配电物联网边缘物联代理网络安全防护研究

配电物联网是配电监控系统向物联网模式演进的结果,边缘物联代理是连接物联网终端与云端的重要感知层设备。通过分析边缘物联代理自身及交互面临的安全风险和安全需求,研究了可信启动、身份认证、密钥协商、数据机密性保护、数据完整性保护、安全监测等技术,构建了基于可信启动的设备本体安全、基于身份认证和数据保护的交互安全以及基于日志、流量信息实时采集的安全监测于一体的安全防护架构,有效避免了因边缘物联代理遭受恶意攻击而导致整个系统瘫痪事件发生,有助于提升配电物联网在新的网络安全形势下抵御恶意攻击的能力。

Research on Security Protection of Edge IoT Agent on the Power Distribution IoT

Power distribution IoT is the evolution result of distribution monitoring system to the Internet of things.Edge IOT agent is an important perceptual layer device connecting IOT terminal and cloud.By analyzing the security risks and security requirements faced by the edge IoT agent and its interaction,the technologies of trusted start,identity authentication,key agreement,data confidentiality protection,data integrity protection,security monitoring are studied.And an integrated security protection structure of device ontology security based on trusted start,interactive security based on identity authentication and data protection,and security monitoring based on real-time collection of log and traffic information are constructed.The whole system paralysis event caused by malicious attacks on the edge IoT agent is avoided effectively.It helps to improve the ability of power distribution IoT resisting malicious attacks in the new network security situation.