CN114205121A - Information access security protection method for power grid data - Google Patents
Information access security protection method for power grid data Download PDFInfo
- Publication number
- CN114205121A CN114205121A CN202111367407.4A CN202111367407A CN114205121A CN 114205121 A CN114205121 A CN 114205121A CN 202111367407 A CN202111367407 A CN 202111367407A CN 114205121 A CN114205121 A CN 114205121A
- Authority
- CN
- China
- Prior art keywords
- safety
- data
- information
- design
- security
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 32
- 238000013461 design Methods 0.000 claims abstract description 92
- 238000011084 recovery Methods 0.000 claims abstract description 41
- 238000012360 testing method Methods 0.000 claims abstract description 18
- 238000012550 audit Methods 0.000 claims description 29
- 238000007726 management method Methods 0.000 claims description 15
- 230000005540 biological transmission Effects 0.000 claims description 14
- 238000011161 development Methods 0.000 claims description 10
- 230000002265 prevention Effects 0.000 claims description 9
- 238000004458 analytical method Methods 0.000 claims description 6
- 238000004891 communication Methods 0.000 claims description 6
- 238000011156 evaluation Methods 0.000 claims description 6
- 238000002347 injection Methods 0.000 claims description 6
- 239000007924 injection Substances 0.000 claims description 6
- 238000011160 research Methods 0.000 claims description 6
- 238000011076 safety test Methods 0.000 claims description 6
- 238000012549 training Methods 0.000 claims description 6
- 238000012545 processing Methods 0.000 claims description 4
- 206010001488 Aggression Diseases 0.000 claims description 3
- 230000002159 abnormal effect Effects 0.000 claims description 3
- 230000016571 aggressive behavior Effects 0.000 claims description 3
- 208000012761 aggressive behavior Diseases 0.000 claims description 3
- 230000006399 behavior Effects 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 claims description 3
- 235000014510 cooky Nutrition 0.000 claims description 3
- 238000012258 culturing Methods 0.000 claims description 3
- 230000007123 defense Effects 0.000 claims description 3
- 238000001514 detection method Methods 0.000 claims description 3
- 238000011981 development test Methods 0.000 claims description 3
- 230000005670 electromagnetic radiation Effects 0.000 claims description 3
- 230000003203 everyday effect Effects 0.000 claims description 3
- 238000004880 explosion Methods 0.000 claims description 3
- 238000001914 filtration Methods 0.000 claims description 3
- 239000012634 fragment Substances 0.000 claims description 3
- ZXQYGBMAQZUVMI-GCMPRSNUSA-N gamma-cyhalothrin Chemical compound CC1(C)[C@@H](\C=C(/Cl)C(F)(F)F)[C@H]1C(=O)O[C@H](C#N)C1=CC=CC(OC=2C=CC=CC=2)=C1 ZXQYGBMAQZUVMI-GCMPRSNUSA-N 0.000 claims description 3
- 238000012423 maintenance Methods 0.000 claims description 3
- 230000000737 periodic effect Effects 0.000 claims description 3
- 230000002093 peripheral effect Effects 0.000 claims description 3
- 230000002787 reinforcement Effects 0.000 claims description 3
- 230000004044 response Effects 0.000 claims description 3
- 238000013515 script Methods 0.000 claims description 3
- 238000000926 separation method Methods 0.000 claims description 3
- 239000000779 smoke Substances 0.000 claims description 3
- 230000003068 static effect Effects 0.000 claims description 3
- 238000012795 verification Methods 0.000 claims description 3
- 230000008439 repair process Effects 0.000 abstract description 6
- 239000000047 product Substances 0.000 description 10
- 230000009471 action Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 239000000203 mixture Substances 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 238000013475 authorization Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000002354 daily effect Effects 0.000 description 1
- 238000000586 desensitisation Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 210000005036 nerve Anatomy 0.000 description 1
- 238000011017 operating method Methods 0.000 description 1
- 239000012466 permeate Substances 0.000 description 1
- 239000000243 solution Substances 0.000 description 1
- 230000006641 stabilisation Effects 0.000 description 1
- 238000011105 stabilization Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 230000009897 systematic effect Effects 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/145—Countermeasures against malicious traffic the attack involving the propagation of malware through the network, e.g. viruses, trojans or worms
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/07—Responding to the occurrence of a fault, e.g. fault tolerance
- G06F11/14—Error detection or correction of the data by redundancy in operation
- G06F11/1402—Saving, restoring, recovering or retrying
- G06F11/1446—Point-in-time backing up or restoration of persistent data
- G06F11/1458—Management of the backup or restore process
- G06F11/1469—Backup restoration techniques
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/06—Energy or water supply
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/083—Network architectures or network communication protocols for network security for authentication of entities using passwords
- H04L63/0846—Network architectures or network communication protocols for network security for authentication of entities using passwords using time-dependent-passwords, e.g. periodically changing passwords
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Business, Economics & Management (AREA)
- Health & Medical Sciences (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Physics & Mathematics (AREA)
- Economics (AREA)
- General Physics & Mathematics (AREA)
- Marketing (AREA)
- Primary Health Care (AREA)
- Strategic Management (AREA)
- Tourism & Hospitality (AREA)
- Water Supply & Treatment (AREA)
- General Business, Economics & Management (AREA)
- Human Resources & Organizations (AREA)
- Public Health (AREA)
- Quality & Reliability (AREA)
- Virology (AREA)
- Storage Device Security (AREA)
Abstract
The invention belongs to the technical field of information safety, and discloses an information access safety protection method for power grid data, which comprises a physical safety design, a network safety design and a host safety design, and further comprises an application safety design, a data backup safety design and a middleware safety design. According to the invention, through the data backup safety design, the data and information of the system operation can be stored and backed up in time when an error occurs in the safety design of the early stage, so that the data and information can be conveniently looked up in the later stage of repair, and the recovery of the system data after the repair is facilitated; the stability of backup data and information can be improved through the safety design of the middleware, and further the condition that the backup data are wrong per se during daily backup can be avoided through the regular test of the backup data, so that the success rate of restoring the backup data when the backup data are restored later is further ensured.
Description
Technical Field
The invention belongs to the technical field of information security, and particularly relates to an information access security protection method for power grid data.
Background
At present, information of various countries in the world is rapidly developed, the application of information technology promotes the innovation of the optimal configuration and development mode of global resources, the influence of the internet on politics, economy, society and culture is deeper, the information permeates into various fields of national life, a network and an information system become key infrastructure and even nerve centers of the whole economy and society, and the international competition surrounding information acquisition, utilization and control is intensified day by day; data security has therefore moved from storage and processing security of the data itself to security and data protection security and security of the data itself.
The safety protection of data is taken as the 'last kilometer' of an information safety protection task, and the importance of the data is accepted by more and more departments; with the continuous expansion of southern power grid company data centers and the continuous increase of external security threats, it is necessary to construct a data-centric full link security protection system in combination with the security protection current situation of the company data centers, so as to form scientific and practical 'systematic security protection capability, normalized security management capability, and comprehensive security operation capability', ensure the data security to be known, controllable, manageable and searchable in the whole process, and provide strict data security guarantee for the data base and the cloud construction of the company data centers.
Therefore, the development of the functions of a data security management product is realized, a data security management product with independent intellectual property rights is formed, unified identity authentication of data access, refined access control and authorization are realized, real-time dynamic desensitization is carried out on important sensitive data, and a manageable and controllable data security protection system for realizing the whole life cycle of the data is urgent.
Disclosure of Invention
The present invention is directed to a method for protecting information access security for power grid data, so as to solve the problems mentioned in the background art.
In order to achieve the above purpose, the invention provides the following technical scheme: the information access safety protection method for the power grid data further comprises an application safety design, a data backup safety design and a middleware safety design.
Preferably, the physical security design specifically includes:
selecting a geographic position: whether the location of the system is in an area where disasters frequently occur or not is determined, and the center and the safe position of the system are determined in the floor, and meanwhile, the safety facilities and the equipment in the system are ensured to be placed at proper positions, so that the passing of personnel in the equipment area is reduced to the minimum;
peripheral precaution: an infrared defense system is arranged, and a closed circuit television is arranged at the same time;
safety control: necessary control measures are taken, the conditions of theft, fire, explosion, smoke, electromagnetic radiation and the like are reduced, meanwhile, the power supply failure of equipment is prevented, other abnormal power supply phenomena are prevented, and the safety of a communication line is ensured through safety control measures;
safe division: firstly, the equipment is placed according to different protection levels, then a specific safety area is isolated for the protection equipment, and the safety area is controlled in an all-around manner according to the protection levels by clearly dividing the area through physical separation, so that the threats from personnel and nature are reduced;
determining a recovery strategy; according to the possible loss calculation caused by the cost and risk of disaster recovery resources, the disaster recovery strategy of each key business function is determined, different business functions can adopt different disaster recovery strategies, physical safety design is the easiest step to operate in most safety designs, but is the easiest part to forget, the operation is simple, most of initial potential safety hazards can be isolated, and therefore the loss caused by equipment damage is avoided.
Preferably, the network security design specifically includes:
controlling access; deploying access control equipment at the boundary of an internal network and an external network, starting an access control function, providing clear access permission/denial capability for data streams according to session state information, controlling the granularity to be at a port level, determining to permit or deny a user to access resources of a research data safety management product according to an access permission rule between the user and the system, controlling the user, accessing the network in a dialing mode or a VPN mode and the like, adopting a strong authentication mode, strictly controlling the access authority of the user, and limiting the number of the users with the access authority of dialing, VPN and the like;
and (4) safety audit: when the platform is operated safely, log records should be carried out on the equipment operation state, network flow, user behavior and the like in the research data safety management product, and the audit records should include: date and time of the event, user information, event type, whether the event was successful, and other audit related information;
and (3) boundary checking: the secure operating platform should be able to check that the internal user present in the internal network has not been privately connected to the external network by permission;
and (3) intrusion prevention: the secure execution platform should monitor the following aggressive behaviors at the network boundary: port scanning, brute force attack, trojan backdoor attack, denial of service attack, buffer overflow attack, IP fragment attack and network worm attack;
code precaution: detecting and clearing the malicious codes at the network boundary, and maintaining the upgrade of a malicious code library and the update of a detection system;
network precaution: the method comprises the steps of carrying out identity authentication on a user logging in the network equipment, limiting a login address of an administrator of the network equipment, enabling the identification of the network equipment to be unique, enabling the identification of the user of the same network equipment to be unique, prohibiting a plurality of persons from sharing an account, enabling identity authentication information not to be easily faked, enabling password complexity to meet requirements and be changed regularly, modifying default users and passwords, avoiding using passwords which lack the same, enabling the length of the passwords to be not less than 8 bits, requiring that the mixture of letters and numbers or special characters is not the same as a user name, enabling the passwords to be changed regularly and encrypted for storage, and adopting necessary measures to prevent the authentication information from being intercepted in the network transmission process when the system hardware equipment is remotely managed.
Preferably, the host security design specifically includes:
identity authentication: determining the uniqueness of the account name in the system and setting the complexity of the password;
and (3) access control: forbidding a root account, logging in by using other users to obtain the root authority, and forbidding a default account and redundant useless accounts;
and (3) intrusion prevention: all system components, protocols and system services which are not required to be used, especially network services, do not need to be installed, and meanwhile, the prevention of malicious codes is paid attention to;
and (4) safety audit: starting an audit log function or realizing audit requirements by adopting a third-party security audit product operation, and recommending the log type to be written into a file;
and (3) resource control: the third-party terminal login information is displayed through the firewall, the overtime locking function is set, the overtime TIMEOUT value is set to be 600s, the host security design and the network security design are more complex compared with the physical security design, correspondingly, the potential safety hazards capable of being resisted by the host security design and the network security design are more complex, and the caused faults are more difficult to repair, so that the complex fault rate can be reduced greatly by designing the host security design and the network security design.
Preferably, the application security design includes not only identity authentication, access control and resource control, but also the following security operations:
self-protection: an injection attack protection design, a vulnerability exploitation protection design and an anti-tampering design;
application auditing: the system stores the message content of each request and the message content of the push in a database, only registered request information is required to be processed, the system records the content, time and event type of the message, the sender account is in the database, and the storage time is not less than 6 months;
software fault tolerance: effective filtering and coding are carried out on the special characters, the system is prevented from abnormally leaking sensitive information, effective fault quick recovery measures are provided, and the key service of the application system is ensured not to be interrupted and quickly recovered;
and (4) remaining information protection: the system clears the identification information such as session and cookie while the user exits, thereby effectively preventing the user from being held, effectively clearing the files, directories and database records in the system before distributing to other users, and preventing the important information of the system from being stolen
And (4) system vulnerability: the method comprises the steps of auditing source codes of an application system, forming a source code auditing report, carrying out safety test on the application system, ensuring that the application system does not have high-intermediate-risk application layer bugs such as SQL injection, cross-site scripts, file uploading, path traversal and the like, regularly updating a terminal application program, ensuring that the version is the latest official version, carrying out third-party safety and compatibility test on the system every time of release, and rapidly recovering larger or more important services of files on the premise of ensuring safety due to the design of software fault tolerance so as to avoid increasing a large amount of unnecessary repeated operations and improve the efficiency of service operation.
Preferably, the data and backup security design specifically includes:
data confidentiality: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;
data integrity: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;
data backup: the platform backups the important information and periodically tests the availability of a backup medium, provides hardware redundancy of key network equipment, a communication line and a data processing system, ensures the availability of the system, and can store and backup the recorded information data through designed data and backup so as to avoid the loss of the important information or data when an error occurs and simultaneously facilitate the recovery of the information or data after the error is repaired.
Preferably, the middleware security design includes not only identity authentication, access control and security audit, but also the following security operations
Security configuration: deleting unnecessary components irrelevant to tomcat and useless files installed by default, and performing basic configuration and reinforcement;
and (3) system backup and recovery: the tomcat configuration directory is backed up on a regular disk, backup is performed once every day, one month is reserved, backup recovery tests are performed on a regular monthly basis, and the condition that the backup is in a damaged state when the file is damaged and to be recovered can be eliminated through the regular tests on the backup file, so that the safety performance of file recovery is further improved.
Preferably, the determined recovery strategy is an acquisition mode of the disaster recovery resource and specific requirements of each element of the disaster recovery level, the specific disaster backup scheme includes a cold station backup scheme, a warm station backup scheme and a hot station backup scheme, and specific operations during disaster recovery can be determined through the cold station backup scheme, the warm station backup scheme and the hot station backup scheme, and meanwhile, the success rate of the disaster recovery and the recovery efficiency are also improved.
Preferably, after the safety design is completed, a safety development test needs to be performed, and the method specifically comprises the following operation steps:
s1 safety training: establishing a perfect safety training system, culturing safety consciousness, and forming a mode of safety test, safety development, safety operation and maintenance and safety products;
s2 requirement analysis: determining safety requirements and input proportion, and searching an optimal mode of safety embedding;
s3 system design: determining design requirements, analyzing an attack surface and threatening modeling;
s4 design implementation: using standard tools, abandoning unsafe functions, and performing static analysis (safe development specification + code audit);
s5 verification: the method comprises the steps of firstly carrying out black and white box test, carrying out attack surface evaluation, then issuing a security event response plan and periodic security evaluation, and through security development and test, avoiding the situations of operation failure caused by errors existing in a security design stage, even file damage and the like caused by direct operation, thereby improving the absolute success rate of later operation.
The invention has the following beneficial effects:
the invention realizes almost absolute information stabilization safety effect through physical safety design, network safety design, host safety design and application safety design, and can timely store and backup the data and information of system operation when an error occurs in the safety design in the early stage through data backup safety design, thereby facilitating the lookup in the later stage of repair and the recovery of the system data after the repair; the stability of backup data and information can be improved through the safety design of the middleware, and further the condition that the backup data are wrong per se during daily backup can be avoided through the regular test of the backup data, so that the success rate of restoring the backup data when the backup data are restored later is further ensured.
Drawings
FIG. 1 is a schematic view of the safety precaution of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
As shown in fig. 1, in the embodiment of the present invention, an information access security protection method for power grid data includes a physical security design, a network security design, and a host security design, and the information access security protection method for power grid data further includes an application security design, a data backup security design, and a middleware security design.
Wherein, the physical security design specifically comprises:
selecting a geographic position: whether the location of the system is in an area where disasters frequently occur or not is determined, and the center and the safe position of the system are determined in the floor, and meanwhile, the safety facilities and the equipment in the system are ensured to be placed at proper positions, so that the passing of personnel in the equipment area is reduced to the minimum;
peripheral precaution: an infrared defense system is arranged, and a closed circuit television is arranged at the same time;
safety control: necessary control measures are taken, the conditions of theft, fire, explosion, smoke, electromagnetic radiation and the like are reduced, meanwhile, the power supply failure of equipment is prevented, other abnormal power supply phenomena are prevented, and the safety of a communication line is ensured through safety control measures;
safe division: firstly, the equipment is placed according to different protection levels, then a specific safety area is isolated for the protection equipment, and the safety area is controlled in an all-around manner according to the protection levels by clearly dividing the area through physical separation, so that the threats from personnel and nature are reduced;
determining a recovery strategy; according to the possible loss calculation caused by the cost and risk of disaster recovery resources, the disaster recovery strategy of each key business function is determined, different business functions can adopt different disaster recovery strategies, physical safety design is the easiest step to operate in most safety designs, but is the easiest part to forget, the operation is simple, most of initial potential safety hazards can be isolated, and therefore the loss caused by equipment damage is avoided.
The network security design specifically comprises:
controlling access; deploying access control equipment at the boundary of an internal network and an external network, starting an access control function, providing clear access permission/denial capability for data streams according to session state information, controlling the granularity to be at a port level, determining to permit or deny a user to access resources of a research data safety management product according to an access permission rule between the user and the system, controlling the user, accessing the network in a dialing mode or a VPN mode and the like, adopting a strong authentication mode, strictly controlling the access authority of the user, and limiting the number of the users with the access authority of dialing, VPN and the like;
and (4) safety audit: when the platform is operated safely, log records should be carried out on the equipment operation state, network flow, user behavior and the like in the research data safety management product, and the audit records should include: date and time of the event, user information, event type, whether the event was successful, and other audit related information;
and (3) boundary checking: the secure operating platform should be able to check that the internal user present in the internal network has not been privately connected to the external network by permission;
and (3) intrusion prevention: the secure execution platform should monitor the following aggressive behaviors at the network boundary: port scanning, brute force attack, trojan backdoor attack, denial of service attack, buffer overflow attack, IP fragment attack and network worm attack;
code precaution: detecting and clearing the malicious codes at the network boundary, and maintaining the upgrade of a malicious code library and the update of a detection system;
network precaution: the method comprises the steps of carrying out identity authentication on a user logging in the network equipment, limiting a login address of an administrator of the network equipment, enabling the identification of the network equipment to be unique, enabling the identification of the user of the same network equipment to be unique, prohibiting a plurality of persons from sharing an account, enabling identity authentication information not to be easily faked, enabling password complexity to meet requirements and be changed regularly, modifying default users and passwords, avoiding using passwords which lack the same, enabling the length of the passwords to be not less than 8 bits, requiring that the mixture of letters and numbers or special characters is not the same as a user name, enabling the passwords to be changed regularly and encrypted for storage, and adopting necessary measures to prevent the authentication information from being intercepted in the network transmission process when the system hardware equipment is remotely managed.
Wherein, the host computer security design specifically includes:
identity authentication: determining the uniqueness of the account name in the system and setting the complexity of the password;
and (3) access control: forbidding a root account, logging in by using other users to obtain the root authority, and forbidding a default account and redundant useless accounts;
and (3) intrusion prevention: all system components, protocols and system services which are not required to be used, especially network services, do not need to be installed, and meanwhile, the prevention of malicious codes is paid attention to;
and (4) safety audit: starting an audit log function or realizing audit requirements by adopting a third-party security audit product operation, and recommending the log type to be written into a file;
and (3) resource control: the third-party terminal login information is displayed through the firewall, the overtime locking function is set, the overtime TIMEOUT value is set to be 600s, the host security design and the network security design are more complex compared with the physical security design, correspondingly, the potential safety hazards capable of being resisted by the host security design and the network security design are more complex, and the caused faults are more difficult to repair, so that the complex fault rate can be reduced greatly by designing the host security design and the network security design.
The application security design comprises the following security operations besides identity authentication, access control and resource control:
self-protection: an injection attack protection design, a vulnerability exploitation protection design and an anti-tampering design;
application auditing: the system stores the message content of each request and the message content of the push in a database, only registered request information is required to be processed, the system records the content, time and event type of the message, the sender account is in the database, and the storage time is not less than 6 months;
software fault tolerance: effective filtering and coding are carried out on the special characters, the system is prevented from abnormally leaking sensitive information, effective fault quick recovery measures are provided, and the key service of the application system is ensured not to be interrupted and quickly recovered;
and (4) remaining information protection: the system clears the identification information such as session and cookie while the user exits, thereby effectively preventing the user from being held, effectively clearing the files, directories and database records in the system before distributing to other users, and preventing the important information of the system from being stolen
And (4) system vulnerability: the method comprises the steps of auditing source codes of an application system, forming a source code auditing report, carrying out safety test on the application system, ensuring that the application system does not have high-intermediate-risk application layer bugs such as SQL injection, cross-site scripts, file uploading, path traversal and the like, regularly updating a terminal application program, ensuring that the version is the latest official version, carrying out third-party safety and compatibility test on the system every time of release, and rapidly recovering larger or more important services of files on the premise of ensuring safety due to the design of software fault tolerance so as to avoid increasing a large amount of unnecessary repeated operations and improve the efficiency of service operation.
The data and backup security design specifically comprises:
data confidentiality: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;
data integrity: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;
data backup: the platform backups the important information and periodically tests the availability of a backup medium, provides hardware redundancy of key network equipment, a communication line and a data processing system, ensures the availability of the system, and can store and backup the recorded information data through designed data and backup so as to avoid the loss of the important information or data when an error occurs and simultaneously facilitate the recovery of the information or data after the error is repaired.
The middleware security design comprises identity authentication, access control and security audit, and also specifically comprises the following security operations
Security configuration: deleting unnecessary components irrelevant to tomcat and useless files installed by default, and performing basic configuration and reinforcement;
and (3) system backup and recovery: the tomcat configuration directory is backed up on a regular disk, backup is performed once every day, one month is reserved, backup recovery tests are performed on a regular monthly basis, and the condition that the backup is in a damaged state when the file is damaged and to be recovered can be eliminated through the regular tests on the backup file, so that the safety performance of file recovery is further improved.
The specific disaster recovery schemes include a cold station backup scheme, a warm station backup scheme and a hot station backup scheme, and specific operations during disaster recovery can be determined through the cold station backup scheme, the warm station backup scheme and the hot station backup scheme, and meanwhile, the success rate of disaster recovery and the recovery efficiency are improved.
Wherein, need carry out safe development test after accomplishing above-mentioned safety design, specifically include the following operating procedure:
s1 safety training: establishing a perfect safety training system, culturing safety consciousness, and forming a mode of safety test, safety development, safety operation and maintenance and safety products;
s2 requirement analysis: determining safety requirements and input proportion, and searching an optimal mode of safety embedding;
s3 system design: determining design requirements, analyzing an attack surface and threatening modeling;
s4 design implementation: using standard tools, abandoning unsafe functions, and performing static analysis (safe development specification + code audit);
s5 verification: the method comprises the steps of firstly carrying out black and white box test, carrying out attack surface evaluation, then issuing a security event response plan and periodic security evaluation, and through security development and test, avoiding the situations of operation failure caused by errors existing in a security design stage, even file damage and the like caused by direct operation, thereby improving the absolute success rate of later operation.
It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus.
Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that changes, modifications, substitutions and alterations can be made in these embodiments without departing from the principles and spirit of the invention, the scope of which is defined in the appended claims and their equivalents.
Claims (9)
1. An information access security protection method for power grid data comprises a physical security design, a network security design and a host security design, and is characterized in that: the information access security protection method for the power grid data further comprises an application security design, a data backup security design and a middleware security design.
2. An information access security protection method for electric network data according to claim 1, characterized in that: the physical security design specifically comprises:
selecting a geographic position: whether the location of the system is in an area where disasters frequently occur or not is determined, and the center and the safe position of the system are determined in the floor, and meanwhile, the safety facilities and the equipment in the system are ensured to be placed at proper positions, so that the passing of personnel in the equipment area is reduced to the minimum;
peripheral precaution: an infrared defense system is arranged, and a closed circuit television is arranged at the same time;
safety control: necessary control measures are taken, the conditions of theft, fire, explosion, smoke, electromagnetic radiation and the like are reduced, meanwhile, the power supply failure of equipment is prevented, other abnormal power supply phenomena are prevented, and the safety of a communication line is ensured through safety control measures;
safe division: firstly, the equipment is placed according to different protection levels, then a specific safety area is isolated for the protection equipment, and the safety area is controlled in an all-around manner according to the protection levels by clearly dividing the area through physical separation, so that the threats from personnel and nature are reduced;
determining a recovery strategy; and determining the disaster recovery strategy of each key business function according to the possible loss calculation caused by the cost and risk of the disaster recovery resources, wherein different disaster recovery strategies can be adopted by different business functions.
3. An information access security protection method for electric network data according to claim 1, characterized in that: the network security design specifically comprises:
controlling access; deploying access control equipment at the boundary of an internal network and an external network, starting an access control function, providing clear access permission/denial capability for data streams according to session state information, controlling the granularity to be at a port level, determining to permit or deny a user to access resources of a research data safety management product according to an access permission rule between the user and the system, controlling the user, accessing the network in a dialing mode or a VPN mode and the like, adopting a strong authentication mode, strictly controlling the access authority of the user, and limiting the number of the users with the access authority of dialing, VPN and the like;
and (4) safety audit: when the platform is operated safely, log records should be carried out on the equipment operation state, network flow, user behavior and the like in the research data safety management product, and the audit records should include: date and time of the event, user information, event type, whether the event was successful, and other audit related information;
and (3) boundary checking: the secure operating platform should be able to check that the internal user present in the internal network has not been privately connected to the external network by permission;
and (3) intrusion prevention: the secure execution platform should monitor the following aggressive behaviors at the network boundary: port scanning, brute force attack, trojan backdoor attack, denial of service attack, buffer overflow attack, IP fragment attack and network worm attack;
code precaution: detecting and clearing the malicious codes at the network boundary, and maintaining the upgrade of a malicious code library and the update of a detection system;
network precaution: the identity authentication is carried out on the user who logs in the network equipment, the login address of the administrator of the network equipment is limited, and the network equipment identifier is unique.
4. An information access security protection method for electric network data according to claim 1, characterized in that: the safety design of the host specifically comprises:
identity authentication: determining the uniqueness of the account name in the system and setting the complexity of the password;
and (3) access control: forbidding a root account, logging in by using other users to obtain the root authority, and forbidding a default account and redundant useless accounts;
and (3) intrusion prevention: all system components, protocols and system services which are not required to be used, especially network services, do not need to be installed, and meanwhile, the prevention of malicious codes is paid attention to;
and (4) safety audit: starting an audit log function or realizing audit requirements by adopting a third-party security audit product operation, and recommending the log type to be written into a file;
and (3) resource control: and displaying the login information of the third-party terminal through the firewall, setting an overtime locking function, and setting the TIMEOUT value TIMEOUT to 600 s.
5. An information access security protection method for electric network data according to claim 1, characterized in that: the application security design comprises the following security operations besides identity authentication, access control and resource control:
self-protection: an injection attack protection design, a vulnerability exploitation protection design and an anti-tampering design;
application auditing: the system stores the message content of each request and the message content of the push in a database, only registered request information is required to be processed, the system records the content, time and event type of the message, the sender account is in the database, and the storage time is not less than 6 months;
software fault tolerance: effective filtering and coding are carried out on the special characters, the system is prevented from abnormally leaking sensitive information, effective fault quick recovery measures are provided, and the key service of the application system is ensured not to be interrupted and quickly recovered;
and (4) remaining information protection: the system clears the identification information such as session and cookie while the user exits, thereby effectively preventing the user from being held, effectively clearing the files, directories and database records in the system before distributing to other users, and preventing the important information of the system from being stolen
And (4) system vulnerability: and performing source code audit on the application system, forming a source code audit report, performing safety test on the application system, ensuring that no high-intermediate-risk application layer bugs such as SQL injection, cross-site scripts, file uploading, path traversal and the like exist in the application system, regularly updating the terminal application program, ensuring that the version is the latest official version, and performing third-party safety and compatibility test on the system every time the application system is released.
6. An information access security protection method for electric network data according to claim 1, characterized in that: the data and backup security design specifically comprises:
data confidentiality: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;
data integrity: the transmission path of the information system uses encryption transmission to encrypt and store important authentication information content in a database form and important data in a service system database, various important management files and data are stored by using an encryption system, and a medium for storing the important files is encrypted and stored in a safe;
data backup: the platform backups important information and periodically tests the availability of backup media, provides hardware redundancy of key network equipment, communication lines and a data processing system, and ensures the availability of the system.
7. An information access security protection method for electric network data according to claim 2, characterized in that: the safety design of the middleware comprises not only identity authentication, access control and safety audit, but also the following safety operations
Security configuration: deleting unnecessary components irrelevant to tomcat and useless files installed by default, and performing basic configuration and reinforcement;
and (3) system backup and recovery: and (3) regularly backing up the tomcat configuration catalog on the disk, carrying out backup once every day at regular time, keeping for one month, and regularly carrying out backup recovery test every month.
8. An information access security protection method for electric network data according to claim 1, characterized in that: the recovery strategy, namely the acquisition mode of disaster recovery resources and the specific requirements of each element of the disaster recovery level, are determined, and the specific disaster recovery schemes comprise a cold station backup scheme, a warm station backup scheme and a hot station backup scheme.
9. An information access security protection method for electric network data according to claim 1, characterized in that: after the safety design is completed, a safety development test is required, and the method specifically comprises the following operation steps:
s1 safety training: establishing a perfect safety training system, culturing safety consciousness, and forming a mode of safety test, safety development, safety operation and maintenance and safety products;
s2 requirement analysis: determining safety requirements and input proportion, and searching an optimal mode of safety embedding;
s3 system design: determining design requirements, analyzing an attack surface and threatening modeling;
s4 design implementation: using standard tools, abandoning unsafe functions, and performing static analysis (safe development specification + code audit);
s5 verification: the method comprises the steps of firstly carrying out black and white box test, carrying out attack surface evaluation, and then issuing a security event response plan and periodic security evaluation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111367407.4A CN114205121A (en) | 2021-11-17 | 2021-11-17 | Information access security protection method for power grid data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111367407.4A CN114205121A (en) | 2021-11-17 | 2021-11-17 | Information access security protection method for power grid data |
Publications (1)
Publication Number | Publication Date |
---|---|
CN114205121A true CN114205121A (en) | 2022-03-18 |
Family
ID=80647949
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111367407.4A Pending CN114205121A (en) | 2021-11-17 | 2021-11-17 | Information access security protection method for power grid data |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114205121A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115966287A (en) * | 2022-06-17 | 2023-04-14 | 西安交通大学 | Medical information management system and medical information management method |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103856371A (en) * | 2014-02-28 | 2014-06-11 | 中国人民解放军91655部队 | Safety protection method of information system |
CN104410617A (en) * | 2014-11-21 | 2015-03-11 | 西安邮电大学 | Information safety attack and defense system structure of cloud platform |
CN105282178A (en) * | 2015-11-29 | 2016-01-27 | 国网江西省电力公司信息通信分公司 | Cloud computing security technology platform |
CN105553940A (en) * | 2015-12-09 | 2016-05-04 | 北京中科云集科技有限公司 | Safety protection method based on big data processing platform |
CN109861977A (en) * | 2018-12-28 | 2019-06-07 | 北京红山瑞达科技有限公司 | A kind of method that promotion personnel awareness of network security is promoted |
-
2021
- 2021-11-17 CN CN202111367407.4A patent/CN114205121A/en active Pending
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103856371A (en) * | 2014-02-28 | 2014-06-11 | 中国人民解放军91655部队 | Safety protection method of information system |
CN104410617A (en) * | 2014-11-21 | 2015-03-11 | 西安邮电大学 | Information safety attack and defense system structure of cloud platform |
CN105282178A (en) * | 2015-11-29 | 2016-01-27 | 国网江西省电力公司信息通信分公司 | Cloud computing security technology platform |
CN105553940A (en) * | 2015-12-09 | 2016-05-04 | 北京中科云集科技有限公司 | Safety protection method based on big data processing platform |
CN109861977A (en) * | 2018-12-28 | 2019-06-07 | 北京红山瑞达科技有限公司 | A kind of method that promotion personnel awareness of network security is promoted |
Non-Patent Citations (1)
Title |
---|
杨静;: "基于"企业网安全评估与运维"项目的安全评估策略分析与实践", 实验技术与管理, no. 12, pages 197 - 216 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115966287A (en) * | 2022-06-17 | 2023-04-14 | 西安交通大学 | Medical information management system and medical information management method |
CN115966287B (en) * | 2022-06-17 | 2023-10-24 | 湖南提奥医疗科技有限公司 | Medical information management system and medical information management method |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Alhabeeb et al. | Information security threats classification pyramid | |
CN114003943B (en) | Safe double-control management platform for computer room trusteeship management | |
CN114205121A (en) | Information access security protection method for power grid data | |
Belbergui et al. | Cloud computing: Overview and risk identification based on classification by type | |
Chandramouli et al. | Security guidelines for storage infrastructure | |
CN111652454A (en) | Supervision quality and safety production management evaluation management system | |
Choi et al. | A HIPAA security and privacy compliance audit and risk assessment mitigation approach | |
CN110311908A (en) | A kind of enterprises economic management information safe encryption method | |
CN113239349B (en) | Network security testing method for power monitoring system | |
CN108600178A (en) | A kind of method for protecting and system, reference platform of collage-credit data | |
Sharma et al. | OVERVIEW OF DATA SECURITY, CLASSIFICATION AND CONTROL MEASURE: A STUDY. | |
Furmanyuk et al. | Modern approaches to the database protection | |
Georgiou et al. | A security policy for cloud providers | |
Nadjar et al. | A Case Study on the Multi-Vector Data Breach on Astoria | |
Horwath | Setting up a database security logging and monitoring program | |
Garrison et al. | Computer security checklist for non-security technology professionals | |
Guo et al. | Research on risk analysis and security testing technology of mobile application in power system | |
Βλαχάκης | GDPR, from theory to practice. Development of a minimum basic data protection system for public and private sector entities | |
Kuz | The risk management of critical information infrastructure: threats-vulnerabilities-consequences | |
Patil et al. | A Review of the OW ASP Top 10 Web Application Security Risks and Best Practices for Mitigating These Risks | |
Molin | Risk Assessment of Company X | |
CN116866032A (en) | Privilege account management system | |
None | Methodology Development for Cybersecurity Robustness and Vulnerability Assessment of University Research Reactors | |
Gayash et al. | SQUARE-lite: Case study on VADSoft project | |
Le Grand et al. | Database access, security, and auditing for PCI compliance |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |