智能电网安全与隐私保护相关问题研究

发布时间：2018-05-04 21:55

本文选题：智能电网 + 高级量测体系　；参考：《国防科学技术大学》2014年博士论文

【摘要】：随着信息和通信技术的飞速发展,中国、美国、加拿大等世界各国都正在将陈旧的电力系统升级为智能电网。智能电网拥有双向通信、高可靠性、实时需求响应、自愈以及用户参与等特点,具有很高的研究价值和应用价值。其中,安全和隐私是智能电网设计和实现的关键问题之一,直接影响智能电网的正常运行和人们对智能电网技术的接受程度。从智能电网的组成成分、分布地域以及设计对象来看,智能电网是个非常复杂的系统,随着智能电网在全世界范围内的部署,越来越多的安全和隐私问题也暴露出来。由于智能电网的复杂性和不断有新技术的应用,传统的安全和隐私保护机制无法直接应用,亟待新的保护机制解决这些问题。本文在系统研究智能电网安全和隐私保护问题的基础上,针对智能电网中新涌现的安全和隐私问题:电网用户隐私问题和关键设备组通信问题,进行了深入的研究,提出了相应的解决方案。本文的主要工作和创新点如下:1.研究了智能电网中用户多维测量数据隐私保护问题,设计了一种基于云的用户数据快速安全查询机制(第二章)智能电网快速发展导致测量数据的井喷式爆发,给电力公司带来了沉重的负担。如何进行安全高效且保护用户隐私的多维测量数据查询是智能电网面临的严峻问题。因此,本文提出了一个保护隐私的多维测量数据查询机制并在hadoop分布式环境下用Mapreduce程序实现了原型系统。在本文所提出的查询机制中,多维测量数据以密文的形式存放在云服务器中,为了在保护用户隐私的同时提高数据的可用性,查询者通过本文设计的搜索算法可以获得前K个最相似数据的ID。对于搜索结果,为了加强数据所有者对数据的控制,本文使用一种改进的基于属性的密文策略加密方法实现对数据的访问控制,只有满足特定属性的查询者才能计算出数据密文的密钥从而获得所查询的数据。安全分析表明本文提出的查询机制可以有效保护测量数据的机密性以及用户的隐私。通过对测试数据进行实验表明该机制在保证不损失搜索质量的情况下,能够较大的缩短搜索时间和提高搜索效率,使其更适合于智能电网中的海量多维测量数据搜索。2.研究了智能电网中电车用户的隐私问题,设计了电车到电网(V2G)中具有可控链接和保护隐私属性的安全通信模型(第三章)V2G是智能电网的重要组成部分,能极大提高电网的效率和促进清洁能源的应用,然而参与V2G用户的隐私问题却没有得到很好的解决,制约着V2G的进一步发展。本文针对V2G中用户的隐私保护与V2G管理者调度优化之间的矛盾,设计了具有可控链接和保护隐私属性的安全通信模型。为了保护电动汽车用户的敏感数据,我们基于隐藏向量加密的查询谓词方法设计了用户信息查询方案,使得V2G管理者可以在不获取用户确切敏感数据的情况下对电动汽车进行充放电调度。另外,V2G操作者可以通过链接服务器根据实际需求对用户参与V2G的情况进行匿名统计,并可向可信授权申请对破坏V2G系统的恶意用户进行追踪。安全分析表明,本文提出的模型可以有效地保护用户身份和位置隐私、状态信息隐私。性能分析表明,该模型的计算开销和通信开销都比较适中,完全适用于V2G系统中。3.研究了智能电网中监测控制和数据采集(SCADA)系统的安全可靠组通信问题,提出了一种高效的自愈群组密钥管理机制(第四章)本文根据智能电网中SCADA系统的实时性、资源受限性等特点,提出了一种高效的自愈组密钥管理机制。通过巧妙构造的自愈结构,本文所提机制可以保证系统在设备出现故障的情况下仍然能够继续安全运行。群组密钥的前向安全性和后向安全性由双向哈希链所保证。安全分析表明本文所提出的密钥管理机制能够满足组密钥的安全需求,并且具有动态撤销被俘获节点、抗同谋攻击等特性。性能分析表明该机制的存储开销和通信开销都比较适中,能够满足SCADA系统中的性能要求。4.研究了智能电网数据采集端的安全组通信问题,基于逻辑路由树提出了一种高效的组密钥管理机制(第五章)针对负责智能电网中的重要设备与关键线路数据采集的无线传感器网络,本文提出了一种基于分层和分簇的安全并可扩展的组密钥管理机制。根据通信安全需求的不同,本文根据无线传感器网络的路由拓扑分别为簇头和簇成员设计了两种密钥管理方案。在本文提出的密钥管理机制中,由于一个层或簇中位置相邻的节点共享相同的密钥加密密钥,密钥更新的开销可以显著降低,此外,懒惰更新策略的应用进一步降低了密钥更新的开销。在本文提出的密钥管理机制中,每个节点只需要存储少量的密钥,密钥存储开销很低,满足传感器节点存储空间有限的要求。安全分析表明该机制从密钥建立阶段至密钥更新都满足组密钥管理方案的安全需求,并可以有效降低女巫攻击、Rep拒绝服务和节点俘获攻击的危害。仿真结果表明,在成员节点变化很大的情况下,该机制可以极大地减少密钥更新时的能量消耗,因此可以延长整个网络的生命周期,具有很好的可拓展性。综上所述,本文针对智能电网中用户隐私问题和关键设备安全组通信问题这两大关键技术难题提出新的解决方案,并且从性能开销和安全性两个方面保证了本文所提出算法的有效性。
[Abstract]:With the rapid development of information and communication technology, all countries such as China, the United States, Canada and other countries are upgrading the old power system to smart grid. The smart grid has the characteristics of two-way communication, high reliability, real-time demand response, self-healing and user participation. It has high research value and application value. It is one of the key problems in the design and Realization of smart grid, which directly affects the normal operation of smart grid and the acceptance of smart grid technology. From the components of the smart grid, the distribution region and the design object, the smart grid is a very complex system. With the deployment of smart grid throughout the world, the more it is deployed, the more the smart grid is deployed in the world The more security and privacy issues are exposed. Because of the complexity of the smart grid and the application of new technology, the traditional security and privacy protection mechanism cannot be applied directly, and the new protection mechanism is urgently needed to solve these problems. On the basis of systematic research on the security of smart grid and privacy protection, this paper aims at the smart grid. The emerging security and privacy issues: network users' privacy issues and key device group communication problems, carry out in-depth research and propose corresponding solutions. The main work and innovation points of this paper are as follows: 1. the problem of user multi-dimensional measurement data privacy protection in smart grid is studied, and a kind of user data based on cloud is designed. Quick security query mechanism (second chapter) the rapid development of smart grid leads to blowout of measured data, which brings heavy burden to power companies. How to carry out multidimensional data query that is safe and efficient and to protect users' privacy is a serious problem facing smart grid. Therefore, this paper proposes a multi-dimensional measurement for privacy protection. The data query mechanism is implemented with Mapreduce program in the Hadoop distributed environment. In the query mechanism proposed in this paper, the multidimensional measurement data is stored in the cloud server in the form of ciphertext. In order to protect the user's privacy and improve the availability of the data, the query can be obtained through the search algorithm designed in this paper. In order to strengthen the data owner's control of the data, the ID. of the most similar data of the most similar K data is used to control the data. In this paper, an improved attribute based cipher strategy encryption method is used to control the data access control. Only the query that satisfies the specific attribute can calculate the data of the ciphertext to obtain the query data. The full analysis shows that the query mechanism proposed in this paper can effectively protect the confidentiality of the measured data and the privacy of the users. Experiments on the test data show that the mechanism can greatly shorten the search time and improve the search efficiency without losing the quality of the search, so that it is more suitable for the mass in the smart grid. .2. to study the privacy of tramcar users in smart grid and design a secure communication model with controlled links and protection of privacy in the power grid (V2G). V2G is an important part of the smart grid. It can greatly improve the efficiency of the power grid and promote the application of clean energy. However, V2G is involved in the V2G use. The privacy problem of the household has not been solved well, which restricts the further development of V2G. In this paper, a secure communication model with controllable link and privacy protection is designed to protect the sensitive data of the electric vehicle users, based on the hidden direction in order to protect the sensitive data of the electric vehicle users. The user information query scheme is designed by the amount of encrypted query predicate, which enables the V2G manager to charge and discharge the electric vehicle without obtaining the exact sensitive data of the user. In addition, the V2G operator can make anonymous statistics of the user's reference to the V2G according to the actual requirements and can be trusted to be trusted. The application of authorization to trace the malicious users that destroy the V2G system. Security analysis shows that the proposed model can effectively protect the user's identity and location privacy and state information privacy. The performance analysis shows that the computational overhead and communication overhead of the model are relatively moderate, and are fully applicable to the study of the smart grid in the V2G system by.3.. The security and reliability group communication problem of the measurement control and data acquisition (SCADA) system, a efficient self-healing group key management mechanism (fourth chapter) is proposed in this paper. Based on the characteristics of the real-time and resource constraints of the SCADA system in the smart grid, a efficient self-healing group key management mechanism is proposed. The proposed mechanism can ensure that the system can continue to operate safely when the equipment fails. The forward security and backward security of the group key are guaranteed by the two-way hash chain. The security analysis shows that the key management mechanism proposed in this paper can satisfy the security requirements of the group key and has dynamic revocation and capture. The performance analysis shows that the memory overhead and communication overhead of the mechanism are moderate, and can meet the performance requirements of the SCADA system..4. studies the security group communication problem in the data acquisition terminal of the smart grid. A high effective group key management mechanism (fifth chapter) based on the logical routing tree is proposed. In this paper, a secure and extensible group key management mechanism based on hierarchical and clustering is proposed in this paper. According to the different requirements of communication security, this paper designs two kinds of cluster heads and cluster members according to the Lu Youtuo flutter of wireless sensor networks. In the key management scheme, in the key management mechanism proposed in this paper, the cost of key update can be reduced significantly due to the sharing of the same key encryption key in one layer or the adjacent nodes in the cluster. In addition, the application of lazy update strategy further reduces the opening of the key update. In the key management mechanism proposed in this paper, each section The point only needs to store a small number of keys, and the key storage cost is very low to meet the limited storage space requirements of the sensor nodes. Security analysis shows that the mechanism meets the security requirements of the group key management scheme from the key establishment stage to the key update, and can effectively reduce the harm of witch attack, Rep denial of service and node capture attack. The simulation results show that the mechanism can greatly reduce the energy consumption of key update when the member nodes have great changes. Therefore, it can extend the life cycle of the whole network and have good expansibility. In summary, this paper focuses on the two major problems of the privacy problems of the users and the communication problems of the key equipment security groups in the smart grid. The key technical problems put forward new solutions, and guaranteed the effectiveness of the proposed algorithm from two aspects of performance overhead and security.

【学位授予单位】：国防科学技术大学
【学位级别】：博士
【学位授予年份】：2014
【分类号】：TM76;TP309

【相似文献】