面向电网安全的零信任动态访问控制OA北大核心CSTPCD

With the continuous development and application of information and communication technology in power information system,the protection boundary of power grid is gradually blurred,and external attacks and internal threats are increasingly serious. It is urgent to carry out effective access control to the information resources of power system to ensure its data security. Based on the general security protection framework of power grid secondary system and zero-trust security mechanism,this paper proposes a zero-trust dynamic access control model for power grid information security. By analyzing the attributes of the access subject and the characteristics of the behavior information of the power grid system,the model comprehensively considers the influence of threatening behavior,sliding window,punishment mechanism and other factors on the access control,and realizes the continuous evaluation and dynamic control of the access subject trust value. The results of simulation experiments show that increasing the recommended trust can reasonably take into account both subjective and objective trust evaluations,which makes the assessment of the trust value of the access subject of the power grid more accurate. In addition,in response to external threat behaviors,the trust evaluation engine will rapidly update the comprehensive trust value of the visitor,making it impossible for illegal subjects to gain access to the system,with better fine-grained control.