基于软件定义边界的电力物联网LwM2M协议安全架构  

Power IoT LwM2M protocol security architecturebased on software⁃defined perimeter

在线阅读下载全文

作  者:罗威 蒋政 王宝海 王斌 顾辉 LUO Wei;JIANG Zheng;WANG Baohai;WANG Bin;GU Hui(Nanjing Nari Information&Communication Technology Co.,Ltd.,Nanjing 210008,China)

机构地区:[1]南京南瑞信息通信科技有限公司,江苏南京210008

出  处:《现代电子技术》2023年第13期78-84,共7页Modern Electronics Technique

摘  要:电力物联网数据涉及广泛,LwM2M协议受限于电力设备本身和安全层的设计,安全能力无法满足双向通信请求的安全需求,存在数据泄露的风险。文中引入零信任中软件定义边界的理念,提出将软件定义边界和LwM2M协议结合成新的安全架构,通过单包授权机制对访问实体进行身份认证,通过网关和控制器从主体、对象、环境、行为、操作五个维度对访问实体进行信任持续评估,并对其访问权限进行动态调整,从而实现设备和服务器之间的安全通信。实验结果证明,提出的安全架构能够通过控制器和网关对请求方进行数据包分析并作出响应,提高了电力物联网在该协议下电力设备和边缘服务器双向通信的安全性。The data of the power Internet of Things covers a wide range.The LwM2M protocol is limited by the design of the power equipment itself and the security layer,so its security capability cannot meet the security requirements of two⁃way communication requests,and there is a risk of data leakage.In this paper,the concept of software definition perimeter in zero trust is introduced,and a new security architecture combining software definition perimeter with LwM2M protocol is proposed.The identity authentication of the access entity is performed by means of a single package authorization mechanism.The gateways and controllers is utilized to carry out trust evaluation for access entity continuously in the five dimensions of subject,object,environment,behavior and operation,and adjust its access permissions dynamically,so as to realize the safe communication between the device and the server.The experimental results show that the proposed security architecture can achieve data package analysis and respond to the requester by the controller and gateway to improve the security of two⁃way communication between power equipment and edge server under the power IoT protocol.

关 键 词:电力物联网 软件定义边界 身份认证 双向通信 信任评估 权限调整 安全通信 数据包分析 

分 类 号:TN915.853-34[电子电信—通信与信息系统]

 

参考文献:

正在载入数据...

 

二级参考文献:

正在载入数据...

 

耦合文献:

正在载入数据...

 

引证文献:

正在载入数据...

 

二级引证文献:

正在载入数据...

 

同被引文献:

正在载入数据...

 

相关期刊文献:

正在载入数据...

相关的主题
相关的作者对象
相关的机构对象