蒋烨 彭舜杰 蔡晓兰 张志海 闫江毓 陈之怡 谢欢
摘要:
為提高电力通信运维系统安全性,提出基于用户可信度的访问控制模型(Credibility and RoleBased Access Control,CRBAC),通过引入可信度计算方法对用户行为进行分析,并赋予不同可信度值的用户不同等级的角色权限,实现静态角色的动态访问控制及系统资源的分级管理。此模型引导用户规范行为方式,在用户行为层面规避安全风险,且有效增强系统访问控制的灵活性,在运维系统的应用中取得了良好的效果。
关键词:
访问控制; 电力运维; 用户可信度; 角色访问
中图分类号:
文献标志码:
Access Control of Electric Power Operation and Maintenance System Based on User Reliability
JIANG Ye1, PENG Shunjie1, CAI Xiaolan1, ZHANG Zhihai1,
YAN Jiangyu2, CHEN Zhiyi2, XIE Huan2
(1. Guangxi Power Grid Dispatching Control Center, Nanning, Guangxi 530023, China;
2. School of Electrical and Electronic Engineering, North China Electric Power University, Beijing 102206, China)
Abstract:
In order to improve the security of power communication operation and maintenance system, this paper presents a credibility and rolebased access control (CRBAC) model based on user reliability. By introducing the method of reliability calculation, the user behavior is analyzed, and the users with different credibility values are given different levels of role authority, so as to realize the dynamic access control of static roles and the hierarchical management of system resources. This model guides users to standardize their behavior, evades security risks at the level of user behavior, and effectively enhances the flexibility of system access control, thus performs well in the application of operation and maintenance system.
Key words:
access control; power operation and management; user reliability; role access