基于零信任的馈线自动化5G网络访问控制方法  被引量：3

作　　者：王录泽 周霞 张磐[2] 刘增稷 刘明祥 张腾飞 WANG Luze;ZHOU Xia;ZHANG Pan;LIU Zengji;LIU Mingxiang;ZHANG Tengfei(College of Automation&College of Artificial Intelligence,Nanjing University of Posts and Telecommunications,Nanjing 210023,Jiangsu Province,China;State Grid Tianjin Electric Power Company Electric Power Research Institute,Xiqing District,Tianjin 300384,China;NARI Group Corporation(State Grid Electric Power Research Institute),Nanjing 211106,Jiangsu Province,China)

机构地区：[1]南京邮电大学自动化学院、人工智能学院,江苏省南京市210023 [2]国网天津市电力公司电力科学研究院,天津市西青区300384 [3]南瑞集团有限公司(国网电力科学研究院有限公司),江苏省南京市211106

出　　处：《电力信息与通信技术》2024年第1期39-46,共8页Electric Power Information and Communication Technology

基　　金：国家自然科学基金资助项目(62073173)。

摘　　要：针对能源物联网背景下,5G场景下的馈线自动化系统网络安全边界模糊、合法终端被利用作为跳板攻击内网的问题,文章提出一种基于零信任的馈线自动化5G网络访问控制方法。首先,选取能准确反映5G场景下馈线终端特性行为的数据作为信任评价指标,使得馈线终端信任值计算更加可靠;其次,采用多元线性回归模型预测馈线终端的信任值,并提出被访问资源的信任阈值计算方法;最后,根据馈线终端信任值与被访问资源的信任阈值进行访问决策,实现了更细粒度的访问控制。实验结果表明,相较于随机森林模型、支持向量机模型和径向基神经网络模型,多元线性回归模型在信任值预测准确性方面具有优势,并且其信任值预测时延能够满足馈线终端间对等通信对时延的要求。In response to the issues of network security boundary ambiguity and the exploitation of legitimate terminals as springboards for attacking the internal network in the context of the energy Internet of Things(IoT)and 5G-enabled feeder automation systems,this paper presents a zero-trust-based feeder automation 5G network access control method.Firstly,data that accurately reflects the behavioral characteristics of feeder terminals in the 5G context is selected as trust evaluation indicators,ensuring more reliable calculation of feeder terminal trust values.Secondly,a multiple linear regression model is employed to predict the trust values of feeder terminals,along with a trust threshold calculation method for the accessed resources.Finally,access decisions are made based on the trust values of feeder terminals and the trust thresholds of accessed resources,enabling finer-grained access control.Experimental results demonstrate that compared to random forest models,support vector machine models,and radial basis function neural network models,the multiple linear regression model exhibits superior accuracy in trust value prediction and achieves trust value prediction latency that meets the requirements of peer-to-peer communication among feeder terminals.

关 键 词：零信任 馈线自动化 信任评估 访问控制 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]