Industrial internet terminal general security service system based on IBE

Abstract

The invention discloses an IBE-based universal security service system for an industrial internet terminal. The system comprises an industrial internet terminal equipment layer, an access gateway layer and a management and control service layer; the industrial internet terminal equipment layer is used for transmitting the collected industrial data to a TCP port of the access gateway layer in an unvarnished manner; the access gateway layer is an industrial internet gateway, establishes mapping with an equipment management module according to configuration information such as a communication protocol of the terminal equipment layer, and initiates an IBE-XKMS service request to realize identity authentication access; and the management and control service layer is used for responding to a gateway equipment request through an IBE-XKMS module, completing gateway layer equipment authentication service, completing a user authority control module through key management, responding to a user data request, and completing real-time data acquisition and equipment management and control of terminal equipment accessed to the gateway through an HTTP API (Hyper Text Transport Protocol Application Program Interface). According to the invention, complex encryption and decryption operations are handed over to the gateway agent and IBE-XKMS service, so the computing pressure of the resource-limited terminal equipment is greatly reduced.

Description

technical field [0001] The invention relates to a general security service system for industrial Internet terminals, which solves security issues such as identity authentication, secure access, cross-domain communication, and privacy protection for massive heterogeneous terminal devices in the field of industrial interconnection. Background technique [0002] Under the wave of the new generation of industrial revolution, in order to achieve intelligence and Internetization in the industrial field, the first thing to solve is the problem of heterogeneous security access and data security of traditional industrial terminal equipment. When a large number of terminal heterogeneous devices are connected to the industrial Internet for information exchange and data communication, due to the complex application scenarios and various types of devices, security protection becomes more complicated, and traditional security protection methods cannot be directly applied to the industrial ...

AI Technical Summary

Problems solved by technology

[0006] In order to overcome the shortcomings of the existing technology, the present invention combines the characteristics of limited computing power of terminal equipment in the industrial Internet, equipment incompatibility or difficulty in implementing public key calculations, and aims at issues such as secure data transmission and data sharing of equipment. The present invention provides an IBE-based General security service system for industrial Internet terminals, the gateway in the framework acts as a proxy for local devices, and requests public key encryption operations from IBE-XKMS to reduce the computing pressure on terminal devices

Images