• 中国精品科技期刊
  • CCF推荐A类中文期刊
  • 计算领域高质量科技期刊T1类
高级检索

电力物联场景下抗失陷终端威胁的边缘零信任模型

冯景瑜, 于婷婷, 王梓莹, 张文波, 韩刚, 黄文华

冯景瑜, 于婷婷, 王梓莹, 张文波, 韩刚, 黄文华. 电力物联场景下抗失陷终端威胁的边缘零信任模型[J]. 计算机研究与发展, 2022, 59(5): 1120-1132. DOI: 10.7544/issn1000-1239.20211129
引用本文: 冯景瑜, 于婷婷, 王梓莹, 张文波, 韩刚, 黄文华. 电力物联场景下抗失陷终端威胁的边缘零信任模型[J]. 计算机研究与发展, 2022, 59(5): 1120-1132. DOI: 10.7544/issn1000-1239.20211129
Feng Jingyu, Yu Tingting, Wang Ziying, Zhang Wenbo, Han Gang, Huang Wenhua. An Edge Zero-Trust Model Against Compromised Terminals Threats in Power IoT Environments[J]. Journal of Computer Research and Development, 2022, 59(5): 1120-1132. DOI: 10.7544/issn1000-1239.20211129
Citation: Feng Jingyu, Yu Tingting, Wang Ziying, Zhang Wenbo, Han Gang, Huang Wenhua. An Edge Zero-Trust Model Against Compromised Terminals Threats in Power IoT Environments[J]. Journal of Computer Research and Development, 2022, 59(5): 1120-1132. DOI: 10.7544/issn1000-1239.20211129
冯景瑜, 于婷婷, 王梓莹, 张文波, 韩刚, 黄文华. 电力物联场景下抗失陷终端威胁的边缘零信任模型[J]. 计算机研究与发展, 2022, 59(5): 1120-1132. CSTR: 32373.14.issn1000-1239.20211129
引用本文: 冯景瑜, 于婷婷, 王梓莹, 张文波, 韩刚, 黄文华. 电力物联场景下抗失陷终端威胁的边缘零信任模型[J]. 计算机研究与发展, 2022, 59(5): 1120-1132. CSTR: 32373.14.issn1000-1239.20211129
Feng Jingyu, Yu Tingting, Wang Ziying, Zhang Wenbo, Han Gang, Huang Wenhua. An Edge Zero-Trust Model Against Compromised Terminals Threats in Power IoT Environments[J]. Journal of Computer Research and Development, 2022, 59(5): 1120-1132. CSTR: 32373.14.issn1000-1239.20211129
Citation: Feng Jingyu, Yu Tingting, Wang Ziying, Zhang Wenbo, Han Gang, Huang Wenhua. An Edge Zero-Trust Model Against Compromised Terminals Threats in Power IoT Environments[J]. Journal of Computer Research and Development, 2022, 59(5): 1120-1132. CSTR: 32373.14.issn1000-1239.20211129

电力物联场景下抗失陷终端威胁的边缘零信任模型

基金项目: 国家自然科学基金项目(62102312);国家电网有限公司科技项目(J2021206)
详细信息
  • 中图分类号: TP393

An Edge Zero-Trust Model Against Compromised Terminals Threats in Power IoT Environments

Funds: This work was supported by the National Natural Science Foundation of China (62102312) and the Science and Technology Project of State Grid Co., Ltd. (J2021206).
  • 摘要: 信息化技术在电力行业的不断深入,使得电力物联网的暴露面大幅增加.攻击者以失陷终端为跳板渗入网络内部,可以窃取电力工业系统中的敏感数据或实施破坏.面对海量电力终端接入的零信任中心化部署瓶颈,提出了一种边缘零信任模型.围绕密集的电力终端,分布式多点部署零信任引擎,实时收集信任因素并上链存储.通过维护一个联盟区块链——信任因素区块链(trust factors chain, TF_chain),存储型边缘服务器同步共享电力终端在移动中产生的信任因素,便于追踪溯源和防止信息被篡改.提取异常因子和敏感因子,进行动态信任评估,对失陷终端的突变行为实现信任值迅速衰减,在认证中及时阻断失陷终端威胁.采用轻量级签密,确保认证信息从边缘到云端传递的安全性.仿真结果表明,所提出的模型可以分散中心化部署的零信任处理负载,在边缘化部署条件下有效抗击失陷终端威胁.
    Abstract: With the continuous penetration of information technology into the power industry, the exposure of power IoT networks has been further increased. Attackers can use compromised terminals as the springboard to infiltrate the network, and thus stealing sensitive data or doing damage in the power industry system. Aiming at the bottleneck of zero-trust centralized deployment of massive power terminals access, an edge zero-trust model is proposed. Around the dense power terminals, zero-trust engine should be deployed in manner of distributed multi- points. Trust factors are collected in real time and stored on the blockchain. By maintaining a consortium blockchain called TF_chain, the storage edge servers can synchronously share trust factors generated by power terminals on the move, and thus facilitating traceability and preventing tampering. The abnormal and sensitive factors are extracted to carry out dynamic trust evaluation. The trust value can be rapidly attenuated by the sudden behaviors of compromised terminals, so as to fast prevent their threats during the authentication. A lightweight signcryption method is adopted to ensure the security of authentication information transmitted from edge to cloud. The simulation results show that the proposed model can disperse the zero-trust processing load of centralized deployment and effectively fight against compromised terminals threats under the condition of marginal deployment.
  • 期刊类型引用(3)

    1. 王嘉诚,王凯,王昊奋,杜渂,何之栋,阮彤,刘井平. 面向远程监督命名实体识别的噪声检测. 计算机研究与发展. 2024(04): 916-928 . 本站查看
    2. 王鹏,刘小明,杨关,刘杰,刘阳. 基于潜层关系增强的实体和关系联合抽取. 计算机工程与设计. 2024(06): 1780-1788 . 百度学术
    3. 郑志蕴,徐亚媚,李伦,张行进,李钝. 融合位置特征注意力与关系增强机制的远程监督关系抽取. 小型微型计算机系统. 2023(12): 2678-2684 . 百度学术

    其他类型引用(9)

计量
  • 文章访问数:  276
  • HTML全文浏览量:  7
  • PDF下载量:  170
  • 被引次数: 12
出版历程
  • 发布日期:  2022-04-30

目录

    /

    返回文章
    返回