電力通信運維系統中基于用戶可信度的訪問控制

蔣燁 彭舜杰 蔡曉蘭 張志海 閆江毓 陳之怡 謝歡

摘要：

為提高電力通信運維系統安全性，提出基于用戶可信度的訪問控制模型（Credibility and RoleBased Access Control，CRBAC），通過引入可信度計算方法對用戶行為進行分析，并賦予不同可信度值的用戶不同等級的角色權限，實現靜態角色的動態訪問控制及系統資源的分級管理。此模型引導用戶規范行為方式，在用戶行為層面規避安全風險，且有效增強系統訪問控制的靈活性，在運維系統的應用中取得了良好的效果。

關鍵詞：

訪問控制; 電力運維; 用戶可信度; 角色訪問

中圖分類號：

文獻標志碼：

Access Control of Electric Power Operation and Maintenance System Based on User Reliability

JIANG Ye1， PENG Shunjie1， CAI Xiaolan1， ZHANG Zhihai1，

YAN Jiangyu2， CHEN Zhiyi2， XIE Huan2

（1. Guangxi Power Grid Dispatching Control Center， Nanning， Guangxi 530023， China;

2. School of Electrical and Electronic Engineering， North China Electric Power University， Beijing 102206， China）

Abstract：

In order to improve the security of power communication operation and maintenance system， this paper presents a credibility and rolebased access control （CRBAC） model based on user reliability. By introducing the method of reliability calculation， the user behavior is analyzed， and the users with different credibility values are given different levels of role authority， so as to realize the dynamic access control of static roles and the hierarchical management of system resources. This model guides users to standardize their behavior， evades security risks at the level of user behavior， and effectively enhances the flexibility of system access control， thus performs well in the application of operation and maintenance system.

Key words：

access control; power operation and management; user reliability; role access