ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2018, Vol. 55 ›› Issue (7): 1479-1487.doi: 10.7544/issn1000-1239.2018.20180056

所属专题: 2018物联网安全专题

• 信息安全 • 上一篇    下一篇

基于代理重加密的物联网云节点授权可信更新机制

苏铓1,曹梦元2,谢绒娜3,付安民1   

  1. 1(南京理工大学计算机科学与工程学院 南京 210094); 2(中原工学院 郑州 450007); 3(北京电子科技学院信息安全系 北京 100070) (sumang@njust.edu.cn)
  • 出版日期: 2018-07-01
  • 基金资助: 
    国家自然科学基金项目(61702266,61572255);江苏省自然科学基金项目(BK20150787,BK20141404)

PRE-TUAN: Proxy Re-Encryption Based Trusted Update Scheme of Authorization for Nodes on IoT Cloud

Su Mang1, Cao Mengyuan2, Xie Rongna3, Fu Anmin1   

  1. 1(School of Computer Science and Engineering, Nanjing University of Science and Technology, Nanjing 210094); 2(Zhongyuan University of Technology, Zhengzhou 450007); 3(Department of Information Security, Beijing Electronic Science and Technology Institute, Beijing 100070)
  • Online: 2018-07-01

摘要: 物联网云平台通过物联网节点采集和使用数据,基于云平台进行数据的运算和存储,提升了物联网处理数据的能力和数据共享的范围,也丰富了云端数据的内容,推动了互联网与人类世界的渗透和融合,同样也带来了全新的安全问题,由于物联网节点的特点与局限性,导致节点极其容易受到攻击,因此,如何实现物联网云平台中被劫持节点数据访问授权的可信更新至关重要.为此,提出了一种基于代理重加密的物联网云节点授权可信更新机制(PRE based trusted update scheme of authorization for nodes on IoT cloud platform, PRE-TUAN).首先,定义系统模型,包含可信的物联网数据服务器、授权管理服务器和半可信的云端重加密代理服务器;其次,描述系统流程和算法;最后对PRE-TUAN进行安全性分析和证明.PRE-TUAN以代理重加密为基础,将充分发挥云的运算能力,同时确保物联网数据分享的安全与可靠.

关键词: 物联网, 云计算, 授权管理, 权限可信更新, 代理重加密

Abstract: In the Internet of things (IoT) cloud platform, the data is collected and used by the nodes of IoT, and the processing and storage of data is based on the cloud platform. The platform has increased the data processing and sharing abilities of IoT, meanwhile, it also has enriched the resource in cloud and improved integration of the Internet and human world. All of this offers advantage as well as new problems of information security. As the characteristic and limitation of the nodes of IoT, they are particularly vulnerable, thus it is a crucial and urgent issue that how to realize the trusted update of authorization for the hijacked nodes . In order to solve this problem, we propose a PRE based trusted update scheme of authorization for nodes on IoT cloud platform (PRE-TUAN). At first, we define the system model including the trusted IoT data server and permission management server, and the semi-trusted proxy re-encryption server in cloud. Secondly, describe the system processing and algorithms. Finally, analyze and prove the security of PRE-TUAN. PRE-TUAN is based on the proxy re-encryption (PRE), which will reach the full potential of cloud computing, and ensure the security and reliability of the data in IoT cloud.

Key words: Internet of things (IoT), cloud computing, permission management, trusted update scheme of authorization, proxy re-encryption (PRE)

中图分类号: