摘要
为解决目前电力运维面临的问题,提出可信电力运维堡垒机实现方案。阐述了可信电力运维堡垒机的整体架构设计方案,通过运维人员账号创建相应权限的运维工作单,启动运维任务,对运维终端和被运维对象之间的交互报文加解密、解析,对可能存在的高风险指令、攻击行为及病毒文件等操作实时监测控制和二次授权,并且生成相关操作的全流程记录、录屏等审计信息。实际应用表明,该方案能实现事前预防、事中保护、事后分析等电力运维流程的全方位监管,规范了操作流程,保障了运维工作的安全可控。
To solve problems faced by current power operation and maintenance,it proposes a design scheme of a trusted power operation and maintenance fortress machine.By creating an operation and maintenance work order with corresponding permissions by the operation and maintenance personnel account,it initiates the operation and maintenance.The interaction messages between the operation and maintenance terminals and the object being operated are encrypted,decrypted,and parsed.It carries out the real time monitoring,control,and secondary authorization of high-risk instructions,attack behaviors,and virus file downloading operations,and generates the full process recording,screen recording,and other log audit information of related operations.The practical application shows that this scheme can achieve comprehensive supervision of power operation and maintenance processes such as pre prevention,in-process protection,and post analysis.It standardizes operating procedures,and ensures the safety and controllability of operation and maintenance work.
作者
任红旭
REN Hongxu(Xuji Electric Co.,Ltd.,Xuchang,Henan 461001,China)
出处
《东北电力技术》
2025年第8期44-48,共5页
Northeast Electric Power Technology
关键词
运维
工作单
权限
管控
审计
operation and maintenance
work order
authority
control
audit
