两层传感器网络安全范围查询技术研究

发布时间：2018-06-19 12:30

本文选题：两层传感网络 + 范围查询　；参考：《南京邮电大学》2017年硕士论文

【摘要】：近年来,无线传感网络技术已经得到了广泛的应用。作为一种特殊的无线传感网络,两层无线传感网络也得到了广泛的关注。通过引入存储节点作为中间层的两层无线传感网络相对于传统的无线传感网络,其网络拓扑更简单、也更易于扩展。然而由于存储节点在网络中位置的特殊性,使得两层无线传感网络中的数据安全性问题较之于传统无线传感网络显得更为突出。本文以两层无线传感网络中的数据安全保护问题为研究背景,针对范围查询过程中所面临的数据隐私威胁和查询结果不一致性问题,从存储节点不可信的角度出发,研究了两种安全范围查询处理方法,设计了仿真系统以验证查询处理方法的有效性,并进行通信代价的评估。具体工作如下:(1)提出了基于桶划分技术的安全范围查询处理方法VP2RQ。该方法利用桶划分技术,并通过引入校验码融合机制实现范围查询过程中的数据隐私保护和查询结果完整性验证。VP2RQ通过对感知数据和查询范围进行桶划分并标记相应桶标签,使存储节点可根据桶标签完成非明文数据的比较,从而保护数据的隐私性;在数据上传阶段产生校验码经存储节点上传至基站,使基站可根据校验码判断查询结果的完整性;并通过校验码融合机制对校验码进行融合,以降低查询过程中的通信代价。(2)提出了基于加密约束链机制的安全范围查询处理方法CSRQ。该方法采用0-1编码和Hash身份验证机制,对感知数据和查询范围进行编码,实现存储节点在无需明文数据参与下的数据比较;并提出一种新的加密约束链机制,通过在约束链中嵌入数据关系信息,使基站可通过该关系信息对查询结果进行完整性验证。通过理论和实验分析表明,CSRQ在通信代价消耗上比现有安全查询方法具有更良好的性能表现。(3)设计并实现了传感器网络数据查询仿真系统,用户可通过该仿真系统实现对两层传感网络数据查询过程中数据采集阶段的模拟,并可计算数据上传过程中通信代价,同时可以将多个查询算法进行对比,形成对比折线图,便于清晰地比较不同查询算法数据采集阶段感知节点的通信代价。
[Abstract]:In recent years, wireless sensor network technology has been widely used. As a special wireless sensor network, two-layer wireless sensor network has also received extensive attention. Compared with the traditional wireless sensor network, the two-layer wireless sensor network with storage nodes as the intermediate layer is simpler in topology and easier to expand. However, due to the special location of storage nodes in the network, the data security problem in two-layer wireless sensor networks is more prominent than the traditional wireless sensor networks. In this paper, based on the research background of data security protection in two-layer wireless sensor networks, aiming at the problem of data privacy threats and inconsistency of query results in the process of range query, this paper starts from the point of view that storage nodes are not trusted. Two secure range query processing methods are studied. A simulation system is designed to verify the effectiveness of the query processing method and to evaluate the communication cost. The main work is as follows: (1) the security range query processing method VP2RQ based on bucket partitioning technology is proposed. This method uses bucket partitioning technology and implements data privacy protection and integrity verification of query results in the process of range query by introducing check code fusion mechanism. VP2RQ classifies the perceptual data and the query range and marks the corresponding bucket labels. The storage node can complete the comparison of the non-plaintext data according to the bucket label, so as to protect the privacy of the data; at the stage of data upload, the check code can be uploaded to the base station through the storage node, so that the base station can judge the integrity of the query result according to the check code. In order to reduce the communication cost in the process of query, a secure range query processing method CSRQ based on encryption constraint chain mechanism is proposed. This method uses 0-1 encoding and Hash authentication mechanism to encode the perceptual data and query range, and realizes the data comparison of storage nodes without the participation of plaintext data, and proposes a new encryption constraint chain mechanism. By embedding the data relational information in the constraint chain, the base station can verify the integrity of the query result by the relational information. The theoretical and experimental results show that CSRQ has better performance than existing secure query methods in communication cost consumption. (3) the sensor network data query simulation system is designed and implemented. Through the simulation system, the user can simulate the data acquisition stage of the two-layer sensor network data query process, and can calculate the communication cost in the process of data uploading. At the same time, many query algorithms can be compared to form a contrast broken line diagram. It is easy to compare the communication cost of different query algorithms in data acquisition stage.
【学位授予单位】：南京邮电大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP212.9;TN915.08

【参考文献】