Abstract
Gateway is a protective equipment at the boundary of the nuclear safety-level I&C system. Aiming at the unknown threat across the boundary of information physical space, this paper studies several key technologies of active defense, and constructs the gateway deep secure architecture that can resist multilevel and multi-dimensional complex attacks. Firstly, the systematic control mechanism of the gateway is constructed, which mechanism includes access control for data flow, IP whitelist at network layer, function code whitelist at application layer, IP/MAC binding and the isolation mechanism of chip’s external ports. Secondly, based on the domestic trust root, the trusted chain from bootloader to the upper-layer application is built to guarantee the secure startup of the embedded system, and the key application processes are measured periodically and verified dynamically during the running process. Based on the above, from building equipment embedded trusted system environment to its security functions, a set of active security defense mechanisms of the gateway equipment sare formed, which enhances the security of the system and improves the information security protection n capability of the equipment.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
