Research On Security Protection Technology For Power IoT Based On Software-Defined Perimeter

The Power Internet of Things(PIoT)is a huge network consisting of millions of devices,covering all aspects of power production,transmission and distribution.Due to the large scale of the power Internet of Things and the large number of terminal devices,and the application of new technologies such as cloud computing and artificial intelligence in the power grid has blurred its internal and external boundaries,so the internal and external network business interaction of the power Internet of Things faces various network attacks and data security challenges.Aiming at the above problems,this thesis studies the business interaction between terminal devices and servers in PIoT,mainly through Software-defined Perimeter(SDP)to realize the trusted access of terminal devices and reliable data transmission in the process of business interaction,so as to deal with the network attack and data security issues of PIoT.The specific research contents are as follows:(1)Aiming at the fuzzy problem of PIoT network boundaries,an SDP model based on Single Packet Authorization(SPA)is designed.According to the characteristics of PIoT,the single-package authorization technology is improved by using multi-factor authentication,field encryption and cost reduction methods,and the SPA data package and SPA authentication scheme for PIoT are designed;the improved single-package authorization technology is integrated into the SDP model,forming a software-defined boundary model suitable for PIoT remote interaction,which provides a logical boundary for PIoT remote servers and creates the first line of defense for terminal device access.(2)Aiming at the complex issues of PIoT security and network,a SDP-based PIoT security protection framework——SDP2IoT is proposed.The SDP technology in the framework protects servers from unauthorized edge traffic,and at the same time introduces Software-defined Network(SDN)technology into the framework to simplify network management.Deploy SDP applications to the SDN application layer to achieve flexible deployment and management of SDP,thereby making up for the limitations of SDP,ensuring network scalability and timely discovery of network faults.Security analysis shows that the framework is effective against various network attacks.Feature comparison demonstrates the strengths of the framework.(3)Based on the SDP2IoT framework,the PIoT security protection technology is studied.When the terminal interacts with the server remotely,the whole process from terminal access to data transmission ensures the security of the power Internet of Things.In the terminal access stage,the device initialization,identity authentication and minimal authorization are studied.In the data transmission stage,based on the national secret SM4 and k-n secret sharing algorithm,this thesis has realized data processing,routing selection and flow control,which ensures the network and data security during the interaction between the terminal and the server.The simulation experiment shows that the key technology proposed in this thesis can effectively hide the server port,defend against attack,improve communication reliability and maintain performance,and realize the security protection of the power Internet of Things.