现有配电网自动化系统终端设备面临来自外部网络攻击的风险。通过提出一种利用USB Key简便型硬件载体作为身份认证的安全机制,提升配电网自动化终端设备就地操作的安全性和可靠性,从而减小外部攻击通过末端设备侵入系统网络的概率。针对配电网系统容易面临的安全风险对基于USB Key的安全身份验证等关键性问题进行了分析,并设计了配电网系统安全身份验证的总体架构和基于“一次一密双向验证”以及“多因子验证”机制的流程。该机制采用请求-响应模式,增强了认证强度,提高了机制的安全性,并且降低运算时间复杂度,提高了加解密算法的整体运行效率。%The existing distribution network automation system terminal equipment may be at risk from the ex‐ternal network attack .In this paper ,a convenient hardware carrier based on USB Key is presented as authenti‐cation security mechanism in order to improve security and reliability of the terminal equipment in operation , and reduce the probability of external attack intrusion via the terminal equipment .In view of the security risk of the distribution network system ,this paper analyzes such key problems as security authentication based on USB key ,and designs the overall architecture of security authentication ,as well as the authentication process based on "one password at a time two‐way authentication" and "multifactor authentication mechanism".The mechanism adopts the request‐response model to enhance the certification strength ,improve the system securi‐ty ,reduce the computing time and complexity ,and improve the overall efficiency of encryption algorithm .
展开▼
