Symmetry, Vol. 17, Pages 1982: Improved Trust Evaluation Model Based on PBFT and Zero Trust Integrated Power Network Security Defense Method

Symmetry doi: 10.3390/sym17111982

Authors:
Xiaoyun Liao
Sen Yang
Jun Xu
Li Liu
Wei Liang
Shengjie Yu
Yimu Ji
Shangdong Liu

In traditional power networks, security protection models primarily rely on perimeter-based defenses, utilizing firewalls, virtual private networks (VPNs), and identity authentication to block external threats. However, once a node within the power system is compromised, attackers can exploit it as a pivot to launch lateral movement attacks from within the system, posing serious threats to the core operations of the power grid. To address the increasingly complex cybersecurity landscape, this paper proposes a security defense approach that integrates an improved trust evaluation model based on the Practical Byzantine Fault Tolerance (PBFT) algorithm with a zero-trust architecture, leveraging the structural and functional symmetry among network nodes. The PBFT algorithm’s fault tolerance and consensus mechanisms are leveraged to ensure dynamic trust scoring across multiple nodes. This approach guarantees that each node has an equal role in the system’s operations, maintaining fairness and security across the network. Furthermore, the primary node in the PBFT consensus process is redefined as the arbitration node in the zero-trust framework, and faulty nodes can be automatically replaced through the view change protocol, thereby mitigating the centralization risk inherent in traditional zero-trust models. Experimental results demonstrate that the proposed approach achieves high accuracy and robustness in defending against both internal and external attacks in power network scenarios, highlighting the role of symmetry in enhancing secure and balanced system operations.

Source link

Xiaoyun Liao www.mdpi.com