Looking for breakthrough ideas for innovation challenges? Try Patsnap Eureka!

Transparent encryption method and device for industrial control network, equipment and storage medium

An industrial control network and transparent encryption technology, which is applied in network interconnection, secure communication devices, data exchange networks, etc., can solve cumbersome problems and achieve the effects of convenient access, difficult troubleshooting, and error-prone

Pending Publication Date: 2022-01-11
中能融合智慧科技有限公司
View PDF5 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

The key to solving these problems is data encryption technology; there are many existing encryption devices, but they basically work in the gateway mode. Adding such encryption devices to the network requires changing the original network topology, resulting in The equipment needs to be reconfigured. When the network scale is large, this work will become extremely cumbersome, and the transparent encryption device can perfectly solve the above problems. The access and removal of the encryption device are useless for other devices. Sensitive, making it very convenient to upgrade the original plaintext network to encrypted network

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Transparent encryption method and device for industrial control network, equipment and storage medium
  • Transparent encryption method and device for industrial control network, equipment and storage medium
  • Transparent encryption method and device for industrial control network, equipment and storage medium

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0029] like figure 1 As shown, the transparent encryption method of the industrial control network provided by the embodiment of the present application,

[0030] include:

[0031] S1: Create an IPsec tunnel on the interface of the bridge at both ends of the network that needs to be encrypted;

[0032] S2: At the first end of the two ends of the network that need to be encrypted, intercept the second-layer forwarded message that should go through the bridge, send it to the bridge interface, and encrypt it through the IPsec tunnel;

[0033] S3: Send the IPsec-encrypted message to the first peer at the two ends of the network that needs to be encrypted. After receiving the message, the peer decrypts the message to obtain the plaintext, and then forwards the plaintext to the real device.

[0034] In some embodiments, before creating an IPsec tunnel on the interfaces of bridges at both ends of the network requiring encryption, the method further includes: connecting two encrypti...

Embodiment 2

[0041] A transparent encryption device for an industrial control network, comprising:

[0042] Linux operating system, first encryption module, second encryption module, Bridge and IPsec channel;

[0043] Access the first encryption module and the second encryption module at both ends of the network that require encryption; the first encryption module and the second encryption module both have two interfaces, and the first interface in the two interfaces is used as an encryption interface, The second interface is the sending interface, add these two interfaces into a bridge, configure the IP address on the bridge interface according to the network environment, create an IPsec tunnel on the bridge interface at both ends of the network that needs to be encrypted, and apply the IPsec protocol to the VPN ; At the first end of the two ends of the network that need to be encrypted, in the linux kernel protocol stack, intercept the message that should be forwarded by the second layer...

Embodiment 3

[0045] like figure 2 As shown, a transparent encryption device for industrial control network, including:

[0046] Linux operating system, first encryption module, second encryption module, Bridge and IPsec channel;

[0047] Access the first encryption module and the second encryption module at both ends of the network that needs to be encrypted; the first encryption module and the second encryption module all have two interfaces eth0 and eth1, and the first interface in the two interfaces serves as The encrypted interface eth0 and the second interface is the sending interface eth1. Add these two interfaces to a bridge, configure IP addresses on the bridge interface according to the network environment, create IPsec tunnels on the bridge interfaces at both ends of the network that need to be encrypted, and set the IPsec The protocol is applied to the VPN; at the first end of the two ends of the network that need to be encrypted, rules are created through ebtable, and the mes...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a transparent encryption method and device for an industrial control network, equipment and a storage medium, and the method comprises the steps: creating an IPsec tunnel on bridge interfaces at two ends of a network needing to be encrypted; at a first end of two ends of a network which needs to be encrypted, intercepting a message which is to be forwarded by a bridge layer 2, sending the message to a bridge interface, and encrypting the message through an IPsec (Internet Protocol Security) tunnel; sending the message subjected to IPsec encryption to an opposite end of a first end of the two ends of the network needing to be encrypted, enabling the opposite end to decrypt the message after receiving the message to obtain a plaintext, and then forwarding the plaintext to real equipment. Compared with traditional two-layer encryption equipment, the device has the advantages of non-repudiation, anti-replay performance, data integrity, data reliability, authentication and the like; compared with traditional three-layer encryption equipment, the access is more convenient, and meanwhile, compared with the traditional two-layer encryption equipment, the access is safer.

Description

technical field [0001] The present application relates to the field of industrial networks, in particular to a transparent encryption method, device, equipment and storage medium for industrial control networks. Background technique [0002] Data encryption technology is the core technology of data security. The early industrial control systems were all running in a relatively independent network environment, paying more attention to functionality and stability, but not enough consideration of security. Today, the industrial control system is gradually developing and transforming towards the direction of the industrial Internet platform, showing a trend of deep integration with the Internet of Things and the Internet, and the degree of intelligence and informatization has been greatly improved. However, this also leads to an increasing possibility of attacks on industrial control systems through the Internet, and the security risks of the industrial Internet are becoming mor...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/40H04L12/46
CPCH04L63/0428H04L12/4633H04L12/462H04L12/4641
Inventor 杨海峰曹洋皋宽英袁野廖文辉张海波张显刘博超白雪
Owner 中能融合智慧科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Patsnap Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Patsnap Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com