|
摘要: |
计算机网络的安全性已成为电力系统正常运行的关键。首先对电力系统数据网络的结构、应用以及安全现状进行了分析,接着介绍了在电力系统数据网络中常用的几种防护手段,并指出了防火墙和入侵检测技术的局限性,认为其主要强调了防护而没有相应的对策处理黑客攻入系统内部的措施。阐述了信息网络在被破坏后的生存性问题,在此基础上引出了容侵的概念,并进一步介绍了诸如容侵策略、方法等基本理论。最后,提出了一种使用冗余和多样性策略的容侵技术构建安全的服务器,以此加强数据网络的安全性确保系统的正常运行。 |
关键词: 入侵检测技术 数据网络 黑客 防火墙 计算机网络 服务器 冗余 电力系统 |
DOI: |
分类号:TM73 TP393.08 |
基金项目:国电华中公司网络安全攻关项目(KJ-2003-03)~~ |
|
Application of intrusion tolerance technology in power system data network security |
WANG Ning-bo WANG Xian-pei
|
Abstract: |
The security of computer network has been the key factor of power system ' s proper operation.The structure ,applications and current security status of power system data network are analyzed ,and some often used security defensive technologies are introduced.The limitations of firewall and IDS ( Intrusion Detection System ) are pointed out ,which emphasizes particularly on defense and have no any effective countermeasure against the intrusion in the system.This paper mainly emphasizes the survivability of the information network after being destroyed.On the basis of it ,the conception of intrusion tolerance is put forward ,and the basic theories ,which include the policy and ways of intrusion tolerance ,are introduced.An intrusion tolerance technology is presented to design secure server by using redundancy and diversity ,which can strengthen the security of data network effectively to ensure the proper operation of power system. |
Key words: electric power systems,network security,intrusion tolerance technology |