Security Communication Of Real-Time Data In Power Information System

Along with the development of communication and network technology, not only power control systems, but also some business, service and office automation more and more insert State Power Data network (SPDnet). The national regulate about physical isolation of SPDnet, ensures that power data network will be not attacked by exterior threaten on some degree. But on the other hand, the information security problem of real-time data transmission is not thought much. The appearance of latent threaten of real-time data security, and network transmission of some real-time and quasi real-time data that electric energy metering and billing system and electricity market need, makes it researched that security communication of real-time data in power information system. Firstly, this paper generalizes network security actuality of power information system, and analyses security request of power information system. According to particular analyzing calculate process of losing risk of data assert, it is validated that the encryption techniques is one of main security factors of real-time data. And hereby, an integer project of encrypted real-time data transmission based on agent technology is proposed. This project adds the module of real-time data encryption on existing security protection system. Secure agent technology makes it modular that encryption and other auxiliary measure have been integrated and encapsulated, and avoids direct contact of both communication sides. And it's realized by Simple network manage protocol (SNMP). Identity authentication (IA) of both communication sides is the premise of encryption techniques. IA can't use the method that using digital certificate issued by Certification Authority (CA) like commerce running, because the devices and terminals of power systems are very enormous and complicated. So, this paper proposes an eclectic method of self-signature certificate according with X.509. Because the communication modes, agreements and protocols of power real-time data are various, the encryption request is also different. TCP and UDP protocol are two main mode of real-time data transmission, so their encryption mode are discriminated: TCP data transmission's encryption adopts Security Socket Layer (SSL), and UDP encryption take other arranges. Key manage is the problem in cryptology, especially in power information system. This paper commends self-signature X.509 certificate considering several modes of key creation and transfer, and explains other aspects such as distrubition, destroy and start mechanism. In addition, a process of hardware encryption is discussed, and simulation of encrypt algorithm's efficiency is elaborated. Based on a computer standard named SSE-CMM, this paper research security evaluation of several aspects of risk process domain in power information system by using some network security tools. At the end of this dissertation, the main results of the research are summarized. The further work is pointed out as well.