Application of role-based access control in cyber security of substation

By following the encrypted communication proposed by IEC 62351-3 and the identity authentication technology by IEC 62351-4， the paper carries out research on role-based access control technology on the theoretical basis of IEC 62351-8. This technology preassigns a role to each client communication device in the communication link according to actual applications. It takes the digital certificate for its secure communication as a carrier to expand the access token that forms the role. The server device recognizes and extracts the role of the client from the digital certificate used by the client in secure communication and grants the client corresponding access permissions according to the preset mapping of roles and permissions to realize the role-based access control function. The purpose of hierarchical and sub-authorized access to IEC 61850 communication has been achieved. This technology improves the controllability of remote operation of power system equipment and has been applied in substations.