物联网感知数据传输的安全多方计算关键技术研究

发布时间：2018-01-21 15:07

本文关键词： 物联网感知数据安全多方计算 K-means聚类 RFID 无线传感网络　出处：《中国地质大学》2017年博士论文　论文类型：学位论文

【摘要】：随着“智慧地球、物物相连”的提出,人类由互联网时代逐步迈向物联网时代。物联网是继计算机、互联网和移动通信之后的又一次信息产业的革命性发展。物联网是在互联网的基础上,利用射频识别RFID、传感器和无线传感网络WSNs等技术,构建一个覆盖世界上所有人与物的网络信息系统,从而使人类的经济社会与社会生活、生产运行与个人活动都运行在智慧的物联网基础设施之上。物联网是全面感知的网络,它是各种感知技术的广泛应用。物联网上部署了数量巨大、类型繁多的传感器,每个传感器都是一个信息源,不同类别的传感器所捕获的信息内容和信息格式不同。传感器获得的数据具有实时性,按一定的频率周期性的采集环境信息,不断更新数据。物联网在终端采集的数据称作感知数据,因此海量的感知数据安全传输是个亟待解决的问题。本论文就如何安全传输物联网中的感知数据展开了研究。物联网中感知数据的安全传输的要求更高,它不仅要保证数据不被攻击与篡改,同时又不能泄露用户的隐私。本文对错综复杂的感知数据进行了分析,首先在物联网中的感知层和接入层建立一个信任机制,构建感知数据处理模型,提出了一个层次化的信任机制,分离了异构环境中主体的不同信任需求;在信任架构中构建了“现象可信-行为可信-节点可信-机构可信-授权可信”的环流,将感知节点信任和机构信誉进行很好的整合;本文建立感知数据处理模型,对此模型进行数学建模,将该问题形式化,让该数学模型能适应于物联网的安全需求。由此本文引入了安全多方计算(Secure Multiparty Computation,SMC),即:有多个参与方参与计算的情况下,多个参与者共同计算某个函数。该函数的输入信息分别由这些参与者提供,输入信息各自保密,不被其他人知道;感知数据是分布式的,并不集中在某个节点,对这些感知数据采取分布式数据隐私保护,本文采取的是K-means聚类算法,物联网中的计算是架构在云计算上的,因此本文将感知数据的计算外包给云端,继续研究了K-means聚类算法的外包计算,设计出了多方聚类隐私保护的K-means聚类算法外包计算,使得当有n方参与计算,协议过程中的计算完全对等,并且各方之间在交互通信过程中都有自己的随机数对信息进行加密保护,但是从交互的结果不能推导出其他方的隐私信息,实现了物联网感知数据的安全传输。物联网的网络已是无线传感器网络WSNs为主导,本文研究了无线传感网络感知数据传输的拥塞问题,WSNs节点需要将感知数据或经预处理后的感知数据传输到Sink节点。当传感器节点接收到的数据包(或分组)超过其转发或处理数据包的上限时,需要对过剩数据包进行缓存;当缓存数据包的内存已满时,过剩的数据包就会被丢弃,即引发缓冲区溢出,造成节点级的拥塞。本论文提出了基于反馈控制的能耗平衡策略(PLFC),利用反馈控制算法调整节点的发射功率实现了网络中节点负载的重新分配,解决无线传感器网络中节点的能耗不平衡问题,进一步延长了传感网络的生命周期。感知数据来自于感知层的感知设备的采集,而目前比较流行的就是在感知层设备的终端采取RFID技术。RFID系统主要由电子标签,读写器和后台服务器3个部分组成。为保护RFID系统的隐私安全,首先必须在通信前对通信双方的身份进行认证,防止伪造的电子标签或者非法的读写器,其次,通信双方之间的信息传送不能以明文方式进行,必须采取一定的加密措施,防止隐私信息泄露。现有的大量RFID认证协议都是作用于读写器和后台服务器之间,并且假设信道是安全的,但在实际上这些信道并不一定安全,因此本论文针对RFID技术进行了详细研究,提出了基于RFID技术的感知数据的多向认证与密钥协商协议,该协议进行了多向认证,在标签、对阅读器、服务器三者之间进行认证,三者互相认证都无误才能证明感知数据传输的信道是安全的。该协议简化了通信双方公开值的传递,将其交由认证服务器来传达,而且这对安全性没有影响,因为即便服务器被攻破,敌手也无法通过后面的认证。本文提出的协议能够有效解决RFID系统的隐私保护问题。最后,本文进行了总结,并指出论文在研究工作中还需要进一步完善和有待改进的地方,并对下一步工作和目标进行了展望。
[Abstract]:With the wisdom of the earth, the connection of objects ", human beings by the Internet era gradually towards the era of things. Things is the second computer, another revolutionary development of information industry after the Internet and mobile communication. The Internet is based on the Internet, the use of radio frequency identification RFID sensor and wireless sensor network WSNs technology, build a network information system covering all people and the world, so that the economic and social life of human society, production operation and personal activities are run online in the wisdom of the object based on the infrastructure. Networking is fully aware of the network, it is widely used in a variety of sensing technology the Internet of things. The deployment of large quantities of various types of sensors, each sensor is a source of information, information content and format information of different types of sensors capture the different sensor number obtained. According to the real-time information collection environment, according to a certain frequency of the periodic, continuously updated data. Things called the perception data in the data acquisition terminal, so the perception of safe data transmission is a massive problem to be solved. This thesis is to secure data transmission sensing in IOT are studied. The safe transmission of perception the data in the Internet of things is more demanding, it should not only ensure the data will not be attacked and tampered with, and can not disclose the privacy of users. Based on the analysis of the sensing data perplexing in the Internet of things, first in the sensing layer and access layer to establish a trust mechanism, construct the perception model of data processing is proposed. The trust mechanism is a hierarchical, separation of different trust demand subjects in a heterogeneous environment; in the framework of constructing "trust phenomenon - trusted node behavior trusted trusted - trusted institutions - Grant Circulation right credible, perceived trust and reputation mechanism has good integration; the perception data processing model, this model for mathematical modeling, the problem is formalized, so the mathematical model can meet the security requirements in the Internet of things. This paper introduces the secure multi-party computation (Secure Multiparty Computation, SMC), that there are multiple parties involved in the calculation, a number of participants to calculate a function. The function of the input information provided by the participants, their input information confidential, not other people know that; the sensing data is distributed and is not in a centralized node, using distributed data privacy protection the perception of these data, this paper adopts the K-means clustering algorithm, the calculation of the Internet of things is in the framework of cloud computing, this paper will calculate outsourcing sensing data to the cloud, to continue the research The K-means clustering algorithm to calculate the design calculation of outsourcing, outsourcing K-means multi clustering algorithm for Privacy Preserving Clustering, so that when the N party agreement in the process of calculation, calculation and correspondence between the parties in the communication process have their own random numbers for encryption of information protection, but not from the interaction the results derived from the other party's privacy information, realizes the secure transmission of data. The perception of things IOT network is WSNs wireless sensor network oriented, this paper studies the problem of congestion aware wireless sensor network data transmission, the WSNs node will need the sensing data or by sensing data after pretreatment of the transmission to the Sink node. When receiving sensor node packet (or packets) exceed the upper limit of packet forwarding or processing, the need for excess packet buffer; when the cache data packets within Memory is full, the excess packets will be discarded, which caused buffer overflow, causing congestion node level. This thesis puts forward the energy balance strategy based on feedback control (PLFC), realized by redistributing the load of nodes in the network transmit power feedback control algorithm to adjust the node, solve the energy consumption of nodes in wireless sensor in the network imbalance, further prolong the network life cycle. The sensing data from the perception layer of the perception of equipment acquisition, and the current popular terminal equipment is in the sensing layer adopt RFID technology.RFID system is mainly composed of 3 parts, electronic tag, reader and back-end server for the protection. RFID system security and privacy, must first authenticate the identity of the two sides in the communication communication, to prevent counterfeit or illegal electronic tag reader, secondly, between the two party communication channel Information transfer not to clear the way, we must take some measures to prevent the disclosure of confidential information encryption, a large number of RFID. The existing authentication protocol is in between the reader and the back-end server, and assuming that the channel is safe, but in fact, these channels are not necessarily safe, this paper carried out a detailed study of RFID technology and put forward multiple authentication and key agreement protocol sensing data based on RFID technology, the protocol of multi authentication, in the tag, the reader authentication server, between the three and three cross channel certification are correct in order to prove that the data transmission is perceived security. The protocol simplifies the transfer of both sides of communication open the value of the exchange by the authentication server to communicate, but it has no effect on the safety, because even if the server is compromised, the adversary could pass behind this certification. The protocol can effectively solve the privacy protection problem of RFID system. Finally, this paper summarizes, and points out that the paper needs further improvement and improvement in the research work, and prospects for the next work and goal.

【学位授予单位】：中国地质大学
【学位级别】：博士
【学位授予年份】：2017
【分类号】：TN929.5;TP391.44;TP212

【相似文献】