一種適用于霧計(jì)算的終端節(jié)點(diǎn)切換認(rèn)證協(xié)議
doi: 10.11999/JEIT200005
-
1.
北京電子科技學(xué)院 北京 100070
-
2.
北京郵電大學(xué)網(wǎng)絡(luò)空間安全學(xué)院 北京 100876
A Switching Authentication Protocol of Terminal Node for Fog Computing
-
1.
Beijing Electronic Science and Technology Institute, Beijing 100070, China
-
2.
School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China
-
摘要: 針對當(dāng)前霧計(jì)算環(huán)境下終端節(jié)點(diǎn)的切換認(rèn)證協(xié)議在存儲(chǔ)量、計(jì)算量和安全性等方面還存在缺陷,該文提出一種高效的終端節(jié)點(diǎn)切換認(rèn)證協(xié)議。在該協(xié)議中,采用雙因子組合公鑰(TF-CPK)和認(rèn)證Ticket相結(jié)合的方式,實(shí)現(xiàn)霧節(jié)點(diǎn)和終端節(jié)點(diǎn)的相互認(rèn)證和會(huì)話密鑰協(xié)商。安全性和性能分析結(jié)果表明,該協(xié)議支持不可跟蹤性,可以抵抗眾多已知攻擊和安全威脅,且具有較小的系統(tǒng)開銷。
-
關(guān)鍵詞:
- 霧計(jì)算 /
- 終端節(jié)點(diǎn) /
- 切換認(rèn)證 /
- 雙因子組合公鑰 /
- 認(rèn)證票據(jù)
Abstract: In order to solve the problem that the switching authentication protocol of terminal nodes in fog computing has some defects in storage, compute and security, an efficient terminal node switching authentication protocol is proposed. In this protocol, mutual authentication and session key agreement between the fog nodes and terminal nodes are realized by the combination of Two Factors Combined Public Key(TF-CPK) and authentication ticket. The security and performance analysis results show that the protocol supports untraceability, which can resist numerous known attacks and security threats, and has a smaller system overhead. -
表 3 初始化認(rèn)證和切換重認(rèn)證計(jì)算開銷比較表
運(yùn)算種類 初始化認(rèn)證 切換重認(rèn)證 對稱加密/解密 3 2 非對稱加密/解密 1 0 簽名或驗(yàn)證 1 0 哈希運(yùn)算 3 2 下載: 導(dǎo)出CSV
-
王穎, 王懿, 陳文瑛, 等. 一種面向分布式分析的霧計(jì)算架構(gòu)及其在電網(wǎng)安全風(fēng)險(xiǎn)評估中的應(yīng)用[J]. 自動(dòng)化與儀器儀表, 2016(9): 128–130, 132. doi: 10.14016/j.cnki.1001-9227.2016.09.128WANG Ying, WANG Yi, CHEN Wenying, et al. A fog computing infrastructure for distributed analytics and its application in risk assessment to power grid[J]. Automation &Instrumentation, 2016(9): 128–130, 132. doi: 10.14016/j.cnki.1001-9227.2016.09.128 IBRAHIM M H. Octopus: An edge-fog mutual authentication scheme[J]. International Journal of Network Security, 2016, 18(6): 1089–1101. YI Shanhe, QIN Zhengrui, and Li Qun. Security and privacy issues of fog computing: A survey[C]. The 10th International Conference on Wireless Algorithms, Systems, and Applications, Qufu, China, 2015: 685–695. doi: 10.1007/978-3-319-21837-3_67. 張海波, 程妍, 劉開健, 等. 車聯(lián)網(wǎng)中整合移動(dòng)邊緣計(jì)算與內(nèi)容分發(fā)網(wǎng)絡(luò)的移動(dòng)性管理策略[J]. 電子與信息學(xué)報(bào), 2020, 42(6): 1444–1451. doi: 10.11999/JEIT190571ZHANG Haibo, CHENG Yan, LIU Kaijian, et al. The mobility management strategies by integrating mobile edge computing and CDN in vehicular networks[J]. Journal of Electronics &Information Technology, 2020, 42(6): 1444–1451. doi: 10.11999/JEIT190571 MUKHERJEE M, MATAM R, SHU Lei, et al. Security and privacy in fog computing: Challenges[J]. IEEE Access, 2017, 5: 19293–19304. doi: 10.1109/ACCESS.2017.2749422 NI Jianbing, ZHANG Kuan, LIN Xiaodong, et al. Securing fog computing for internet of things applications: Challenges and solutions[J]. IEEE Communications Surveys & Tutorials, 2018, 20(1): 601–628. doi: 10.1109/COMST.2017.2762345 黃彬, 劉廣鐘, 徐明. 基于簇的無線傳感器網(wǎng)絡(luò)安全節(jié)點(diǎn)認(rèn)證協(xié)議[J]. 計(jì)算機(jī)工程, 2016, 42(7): 117–122, 128. doi: 10.3969/j.issn.1000-3428.2016.07.020HUANG Bin, LIU Guangzhong, and XU Ming. Security authentication protocol for nodes in wireless sensor networks based on clusters[J]. Computer Engineering, 2016, 42(7): 117–122, 128. doi: 10.3969/j.issn.1000-3428.2016.07.020 HAN K, KIM K, and SHON T. Untraceable mobile node authentication in WSN[J]. Sensors, 2010, 10(5): 4410–4429. doi: 10.3390/s100504410 HAN K, SHON T, and KIM K. Efficient mobile sensor authentication in smart home and WPAN[J]. IEEE Transactions on Consumer Electronics, 2010, 56(2): 591–596. doi: 10.1109/TCE.2010.5505975 IBRIQ J and MAHGOUB I. A hierarchical key establishment scheme for wireless sensor networks[C]. The 21st International Conference on Advanced Information Networking and Applications, Niagara Falls, Canada, 2007: 210–219. doi: 10.1109/AINA.2007.14. FANTACCI R, CHITI F, and MACCARI L. Fast distributed bi-directional authentication for wireless sensor networks[J]. Security and Communication Networks, 2008, 1(1): 17–24. doi: 10.1002/sec.1 房帥磊. 層次化無線傳感器網(wǎng)絡(luò)移動(dòng)節(jié)點(diǎn)認(rèn)證技術(shù)研究[D]. [碩士論文], 西安電子科技大學(xué), 2011.FANG Shuailei. Study on mobile nodes authentication in hierarchical wireless sensor networks[D]. [Master dissertation], Xidian University, 2011. 南湘浩. CPK密碼體制與網(wǎng)際安全[M]. 北京: 國防工業(yè)出版社, 2008: 23–28.NAN Xianghao. CPK-Crypotosystem and Cyber Security[M]. Beijing: National Defense Industry Press, 2008: 23–28. 張鑫, 楊曉元, 朱率率. 移動(dòng)網(wǎng)絡(luò)可信匿名認(rèn)證協(xié)議[J]. 計(jì)算機(jī)應(yīng)用, 2016, 36(8): 2231–2235. doi: 10.11772/j.issn.1001-9081.2016.08.2231ZHANG Xin, YANG Xiaoyuan, and ZHU Shuaishuai. Trusted and anonymous authentication protocol for mobile networks[J]. Journal of Computer Applications, 2016, 36(8): 2231–2235. doi: 10.11772/j.issn.1001-9081.2016.08.2231 KARLOF C, SASTRY N, and WAGNER D. TinySec: A link layer security architecture for wireless sensor networks[C]. The 2nd International Conference on Embedded Networked Sensor Systems, Baltimore, USA, 2004: 3–5. LEE H R, CHOI Y J, and KIM H W. Implementation of TinyHash based on hash algorithm for sensor network[C]. The World Academy of Science, Engineering and Technology, Saint Louis, USA, 2005: 135–139. -