Research On Information Security Of Electric Energy Data Acquirsition Terminals Based On Trusted Computing

The electric energy data acquirsition system is an important part of smart grid and can be divided into master station layer,communication channel layer and terminal device layer from top to bottom.For the whole system,it is difficult to attack the ripe security transportation protocols and remedial measures in master station layer.The breakthroughs of penetration and attacks are concentrated on the acquisition terminal at the bottom of the system.Due to the limitation of cost and ability,the acquisition terminal will not adopt complex design.Although there are some design considerations in security,it is mostly simple protection.Unlike devices of other levels in the acquisition syst em,the acquisition terminals also have no physical isolation strictly.They are widely distributed,easy to access and lack of monitoring means,leaving the hidden information security problems in the system.The trusted computing technology is a comprehensive information security protection technology which starts from the security of the terminal.This thesis studies the key problem of integrity detection in trusted computing,analyzes the status of the acquisition system and the information security problems of the acquisition terminals.The trusted computing thought,trusted platform module,trust structure and integrity detection are introduced in detail,and the existing problems in the trust structure,expansion mode and integrity design of the ori ginal TCG technology are pointed out.At the same time,the role of trusted computing technology in network access authentication is introduced.Aiming at the existing problems,combined with the design requirements and working characteristics of the acquisition terminal,the adaptive design is made.The original integrity detection scheme is improved from three aspects,namely,trust measurement structure,trust storage method,trusted network connection and trust report.The specific work is as follows:1)An improved mixed structure having star type structure as the main body with that the trusted platform module and measurement process are mutually upper and lower relations is proposed.The design contains different conditions of starting and running of the terminal,reducing the design difficulty and extending the scope of measurement.2)A new extension method based on Zobrist hash is proposed,which realizes the traceability of the trust storage value and has strong security.Improved expansion strategy makes the trust in the process of disk storage occupied computation time and storage space on some optimization.3)The technical architecture of the acquisition terminal is given,and the local integrity detection process of the acquisition terminal is designed.For remote integrity detection,the network architecture model and terminal access process of power information collection system are given,and identity authentication and remote attestation of integrity information are designed.