CN118101197A - Network safety protection method and system for power system communication - Google Patents
Network safety protection method and system for power system communication Download PDFInfo
- Publication number
- CN118101197A CN118101197A CN202410489074.XA CN202410489074A CN118101197A CN 118101197 A CN118101197 A CN 118101197A CN 202410489074 A CN202410489074 A CN 202410489074A CN 118101197 A CN118101197 A CN 118101197A
- Authority
- CN
- China
- Prior art keywords
- data
- arrangement
- information
- power system
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000004891 communication Methods 0.000 title claims abstract description 109
- 238000000034 method Methods 0.000 title claims abstract description 56
- 239000012634 fragment Substances 0.000 claims abstract description 58
- 230000015654 memory Effects 0.000 claims description 18
- 238000004590 computer program Methods 0.000 claims description 10
- 239000000284 extract Substances 0.000 claims description 6
- 238000004422 calculation algorithm Methods 0.000 claims description 5
- 238000011084 recovery Methods 0.000 claims description 3
- 230000005540 biological transmission Effects 0.000 abstract description 9
- 238000004364 calculation method Methods 0.000 description 5
- 230000006378 damage Effects 0.000 description 4
- 230000009286 beneficial effect Effects 0.000 description 3
- 238000000605 extraction Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000004519 manufacturing process Methods 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 238000012545 processing Methods 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y04—INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
- Y04S—SYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
- Y04S40/00—Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
- Y04S40/20—Information technology specific aspects, e.g. CAD, simulation, modelling, system security
Landscapes
- Storage Device Security (AREA)
Abstract
The application provides a network safety protection method and a system for power system communication, which relate to the technical field of power system communication safety protection, and the method comprises the following steps: acquiring plaintext data of original communication information; randomly extracting a plurality of data fragments from the plaintext data of the original communication information, correspondingly marking the positions corresponding to the extracted data fragments in the residual data, combining and arranging the extracted data fragments to serve as a data head, simultaneously recording the combined arrangement sequence information of the data fragments, and taking the residual data as a data main body; encrypting the combined arrangement sequence information and the data header respectively, and incorporating the encrypted combined arrangement sequence information into the encrypted data header to obtain a recombined data header; the reassembled data header is combined with the data body. The method can realize quick and safe encryption, and effectively improve the encryption and transmission efficiency of data on the basis of ensuring the communication safety of the power system.
Description
Technical Field
The application relates to the technical field of power system communication safety protection, in particular to a network safety protection method and system for power system communication.
Background
At present, in the field of power system communication, transmitted information is generally encrypted, so that transmitted original plaintext is converted into ciphertext which cannot be directly read, related data is protected from being stolen or tampered by unauthorized personnel (or units), and therefore the safety of power system communication is ensured.
In the prior art, most encryption methods generally directly encrypt an original plaintext and then transfer information. As the amount of data of the information increases, the computational resources and computation time required for the encryption/decryption process increases. However, due to the uninterrupted production of the power system and the abrupt change of the operation state, the data transmission amount of the power system communication is large and a high transmission efficiency is required.
Therefore, on the basis of ensuring the security of information transmitted by power system communication, how to effectively improve the encryption and transmission efficiency of data is a problem to be solved.
Disclosure of Invention
In order to solve the technical problems in the related art, the application provides a network security protection method and system for power system communication. By the method, the encryption and transmission efficiency of the data can be effectively improved on the basis of guaranteeing the safety of the information transmitted by the communication of the power system.
In order to achieve the above purpose, the technical scheme adopted by the application comprises the following steps:
According to a first aspect of the present application, there is provided a network security protection method of power system communication, the network security protection method of power system communication comprising the steps of:
Acquiring plaintext data of original communication information;
Randomly extracting a plurality of data fragments from the plaintext data of the original communication information And the position/>, corresponding to the data fragment extracted by the corresponding mark, in the residual dataCombining and arranging the extracted data fragments to be used as a data head, recording the combined arrangement sequence information of the data fragments, and taking the rest data as a data main body;
Encrypting the combined arrangement sequence information and the data header respectively, and incorporating the encrypted combined arrangement sequence information into the encrypted data header to obtain a recombined data header;
The reassembled data header is combined with the data body to obtain the communication encrypted data.
Optionally, the lengths of the randomly extracted data segments are the same.
Optionally, the several data segments are arranged in any one of the following arrangements:
random arrangement, positive arrangement, reverse arrangement, unequal interval arrangement, and equal interval arrangement;
the positive sequence arrangement is to arrange the data segments one by one according to the sequence of the data segments in the rest data;
The reverse arrangement is to arrange the data segments one by one in a descending order according to the sequence of the positions of the data segments in the rest data;
the unequal interval arrangement is to arrange all the extracted data fragments in positive sequence or in reverse sequence, and then extract a plurality of data fragments from the arrangement according to an unequal interval mode and place the data fragments in front of or behind the arrangement;
The equidistant arrangement is to arrange all the extracted data segments in positive sequence or in reverse sequence, and then extract a plurality of data segments from the arrangement in an equidistant manner and place the data segments in front of or behind the arrangement.
Optionally, the total length of the extracted several data segmentsTotal length of plaintext data with original communication information/>The method meets the following conditions: /(I)。
Optionally, the encryption method used to combine the permutation information with the data header includes any one of the following encryption methods:
symmetric encryption, asymmetric encryption, hash algorithm encryption.
Optionally, randomly extracting a plurality of data fragments from the plaintext data of the original communication information is specifically:
in the process of reading the plaintext data of the original communication information, the plaintext data of the original communication information is preloaded into a forward buffer area section by section in sequence, and then the data fragments are extracted one by one according to the bit or byte of the data arrangement sequence interval arithmetic series or arithmetic series by utilizing a sliding window with fixed length.
Optionally, the network security protection method of power system communication further includes a decryption step:
acquiring communication information encryption data;
Separating the acquired communication information encryption data into a recombined data header and a data main body, and decrypting the combined arrangement sequence information and the data header in the recombined data header respectively;
and carrying out positive sequence recovery on the data fragments in the data header according to the combined arrangement sequence information and returning and inserting the data fragments into the corresponding positions of the data main body so as to obtain the plaintext data of the original communication information.
According to a second aspect of the present application, there is also provided a network security protection system for power system communication, including an information sending terminal and an information receiving terminal, where the information sending terminal is configured to perform the encryption step according to any one of the first aspect of the present application, and send the obtained encrypted communication data to the information receiving terminal, and the information receiving terminal is configured to receive the encrypted communication data and obtain plaintext data of the original communication by performing the decryption step according to any one of the first aspect of the present application.
According to a third aspect of the present application, there is also provided a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor being capable of implementing the steps of the network security protection method of power system communication according to any one of the first aspect of the present application when the computer program is executed.
According to a fourth aspect of the present application there is also provided a computer readable storage medium having stored thereon a computer program which when executed by a processor is capable of carrying out the steps of the network security protection method of power system communication of any of the first aspects of the present application.
The beneficial effects are that:
1. By the technical scheme, after a plurality of data fragments are extracted from the plaintext data of the original communication information, the format of the rest plaintext data is temporarily destroyed and cannot be correctly read and identified, so that the first encryption of the plaintext data can be realized only by extracting the data fragments, the related encryption calculation is not needed, the first encryption can be completed very simply and quickly, and the encryption efficiency can be remarkably improved. And simultaneously, the corresponding relation between the extracted data fragments and the original positions thereof is recorded respectively, namely, the positions corresponding to the extracted data fragments are marked correspondingly in the residual data, then the combination arrangement sequence information of a plurality of data fragments in the data header and the data header are encrypted and then combined to obtain a recombined data header, then the residual data is used as a data main body, and the recombined data header and the data main body are combined to obtain communication information encrypted data, so that the second encryption of plaintext data is realized, and the second encryption only encrypts the combination arrangement sequence information and the data header.
Meanwhile, after the two times of encryption, the plaintext data of the original communication information can be reliably encrypted into ciphertext, so that the communication safety of the power system can be effectively ensured. Therefore, the method can effectively improve the encryption and transmission efficiency of the data on the basis of ensuring the safety of the information transmitted by the power system communication.
2. Other benefits or advantages of the present application will be described in more detail in the detailed description.
Drawings
In order to more clearly illustrate the embodiments of the application or the technical solutions of the prior art, the drawings that are necessary for the description of the embodiments will be briefly described, it being evident that the drawings in the following description are only some embodiments of the application and that other drawings can be obtained from these drawings without inventive effort for a person skilled in the art.
Wherein:
fig. 1 is a schematic flow chart of steps of a network security protection method for power system communication according to an exemplary embodiment of the present application.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application.
Thus, the following detailed description of the embodiments of the application, as presented in the figures, is not intended to limit the scope of the application, as claimed, but is merely representative of selected embodiments of the application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
Furthermore, references to the terms "comprising" and "having" and any variations thereof in the description of the present application are intended to cover a non-exclusive inclusion. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed but may optionally include other steps or elements not listed or inherent to such process, method, article, or apparatus. It should be noted that, in the embodiments of the present application, words such as "exemplary" or "such as" are used to mean serving as examples, illustrations, or descriptions. Any embodiment or design described herein as "exemplary" or "e.g." in an embodiment should not be taken as preferred or advantageous over other embodiments or designs. Rather, the use of words such as "exemplary" or "such as" is intended to present related concepts in a concrete fashion.
In order to facilitate the technical solution of the present application to be more clearly and accurately understood by the relevant technicians, the following description will explain the problems existing in the prior art in detail.
For power system communication, the transmitted data is generally encrypted by adopting a symmetrical encryption/asymmetrical encryption mode and the like, so that related data cannot be stolen or tampered by unauthorized personnel (or units), and the safety of the power system communication is ensured.
However, as the amount of data transferred increases, the corresponding encryption/decryption process requires more computing resources and computing time, which results in a lower data transmission rate and is not able to meet the timeliness requirements of the power system communication.
The application provides a brand new solution, namely a network safety protection method for power system communication, which has the technical ideas that: the original communication information plaintext data is divided, namely a plurality of data fragments are randomly extracted from the original communication information plaintext data, so that the format of the rest plaintext data is temporarily destroyed and cannot be correctly read and identified, the first encryption of the plaintext data is realized, the encryption mode does not need encryption calculation, and the encryption efficiency can be remarkably improved. Meanwhile, the extracted data fragments are combined and arranged to be used as a data header, then the combined arrangement sequence information of the data header and the data header are respectively encrypted and then combined to form a recombined data header, then the rest data is used as a data main body, and the recombined data header and the data main body are combined to obtain communication information encrypted data, so that the second encryption is realized, and the encryption mode is only used for encrypting the combined arrangement sequence information of the data header and the data header, so that the encrypted data volume can be obviously reduced, the encryption efficiency can be obviously improved, and the confidentiality degree can be effectively improved.
Thus, through the two-time encryption, the safety of the communication of the power system can be effectively ensured.
The technical scheme of the application is described in detail below with reference to the accompanying drawings.
Example 1
As shown in fig. 1, according to a first aspect of the present application, there is provided a network security protection method for power system communication, the network security protection method for power system communication including the steps of:
Acquiring plaintext data of original communication information;
Randomly extracting a plurality of data fragments from the plaintext data of the original communication information And the position/>, corresponding to the data fragment extracted by the corresponding mark, in the residual dataCombining and arranging the extracted data fragments to be used as a data head, recording the combined arrangement sequence information of the data fragments, and taking the rest data as a data main body;
Encrypting the combined arrangement sequence information and the data header respectively, and incorporating the encrypted combined arrangement sequence information into the encrypted data header to obtain a recombined data header;
The reassembled data header is combined with the data body to obtain the communication encrypted data.
By the technical scheme, after a plurality of data fragments are extracted from the plaintext data of the original communication information, the format of the rest plaintext data is temporarily destroyed and cannot be correctly read and identified, so that the first encryption of the plaintext data can be realized only by extracting the data fragments, the related encryption calculation is not needed, the first encryption can be completed very simply and quickly, and the encryption efficiency can be remarkably improved. And simultaneously, the corresponding relation between the extracted data fragments and the original positions thereof is recorded respectively, namely, the positions corresponding to the extracted data fragments are marked correspondingly in the residual data, then the combination arrangement sequence information of a plurality of data fragments in the data header and the data header are encrypted and then combined to obtain a recombined data header, then the residual data is used as a data main body, and the recombined data header and the data main body are combined to obtain communication information encrypted data, so that the second encryption of plaintext data is realized, and the second encryption only encrypts the combination arrangement sequence information and the data header.
Meanwhile, after the two times of encryption, the plaintext data of the original communication information can be reliably encrypted into ciphertext, so that the communication safety of the power system can be effectively ensured. Therefore, the method can effectively improve the encryption and transmission efficiency of the data on the basis of ensuring the safety of the information transmitted by the power system communication.
In one embodiment of the application, the lengths of the several data segments randomly extracted may be the same. Therefore, the method is not only beneficial to reducing the related programming code quantity of a random extraction algorithm and facilitating quick realization and debugging, but also beneficial to ensuring that the data symmetry of the data head and the data quantity can have higher matching degree and avoiding misreading and disorder. In addition, a plurality of data fragments with the same length can be read and encrypted more accurately and reliably after being combined, so that the robustness of the second encryption operation is improved.
In one embodiment of the present application, the combination arrangement mode of the plurality of data segments may be any one of random arrangement, positive arrangement, reverse arrangement, unequal interval arrangement and equal interval arrangement;
In this embodiment, the random arrangement means that the extracted data segments are arranged randomly. The positive sequence arrangement means a mode of increasing sequence and arranging one by one according to the sequence position order of the data fragments in the residual data. The reverse arrangement means a manner of arranging the data segments one by one in a descending order according to the sequence of the positions of the data segments in the remaining data.
In this embodiment, the unequal interval arrangement means that all the extracted data segments are arranged in positive order or in reverse order, and then a plurality of data segments are extracted from the arrangement according to the unequal interval mode and placed in front of or behind the arrangement.
For example, in one exemplary implementation, all extracted data segments may be ordered in a positive sequence, e.g.,Then extracting a plurality of data fragments from the arrangement in a non-equidistant manner, e.g. intervals 0,1, 3, e.g. to beThe extraction is arranged in front of the original arrangement, i.e.,. So as to further improve the encryption effect of the data and ensure the security of the data.
In this embodiment, the equidistant arrangement is to first arrange all the extracted data segments in positive order or in reverse order, and then extract a plurality of data segments from the arrangement according to the equidistant mode and place the data segments in front of or behind the arrangement.
For example, in one exemplary implementation, all extracted data segments may be ordered in a reverse order, e.g.,Then extracting a number of data fragments from the arrangement in a non-equally spaced manner, e.g. at intervals 2, e.g. to beThe extraction is arranged behind the original arrangement, that is,. So as to further improve the encryption effect of the data and ensure the security of the data.
In one embodiment of the application, the total length of the extracted several data segmentsTotal length of plaintext data with original communication information/>The method meets the following conditions: /(I)。
In this way, the total length of the extracted data segment accounts for one tenth to one hundredth of the total length of the plaintext data of the original communication information, that is, the data volume of the extracted data segment accounts for one tenth to one hundredth of the data volume of the plaintext data of the original communication information, so that the data structure of the plaintext data of the original communication information can be fully destroyed, and the encryption calculation volume and technical time of the extracted data segment can be effectively reduced on the basis of ensuring that the residual data can not be correctly read and identified, thereby ensuring the encryption efficiency.
In this embodiment, it can be understood that, when the total length of the extracted data segment occupies one tenth of the total length of the plaintext data of the original communication information, encryption efficiency can be ensured to a certain extent on the basis of ensuring the destruction degree of the remaining data to the greatest extent. When the total length of the extracted data fragments accounts for one percent of the total length of the plaintext data of the original communication information, the damage degree to the residual data can be ensured to a certain extent on the basis of ensuring the encryption efficiency to the greatest extent.
In one embodiment of the present application, the encryption method used to combine the permutation information with the data header may be: any one of symmetric encryption, asymmetric encryption, hash algorithm encryption. Therefore, the recombined data head can be reliably encrypted, and the safety of the recombined data head is further improved, so that the safety of power system communication is further improved.
In this embodiment, it can be understood that the encryption method used for combining the permutation information and the data header may be the same to improve encryption efficiency, or may be different to improve confidentiality.
In the process of randomly extracting a plurality of data fragments from the plaintext data of the original communication information, the extracted data fragments may be too concentrated due to the randomness of a random algorithm, so that the structure of the residual data is not completely destroyed and can be directly read to a certain extent.
In view of this, in one embodiment of the present application, randomly extracting a plurality of data segments from the plaintext data of the original communication information may be as follows: in the process of reading the plaintext data of the original communication information, the plaintext data of the original communication information is preloaded into a forward buffer area section by section in sequence, and then the data fragments are extracted one by one according to the bit or byte of the data arrangement sequence interval arithmetic series or arithmetic series by utilizing a sliding window with fixed length.
Thus, each time data is read, a part of the data is preloaded into the buffer, once the data passes through the buffer, the data is moved into the sliding window, and the sliding window extracts bits or bytes of an arithmetic series or an arithmetic series according to the identification and according to the data arrangement sequence, so that the length consistency of extracted data fragments can be effectively ensured, and the damage degree to the residual data can be fully ensured.
The embodiment can be understood as a pseudo-random form, and the data fragments can be extracted from all plaintext data more uniformly, so that the damage degree to the residual data can be ensured more reliably, and the safety of the data can be ensured effectively.
For example, in one specific implementation, all of the data in the plain data of the original communication is arranged as:;
the length of the sliding window can be 2, the data fragments are extracted one by one according to the arithmetic progression of 1, 3 and 5, and the extracted data fragments can be obtained And/>And/>And/>。
The length of the sliding window can also be 3, and the data fragments can be extracted one by one according to the equal-ratio series of 2, 2 and 2And/>And/>And/>。
In one embodiment of the present application, the network security protection method for power system communication of the present application may further include a decryption step:
acquiring communication information encryption data;
Separating the acquired communication information encryption data into a recombined data header and a data main body, and decrypting the combined arrangement sequence information and the data header in the recombined data header respectively;
and carrying out positive sequence recovery on the data fragments in the data header according to the combined arrangement sequence information and returning and inserting the data fragments into the corresponding positions of the data main body so as to obtain the plaintext data of the original communication information.
By adopting the technical scheme, the data volume of the decrypted calculation can be obviously reduced due to the smaller data volume of the recombined data header (compared with the data volume of the full-text encryption of the plaintext data of the original communication information), so that the decryption efficiency can be obviously improved. Meanwhile, according to the combination arrangement sequence information and the data head obtained through decryption, the extracted data fragments can be quickly and accurately returned to the corresponding positions in the data main body, so that the plaintext data of the original communication information can be quickly and accurately obtained.
According to a second aspect of the present application, there is also provided a network security protection system for power system communication, comprising an information sending terminal and an information receiving terminal, the information sending terminal being configured to perform the encryption step according to any one of the first aspects of the present application, and send the obtained encrypted data of communication information to the information receiving terminal, the information receiving terminal being configured to receive the encrypted data of communication information and obtain plaintext data of original communication information by performing the decryption step according to any one of the first aspects of the present application.
It will be understood that the information transmitting terminal and the information receiving terminal of the present application are with respect to a certain information transmission process, and do not refer to the terminals as only information transmitting or information receiving terminals, but refer to the terminals having a function of transmitting or receiving information. For example, the network security protection system for power system communication of the present application may include a first terminal, a second terminal, and a third terminal, where when the first terminal needs to transmit certain information to the second terminal, the first terminal is an information sending terminal, and the second terminal is an information receiving terminal. When the third terminal needs to transmit certain information to the first terminal, in the process, the third terminal is the information sending terminal, and the first terminal is the information receiving terminal.
According to a third aspect of the present application, there is also provided a computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor being capable of implementing the steps of the network security protection method of power system communication in any one of the aspects of the first aspect of the present application when the computer program is executed.
It will be appreciated that in this embodiment, the memory may comprise volatile memory, such as random access memory; the memory may also include non-volatile memory, such as read-only memory, flash memory, hard disk or solid state disk; furthermore, the memory may also comprise a combination of memories of the kind described above. The present application is not particularly limited thereto.
As such, the processor may be capable of implementing or executing various exemplary logic steps described in connection with the present disclosure. The processor may be a central processing unit, a general purpose processor, a digital signal processor, an application specific integrated circuit, a field programmable gate array or other programmable logic device, a transistor logic device, a hardware component, or any combination thereof. Which may implement or perform the various exemplary logic steps described in connection with the present disclosure. The processor may also be a combination that performs the function of a computation, e.g., a combination comprising one or more microprocessors, a combination of a DSP and a microprocessor, etc.
According to a fourth aspect of the present application, there is also provided a computer readable storage medium having stored thereon a computer program, characterized in that the computer program, when executed by a processor, is capable of implementing the steps of the network security protection method for power system communication in any of the first aspects of the present application.
In this embodiment, the computer-readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the computer-readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access Memory (Random Access Memory, RAM), a Read-Only Memory (ROM), an erasable programmable Read-Only Memory (Erasable Programmable Read Only Memory, EPROM), a register, a hard disk, an optical fiber, a portable compact disc Read-Only Memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing, or any other form of computer readable storage medium known in the art. An exemplary storage medium is coupled to the processor such the processor can read information from, and write information to, the storage medium. In the alternative, the storage medium may be integral to the processor. The processor and the storage medium may reside in an application specific integrated circuit (ApplicationSpecific Integrated Circuit, ASIC). In embodiments of the present application, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
The present application is not limited to the above embodiments, and any changes or substitutions within the technical scope of the present application should be covered by the scope of the present application. Therefore, the protection scope of the present application should be subject to the protection scope of the claims.
Claims (10)
1. The network security protection method for the power system communication is characterized by comprising the following steps of:
Acquiring plaintext data of original communication information;
Randomly extracting a plurality of data fragments from the plaintext data of the original communication information And the position/>, corresponding to the data fragment extracted by the corresponding mark, in the residual dataCombining and arranging the extracted data fragments to be used as a data head, recording the combined arrangement sequence information of the data fragments, and taking the rest data as a data main body;
Encrypting the combined arrangement sequence information and the data header respectively, and incorporating the encrypted combined arrangement sequence information into the encrypted data header to obtain a recombined data header;
The reassembled data header is combined with the data body to obtain the communication encrypted data.
2. The network security protection method of power system communication of claim 1, wherein the lengths of the plurality of randomly extracted data segments are the same.
3. The network security protection method for power system communication according to claim 1, wherein the combination arrangement of the plurality of data segments adopts any one of the following arrangements:
random arrangement, positive arrangement, reverse arrangement, unequal interval arrangement, and equal interval arrangement;
the positive sequence arrangement is to arrange the data segments one by one according to the sequence of the data segments in the rest data;
The reverse arrangement is to arrange the data segments one by one in a descending order according to the sequence of the positions of the data segments in the rest data;
the unequal interval arrangement is to arrange all the extracted data fragments in positive sequence or in reverse sequence, and then extract a plurality of data fragments from the arrangement according to an unequal interval mode and place the data fragments in front of or behind the arrangement;
The equidistant arrangement is to arrange all the extracted data segments in positive sequence or in reverse sequence, and then extract a plurality of data segments from the arrangement in an equidistant manner and place the data segments in front of or behind the arrangement.
4. The network security protection method of power system communication of claim 1, wherein a total length of the extracted number of data segmentsTotal length of plaintext data with original communication information/>The method meets the following conditions:。
5. The network security protection method for power system communication according to claim 1, wherein the encryption method adopted for combining the arrangement order information with the data header includes any one of the following encryption methods:
symmetric encryption, asymmetric encryption, hash algorithm encryption.
6. The network security protection method for power system communication according to claim 1, wherein randomly extracting a plurality of data fragments from plaintext data of an original communication message comprises:
in the process of reading the plaintext data of the original communication information, the plaintext data of the original communication information is preloaded into a forward buffer area section by section in sequence, and then the data fragments are extracted one by one according to the bit or byte of the data arrangement sequence interval arithmetic series or arithmetic series by utilizing a sliding window with fixed length.
7. The network security protection method of power system communication according to any one of claims 1 to 6, wherein the network security protection method of power system communication further comprises a decryption step of:
acquiring communication information encryption data;
Separating the acquired communication information encryption data into a recombined data header and a data main body, and decrypting the combined arrangement sequence information and the data header in the recombined data header respectively;
and carrying out positive sequence recovery on the data fragments in the data header according to the combined arrangement sequence information and returning and inserting the data fragments into the corresponding positions of the data main body so as to obtain the plaintext data of the original communication information.
8. A network security protection system for power system communication, comprising an information transmitting terminal for performing the encryption step of the network security protection method for power system communication according to any one of claims 1 to 6 and transmitting the obtained communication information encryption data to an information receiving terminal for receiving the communication information encryption data and obtaining the original communication information plaintext data by performing the decryption step of the network security protection method for power system communication according to claim 7.
9. A computer device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the processor is capable of implementing the steps of the network security protection method of power system communication according to any of claims 1-7 when executing the computer program.
10. A computer readable storage medium having stored thereon a computer program, which when executed by a processor is capable of implementing the steps of the network security protection method of power system communication of any of claims 1-7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410489074.XA CN118101197B (en) | 2024-04-23 | 2024-04-23 | Network safety protection method and system for power system communication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410489074.XA CN118101197B (en) | 2024-04-23 | 2024-04-23 | Network safety protection method and system for power system communication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN118101197A true CN118101197A (en) | 2024-05-28 |
| CN118101197B CN118101197B (en) | 2024-07-16 |
Family
ID=91157270
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410489074.XA Active CN118101197B (en) | 2024-04-23 | 2024-04-23 | Network safety protection method and system for power system communication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN118101197B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112073372A (en) * | 2020-08-04 | 2020-12-11 | 南京国电南自维美德自动化有限公司 | Double encryption method and decryption method for communication messages of power system and message interaction system |
| CN116389137A (en) * | 2023-04-18 | 2023-07-04 | 深圳市简爱零陆科技有限公司 | Data encryption method and system based on network information security |
| WO2023178792A1 (en) * | 2022-03-24 | 2023-09-28 | 平安科技(深圳)有限公司 | Ciphertext data storage method and apparatus, and device and storage medium |
-
2024
- 2024-04-23 CN CN202410489074.XA patent/CN118101197B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112073372A (en) * | 2020-08-04 | 2020-12-11 | 南京国电南自维美德自动化有限公司 | Double encryption method and decryption method for communication messages of power system and message interaction system |
| WO2023178792A1 (en) * | 2022-03-24 | 2023-09-28 | 平安科技(深圳)有限公司 | Ciphertext data storage method and apparatus, and device and storage medium |
| CN116389137A (en) * | 2023-04-18 | 2023-07-04 | 深圳市简爱零陆科技有限公司 | Data encryption method and system based on network information security |
Non-Patent Citations (2)
| Title |
|---|
| ITU-T STUDY GROUP 17: "SP-140647 "Forwarded from TSG GERAN: LS from ITU-T Study Group 17: LS on new work item on simple encryption procedure for IoT device security"", 3GPP TSG_SA\\TSG_SA, no. 66, 24 November 2014 (2014-11-24) * |
| 王晓明;胡鑫;高琦;宋辉;姬晓文;: "一种无线网络数据传输加密协议的设计", 电子设计工程, no. 02, 20 January 2020 (2020-01-20) * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN118101197B (en) | 2024-07-16 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110324143B (en) | Data transmission method, electronic device and storage medium | |
| CN101149768B (en) | Special processor software encryption and decryption method | |
| CN109993008A (en) | Method and arrangement for implicit integrality | |
| WO2015184834A1 (en) | Encryption/decryption method and device for file of embedded type storage device, and terminal | |
| CN104993923B (en) | The radar data guard method that a kind of Information hiding is combined with encryption technology | |
| CN103067170B (en) | encrypting method based on EXT2 file system | |
| CN105306194B (en) | For encrypted file and/or the multiple encryption method and system of communications protocol | |
| CN107609418A (en) | Desensitization method, device, storage device and the computer equipment of text data | |
| CN209803788U (en) | PCIE credible password card | |
| WO2018165811A1 (en) | Method for saving and verifying biometric template, and biometric recognition apparatus and terminal | |
| CN117640256B (en) | Data encryption method, recommendation device and storage medium of wireless network card | |
| CN108038128A (en) | A kind of search method, system, terminal device and storage medium for encrypting file | |
| CN103198264A (en) | Method and device for recovering encrypted file system data | |
| CN113688399A (en) | Firmware digital signature protection method and device, computer equipment and storage medium | |
| CN114205142B (en) | Data transmission method, device, electronic equipment and storage medium | |
| US20240178999A1 (en) | Method for data encryption, terminal device and non-transitory computer-readable storage medium | |
| CN102612025A (en) | Protective system and protective method for mobile phone documents | |
| CN116208420B (en) | Monitoring information safety transmission method, system, equipment and storage medium | |
| CN118101197B (en) | Network safety protection method and system for power system communication | |
| US20070106907A1 (en) | Method and device for encryption and decryption on the fly | |
| US10057054B2 (en) | Method and system for remotely keyed encrypting/decrypting data with prior checking a token | |
| CN103810407A (en) | GIS vector data line face layer copyright authentication method | |
| EP4084484B1 (en) | Method and device for encryption of video stream, communication equipment, and storage medium | |
| CN104363089A (en) | Method for realizing fuzzy vault on the basis of geographical location information | |
| CN113886850A (en) | Information encryption method, decryption method, device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant |