市域铁路列控系统密钥管理技术研究
王璐1刘月2,3黄挺1孟凡一2,3杨俐1田宏达2,3
City Railway Train Control System Key Management Technology
WANG Lu1LIU Yue2,3HUANG Ting1MENG Fanyi2,3YANG Li1TIAN Hongda2,3
-
作者信息:1.上海申铁投资有限公司, 200032, 上海
2.北京全路通信信号研究设计院有限公司, 100070, 北京
3.北京市高速铁路运行控制系统工程技术研究中心, 100070, 北京
-
Affiliation:1.Shanghai Shen-Tie Investment Co., Ltd., 200032, Shanghai, China
2.Beijing National Railway Research Design Institute of Signal Communication Co., Ltd., 100070, Beijing, China
3.Beijing Engineering Technology Research Center of Operation Control Systems for High Speed Railways, 100070, Beijing, China
-
关键词:
-
Key words:
-
DOI:10.16037/j.1007-869x.20252056
-
中图分类号/CLCN:U283
-
栏目/Col:通信信号
摘要:
[目的] 针对市域铁路列控系统车地通信认证密钥的离线管理方式存在安全性不足、操作复杂且跨域运行效率低的问题,提出一种综合性在线密钥管理技术方案。[方法] 该技术方案以在线密钥管理为核心,离线密钥管理为补充,构建覆盖密钥全生命周期的安全管理体系;采用符合国家标准的密码算法,结合数字信封与数字签名机制,实现安全的数据传输与身份认证;明确同域、异域及特殊场景下的密钥管理技术流程。[结果及结论] 该技术方案具有较高的可行性与扩展性,通过新建密钥管理中心(KMC)和证书管理中心(CMC)改造与兼容现有信号设备(KMAC设备);研究成果可为市域铁路列控系统在多场景下的安全稳定运行提供技术支持,也将为轨道交通密钥管理技术的进一步优化提供参考。
Abstracts:
[Objective] In response to the issues in city railway train control systems, such as the insufficient security, operational complexity, and low cross-domain running efficiency associated with the offline management of vehicle-wayside communication authentication keys, a comprehensive online key management technology solution is proposed. [Method] Centered on the online key management and supplemented by the offline key management, the proposed solution establishes a secure management framework covering the entire key lifecycle. It employs cryptographic algorithms compliant with national standards, integrating digital envelope and digital signature mechanisms to ensure secure data transmission and identity authentication. The solution also clearly defines technical procedures for key management in same-domain, cross-domain, and special scenarios. [Result Conclusion] The proposed solution demonstrates high feasibility and scalability. By establishing a new KMC (key management center) and the CMC (certificate management center), the existing signaling equipment—key management authentication key (KMAC)—is revamped and integrated. The research result provides technical support for secure and stable operation of city railway train control systems across various scenarios, as well as reference for further optimization of key management technologies in rail transit systems.
- 上一篇: 上海市域铁路信号系统的选择及比较分析
- 下一篇: 上海市域铁路工程应急抢险体系探索与实践
过刊浏览
资料下载
友情链接