| With the integrated development of industrial Internet,intelligent manufacturing and other technologies,Internet integration technology has gradually achieved leap-forward development.The interconnection of safety equipment and systems promotes management,production efficiency,and a smart industrial manufacturing service system.At the same time,along with the integration of Internet technology,network security issues become measurements of the industrial production safety system.Therefore,at this stage,industrial production equipment must cooperate with data flow rules and access control strategies for security protection,which is undoubtedly the most efficient and safe solution in the industrial Internet production system.However,with the increasing demand for interconnection of equipment,to establish a security strategy based solely on equipment security has become a constraint on equipment interconnection.In order to detect conflicts between security policies in device interconnection,this thesis completes a summary of security control requirements in an industrial control environment.Meanwhile,this thesis provides a uniform description of all types of devices by safety strategy description language.Furthermore,this thesis extracts seven-tuples from the rules of the security policy according to the security requirements.They are proposed as the core of the strategy conflict detection model.According to set theory,the analysis of the relationship between strategies is completed,and six kinds of conflicts between strategies are defined,which lays the foundation of the conflict detection model of heterogeneous equipment.The B+ tree and bitmap index are used to establish the security policies of different devices,and based on this,the conflict detection modeling of heterogeneous devices is carried out.In this thesis,a heterogeneous device strategy fusion model is constructed to analyze the conflict relationship between a large number of policies,and a B+ tree and bitmap index to establish a fusion policy model conflict detection algorithm(BBFS-CDM)is proposed.In the same fusion tree,seven attribute value of the tuple is sorted,and the insertion of the strategy,the subtree division and the conflict detection can quickly and accurately find its position and give the form of the conflict type.After the accuracy and performance tests,it is proved that the BBFS-CDM algorithm can have good time performance on the basis of ensuring the accuracy of collision detection.Compared to binary sort tree and single B+ tree model,collision detection spans an order of magnitude in time.Based on the BBFS-CDM algorithm,this thesis designs a multi-device fusion security analysis system for heterogeneous device conflict detection.On the basis of completing the core function of conflict detection,it also considers device strategy management,user information management,and role authority management in the industrial control environment,announcement notification management,log monitoring management,and data dictionary management,which greatly improves the security and speed of device collaboration.At the same time,it also provides management personnel with new solutions and new technology ideas for managing equipment. |
PDF Full Text Request