基于区块链的联盟信任分布式认证在电力行业的应用探索  被引量：12

作　　者：王栋 杨珂 王瑜[4] 玄佳兴 陈亚 许洪华 WANG Dong;YANG Ke;WANG Yu;XUAN Jiaxing;CHEN Ya;XU Honghua(State Grid Electronic Commerce Co.,Ltd.,Beijing 100053,China;State Grid Blockchain Technology(Beijing)Co.,Ltd.,Beijing 100053,China;Blockchain Technology Laboratory of State Grid Co.,Ltd.,Beijing 100053,China;Institute of Information Engineering,Chinese Academy of Sciences,Beijing 100093,China;School of Cyberspace Security,University of Chinese Academy of Sciences,Beijing 100093,China;Nanjing Power Supply Company of State Grid Jiangsu Electric Power Co.,Ltd.,Nanjing 210019,China)

机构地区：[1]国网电子商务有限公司,北京市100053 [2]国网区块链科技(北京)有限公司,北京市100053 [3]国家电网有限公司区块链技术实验室,北京市100053 [4]中国科学院信息工程研究所,北京市100093 [5]中国科学院大学网络空间安全学院,北京市100093 [6]国网江苏省电力有限公司南京供电分公司,江苏省南京市210019

出　　处：《电力系统自动化》2022年第8期1-10,共10页Automation of Electric Power Systems

基　　金：国家电网公司科技项目(面向电网应用场景的电力区块链智能合约关键技术研究,5700-202072372A-0-0-00)。

摘　　要：电力业务快速发展使其网络安全边界不断扩大,而电力业务系统大多停留在中心化身份或联盟身份阶段,难以应对海量接入、异构认证、频繁交互等新需求。首先,文中提出适用于电力行业的基于区块链的联盟信任分布式认证体系。然后,从网络架构、用户身份控制和隐私保护3个角度分析该体系的适用性,阐述其体系架构及运行机制。该体系设计了联盟数字身份,并按照共识和隐私保护策略将身份信息存储在分布式身份账本中,提供数字身份的全生命周期管理,实现身份数据的跨域安全共享和自主控制以及用户的跨域身份认证。最后,针对充电桩充电生态圈、电网人员安全管理、电力供应链金融3个行业场景面临的身份认证瓶颈,提出了基于该体系的解决思路。The rapid development of electric power business has led to the expansion of its network security boundary.However,while most of electric power business systems stay at the stage of centralized identity or federated identity,which is difficult to meet new demands such as massive access,heterogeneous authentication,and frequent interaction.First,this paper proposes a blockchain-based distributed authentication system with alliance trust applicable to the power industry.Then,this paper analyzes the applicability of the system from three perspectives:network architecture,user identity control,and privacy protection.Its system architecture and operation mechanism are elaborated.The alliance digital identity is designed,and the identity information is stored in the distributed identity ledger according to the consensus and privacy protection policies.The full lifecycle management of digital identity is provided,and the cross-domain secure sharing and autonomous control of identity data as well as the crossdomain identity authentication of users are realized.Finally,the solution ideas based on this system are proposed to address the identity authentication bottlenecks faced by three industry scenarios:charging ecosystem of charging piles,safety management of power grid personnel,and power supply chain finance.

关 键 词：电力业务 区块链 分布式身份认证 身份认证 

分 类 号：TM73[电气工程—电力系统及自动化] TP311.13[自动化与计算机技术—计算机软件与理论]