application system, ensuring that the application system does not have high-intermediate-risk application layer bugs such as SQL injection, cross-site scripts, file uploading, path traversal and the like, regularly updating a terminal application program, ensuring that the version is the latest official version, carrying out third-party safety and compatibility test on the system every time of release, and rapidly recovering larger or more important services of files on the premise of ensuring safety due to the design of software fault tolerance so as to avoid increasing a large amount of unnecessary repeated operations and improve the efficiency of service operation.

Preferably, the data and backup security design specifically includes:

data confidentiality: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;

data integrity: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;

data backup: the platform backups the important information and periodically tests the availability of a backup medium, provides hardware redundancy of key network equipment, a communication line and a data processing system, ensures the availability of the system, and can store and backup the recorded information data through designed data and backup so as to avoid the loss of the important information or data when an error occurs and simultaneously facilitate the recovery of the information or data after the error is repaired.

Preferably, the middleware security design includes not only identity authentication, access control and security audit, but also the following security operations

Security configuration: deleting unnecessary components irrelevant to tomcat and useless files installed by default, and performing basic configuration and reinforcement;

and (3) system backup and recovery: the tomcat configuration directory is backed up on a regular disk, backup is performed once every day, one month is reserved, backup recovery tests are performed on a regular monthly basis, and the condition that the backup is in a damaged state when the file is damaged and to be recovered can be eliminated through the regular tests on the backup file, so that the safety performance of file recovery is further improved.

Preferably, the determined recovery strategy is an acquisition mode of the disaster recovery resource and specific requirements of each element of the disaster recovery level, the specific disaster backup scheme includes a cold station backup scheme, a warm station backup scheme and a hot station backup scheme, and specific operations during disaster recovery can be determined through the cold station backup scheme, the warm station backup scheme and the hot station backup scheme, and meanwhile, the success rate of the disaster recovery and the recovery efficiency are also improved.

Preferably, after the safety design is completed, a safety development test needs to be performed, and the method specifically comprises the following operation steps:

s1 safety training: establishing a perfect safety training system, culturing safety consciousness, and forming a mode of safety test, safety development, safety operation and maintenance and safety products;

s2 requirement analysis: determining safety requirements and input proportion, and searching an optimal mode of safety embedding;

s3 system design: determining design requirements, analyzing an attack surface and threatening modeling;

s4 design implementation: using standard tools, abandoning unsafe functions, and performing static analysis (safe development specification + code audit);

s5 verification: the method comprises the steps of firstly carrying out black and white box test, carrying out attack surface evaluation, then issuing a security event response plan and periodic security evaluation, and through security development and test, avoiding the situations of operation failure caused by errors existing in a security design stage, even file damage and the like caused by direct operation, thereby improving the absolute success rate of later operation.

The invention has the following beneficial effects:

the invention realizes almost absolute information stabilization safety effect through physical safety design, network safety design, host safety design and application safety design, and can timely store and backup the data and information of system operation when an error occurs in the safety design in the early stage through data backup safety design, thereby facilitating the lookup in the later stage of repair and the recovery of the system data after the repair; the stability of backup data and information can be improved through the safety design of the middleware, and further the condition that the backup data are wrong per se during daily backup can be avoided through the regular test of the backup data, so that the success rate of restoring the backup data when the backup data are restored later is further ensured.

Drawings

FIG. 1 is a schematic view of the safety precaution of the present invention.

Detailed Description

The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

As shown in fig. 1, in the embodiment of the present invention, an information access security protection method for power grid data includes a physical security design, a network security design, and a host security design, and the information access security protection method for power grid data further includes an application security design, a data backup security design, and a middleware security design.

Wherein, the physical security design specifically comprises:

selecting a geographic position: whether the location of the system is in an area where disasters frequently occur or not is determined, and the center and the safe position of the system are determined in the floor, and meanwhile, the safety facilities and the equipment in the system are ensured to be placed at proper positions, so that the passing of personnel in the equipment area is reduced to the minimum;

peripheral precaution: an infrared defense system is arranged, and a closed circuit television is arranged at the same time;

safety control: necessary control measures are taken, the conditions of theft, fire, explosion, smoke, electromagnetic radiation and the like are reduced, meanwhile, the power supply failure of equipment is prevented, other abnormal power supply phenomena are prevented, and the safety of a communication line is ensured through safety control measures;

safe division: firstly, the equipment is placed according to different protection levels, then a specific safety area is isolated for the protection equipment, and the safety area is controlled in an all-around manner according to the protection levels by clearly dividing the area through physical separation, so that the threats from personnel and nature are reduced;

determining a recovery strategy; according to the possible loss calculation caused by the cost and risk of disaster recovery resources, the disaster recovery strategy of each key business function is determined, different business functions can adopt different disaster recovery strategies, physical safety design is the easiest step to operate in most safety designs, but is the easiest part to forget, the operation is simple, most of initial potential safety hazards can be isolated, and therefore the loss caused by equipment damage is avoided.

The network security design specifically comprises:

controlling access; deploying access control equipment at the boundary of an internal network and an external network, starting an access control function, providing clear access permission/denial capability for data streams according to session state information, controlling the granularity to be at a port level, determining to permit or deny a user to access resources of a research data safety management product according to an access permission rule between the user and the system, controlling the user, accessing the network in a dialing mode or a VPN mode and the like, adopting a strong authentication mode, strictly controlling the access authority of the user, and limiting the number of the users with the access authority of dialing, VPN and the like;

and (4) safety audit: when the platform is operated safely, log records should be carried out on the equipment operation state, network flow, user behavior and the like in the research data safety management product, and the audit records should include: date and time of the event, user information, event type, whether the event was successful, and other audit related information;

and (3) boundary checking: the secure operating platform should be able to check that the internal user present in the internal network has not been privately connected to the external network by permission;

and (3) intrusion prevention: the secure execution platform should monitor the following aggressive behaviors at the network boundary: port scanning, brute force attack, trojan backdoor attack, denial of service attack, buffer overflow attack, IP fragment attack and network worm attack;

code precaution: detecting and clearing the malicious codes at the network boundary, and maintaining the upgrade of a malicious code library and the update of a detection system;

network precaution: the method comprises the steps of carrying out identity authentication on a user logging in the network equipment, limiting a login address of an administrator of the network equipment, enabling the identification of the network equipment to be unique, enabling the identification of the user of the same network equipment to be unique, prohibiting a plurality of persons from sharing an account, enabling identity authentication information not to be easily faked, enabling password complexity to meet requirements and be changed regularly, modifying default users and passwords, avoiding using passwords which lack the same, enabling the length of the passwords to be not less than 8 bits, requiring that the mixture of letters and numbers or special characters is not the same as a user name, enabling the passwords to be changed regularly and encrypted for storage, and adopting necessary measures to prevent the authentication information from being intercepted in the network transmission process when the system hardware equipment is remotely managed.

Wherein, the host computer security design specifically includes:

identity authentication: determining the uniqueness of the account name in the system and setting the complexity of the password;

and (3) access control: forbidding a root account, logging in by using other users to obtain the root authority, and forbidding a default account and redundant useless accounts;

and (3) intrusion prevention: all system components, protocols and system services which are not required to be used, especially network services, do not need to be installed, and meanwhile, the prevention of malicious codes is paid attention to;

and (4) safety audit: starting an audit log function or realizing audit requirements by adopting a third-party security audit product operation, and recommending the log type to be written into a file;

and (3) resource control: the third-party terminal login information is displayed through the firewall, the overtime locking function is set, the overtime TIMEOUT value is set to be 600s, the host security design and the network security design are more complex compared with the physical security design, correspondingly, the potential safety hazards capable of being resisted by the host security design and the network security design are more complex, and the caused faults are more difficult to repair, so that the complex fault rate can be reduced greatly by designing the host security design and the network security design.

The application security design comprises the following security operations besides identity authentication, access control and resource control:

self-protection: an injection attack protection design, a vulnerability exploitation protection design and an anti-tampering design;

application auditing: the system stores the message content of each request and the message content of the push in a database, only registered request information is required to be processed, the system records the content, time and event type of the message, the sender account is in the database, and the storage time is not less than 6 months;

software fault tolerance: effective filtering and coding are carried out on the special characters, the system is prevented from abnormally leaking sensitive information, effective fault quick recovery measures are provided, and the key service of the application system is ensured not to be interrupted and quickly recovered;

and (4) remaining information protection: the system clears the identification information such as session and cookie while the user exits, thereby effectively preventing the user from being held, effectively clearing the files, directories and database records in the system before distributing to other users, and preventing the important information of the system from being stolen

And (4) system vulnerability: the method comprises the steps of auditing source codes of an application system, forming a source code auditing report, carrying out safety test on the application system, ensuring that the application system does not have high-intermediate-risk application layer bugs such as SQL injection, cross-site scripts, file uploading, path traversal and the like, regularly updating a terminal application program, ensuring that the version is the latest official version, carrying out third-party safety and compatibility test on the system every time of release, and rapidly recovering larger or more important services of files on the premise of ensuring safety due to the design of software fault tolerance so as to avoid increasing a large amount of unnecessary repeated operations and improve the efficiency of service operation.

The data and backup security design specifically comprises:

data confidentiality: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;

data integrity: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;

data backup: the platform backups the important information and periodically tests the availability of a backup medium, provides hardware redundancy of key network equipment, a communication line and a data processing system, ensures the availability of the system, and can store and backup the recorded information data through designed data and backup so as to avoid the loss of the important information or data when an error occurs and simultaneously facilitate the recovery of the information or data after the error is repaired.

The middleware security design comprises identity authentication, access control and security audit, and also specifically comprises the following security operations

Security configuration: deleting unnecessary components irrelevant to tomcat and useless files installed by default, and performing basic configuration and reinforcement;

and (3) system backup and recovery: the tomcat configuration directory is backed up on a regular disk, backup is performed once every day, one month is reserved, backup recovery tests are performed on a regular monthly basis, and the condition that the backup is in a damaged state when the file is damaged and to be recovered can be eliminated through the regular tests on the backup file, so that the safety performance of file recovery is further improved.

The specific disaster recovery schemes include a cold station backup scheme, a warm station backup scheme and a hot station backup scheme, and specific operations during disaster recovery can be determined through the cold station backup scheme, the warm station backup scheme and the hot station backup scheme, and meanwhile, the success rate of disaster recovery and the recovery efficiency are improved.

Wherein, need carry out safe development test after accomplishing above-mentioned safety design, specifically include the following operating procedure:

s1 safety training: establishing a perfect safety training system, culturing safety consciousness, and forming a mode of safety test, safety development, safety operation and maintenance and safety products;

s2 requirement analysis: determining safety requirements and input proportion, and searching an optimal mode of safety embedding;

s3 system design: determining design requirements, analyzing an attack surface and threatening modeling;

s4 design implementation: using standard tools, abandoning unsafe functions, and performing static analysis (safe development specification + code audit);

s5 verification: the method comprises the steps of firstly carrying out black and white box test, carrying out attack surface evaluation, then issuing a security event response plan and periodic security evaluation, and through security development and test, avoiding the situations of operation failure caused by errors existing in a security design stage, even file damage and the like caused by direct operation, thereby improving the absolute success rate of later operation.

It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.

Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.

Claims (9)

1. An information access security protection method for power grid data comprises a physical security design, a network security design and a host security design, and is characterized in that: the information access security protection method for the power grid data further comprises an application security design, a data backup security design and a middleware security design.

2. An information access security protection method for electric network data according to claim 1, characterized in that: the physical security design specifically comprises:

selecting a geographic position: whether the location of the system is in an area where disasters frequently occur or not is determined, and the center and the safe position of the system are determined in the floor, and meanwhile, the safety facilities and the equipment in the system are ensured to be placed at proper positions, so that the passing of personnel in the equipment area is reduced to the minimum;

peripheral precaution: an infrared defense system is arranged, and a closed circuit television is arranged at the same time;

safety control: necessary control measures are taken, the conditions of theft, fire, explosion, smoke, electromagnetic radiation and the like are reduced, meanwhile, the power supply failure of equipment is prevented, other abnormal power supply phenomena are prevented, and the safety of a communication line is ensured through safety control measures;

safe division: firstly, the equipment is placed according to different protection levels, then a specific safety area is isolated for the protection equipment, and the safety area is controlled in an all-around manner according to the protection levels by clearly dividing the area through physical separation, so that the threats from personnel and nature are reduced;

determining a recovery strategy; and determining the disaster recovery strategy of each key business function according to the possible loss calculation caused by the cost and risk of the disaster recovery resources, wherein different disaster recovery strategies can be adopted by different business functions.

3. An information access security protection method for electric network data according to claim 1, characterized in that: the network security design specifically comprises:

controlling access; deploying access control equipment at the boundary of an internal network and an external network, starting an access control function, providing clear access permission/denial capability for data streams according to session state information, controlling the granularity to be at a port level, determining to permit or deny a user to access resources of a research data safety management product according to an access permission rule between the user and the system, controlling the user, accessing the network in a dialing mode or a VPN mode and the like, adopting a strong authentication mode, strictly controlling the access authority of the user, and limiting the number of the users with the access authority of dialing, VPN and the like;

and (4) safety audit: when the platform is operated safely, log records should be carried out on the equipment operation state, network flow, user behavior and the like in the research data safety management product, and the audit records should include: date and time of the event, user information, event type, whether the event was successful, and other audit related information;

and (3) boundary checking: the secure operating platform should be able to check that the internal user present in the internal network has not been privately connected to the external network by permission;

and (3) intrusion prevention: the secure execution platform should monitor the following aggressive behaviors at the network boundary: port scanning, brute force attack, trojan backdoor attack, denial of service attack, buffer overflow attack, IP fragment attack and network worm attack;

code precaution: detecting and clearing the malicious codes at the network boundary, and maintaining the upgrade of a malicious code library and the update of a detection system;

network precaution: the identity authentication is carried out on the user who logs in the network equipment, the login address of the administrator of the network equipment is limited, and the network equipment identifier is unique.

4. An information access security protection method for electric network data according to claim 1, characterized in that: the safety design of the host specifically comprises:

identity authentication: determining the uniqueness of the account name in the system and setting the complexity of the password;

and (3) access control: forbidding a root account, logging in by using other users to obtain the root authority, and forbidding a default account and redundant useless accounts;

and (3) intrusion prevention: all system components, protocols and system services which are not required to be used, especially network services, do not need to be installed, and meanwhile, the prevention of malicious codes is paid attention to;

and (4) safety audit: starting an audit log function or realizing audit requirements by adopting a third-party security audit product operation, and recommending the log type to be written into a file;

and (3) resource control: and displaying the login information of the third-party terminal through the firewall, setting an overtime locking function, and setting the TIMEOUT value TIMEOUT to 600 s.

5. An information access security protection method for electric network data according to claim 1, characterized in that: the application security design comprises the following security operations besides identity authentication, access control and resource control:

self-protection: an injection attack protection design, a vulnerability exploitation protection design and an anti-tampering design;

application auditing: the system stores the message content of each request and the message content of the push in a database, only registered request information is required to be processed, the system records the content, time and event type of the message, the sender account is in the database, and the storage time is not less than 6 months;

software fault tolerance: effective filtering and coding are carried out on the special characters, the system is prevented from abnormally leaking sensitive information, effective fault quick recovery measures are provided, and the key service of the application system is ensured not to be interrupted and quickly recovered;

and (4) remaining information protection: the system clears the identification information such as session and cookie while the user exits, thereby effectively preventing the user from being held, effectively clearing the files, directories and database records in the system before distributing to other users, and preventing the important information of the system from being stolen

And (4) system vulnerability: and performing source code audit on the application system, forming a source code audit report, performing safety test on the application system, ensuring that no high-intermediate-risk application layer bugs such as SQL injection, cross-site scripts, file uploading, path traversal and the like exist in the application system, regularly updating the terminal application program, ensuring that the version is the latest official version, and performing third-party safety and compatibility test on the system every time the application system is released.

6. An information access security protection method for electric network data according to claim 1, characterized in that: the data and backup security design specifically comprises:

data confidentiality: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;

data integrity: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;

data backup: the platform backups important information and periodically tests the availability of backup media, provides hardware redundancy of key network equipment, communication lines and a data processing system, and ensures the availability of the system.

7. An information access security protection method for electric network data according to claim 2, characterized in that: the safety design of the middleware comprises not only identity authentication, access control and safety audit, but also the following safety operations

Security configuration: deleting unnecessary components irrelevant to tomcat and useless files installed by default, and performing basic configuration and reinforcement;

and (3) system backup and recovery: and (3) regularly backing up the tomcat configuration catalog on the disk, carrying out backup once every day at regular time, keeping for one month, and regularly carrying out backup recovery test every month.

8. An information access security protection method for electric network data according to claim 1, characterized in that: the recovery strategy, namely the acquisition mode of disaster recovery resources and the specific requirements of each element of the disaster recovery level, are determined, and the specific disaster recovery schemes comprise a cold station backup scheme, a warm station backup scheme and a hot station backup scheme.

9. An information access security protection method for electric network data according to claim 1, characterized in that: after the safety design is completed, a safety development test is required, and the method specifically comprises the following operation steps:

s1 safety training: establishing a perfect safety training system, culturing safety consciousness, and forming a mode of safety test, safety development, safety operation and maintenance and safety products;

s2 requirement analysis: determining safety requirements and input proportion, and searching an optimal mode of safety embedding;

s3 system design: determining design requirements, analyzing an attack surface and threatening modeling;

s4 design implementation: using standard tools, abandoning unsafe functions, and performing static analysis (safe development specification + code audit);

s5 verification: the method comprises the steps of firstly carrying out black and white box test, carrying out attack surface evaluation, and then issuing a security event response plan and periodic security evaluation.

Images