1.大连理工大学水电与水信息研究所,辽宁省大连市116023;2.云南电网电力调度中心,云南省昆明市650011
以省地县一体化管理模式为支撑的电力调度管理系统可有效实现电网统一调度、管理和监控,但如何保证各级调度机构及电厂间大量重要数据和信息的访问和传输安全是该系统构建面临的突出问题。针对可能存在的“角色泛滥”问题,文中引入“用户-角色-页面-权限”权限描述方式,提出开放式分级用户权限方案,并实现了改进的基于角色的访问控制模型。同时,从数据库设计、分级机构定义、扩展权限设计等环节重点阐述了分级用户权限方案实现的关键技术。最后,通过云南电网小电省地县一体化调度管理系统的成功应用,证明了分级用户权限方案的有效性。
国家高技术研究发展计划(863计划)2012AA050205
1.Institute of Hydropower System and Hydroinformatics,Dalian University of Technology,Dalian116023,China;2.Yunnan Electric Power Dispatching&Communication Bureau,Kunming650011,China
The power grid dispatching management system supported by the province-prefecture-county integrated model can effectively realize unified dispatching,management and monitoring of the power grid.However,one of the most outstanding challenges in the system construction is how to ensure transmission security of vast quantities of information and data between different dispatching institutions and plants.In view of the problem of “role flood” in data transmission,an improved role based access control(RBAC)model with the access description method of “user-role-page-permission” is proposed,and an open-hierarchical user permission scheme is presented.By taking into account the construction of database,the definition of hierarchical institutions and the design of extended permission,this paper focuses on key techniques for the implementation of the hierarchical user permission scheme.The effectiveness of the scheme is shown by its successful application to the small plant management system of Yunnan province-prefecture-county integrated power grid.
[1] | 廖胜利,刘晓娟,刘本希,等.省地县一体化电力调度管理系统分级用户权限方案[J].电力系统自动化,2013,37(18):88-92. DOI:10.7500/AEPS201301043. LIAO Shengli, LIU Xiaojuan, LIU Benxi, et al. Hierarchical User Permission Scheme in Province-Prefecture-County Integrated Power Grid Dispatching Management System[J]. Automation of Electric Power Systems, 2013, 37(18):88-92. DOI:10.7500/AEPS201301043. |