Security label-based power secondary system access control method and system

The invention provides a security label-based power secondary system access control method. The method comprises the following steps: receiving a login instruction input by a service requester and determining the service principal corresponding to the role of the service requester; acquiring the service object corresponding to the service principle, wherein the service object is other service required to be called by the service principal or a method in the service; acquiring the sole security label of the service principal and the sole security label of the service object when the service principal and the service object pass identity authentication; and executing an operating command when the received operating command meets the control permission of the service principal, which is determined according to the sole security label of the service principal and the sole security label of the service object. The invention further provides a security label-based power secondary system access control system which improves the security of power secondary system access.