CN109873809A - A kind of information security of computer network control system and method - Google Patents
A kind of information security of computer network control system and method Download PDFInfo
- Publication number
- CN109873809A CN109873809A CN201910027440.9A CN201910027440A CN109873809A CN 109873809 A CN109873809 A CN 109873809A CN 201910027440 A CN201910027440 A CN 201910027440A CN 109873809 A CN109873809 A CN 109873809A
- Authority
- CN
- China
- Prior art keywords
- information
- network
- module
- node
- network information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 238000001514 detection method Methods 0.000 claims abstract description 27
- 238000012546 transfer Methods 0.000 claims abstract description 16
- 230000005540 biological transmission Effects 0.000 claims abstract description 14
- 230000009545 invasion Effects 0.000 claims description 11
- 230000002159 abnormal effect Effects 0.000 claims description 6
- 230000001276 controlling effect Effects 0.000 claims description 4
- 238000012545 processing Methods 0.000 claims description 4
- 230000002596 correlated effect Effects 0.000 claims description 3
- 238000004364 calculation method Methods 0.000 claims 1
- 238000005516 engineering process Methods 0.000 abstract description 5
- 230000006854 communication Effects 0.000 description 4
- 230000000875 corresponding effect Effects 0.000 description 4
- 238000004891 communication Methods 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 238000007689 inspection Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000003287 optical effect Effects 0.000 description 2
- 238000002834 transmittance Methods 0.000 description 2
- 238000009414 blockwork Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000007639 printing Methods 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 238000010845 search algorithm Methods 0.000 description 1
- 238000012358 sourcing Methods 0.000 description 1
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Small-Scale Networks (AREA)
Abstract
The invention belongs to information security of computer network control technology fields, disclosing a kind of information security of computer network control system and method, the information security of computer network control system includes: network information gathering module, network information transfer module, main control module, network information identification module, encrypting module, intrusion detection module, alarm module, cloud storage module, display module.After the present invention receives the information to be forwarded by network information transfer module, the information to be forwarded is transmitted to next stage receiving party;So that during the multistage transmission of information every level-one receiving party would know that the source of information, information transmission path and every level-one in relationship between information sender and receiving party;Meanwhile can determine whether the network information to be identified credible by network information identification module backstage, i.e., determine whether the network information to be identified is credible using similarity, it is thus possible to automatically, efficiently identify rumour.
Description
Technical field
The invention belongs to information security of computer network control technology fields more particularly to a kind of computer network information to pacify
Full control system and method.
Background technique
Network information resource refers in the form of e-sourcing data, by diversified forms such as text, image, sound, animations
Information be stored in the medium of the non-printing matter such as light, magnetic, issued, transmitted by network using computer, store it is each
The summation of category information resource.Information resources are become in electromagnetic signal or optical medium on magnetic medium from the text on paper
Optical information makes the storage and transmitting of information, inquires information density height that is more convenient, and being stored, capacity is big, can be lossless
Consumption it is reused.There is ground information in digitized form, not only can in computer high speed processing, but also information can be passed through
Network carries out Long Distant Transmit.Network information resource then can be text, image, audio, video, software, and database etc. is a variety of
Existing for form, be related to field from economy, scientific research, education, art arrives specific industry and individual, the document type for including from
E-newspaper, electronic reference book, business information, news report, bibliographic data base, documentation & info index statistical data, chart,
Electronic map etc..However, the active computer network information is lost information source during continuous duplicate single-hop secret communication
Bipartite relevant information is sent and received in head and transmittance process, the other user cannot know the source of the information;The letter
Breath have passed through how many jumps (grade) and just reach user;Each relationship jumped in (grade) between sender and recipient;It can not solve to turn
The problem of optimal recipient is selected when photos and sending messages;Meanwhile computer network information confidence level cannot be identified, encourage ballad
The propagation of speech expands the influence power of rumour, and ordinary user can not identify rumour since knowledge and information content are limited, this is to use
Family causes great puzzlement.
In conclusion problem of the existing technology is: the active computer network information is in continuous duplicate single-hop secret
It in communication process, is lost in information source and transmittance process and sends and receives bipartite relevant information, the other user is not
It can know the source of the information;The information have passed through how many jump (grades) and just reach user;Sender and reception in each jump (grade)
Relationship between side;It can not solve the problems, such as to select optimal recipient when forwarding information;Meanwhile it cannot be to computer network information
Confidence level is identified, the propagation of rumour has been encouraged, and expands the influence power of rumour, and ordinary user has due to knowledge and information content
Limit, can not identify rumour, this causes great puzzlement to user;As network size is growing, network congestion phenomenon by
The case where step increases, and part of nodes disconnects happens occasionally, and information collection is easy to increase network load, reduces information collection
Efficiency.
Summary of the invention
In view of the problems of the existing technology, the present invention provides a kind of information security of computer network control system and sides
Method.
The invention is realized in this way a kind of information security of computer network control method, the computer network information
Method of controlling security includes:
The first step acquires network data information using the network equipment based on LEAPS algorithm;
Second step utilizes Network transmission line or wireless transmitter transmitting network data information;
Third step identifies network information data packet using information recognition program;Using based on improved CP-ABE algorithm
Encipheror encrypts network information data;The network information is detected by abnormal intrusion using intrusion detection program
Mark;Using alarm according to the invasion signal and alarm of detection;
4th step stores network information data using Cloud Server;Utilize display display networks data and invasion
Detect signal identification.
Further, the LEAPS algorithm of the first step includes:
(1) network node information to be acquired and acquisition tasks information are read first from configuration database, and
Network node object and acquisition tasks object are created, is put into facts object container, it is only two kinds of in container when initial
Object, remaining type are continuously added in system operation;
(2) enter in " matching-selection-execution " cycle period of LEAPS algorithm, that is, choose a network node object,
Execution acquisition tasks are determined how according to the protocol version etc. that the state of network node and acquisition to be used;When network node shape
When the protocol version that state, acquisition are used matches, then acquisition tasks are executed;The acquisition that the network node is postponed if mismatching is appointed
Business;After system executes acquisition tasks, it will be collected into the network information, create network information object data;
(3) when in data including network state information, node state object is created, and be added to facts object container
In, circulation executes step (2);Network information object data will be forwarded to network information transfer module simultaneously.
Further, the improved CP-ABE algorithm of the third step includes:
(1) correlated variables is defined as follows:
1)G0Being one generates the p rank Bilinear Groups that member is g;
2) e indicates bilinear map, e:G0×G0→G1;
3)Δi,sFor Lagrange coefficient;
4) H is hash function, wherein H:{ 0,1 } * → G0;
5) Pa (x) indicates the father node of access control tree T interior joint x;
6) At (x) indicates attribute relevant to leaf node;
7) In (x) indicates the index of the child node of node x;
(2) parameter initialization: algorithm Setup (g, G0, α, β) → (PK, MK) in, α, β ∈ ZpIt is two randomly selected fingers
Number;If system property collection A={ A1,A2,…,AnIn number of elements be n, and define M group element at random and belong to G0With it
It is associated;The master key of owner is MK=gα, system public key PK pass through following formula obtain:
PK=P { g, e (g, g)α, gβ, h1..., hm}
(3) key generates: key schedule is KeyGen (MK, S) → SK;Algorithm selects random number r ∈ Z firstp, it is
Each attribute j ∈ S selects random number rj∈ZpAfterwards, D is calculatedy=gy·H(j)rjAnd Dy'=grj, key SK is by D=g(α+β)/β, Dy
=gy·H(j)rjAnd Dy'=grjComposition, i.e. SK=(D, Dy,Dj'), wherein
(4) Encryption Algorithm: Encryption Algorithm is Encrypt (PK, M, T) → CT, uses PK and access control tree T encrypting plaintext
M;Algorithm needs to construct access control tree T, and core concept is: setting the threshold value of node x as kx, (k is selected for node xx- 1) secondary
Random number polynomial represents the information of the node;Select random number s ∈ Zp, and enabling R is root node;For other nodes x, q is enabledx=
qpa(x)=(In (x));Y is the set of leaf node, then encrypted ciphertext CT is shown below:
CT=(T, Me (g, g)αs, hs, gqy(0), H (At (y)qy(0))
(5) plaintext M is obtained using private key SK decryption ciphertext CT;Define recursive operation
DecryptNode (CT, SK, x), enables i=At (y), carries out recursive operation, such as following formula for each leaf node x
It is shown:
For each non-leaf nodes x, at least K is utilizedxA e (g, g)rqx(0)Interpolation section as lagrange polynomial
E (g, g) is calculated in pointrqsj(0), wherein e (g, g)rqx(0)It is the child nodes { z from node xjBe calculated;A is enabled again
=e (g, g)rs, then plaintext M=C'/(e (D, C)/A).
Another object of the present invention is to provide a kind of calculating for running the information security of computer network control method
Machine network information security control system, the information security of computer network control system include:
Network information gathering module, connect with main control module, for acquiring network data information by the network equipment;
Network information transfer module, connect with main control module, for passing through Network transmission line or wireless transmitter to network
Data information is transmitted;
Main control module, with network information gathering module, network information transfer module, network information identification module, encryption mould
Block, intrusion detection module, alarm module, cloud storage module, display module connection, for controlling each mould by central processing unit
Block works normally;
Network information identification module, connect with main control module, for identifying network information data by information recognition program
Packet;
Encrypting module is connect with main control module, for being encrypted by encipheror to network information data;Invasion inspection
Module is surveyed, is connect with main control module, for being carried out detection mark by abnormal intrusion to the network information by intrusion detection program;
Alarm module is connect with main control module, for the invasion signal and alarm by alarm according to detection;
Cloud storage module, connect with main control module, for storing network information data by Cloud Server;
Display module is connect with main control module, for passing through display display networks data and intrusion detection signal
Mark.
Another object of the present invention is to provide a kind of networks using the information security of computer network control method
Information security terrace.
Advantages of the present invention and good effect are as follows: information of the present invention by network information transfer module in every level-one forwards
In the process, the process that user inputs forwarding instruction information is increased, information sender receives upper level receiving party transmission
Upper level information to be forwarded after, first acquisition active user input forwarding indicate information, and by the forwarding instruction information
It is added in upper level information to be forwarded, to generate next stage information to be forwarded;Then by next stage letter to be forwarded
Breath is sent at least one receiving party;And after receiving party receives the information to be forwarded, obtain receiving party
The feedback information of user, and the feedback information is sent to initial information sender;Alternatively, receiving the letter to be forwarded
After breath, the information to be forwarded is transmitted to next stage receiving party;So that every during the multistage transmission of information
Primary information recipient would know that the source of information, information transmission path and every level-one in information sender and information receive
Relationship between side;Further, this invention also solves the existing information transmission technologies can not select asking for optimal recipient
Topic;Meanwhile the network information to be identified can be obtained by network information identification module backstage automatically, according to the network information to be identified
With the similarity of trustable network information and the similarity of the network information to be identified and the untrusted network information, determine to be identified
Whether the network information is credible, i.e., determines whether the network information to be identified is credible using similarity, it is thus possible to automatically, effectively know
Other rumour.LEAPS, which passes through, improves the efficiency of pattern matching algorithm with complicated data structure and rule search algorithm, and is directed to
Network load condition dynamically determines the data acquiring frequency to some network node, so as to better adapt to network Development.
Detailed description of the invention
Fig. 1 is information security of computer network control system work flow diagram provided in an embodiment of the present invention;
Fig. 2 is information security of computer network control system architecture schematic diagram provided in an embodiment of the present invention;
In figure: 1, network information gathering module;2, network information transfer module;3, main control module;4, the network information identifies
Module;5, encrypting module;6, intrusion detection module;7, alarm module;8, cloud storage module;9, display module.
Specific embodiment
In order to further understand the content, features and effects of the present invention, the following examples are hereby given, and cooperate attached drawing
Detailed description are as follows.
Structure of the invention is explained in detail with reference to the accompanying drawing.
As shown in Figure 1, information security of computer network control method provided in an embodiment of the present invention includes:
S101: network data information is acquired using the network equipment based on LEAPS algorithm;
S102: Network transmission line or wireless transmitter transmitting network data information are utilized;
S103: network information data packet is identified using information recognition program;Utilize adding based on improved CP-ABE algorithm
Close program encrypts network information data;Detection mark is carried out by abnormal intrusion to the network information using intrusion detection program
Know;Using alarm according to the invasion signal and alarm of detection;
S104: network information data is stored using Cloud Server;Utilize display display networks data and invasion inspection
Survey signal identification.
In step S101, LEAPS algorithm provided in an embodiment of the present invention includes:
(1) network node information to be acquired and acquisition tasks information are read first from configuration database, and
Network node object and acquisition tasks object are created, is put into facts object container, it is only two kinds of in container when initial
Object, remaining type are continuously added in system operation;
(2) enter in " matching-selection-execution " cycle period of LEAPS algorithm, that is, choose a network node object,
Execution acquisition tasks are determined how according to the protocol version etc. that the state of network node and acquisition to be used;When network node shape
When the protocol version that state, acquisition are used matches, then acquisition tasks are executed;The acquisition that the network node is postponed if mismatching is appointed
Business;After system executes acquisition tasks, it will be collected into the network information, create network information object data;
(3) when in data including network state information, node state object is created, and be added to facts object container
In, circulation executes step (2);Network information object data will be forwarded to network information transfer module 2 simultaneously.
In step S103, improved CP-ABE algorithm provided in an embodiment of the present invention includes:
(1) correlated variables is defined as follows:
1)G0Being one generates the p rank Bilinear Groups that member is g;
2) e indicates bilinear map, e:G0×G0→G1;
3)Δi,sFor Lagrange coefficient;
4) H is hash function, wherein H:{ 0,1 } * → G0;
5) Pa (x) indicates the father node of access control tree T interior joint x;
6) At (x) indicates attribute relevant to leaf node;
7) In (x) indicates the index of the child node of node x;
(2) parameter initialization: algorithm Setup (g, G0, α, β) → (PK, MK) in, α, β ∈ ZpIt is two randomly selected fingers
Number;If system property collection A={ A1,A2,…,AnIn number of elements be n, and define M group element at random and belong to G0With it
It is associated;The master key of owner is MK=gα, system public key PK can obtain by following formula:
PK=P { g, e (g, g)α, gβ, h1..., hm}
(3) key generates: key schedule is KeyGen (MK, S) → SK;Algorithm selects random number r ∈ Z firstp, it is
Each attribute j ∈ S selects random number rj∈ZpAfterwards, D is calculatedy=gy·H(j)rjAnd Dy'=grj, key SK is by D=g(α+β)/β, Dy
=gy·H(j)rjAnd Dy'=grjComposition, i.e. SK=(D, Dy,Dj'), wherein
(4) Encryption Algorithm: Encryption Algorithm is Encrypt (PK, M, T) → CT, uses PK and access control tree T encrypting plaintext
M;Algorithm needs to construct access control tree T, and core concept is: setting the threshold value of node x as kx, (k is selected for node xx- 1) secondary
Random number polynomial represents the information of the node;Select random number s ∈ Zp, and enabling R is root node;For other nodes x, q is enabledx=
qpa(x)=(In (x));Assuming that Y is the set of leaf node, then encrypted ciphertext CT is shown below:
CT=(T, Me (g, g)αs, hs, gqy(0), H (At (y)qy(0))
(5) plaintext M is obtained using private key SK decryption ciphertext CT;It defines recursive operation DecryptNode (CT, SK, x), enables i
=At (y) carries out recursive operation for each leaf node x, is shown below:
For each non-leaf nodes x, at least K is utilizedxA e (g, g)rqx(0)Interpolation section as lagrange polynomial
E (g, g) is calculated in pointrqsj(0), wherein e (g, g)rqx(0)It is the child nodes { z from node xjBe calculated;A is enabled again
=e (g, g)rs, then plaintext M=C'/(e (D, C)/A).
As shown in Fig. 2, information security of computer network control system provided by the invention includes: network information gathering module
1, network information transfer module 2, main control module 3, network information identification module 4, encrypting module 5, intrusion detection module 6, alarm
Module 7, cloud storage module 8, display module 9.
Network information gathering module 1 is connect with main control module 3, for acquiring network data information by the network equipment;
Network information transfer module 2 is connect with main control module 3, for passing through Network transmission line or wireless transmitter to net
Network data information is transmitted;
Main control module 3, with network information gathering module 1, network information transfer module 2, network information identification module 4, plus
Close module 5, intrusion detection module 6, alarm module 7, cloud storage module 8, display module 9 connect, for passing through central processing unit
Modules are controlled to work normally;
Network information identification module 4 is connect with main control module 3, for identifying network information number by information recognition program
According to packet;
Encrypting module 5 is connect with main control module 3, for being encrypted by encipheror to network information data;
Intrusion detection module 6 is connect with main control module 3, for passing through intrusion detection program to the network information by exception
Invasion carries out detection mark;
Alarm module 7 is connect with main control module 3, for the invasion signal and alarm by alarm according to detection;
Cloud storage module 8 is connect with main control module 3, for storing network information data by Cloud Server;
Display module 9 is connect with main control module 3, for being believed by display display networks data and intrusion detection
Number mark.
2 transmission method of network information transfer module provided by the invention is as follows:
(1) network information sender receives the upper level network information to be forwarded that upper level network information reception side is sent;
(2) forwarding that network information sender obtains active user's input indicates information, and the forwarding is indicated information
It is added in upper level information to be forwarded, generates next stage information to be forwarded, the forwarding instruction information includes information hair
The social property information of the user of relationship, network information sender between the user for the side of sending and the user of receiving party;
(3) next stage information to be forwarded is sent at least one network information reception side by network information sender,
The network information reception side is calculated according to preset algorithm by the information sender and is obtained;
(4) network information reception side receives the next stage information to be forwarded, obtains the corresponding use in network information reception side
The feedback information at family, and the feedback information is sent to initial network information sender;Alternatively, network information reception side connects
Next stage information to be forwarded is received, the next stage network information to be forwarded is transmitted to next stage network information reception side.
In step (3), information sender provided in an embodiment of the present invention by next stage information to be forwarded be sent to
A few receiving party specifically includes:
Individual communication channel is established between the information sender and the receiving party;
Next stage information to be forwarded is sent to the information by the communication channel and connect by the information sender
Debit.
In step (3), preset algorithm provided in an embodiment of the present invention are as follows:
1) the corresponding all associated nodes of information sender traversal active user, by next stage information to be forwarded and often
The feature of one associated nodes is matched, and the matching degree of each associated nodes is obtained;
2) when the matching degree of associated nodes is higher than first threshold, retain the association section that the matching degree is higher than first threshold
Point;
3) according to the height of matching degree, the associated nodes remained are ranked up;And according to what is remained
Associated nodes calculate forwarding branch's number;
4) meet preset condition in all associated nodes numbers remained, forwarding branch's number and matched series
When, terminate matching process;Otherwise, first threshold is adjusted according to current forwarding branch number, it is to be forwarded according to the next stage
Information associated nodes corresponding with each associated nodes remained carry out next round matching;
5) after matching process, according to the associated nodes remained in matching process, it is combined at least one
Branch is forwarded, and chooses the forwarding branch for meeting preset standard from least one described forwarding branch, and obtain the letter
Breath sender matches the instruction information of the forwarding between corresponding associated nodes with every level-one in the forwarding branch for meeting preset standard.
4 recognition methods of network information identification module provided by the invention is as follows:
(1) trustable network information and the untrusted network information are acquired, credible number is established according to the trustable network information of acquisition
Untrusted database is established according to library, and according to the untrusted network information of acquisition;
(2) network information to be identified is obtained;
(3) using cosine law algorithm calculate the network information to be identified with it is each credible in the trust data library
The similarity of the network information takes the maximum value for calculating resulting similarity to be denoted as the first similarity;
(4) using cosine law algorithm calculate the network information to be identified with it is each non-in the untrusted database
The similarity of trustable network information takes the maximum value for calculating resulting similarity to be denoted as the second similarity;
(5) size of first similarity and second similarity;Described in being greater than when first similarity
When the second similarity, determine that the network information to be identified is credible;When second similarity is greater than first similarity,
Determine that the network information to be identified is insincere;
(6) when determining that the network information to be identified is insincere, by the network information to be identified labeled as suspicious, or
Person shields the network information to be identified.
When the invention works, firstly, acquiring network data information using the network equipment by network information gathering module 1;
Network data information is transmitted using Network transmission line or wireless transmitter by network information transfer module 2;Secondly, main
It controls module 3 and network information data packet is identified using information recognition program by network information identification module 4;Pass through encrypting module 5
Network information data is encrypted using encipheror;Network is believed using intrusion detection program by intrusion detection module 6
Breath is carried out detection mark by abnormal intrusion;By alarm module 7 using alarm according to the invasion signal and alarm of detection;
Then, network information data is stored using Cloud Server by cloud storage module 8;Finally, utilizing display by display module 9
Display networks data and intrusion detection signal identification.
The above is only the preferred embodiments of the present invention, and is not intended to limit the present invention in any form,
Any simple modification made to the above embodiment according to the technical essence of the invention, equivalent variations and modification, belong to
In the range of technical solution of the present invention.
Claims (5)
1. a kind of information security of computer network control method, which is characterized in that the information security of computer network controlling party
Method includes:
The first step acquires network data information using the network equipment based on LEAPS algorithm;
Second step utilizes Network transmission line or wireless transmitter transmitting network data information;
Third step identifies network information data packet using information recognition program;Utilize the encryption based on improved CP-ABE algorithm
Program encrypts network information data;Detection mark is carried out by abnormal intrusion to the network information using intrusion detection program
Know;Using alarm according to the invasion signal and alarm of detection;
4th step stores network information data using Cloud Server;Utilize display display networks data and intrusion detection
Signal identification.
2. information security of computer network control method as described in claim 1, which is characterized in that the first step
LEAPS algorithm includes:
(1) network node information to be acquired and acquisition tasks information are read first from configuration database, and are created
Network node object and acquisition tasks object, are put into facts object container, there was only two kinds of object when initial in container,
Remaining type is continuously added in system operation;
(2) enter in " matching-selection-execution " cycle period of LEAPS algorithm, that is, choose a network node object, according to
The protocol version etc. to be used of the state of network node and acquisition determines how execution acquisition tasks;When network node state,
When the protocol version that acquisition is used matches, then acquisition tasks are executed;The acquisition tasks of the network node are postponed if mismatching;
After system executes acquisition tasks, it will be collected into the network information, create network information object data;
(3) when in data including network state information, node state object is created, and be added in facts object container, followed
Ring executes step (2);Network information object data will be forwarded to network information transfer module simultaneously.
3. information security of computer network control method as described in claim 1, which is characterized in that the third step is improved
CP-ABE algorithm includes:
(1) correlated variables is defined as follows:
1)G0Being one generates the p rank Bilinear Groups that member is g;
2) e indicates bilinear map, e:G0×G0→G1;
3) Δ i, s are Lagrange coefficient;
4) H is hash function, wherein H:{ 0,1 } * → G0;
5) Pa (x) indicates the father node of access control tree T interior joint x;
6) At (x) indicates attribute relevant to leaf node;
7) In (x) indicates the index of the child node of node x;
(2) parameter initialization: algorithm Setup (g, G0, α, β) → (PK, MK) in, α, β ∈ ZpIt is two randomly selected indexes;
If system property collection A={ A1,A2,…,AnIn number of elements be n, and define M group element at random and belong to G0With its into
Row association;The master key of owner is MK=gα, system public key PK pass through following formula obtain:
PK=P { g, e (g, g)α, gβ, h1..., hm}
(3) key generates: key schedule is KeyGen (MK, S) → SK;Algorithm selects random number r ∈ Z firstp, it is each
Attribute j ∈ S selects random number rj∈ZpAfterwards, D is calculatedy=gy·H(j)rjAnd Dy'=grj, key SK is by D=g(α+β)/β, Dy=
gy·H(j)rjAnd Dy'=grjComposition, i.e. SK=(D, Dy,Dj'), wherein
(4) Encryption Algorithm: Encryption Algorithm is Encrypt (PK, M, T) → CT, uses PK and access control tree T encrypting plaintext M;It calculates
Method needs to construct access control tree T, and core concept is: setting the threshold value of node x as kx, (k is selected for node xx- 1) secondary random
Multinomial represents the information of the node;Select random number s ∈ Zp, and enabling R is root node;For other nodes x, q is enabledx=qpa(x)
=(In (x));Y is the set of leaf node, then encrypted ciphertext CT is shown below:
(5) plaintext M is obtained using private key SK decryption ciphertext CT;It defines recursive operation DecryptNode (CT, SK, x), enables i=At
(y), recursive operation is carried out for each leaf node x, is shown below:
For each non-leaf nodes x, at least K is utilizedxA e (g, g)rqx(0)As the interpolation knot of lagrange polynomial, meter
Calculation obtains e (g, g)rqsj(0), wherein e (g, g)rqx(0)It is the child nodes { z from node xjBe calculated;Enable again A=e (g,
g)rs, then plaintext M=C'/(e (D, C)/A).
4. a kind of information security of computer network control of information security of computer network control method described in operation claim 1
System, which is characterized in that the information security of computer network control system includes:
Network information gathering module, connect with main control module, for acquiring network data information by the network equipment;
Network information transfer module, connect with main control module, for passing through Network transmission line or wireless transmitter to network data
Information is transmitted;
Main control module, with network information gathering module, network information transfer module, network information identification module, encrypting module, enter
Detection module, alarm module, cloud storage module, display module connection are invaded, for controlling modules just by central processing unit
Often work;
Network information identification module, connect with main control module, for identifying network information data packet by information recognition program;
Encrypting module is connect with main control module, for being encrypted by encipheror to network information data;Intrusion detection mould
Block is connect with main control module, for being carried out detection mark by abnormal intrusion to the network information by intrusion detection program;
Alarm module is connect with main control module, for the invasion signal and alarm by alarm according to detection;
Cloud storage module, connect with main control module, for storing network information data by Cloud Server;
Display module is connect with main control module, for passing through display display networks data and intrusion detection signal identification.
5. a kind of network information using information security of computer network control method described in claims 1 to 3 any one is pacified
Full platform.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910027440.9A CN109873809A (en) | 2019-01-11 | 2019-01-11 | A kind of information security of computer network control system and method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910027440.9A CN109873809A (en) | 2019-01-11 | 2019-01-11 | A kind of information security of computer network control system and method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109873809A true CN109873809A (en) | 2019-06-11 |
Family
ID=66917664
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910027440.9A Pending CN109873809A (en) | 2019-01-11 | 2019-01-11 | A kind of information security of computer network control system and method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109873809A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112491932A (en) * | 2020-12-25 | 2021-03-12 | 广州金匙信息科技有限公司 | Network security defense system based on Internet of things |
| CN112866278A (en) * | 2021-02-04 | 2021-05-28 | 许昌学院 | Computer network information safety protection system based on big data |
| CN113301011A (en) * | 2021-04-13 | 2021-08-24 | 麦荣章 | Information security management system based on cloud service |
| CN113824693A (en) * | 2021-08-25 | 2021-12-21 | 北京达佳互联信息技术有限公司 | Multimedia data sharing method, device and system, electronic equipment and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104243284A (en) * | 2014-09-19 | 2014-12-24 | 王淦坤 | Network information transmission method and system |
| CN105959111A (en) * | 2016-07-01 | 2016-09-21 | 何钟柱 | Information security big-data resource access control system based on cloud computing and credible computing |
| CN106059765A (en) * | 2016-08-04 | 2016-10-26 | 北京邮电大学 | Digital virtual asset access control method based on attribute password under cloud environment |
-
2019
- 2019-01-11 CN CN201910027440.9A patent/CN109873809A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104243284A (en) * | 2014-09-19 | 2014-12-24 | 王淦坤 | Network information transmission method and system |
| CN105959111A (en) * | 2016-07-01 | 2016-09-21 | 何钟柱 | Information security big-data resource access control system based on cloud computing and credible computing |
| CN106059765A (en) * | 2016-08-04 | 2016-10-26 | 北京邮电大学 | Digital virtual asset access control method based on attribute password under cloud environment |
Non-Patent Citations (3)
| Title |
|---|
| 程思嘉;张昌宏;潘帅卿;: "基于CP-ABE算法的云存储数据访问控制方案设计" * |
| 陈玉娟;崔立红;马帅章;: "基于网络环境下的网络安全及防护研究" * |
| 韩璐;张洁;包铁;李金宇;刘淑芬;: "基于SNMP的信息采集系统" * |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112491932A (en) * | 2020-12-25 | 2021-03-12 | 广州金匙信息科技有限公司 | Network security defense system based on Internet of things |
| CN112866278A (en) * | 2021-02-04 | 2021-05-28 | 许昌学院 | Computer network information safety protection system based on big data |
| CN112866278B (en) * | 2021-02-04 | 2023-04-07 | 许昌学院 | Computer network information safety protection system based on big data |
| CN113301011A (en) * | 2021-04-13 | 2021-08-24 | 麦荣章 | Information security management system based on cloud service |
| CN113824693A (en) * | 2021-08-25 | 2021-12-21 | 北京达佳互联信息技术有限公司 | Multimedia data sharing method, device and system, electronic equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Lv et al. | AI-empowered IoT security for smart cities | |
| Zhu et al. | Secure multimedia big data in trust-assisted sensor-cloud for smart city | |
| Ren et al. | Querying in internet of things with privacy preserving: Challenges, solutions and opportunities | |
| Zhang et al. | Security and privacy in smart city applications: Challenges and solutions | |
| CN109873809A (en) | A kind of information security of computer network control system and method | |
| US20180198714A1 (en) | Probabilistic Message Filtering and Grouping | |
| CN103905469B (en) | Security control system and method applied to smart grid wireless sensing network and cloud computing | |
| Abubaker et al. | Blockchained service provisioning and malicious node detection via federated learning in scalable Internet of Sensor Things networks | |
| CN102026090B (en) | Node positioning method in IOT (Internet of things) and node | |
| Tiwari | Analysis and detection of fake profile over social network | |
| Said et al. | Light-weight secure aggregated data sharing in IoT-enabled wireless sensor networks | |
| Zhaoliang et al. | Functional agricultural monitoring data storage based on sustainable block chain technology | |
| Chai et al. | Enhancing sink-location privacy in wireless sensor networks through k-anonymity | |
| Sahu et al. | Exploring security threats and solutions Techniques for Internet of Things (IoT): from vulnerabilities to vigilance | |
| Kui et al. | Securing top-k query processing in two-tiered sensor networks | |
| CN113656831B (en) | Edge track protection method based on block chain | |
| Kiruthika et al. | Fusion of IoT, blockchain and artificial intelligence for developing smart cities | |
| Abubakar et al. | A survey on the integration of blockchain and IoT: challenges and opportunities | |
| De et al. | Blockchain Based Internet of Things | |
| Pasteris et al. | Data distribution and scheduling for distributed analytics tasks | |
| Udaya Suriya Rajkumar et al. | Artificial bee colony method for identifying eavesdropper in terrestrial cellular networks | |
| Sruthi et al. | An efficient secure data aggregation technique for internet of things network: an integrated approach using DB-MAC and multi-path topology | |
| CN103297962A (en) | Opportunity network route method and system based on encrypted fuzzy keywords | |
| Narayan | A review on elliptic curve cryptography | |
| ANNANE et al. | Fast Fraud Detection Schema Based on Blockchain and Tree Indexer to Ensure Agricultural Supply Chain Safety |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190611 |