Kongzhi Yu Xinxi Jishu (Feb 2022)
Research on Network Information Security Risk Analysis and Protection Strategy of LKJ Monitoring and Management Device
Abstract
With the advent of the information age, openness and internet nature of network are increasing enhanced. At present, in railway industry, vehicle-ground communication network and related railway information systems based on wireless communication and internet of things technology lack adequate security defense capability. When they are subjected to illegal access or malicious attacks, they may cause network communication interruption, equipment failure, data loss. Viruses, trojans and other threats may spread from the wireless network to the side of train communication network and railway network. In addition, data flow of the system is transmitted in plaintext, which may lead to data leakage or even tampering, causing serious traffic accidents. In this paper, LMD(LKJ monitoring and management device) is taken as the research object, aiming at LMD itself and its associated LKJ series control system, the hidden risk of information security is analyzed. According to the system security level protection requirements, this paper proposes a secure network topology, which uses firewall technology to construct vehicle-ground IPsecVPN virtual private transport channel at the network boundary, deploys security supervision and audit platform to monitor, alarm and trace network behavior in bypass, and adopts dual-path redundancy architecture at key network nodes to improve network robustness. Corresponding security protection strategies are put forward from five aspects: physical environment, communication network, regional boundary, computing environment, security management, etc., which provides reference for LMD to construct perfect information security protection system to ensure safe and stable operation of the system, and provide reference for information security construction of related railway information systems.
Keywords
