Sensitive data grading protection method and system based on numerical control system

Abstract

The invention belongs to the technical field of computer network security, and discloses a sensitive data grading protection method and grading protection system based on a numerical control system. The method comprises steps of classifying and grading sensitive data in the numerical control system, carding and identifying the sensitive data by adopting an intelligent means, and designing data structures for storing different data; dividing a security domain for the intelligent numerical control system; controlling the information flow direction of the intelligent numerical control system by using the BLP model according to the grading of the terminal and the division of the security domain; designing a data sensitivity level label generation algorithm, and realizing a network flow management and control system based on the data message sensitivity level label; and designing a network boundary access control technology based on the sensitivity level label. Sensitive data of the intelligent numerical control system can be subjected to confidentiality protection, the network flow direction of the sensitive data is controlled, the situation that the data illegally flows into a low-security-level area due to routing errors and other reasons is eradicated, and the industrial information security requirement of the intelligent numerical control system is met.

Description

technical field [0001] The invention belongs to the technical field of computer network security, and in particular relates to a numerical control system-based sensitive data hierarchical protection method and a hierarchical protection system. Background technique [0002] At present, as an important part of the manufacturing industry, the military manufacturing industry plays a vital role in the defense industry. At present, military manufacturing enterprises have widely used industrial control systems such as DCS, PCS, PLC, IED, CNC machine tools and flexible manufacturing units, and have a large number of state secrets. Therefore, military manufacturing enterprises should pay more attention to the network security of industrial control systems. [0003] The national defense industry has high requirements for data confidentiality, and the data transmitted by the CNC system after networking contains a large number of parts processing parameters. Some data is quite sensitiv...

AI Technical Summary

Problems solved by technology

[0008] (1) The grading of sensitive data in the existing numerical control system is not clear enough to protect confidentiality well, and industrial information security cannot meet actual requirements

[0009] (2) The expansion of the network boundary leads to more attacks. The originally independent and closed CNC production network is connected to the enterprise management network and the Internet. At the same time, the acceleration of the networking process of the CNC system processing equipment has led to various hacker attacks and malicious codes on the traditional information network. Security threats quickly enter the CNC network, and industria

Images