SIA OpenIR  > 工业控制网络与系统研究室
面向工业控制系统终端的轻量级组认证机制
Alternative TitleLightweight Group Authentication Mechanism for Industrial Control System Terminals
尚文利1,3,4,5; 杨路瑶1,2,4,5; 陈春雨1,2,3,5; 尹隆1,3,4,5; 曾鹏1,3,4,5; 刘周斌1,3,4,5
Department工业控制网络与系统研究室
Source Publication信息与控制
ISSN1002-0411
2019
Volume48Issue:3Pages:344-353
Indexed ByCSCD
CSCD IDCSCD:6546007
Contribution Rank1
Funding Organization国家重点研发计划项目(2018YFB2004200) ; 中科院战略性先导科技专项(XDC2020200) ; 国家自然科学基金资助项目(61773368) ; 国家电网公司科技项目(52110118001H)
Keyword无证书签名 组认证机制 PCIE协议 安全处理单元
Abstract

针对当前国内工控系统中普遍缺乏认证能力的现状,本文结合无证书签名和传统信息安全中的群组认证提出了一种面向工控终端的轻量级组认证机制,针对传统信息安全中的身份认证技术进行改进,实现工控系统中多机协作场景下对多台PLC进行同时认证.基于本方案实现的可信PLC设备采用嵌入式处理器和安全处理单元的结构,在数据传输时采用PCIE协议传输,替代了传统的网络接口的数据传输,确保网络数据不会外泄,最大程度上保证了数据的安全性.验证表明,本文提出的轻量级组认证机制减少了认证过程的计算量和通信开销,能够解决控制系统中身份认证机制存在的终端计算能力有限等问题.

Other Abstract

Aiming at the current lack of certification ability in domestic industrial control system, we propose a lightweight group authentication mechanism for industrial control terminal; the mechanism combines the group authentication method of uncertificated signature and traditional information security. The proposed scheme improves the identity authentication technology in traditional information security and realizes simultaneous authentication of multiple PLCs in the multi-machine collaboration scenario of the industrial control system. The structure of the reliable PLC device based on the scheme adopts the embedded processor and the security processing unit. In this scheme, the PCIE protocol is used to transmit data, instead of the traditional network interface data transmission. It can certificateless signature group authentication mechanism. The PCIE protocol security processing unit ensures that network data are not compromised and that data security is guaranteed to the greatest extent. The verification shows that the proposed lightweight group authentication mechanism reduces the computational complexity and communication overhead of the authentication process. It can solve the problem of limited computing power of the terminal in the control system.

Language中文
Citation statistics
Document Type期刊论文
Identifierhttp://ir.sia.cn/handle/173321/25284
Collection工业控制网络与系统研究室
Corresponding Author尚文利
Affiliation1.中国科学院沈阳自动化研究所
2.中科院网络化控制系统重点实验室
3.中国科学院大学
4.中国科学院机器人与智能制造创新研究院
5.东北大学信息科学与工程学院
Recommended Citation
GB/T 7714
尚文利,杨路瑶,陈春雨,等. 面向工业控制系统终端的轻量级组认证机制[J]. 信息与控制,2019,48(3):344-353.
APA 尚文利,杨路瑶,陈春雨,尹隆,曾鹏,&刘周斌.(2019).面向工业控制系统终端的轻量级组认证机制.信息与控制,48(3),344-353.
MLA 尚文利,et al."面向工业控制系统终端的轻量级组认证机制".信息与控制 48.3(2019):344-353.
Files in This Item:
File Name/Size DocType Version Access License
面向工业控制系统终端的轻量级组认证机制.(1634KB)期刊论文出版稿开放获取CC BY-NC-SAView Application Full Text
Related Services
Recommend this item
Bookmark
Usage statistics
Export to Endnote
Google Scholar
Similar articles in Google Scholar
[尚文利]'s Articles
[杨路瑶]'s Articles
[陈春雨]'s Articles
Baidu academic
Similar articles in Baidu academic
[尚文利]'s Articles
[杨路瑶]'s Articles
[陈春雨]'s Articles
Bing Scholar
Similar articles in Bing Scholar
[尚文利]'s Articles
[杨路瑶]'s Articles
[陈春雨]'s Articles
Terms of Use
No data!
Social Bookmark/Share
File name: 面向工业控制系统终端的轻量级组认证机制.pdf
Format: Adobe PDF
All comments (0)
No comment.
 

Items in the repository are protected by copyright, with all rights reserved, unless otherwise indicated.