基于角色的电力SCADA系统多区域权限访问控制模型设计  被引量:8

Design of Role-Based Multi Area Access Control Model for Electric Power SCADA System

在线阅读下载全文

作  者:尚学伟[1] 宋光鹏[1] 李军良[1] 范泽龙[1] 

机构地区:[1]国网电力科学研究院,北京市海淀区100192

出  处:《电网技术》2014年第4期1122-1126,共5页Power System Technology

摘  要:针对电网调控一体化条件下权限访问控制过于复杂的问题,分析了传统的自主访问控制方法、强制访问控制方法和基于角色的访问控制方法的不足,基于目前的SCADA系统,提出一种多区域权限管理模型。该模型以角色访问控制模型为基础,引入责任区的概念,把权限拆分为区域权限与公共服务权限,使得权限能够基于责任区进行分流,并根据调度人员生产和管理的要需,划分不同的调度职责范围,在不同责任区内分配不同权限,满足现代SCADA系统根据区域进行权限差异化管理的需求,有效避免了跨管辖范围误操作。项目实践验证了该模型的有效性和可靠性。Under the tendency of integrating dispatching with control in recent years the access control of electric power SCADA system becomes more and more complicated, for this reason, the defects in traditional discretionary access control, mandatory access control and role based access control (RBAC) are analyzed, and based on existing SCADA system and traditional RBAC a multi-area access control model, in which the concept of the area of responsibility (AOR) is led in, is proposed, and the permission is split into the regional access permission and public service access permission to make the permissions enable shunted according to AOR, and based on dispatchers’ requirements on production and management different dispatch responsibility range are divided to allocate different permissions in different AORs. Thus the demand of modern SCADA system on conducting differentiated management of permissions according to areas to effectively prevent the trans-domination area maloperation. The validity and reliability of the proposed model are verified by results of applying it in actual project.

关 键 词:权限管理 SCADA系统 基于角色的访问控制 多区域访问控制 

分 类 号:TM734[电气工程—电力系统及自动化]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象