The Application And Research On The Interaction Between Firewall And IDS In Distribution Automation System

Along with the application of computer network information security technology in electrical secondary system, there has been more and more safety problems. As one of the important system in electric power system, the security of the power distribution automation system must meet the requirements of security protection programme for power secondary system.Firstly, this paper makes a comprehensive analysis of security protection for power distribution automation system, the analysis shows that some safety problems exists in the power distribution automation system, as follows:on one hand, in power distribution automation system, some datas are stroed and transmited in plaintext, it is so easy to cause information leakage. On the other hand, in power distribution automation system, there has some deficiency in identity authentication, it is so easy to lead to the result that illegal users pretend to be legitimate users and legitimate users do some ultravires actions.Secondly, in power distribution automation system single firewall and intrusion detection system can not ensure the safe operation of the system. Due to the defects of firewall and intrusion detection, this paper links them with an open interface and gives the interaction model of firewall and intrusion system.Finally, because in the interaction model firewall and intrusion detection interact via open interface, therefore information are easily tampered and forged after been intercepted by illegal third party. Aimed at this dificiency, this paper uses digital signatures and identity authentication, ensuring the non-repudiation of the communication. Identity authentication uses the way of cobination between the public key cipher system ELGamal and symmetric key system AES, ensuring the rapid and confidential transmission of the data and preventing the tampering and forgery of information caused by the illegal third party.Through the research and analysis of application for linkage system in the power distribution automation system, it is worked out that in a certain way the linkage system meets the requirements of security protection for power distribution secondary system. This paper designs and realizes the hybrid cipher mechanism, so communication parties can use the identity authentication to prevent the loss and tampering of network information. After testing, it is concluded that the hybrid cipher mechanism effectively prevents free intervention of the third party, ensuring the integrity, confidentiality, security and non-repudiation of the informaiton transmission.