CN-117278297-B - Cloud platform network safety protection scheduling system for cloud system

Abstract

The invention relates to the technical field of network security protection, and particularly discloses a cloud platform network security protection scheduling system for a cloud system, which comprises a service platform layer, a service application layer, a display layer and an intrinsic safety layer; according to the cloud data security management system, the data center, cloud side interaction, artificial intelligence application development, application support functions and basic calculation analysis are realized through the service platform layer, the service requirements of overall monitoring, calculation, optimization and assessment of a power grid are met through the service application layer, a cloud data security protection function is newly built based on an intrinsic security layer, potential security threats are monitored and responded in real time, the risk of occurrence of a security event is reduced, the security of the whole cloud platform is improved, automatic scheduling and management of security resources are realized, the workload of operation and maintenance personnel is reduced, and the operation and maintenance efficiency is improved.

Inventors

• JIANG WEI
• ZHOU ZHIFENG
• LI WENCHAO
• MA GUANG
• WANG SHAOKANG
• LI FUTAO
• YAN CHUN

Assignees

• 中国南方电网有限责任公司

Dates

Publication Date

20260512

Application Date

20231007

Claims (4)

1. 1. A cloud platform network security protection scheduling system for a cloud system, which comprises a service platform layer, a service application layer, a display layer and an intrinsic safety layer, and is characterized in that, The service platform layer is used for establishing a platform for providing a data center, cloud side interaction, artificial intelligent application development, application support functions and basic calculation analysis functions aiming at the common requirements of cloud side system service applications, and comprises a cloud side data center, a cloud side interaction cloud side management center, a cloud side fusion block chain function, artificial intelligent application training service, an application support function and a basic calculation analysis function; The service application layer comprises distributed coordinated optimization control type functions, refined operation optimization control type functions and intelligent operation and maintenance management type functions, and service application, and meets the requirements of power grid global monitoring, calculation, optimization and evaluation of service, wherein the refined operation optimization control type functions of the service application layer are realized through artificial intelligence application development services provided by a service platform layer, and a whole network bus load, integrated whole network new energy power and system load 3-type artificial intelligence prediction model is built, short-term and ultra-short-term prediction services are provided for the whole network, boundary data support is provided for cloud global optimization, and the detailed operation optimization control type functions of the service application layer are realized through the artificial intelligence application development services provided by the service platform layer, and the specific steps of: Step one, feature engineering, which is to analyze and process the collected data based on artificial intelligence application development service; Model training, namely, based on computational resources provided by artificial intelligence application development service, carrying out prediction model training, dividing a training data set into a training set, a verification set and a test set by a set-aside method, selecting AdaGrad a model optimizer and a self-defined loss function to optimize the model, wherein the model loss function is preferably selected from mean square error, root mean square error and self-defined loss function, and the model starts self-adaptive training under a fixed period or when the accuracy is lower than a fixed threshold; thirdly, fusion of prediction results, namely realizing training of a plurality of prediction models based on a multi-model fusion method of ensemble learning, and supporting secondary fitting of a plurality of prediction results of the same prediction object; Step four, visual display, wherein a user self-defines a time interval to form an actual load curve and a predicted load curve, a graph and a histogram are used for displaying the maximum or minimum value of the load in a self-defined time window, weather forecast data and weather live data change curves with the time interval of 1 hour are formed, the prediction accuracy is displayed in a multi-dimension mode in a form of a table, the predicted load and the actual load are supported to be inquired, the predicted load and the actual load are supported to be exported in a form of a graph and a table, and analysis results are displayed through comparison analysis, correlation analysis and trend analysis; The display layer comprises a novel human-computer interaction type function, a centralized display service and a multi-theme scene display function, wherein the novel human-computer interaction type function is realized through intelligent voice question-answering robots and intelligent searching of scheduling knowledge of power grid scheduling, the function of the centralized display service comprises cloud system portals, interface development tools, B/S mode and C/S mode support and multi-user support, and the function of the multi-theme scene display comprises thematic scene design development, new energy operation display, power supply protection operation and electric power spot market operation display; The intrinsic safety layer is used for integrating safety components provided by the dispatching cloud and creating a cloud data safety protection function.
2. 2. The cloud platform network security protection scheduling system for a cloud system of claim 1, wherein the functions of the power grid scheduling intelligent voice question-answering robot include voice recognition, voice question-answering and retrieval and cloud system operation assistant, the functions of scheduling knowledge intelligent search include information retrieval and information matching.
3. 3. The cloud platform network security protection scheduling system for a cloud system according to claim 1, wherein the intrinsic safety layer establishes cloud data security protection, and the functional requirements for the cloud data security protection are cloud data classification hierarchical information management, cloud data classification identification, data classification retrieval, cloud data security audit, cloud data security encryption, data desensitization and data disaster recovery.
4. 4. A cloud platform network security protection scheduling method for a cloud system, configured to implement the cloud platform network security protection scheduling system for a cloud system according to any one of claims 1 to 3, wherein: The method comprises the steps of Q1, constructing an operation environment, namely constructing a service platform layer and a service application layer based on a container environment provided by a dispatching cloud, wherein the dispatching cloud provides management, internal communication, dispatching, start-stop and transverse expansion services for a container cluster; Q2, carrying out communication on the external communication, namely carrying out communication on the service application layer through the virtual IP provided by the dispatching cloud VPC network, and carrying out communication on the EIP provided by the dispatching cloud for communication outside the cloud or across the area; step Q3, data access, wherein the service application layer stores data into a storage cloud disk mounted on a container and needs to meet the interface and storage configuration requirements of related cloud services; Step Q4, data interaction, wherein business application layers supported by different container groups carry out message transmission through a message bus of a scheduling cloud, and application modules supported by the same container group have strong correlation and exchange data in a shared memory, a database and a storage mode; And Q5, service calling, namely packaging the sub-function logic by the service application layer according to the requirement of dispatching the cloud service bus, mounting the sub-function logic on the cloud service bus, and calling related services by the display layer and the intrinsic safety layer through the cloud service bus.

Description

Cloud platform network safety protection scheduling system for cloud system Technical Field The invention relates to the technical field of network security protection, in particular to a cloud platform network security protection scheduling system for a cloud system. Background Cloud computing has become one of the main driving forces in today's IT world, providing flexible, scalable computing, storage, and network resources for businesses and individuals. However, as cloud systems become popular, network security threats become more and more serious. In order to promote digital transformation strategy landing, the whole network is required to develop the capabilities of massive and distributed main body access, monitoring, control and marketing operation and service on the basis of improving an OS2 security control system, a cloud edge fusion new state of 'cloud brain + edge node' two-stage cooperative operation is formed, and the whole network jointly builds a cloud edge fusion intelligent scheduling operation platform. However, the existing cloud system provides computing, storage and network resources, and meanwhile, the existing cloud system also faces many challenges of data security, network security and privacy protection, which not only needs technical measures, but also needs to make appropriate strategies and rules and establish an emergency response plan to cope with the continuously evolving network threats. Disclosure of Invention In order to overcome the defects in the prior art, the invention provides a cloud platform network security protection scheduling system for a cloud system, which realizes data centers, cloud side interaction, artificial intelligent application development, application support functions and basic calculation analysis through a service platform layer, meets the overall monitoring, calculation, optimization and evaluation service requirements of a power grid through the service application layer, establishes a cloud data security protection function based on an intrinsic security layer, monitors and responds to potential security threats in real time, reduces the risk of security events, improves the security of the whole cloud platform, realizes the automatic scheduling and management of security resources, reduces the workload of operation and maintenance personnel, and improves the operation and maintenance efficiency so as to solve the problems in the background technology. In order to achieve the above purpose, the present invention provides the following technical solutions: a cloud platform network security protection scheduling system for a cloud system, which comprises a service platform layer, a service application layer, a display layer and an intrinsic security layer, wherein, The service platform layer is used for establishing a platform for providing a data center, cloud side interaction, artificial intelligent application development, application support functions and basic calculation analysis functions aiming at the common requirements of cloud side system service applications, and comprises a cloud side data center, a cloud side interaction cloud side management center, a cloud side fusion block chain function, artificial intelligent application training service, an application support function and a basic calculation analysis function; The service application layer comprises a distributed coordination optimization control type function, a refined operation optimization control type function and an intelligent operation and maintenance management type function service application, and meets the requirements of power grid global monitoring, calculation, optimization and evaluation service; the display layer comprises a novel man-machine interaction function, a centralized display service and a multi-theme scene display function; The intrinsic safety layer is used for integrating safety components provided by the dispatching cloud and creating a cloud data safety protection function. As a further scheme of the invention, the service application layer refined operation optimization control type function is realized through an artificial intelligent application development service provided by a service platform layer, and a whole network bus load, an integrated whole network new energy power and a system load 3 type artificial intelligent prediction model are built, short-term and ultra-short-term prediction services are provided for the whole network, and boundary data support is provided for cloud global optimization, and the specific steps of realizing the service application layer refined operation optimization control type function through the artificial intelligent application development service provided by the service platform layer are as follows: Step one, feature engineering, which is to analyze and process the collected data based on artificial intelligence application development service; Model training, namely, based on computational resour