CN108924081A - Privacy of user is protected to resist malicious user method in Internet of Things based on edge calculations - Google Patents

Privacy of user is protected to resist malicious user method in Internet of Things based on edge calculations Download PDF

Info

Publication number
CN108924081A
CN108924081A CN201810412657.7A CN201810412657A CN108924081A CN 108924081 A CN108924081 A CN 108924081A CN 201810412657 A CN201810412657 A CN 201810412657A CN 108924081 A CN108924081 A CN 108924081A
Authority
CN
China
Prior art keywords
user
fringe node
privacy
perception
task
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810412657.7A
Other languages
Chinese (zh)
Other versions
CN108924081B (en
Inventor
裴庆祺
王军泰
马立川
马强业
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Zhongtai Intelligent Iot Technology Co Ltd
Original Assignee
Shenzhen Zhongtai Intelligent Iot Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Zhongtai Intelligent Iot Technology Co Ltd filed Critical Shenzhen Zhongtai Intelligent Iot Technology Co Ltd
Priority to CN201810412657.7A priority Critical patent/CN108924081B/en
Publication of CN108924081A publication Critical patent/CN108924081A/en
Application granted granted Critical
Publication of CN108924081B publication Critical patent/CN108924081B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/14Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
    • H04L63/1408Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic by monitoring network traffic
    • H04L63/1416Event detection, e.g. attack signature detection
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/008Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols involving homomorphic encryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • H04L63/0421Anonymous communication, i.e. the party's identifiers are hidden from the other party or parties, e.g. using an anonymizer

Abstract

The invention belongs to information security fields; it discloses protection privacy of user in a kind of Internet of Things based on edge calculations and resists malicious user method; by introducing SHE homomorphism cryptosystem; on the basis of protecting privacy of user; trust value computing and the update for carrying out user resist malicious user and inject malicious data;By the way that complicated ciphertext operation is loaded into fringe node using edge calculations mode, privacy of user is protected;Including:Perception task is executed, belief updating is carried out to the user for executing perception task under the cooperation at target area fringe node and trust management center.Invention introduces emerging edge calculations modes; it is more conform with the demand of real network; and the reliability of data can be estimated under the premise of not revealing initial data, and then realize and malicious user is resisted by introducing Trust Management Mechanism on the basis of protecting user data privacy.

Description

Privacy of user is protected to resist malicious user method in Internet of Things based on edge calculations
Technical field
The invention belongs to protect privacy of user in information security field more particularly to a kind of Internet of Things based on edge calculations Resist malicious user method.
Background technique
Currently, the technology of privacy of user and resistance malicious user is protected to come in Internet of Things dependent on the Cloud Server of center type It carries out, this requires the data of all internet of things equipment to be required to be transferred to Cloud Server processing.However, with technology of Internet of things Development, internet of things equipment is large number of, and the required data for being transferred to Cloud Server processing increase in magnanimity, this gives transmission bandwidth Stern challenge is brought with time delay.In addition, protection privacy of user and resistance malicious user are two relatively independent processes, by Make the reliability of data can not be corresponding with specific user in protection privacy of user, so that introducing Trust Management Mechanism It is become difficult to resist malicious user.For this purpose, the invention proposes protect user hidden in a kind of Internet of Things based on edge calculations Private to resist malicious user method, which introduce edge calculations modes, have certain calculating, storage and communication capacity by disposing Edge device is handled data in the position close to data source header, and mass data transmission process has been effectively relieved and has brought more The problems such as bandwidth, delay.Meanwhile homomorphism cryptosystem is introduced, it realizes on the basis of protecting privacy of user to malice User resists.
Since the privacy of user must be protected, general secret protection mode, which is broadly divided into, carries out anonymization to user Processing and encryption user data two ways.And anonymization processing is carried out so that data can not be closed with its supplier to user Connection, encryption user data make the reliability of metric data become particularly difficult.The mode of both protection privacy of user makes The mistake or false data that malicious user offer must be detected become particularly difficult.
A kind of Dalian University of Technology's patent " P2P malicious node detection method excavated based on FP-outlier " (application number: 201510220656) the malicious node detection method in a kind of P2P network is disclosed in.The patent mainly includes:A, according to net Interaction data between network interior joint constructs the behavior pattern of node;B, P2P subnet is extracted using the method for Frequent Pattern Mining The frequent behavior pattern in interior part;C, it is propagated and is polymerize more by the increment of frequent mode local between supernode in P2P network The frequent behavior pattern of the overall situation that new each supernode saves, and assess the impact factor of each global frequently behavior pattern;D, comprehensive The factor that peels off for closing part with global frequently behavior pattern calculate node, nodal test of the factor that will peel off higher than mean value is malice Node.Technology described in the patent can effectively detect malicious node, but the technology does not account for network node Privacy concern will certainly reveal the relation information between node as excavated the interaction data between nodes, this is in privacy It is not allowed under the background that protection problem is got more and more attention.Yulong Computer and Communication Sci. & Tech.'s patent " method for secret protection and privacy protection device in vehicle communication " (application number:201610933025.6) in disclose a kind of vehicle Method for secret protection in communication, which mainly includes:A, the first key of operator's distribution is obtained, wherein operator After distributing first key, authentication management center is sent to after encrypting by first key to multipair (PMSI, KPMSI);B, to Operator sends the request signed to the public key of vehicle termination, and receives the signature result of operator's return, wherein operation Quotient signs to the public key of vehicle termination using the private key of operator;C, by the identification code of vehicle termination, the public affairs of vehicle termination Key and the signature result are sent to authentication management center, and receive the public key using vehicle termination of authentication management center transmission With at least a pair of (PMSI, the KPMSI) of first key encryption;D, according to the private key of first key and vehicle termination to receiving (PMSI, KPMSI) is decrypted, and carries out vehicle communication based on (PMSI, the KPMSI) after decryption.The invention is greatly promoted Personal secrets during vehicle communication, however the technology does not account for the situation that malicious user sends wrong data, The detection of malicious user becomes particularly difficult under the premise of secret protection, greatly reduces the accurate of interaction results between vehicle Property, or even traffic accident is caused, jeopardize personal and property safety.
S.Basudan et al. is in its paper " A Privacy-Preserving Vehicular Crowdsensing- Based Road Surface Condition Monitoring System Using Fog Computing”(IEEE Internet of Things Journal, vol.4, no.3, pp.772-782,2017) in give a kind of mist and calculate mode The crowdsourcing cognitive method of lower protection privacy of user resists certain malicious user attack under the premise of capable of protecting privacy, but It is that it is merely capable of whether detection user works according to set agreement, whether can not uploads correct sensing results to user It is handled.
J.Fan et al. is in its paper " Privacy-Aware and Trustworthy Data Aggregation in A kind of authentic data fusion for protecting privacy of user is given in Mobile Sensing " (IEEE CNS, 2015, pp.31-39) Method, this method can determine the sensing results of user's upload whether in the legal range of definition, if the range is bigger, Malicious user can not still be handled.W.Wang et al. is in its paper " Enabling Reputation and Trust in Privacy-Preserving Mobile Sensing”(IEEE Transactions on Mobile Computing, Vol.13, no.12, pp.2777-2790,2014) in propose it is a kind of protect privacy Trust Management Mechanism come resist malice use Family.However, the method use anonymous methods to protect privacy of user, so that the sensitive information of user is still under retrospect attack It can be revealed;In addition, the update of trust value depends on additional trust value redemption process, so that malicious user is held by refusal The row redemption process persistently can send wrong data in a short time with high trust value.
In conclusion problem of the existing technology is:
(1) in the prior art, malicious user is not accounted for based on the FP-outlier P2P malicious node detection method excavated The situation of wrong data is sent, the detection of malicious user becomes particularly difficult under the premise of secret protection, greatly reduces The accuracy of interaction results between vehicle, or even traffic accident is caused, jeopardize personal and property safety.
(2) in the prior art, the crowdsourcing cognitive method that privacy of user is protected under a kind of mist calculating mode, is merely capable of examining It surveys whether user works according to set agreement, whether can not upload correct sensing results to user and handle.
(3) in the prior art, a kind of authentic data fusion method for protecting privacy of user, is merely capable of detecting to be provided Data whether in the effective range of definition, if the range is bigger, malicious user can be provided in effective range with reality Border gap data biggish wrong data influences final fusion results.
(4) in the prior art, a kind of Trust Management Mechanism for protecting privacy has used anonymous methods to protect privacy of user, So that the sensitive information of user can still be revealed under retrospect attack;Meanwhile malicious user executes trust value by refusal Redemption process makes it persistently send wrong data in a short time with high trust value.
Above-mentioned technical problem is solved, is needed premised on protecting privacy of user.It is attacked since anonymous methods is difficult to resist retrospect It hits, therefore needs to protect privacy of user by the way of data encryption.However, the number encrypted in the way of conventional cryptography According to measure its reliability can not, malicious attacker is caused persistently to send false perception data without being detected, and then right The data fusion process of Internet of Things continues to cause baneful influence.Therefore, it is necessary to the cryptosystems and relevant programme that introduce new to realize Malicious user is resisted on the basis of protecting privacy of user.
Summary of the invention
In view of the problems of the existing technology, the present invention provides protect user in a kind of Internet of Things based on edge calculations Privacy resists malicious user method.The present invention realizes on the basis of protecting privacy of user through Trust Management Mechanism to malice The attack of user is contained.
The invention is realized in this way protecting privacy of user to resist malicious user in a kind of Internet of Things based on edge calculations Method, including:
(1) it initializes:Security parameter needed for trusted party determines SHE homomorphism cryptosystem used;New user is trusting It is registered at administrative center, and distributing initial trust value for it is 0.5.
(2) perception task is executed
2a) there is the user of perception task requests to request public key and private key for the perception task from trusted party;
2b) cloud control centre traces perception task by fringe node;
2c) the edge-node broadcasts task requests of target area;
2d) user executes perception task, and encrypted perception data is transmitted to the fringe node in the region;
2e) fringe node in target area carries out sensing results fusion;
Final fusion results 2f) are sent to by cloud control centre the user for requesting the task.
(3) belief updating
3a) fringe node of target area calculates every perception data and the encrypted dispersion of final fusion results;
The encryption dispersion after calculating 3b) is sent to trust management center;
3c) trust management center is used for the private key of the task to the user's request for initiating the perception task, and by dispersion It is decrypted;
Belief updating 3d) is carried out to the user for providing perception data using the dispersion after decryption.
Specifically comprise the following steps:
(1) it initializes:
Trusted party is determined for security parameter needed for protecting the SHE homomorphism cryptosystem of privacy of user.All users It is registered at trust management center, trust management center is that each user determines that initial trust value is 0.5.
(2) perception task is executed:
2a) when user needs other users to execute perception task, request user from trusted party acquisition by being used for The public key pk and private key sk of request.Wherein, pk is sent to the fringe node near request user with task requests, and sk is used by request Family keeping.
2b) when requesting the fringe node near user to receive user's request, which sends this request to cloud Control centre.Cloud control centre according to the requirement of task requests selection is located at the fringe node of target area and by the task requests And its pk is sent to the node.
After 2c) fringe node of target area receives task requests and pk, the task is broadcasted to surrounding user and is asked It asks and pk.
2d) user in target area executes perception task, is encrypted using perception data of the pk to acquisition, and by its ID and its encrypted result are sent to the fringe node in the target area.
After 2e) fringe node in target area receives the ID for executing perception task user and encryption perception data, to The trust value of trust management center requests participating user, and the final sensing results encrypted are determined according to following formula
2f) the final sensing results encrypted via cloud control centre and request user attached by the fringe node of target area Close fringe node is sent to request user, and request user is decrypted using final sensing results of the private key sk to encryption to be obtained Its plaintext is taken, perception task terminates at this time.
Explanation:In the process, the raw sensed data for executing perception task user are not revealed always.
(3) belief updating:
After completing perception task, the fringe node of target area and trust management center are according to the following steps to executing sense Know that the user of task carries out belief updating:
3a) for executing each Internet of things node i ∈ P of this perception task, the fringe node of target area is based onWithIt is calculated according to following formula
Wherein, ubjAnd lbjThe upper bound and lower bound for j-th of component of perception data, can be by analyzing about the component The historical data of attribute obtains.
3b) fringe node of target area is completed to calculate allAfterwards, it sends it in trust management The heart.
3c) trust management center is by requesting the fringe node near user to request user's request perception task Private key sk.It is decrypted using private key sk at trust management centerObtain di(i∈P)。
3d) trust management center obtains diAfter (i ∈ P), its median is found first, is usedIt indicates.Then following public affairs are utilized Formula is updated the trust value of each Internet of things node for participating in this perception task:
Wherein, δ=1.5, α=10, γ=3, β=0.05, η=0.15.
Further, there is the edge calculations node of certain calculating, storage and communication capacity, user in different region settings Can by the wireless communication techniques such as WIFI, bluetooth and its carry out information exchange.Between edge calculations node and cloud data center, Carried out data transmission by internet.
The SHE homomorphism cryptosystem gives the message m of public key pk, private key sk and any two binary representations And m' respectively obtains ciphertext after encrypting using public key pk to m and m'WithWithIt indicates to ciphertextWithSummation operation is carried out in its multinomial domain, utilizes sk pairsAfter being decrypted, m+m' is obtained;It is similar Ground is usedIt indicates to ciphertextWithQuadrature operation is carried out in its multinomial domain, utilizes sk pairsIt carries out After decryption, mm' is obtained.Wherein, the security parameter of SHE homomorphism cryptosystem is respectively:The mould x in multinomial domain2048+ 1, it is multinomial The mould 2 of formula coefficient domain60-214+ 1 and clear-text message range [0,28-1]。
Another object of the present invention is to provide protect user hidden in the Internet of Things described in a kind of realize based on edge calculations The computer program of malicious user method is resisted in private.
In conclusion advantages of the present invention and good effect are:
The present invention, by introducing SHE homomorphism cryptosystem, can realize in the Internet of Things based on edge calculations mode Malicious user its offer data in data fusion process are reduced by Trust Management Mechanism on the basis of protection privacy of user Weight is realized and resists malicious user, and the reliability of data acquisition and fusion under edge calculations mode is improved.Meanwhile the present invention is real Show and the reliability of data has been estimated under the premise of not revealing initial data, and then has realized hidden in protection user data Malicious user is resisted by introducing Trust Management Mechanism on the basis of private.It is embodied in:
(1) when perception data is individual data, between runing time needed for number of users merges sensing results with acquisition Relationship be:
(2) MAE is defined as the data fusion result in the presence of malicious user and data fusion knot in the absence of malicious user Mean absolute error between fruit defines P when there is 100 Internet of Things network users in the communication range of each fringe nodemalFor The quantity of malicious user accounts for the ratio of all users, MAE and execution perception task number n in Internet of Things network userssIn PmalTake difference Relationship when value is such as Fig. 3, it is seen that with increasing for perception task number is executed, rogue device can be gradually detected, in turn So that MAE stablizes below 0.003.Thus, it is possible to prove that proposed scheme can be on the basis of protecting user data privacy Malicious user is resisted.
Detailed description of the invention
Fig. 1 is to protect privacy of user to resist malicious user in the Internet of Things provided in an embodiment of the present invention based on edge calculations Method flow diagram.
Fig. 2 is scene figure provided in an embodiment of the present invention.
Fig. 3 is MAE provided in an embodiment of the present invention and execution perception task number nsIn PmalRelationship when different value is taken to show It is intended to.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to embodiments, to the present invention It is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, it is not used to Limit the present invention.
The present invention realizes the trust value of user on the basis of protecting privacy of user by introducing SHE homomorphism cryptosystem It calculates and updates, it is final to realize that resisting malicious user injects malicious data.In addition, by utilizing edge calculations mode by complexity Ciphertext operation is loaded into fringe node, reduces the load of customer-side when realizing secret protection, has stronger practicability.
Application scenarios of the invention are the Internet of Things based on edge calculations mode, such as Fig. 2, and the user in network may be at Moving condition both can be used as the requestor of data or can be used as the supplier of data;Edge device is distributed in different ground Area simultaneously has certain storage, calculating and communication capacity;Trusted party, trust management center and control centre are located at cloud center Server realizes key distribution, trust value storage respectively and updates and trace scheduling request task function.
Shown in Fig. 1, privacy of user is protected to resist malice in the Internet of Things provided in an embodiment of the present invention based on edge calculations User method, including:
(1) it initializes:
Trusted party is determined for security parameter needed for protecting the SHE homomorphism cryptosystem of privacy of user.All users It is registered at trust management center, trust management center is that each user determines that initial trust value is 0.5.Wherein, SHE is same State cryptosystem, it is characterised in that the message m and m' of given public key pk, private key sk and any two binary representations utilize After public key pk encrypts m and m', ciphertext is respectively obtainedWithWherein,Expression adds a certain binary message Ciphertext after close.WithIt indicates to ciphertextWithSummation operation is carried out in its multinomial domain, utilizes sk pairsAfter being decrypted, m+m' is obtained;Similarly, it usesIt indicates to ciphertextWithIn its multinomial domain Quadrature operation is carried out, utilizes sk pairsAfter being decrypted, mm' is obtained.Wherein, the safety of SHE homomorphism cryptosystem Parameter is respectively:The mould x in multinomial domain2048+ 1, the mould 2 of system of polynomials number field60-214+ 1 and clear-text message range [0,28- 1]。
(2) perception task is executed:
2a) when user needs other users to execute perception task, request user from trusted party acquisition by being used for The public key pk and private key sk of request.Wherein, pk is sent to the fringe node near request user with task requests, and sk is used by request Family keeping.
2b) when requesting the fringe node near user to receive user's request, which sends this request to cloud Control centre.Cloud control centre according to the requirement of task requests selection is located at the fringe node of target area and by the task requests And its pk is sent to the node.
After 2c) fringe node of target area receives task requests and pk, the task is broadcasted to surrounding user and is asked It asks and pk.
Perception task 2d) is executed to the interested user of the task requests in target area, the perception using pk to acquisition Data are encrypted, and its ID and its encrypted result are sent to the fringe node in the target area.
After 2e) fringe node in target area receives the ID for executing perception task user and encryption perception data, to The trust value of trust management center requests participating user, and the final sensing results encrypted are determined according to following formula
2f) the final sensing results encrypted via cloud control centre and request user attached by the fringe node of target area Close fringe node is sent to request user, and request user is decrypted using final sensing results of the private key sk to encryption to be obtained Its plaintext is taken, perception task terminates at this time.
Explanation:In the process, the raw sensed data for executing perception task user are not revealed always.
(3) belief updating:
After completing perception task, the fringe node of target area and trust management center are according to the following steps to executing sense Know that the trust value of task user is updated:
3a) for executing each user i ∈ P of this perception task, the fringe node of target area is based onWith It is calculated according to following formula
3b) fringe node of target area is completed to calculate allAfterwards, it sends it in trust management The heart.
3c) trust management center is by requesting the fringe node near user to request user's request perception task Private key sk.It is decrypted using private key sk at trust management centerObtain di(i∈P)。
3d) trust management center obtains diAfter (i ∈ P), its median is found first, is usedIt indicates.Then following public affairs are utilized Formula is updated each users' trust value for participating in this perception task:
Wherein, δ=1.5, α=10, γ=3, β=0.05, η=0.15.
In the above-described embodiments, can come wholly or partly by software, hardware, firmware or any combination thereof real It is existing.When using entirely or partly realizing in the form of a computer program product, the computer program product include one or Multiple computer instructions.When loading on computers or executing the computer program instructions, entirely or partly generate according to Process described in the embodiment of the present invention or function.The computer can be general purpose computer, special purpose computer, computer network Network or other programmable devices.The computer instruction may be stored in a computer readable storage medium, or from one Computer readable storage medium is transmitted to another computer readable storage medium, for example, the computer instruction can be from one A web-site, computer, server or data center pass through wired (such as coaxial cable, optical fiber, Digital Subscriber Line (DSL) Or wireless (such as infrared, wireless, microwave etc.) mode is carried out to another web-site, computer, server or data center Transmission).The computer-readable storage medium can be any usable medium or include one that computer can access The data storage devices such as a or multiple usable mediums integrated server, data center.The usable medium can be magnetic Jie Matter, (for example, floppy disk, hard disk, tape), optical medium (for example, DVD) or semiconductor medium (such as solid state hard disk Solid State Disk (SSD)) etc..
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.

Claims (6)

1. protecting privacy of user to resist malicious user method in a kind of Internet of Things based on edge calculations, which is characterized in that described It protects privacy of user to resist malicious user method in Internet of Things based on edge calculations and passes through introducing SHE homomorphism cryptosystem, On the basis of protecting privacy of user, trust value computing and the update of user are carried out, malicious user is resisted and injects malicious data;Pass through Complicated ciphertext operation is loaded into fringe node using edge calculations mode, protects privacy of user;Including:
Execute perception task:There is the user of perception task requests to request public key and private for the perception task from trusted party Key;Cloud control centre traces perception task by fringe node;The edge-node broadcasts task requests of target area;With Family executes perception task, and encrypted perception data is transmitted to the fringe node in the region;Edge section in target area Point carries out sensing results fusion;Final fusion results are sent to the user for requesting the task by cloud control centre;
Trust value is carried out more to the user for executing perception task under the cooperation at target area fringe node and trust management center Newly:, target area fringe node calculate every perception data and the encrypted dispersion of final fusion results;After calculating Encryption dispersion is sent to trust management center;Appoint to the user's request for initiating the perception task for described at trust management center The private key of business, and dispersion is decrypted;Trust value is carried out to the user for providing perception data using the dispersion after decryption It updates.
2. protect privacy of user to resist malicious user method in the Internet of Things based on edge calculations as described in claim 1, It is characterized in that, protects privacy of user to resist malicious user method in the Internet of Things based on edge calculations, specifically include:
1) it initializes:Trusted party is determined for security parameter needed for protecting the SHE homomorphism cryptosystem of privacy of user;It is all User registers at trust management center, and trust management center is that each user determines that initial trust value is 0.5;
2) perception task is executed:
2a) when user needs other users to execute perception task, request user from trusted party by obtaining for request Public key pk and private key sk;Wherein, pk is sent to the fringe node near request user with task requests, and sk is protected by request user Pipe;
2b) when requesting the fringe node near user to receive user's request, fringe node is sent this request in cloud scheduling The heart;Cloud control centre according to the requirement of task requests selection is located at the fringe node of target area and by the task requests and pk It is sent to the node;
After 2c) fringe node of target area receives task requests and pk, peripherad user broadcasts the task requests and pk;
2d) user in target area executes perception task, is encrypted using perception data of the pk to acquisition, and by ID and adds Result after close is sent to the fringe node in target area;
After 2e) fringe node in target area receives the ID for executing perception task user and encryption perception data, to trust Administrative center requests the trust value of participating user, and the final sensing results of encryption are determined according to following formula
2f) the final sensing results encrypted via cloud control centre and are requested near user by the fringe node of target area Fringe node, be sent to request user, request user using final sensing results of the private key sk to encryption be decrypted obtain it is bright Text, perception task terminate;
3) belief updating:
After completing perception task, execution perception is according to the following steps appointed in the fringe node of target area and trust management center The user of business carries out belief updating:
3a) for executing each Internet of things node i ∈ P of this perception task, the fringe node of target area is based onWithIt is calculated according to following formula
Wherein, ubjAnd lbjThe upper bound and lower bound for j-th of component of perception data, by analyzing the history number about component attribute According to obtaining;
3b) fringe node of target area is completed to calculate allAfterwards, it is sent to trust management center;
3c) private of the trust management center by the fringe node near request user to request user's request perception task Key sk;It is decrypted using private key sk at trust management centerObtain di(i∈P);
3d) trust management center obtains diAfter (i ∈ P), its median is found first, is usedIt indicates;Then following formula pair is utilized The trust value of each Internet of things node for participating in this perception task is updated:
Wherein, δ=1.5, α=10, γ=3, β=0.05, η=0.15;Sign (x) is sign function, is defined as:
3. protecting privacy of user to resist in a kind of Internet of Things realized described in claim 1~2 any one based on edge calculations The computer program of malicious user method.
4. protecting privacy of user to resist in a kind of Internet of Things realized described in claim 1~2 any one based on edge calculations The information data processing terminal of malicious user method.
5. a kind of computer readable storage medium, including instruction, when run on a computer, so that computer is executed as weighed Benefit requires to protect privacy of user to resist malicious user method in the Internet of Things described in 1-2 any one based on edge calculations.
6. protecting privacy of user to resist in a kind of Internet of Things as described in claim 1~2 any one based on edge calculations to dislike Protection privacy of user resists malicious user control system in the Internet of Things based on edge calculations of meaning user method.
CN201810412657.7A 2018-05-03 2018-05-03 Method for protecting user privacy and resisting malicious users in Internet of things based on edge calculation Active CN108924081B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810412657.7A CN108924081B (en) 2018-05-03 2018-05-03 Method for protecting user privacy and resisting malicious users in Internet of things based on edge calculation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810412657.7A CN108924081B (en) 2018-05-03 2018-05-03 Method for protecting user privacy and resisting malicious users in Internet of things based on edge calculation

Publications (2)

Publication Number Publication Date
CN108924081A true CN108924081A (en) 2018-11-30
CN108924081B CN108924081B (en) 2021-04-30

Family

ID=64403457

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810412657.7A Active CN108924081B (en) 2018-05-03 2018-05-03 Method for protecting user privacy and resisting malicious users in Internet of things based on edge calculation

Country Status (1)

Country Link
CN (1) CN108924081B (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109784718A (en) * 2019-01-14 2019-05-21 四川长虹电器股份有限公司 It is a kind of that system and method is dispatched using the Discrete Manufacturing Process for more acting on behalf of edge calculations
CN109862114A (en) * 2019-03-12 2019-06-07 南京邮电大学 A kind of safety vehicle intelligent perception method calculated based on mist
CN110191089A (en) * 2019-04-25 2019-08-30 西安邮电大学 Non-interactive type authentication method and system for internet of things data processing
CN110650187A (en) * 2019-09-09 2020-01-03 北京邮电大学 Node type determination method for edge node and target network
CN111062043A (en) * 2019-11-29 2020-04-24 清华大学 Medical image identification method and system based on edge calculation
CN112600886A (en) * 2020-12-04 2021-04-02 支付宝(杭州)信息技术有限公司 Privacy protection method, device and equipment with combination of end cloud and device
CN112787796A (en) * 2021-01-06 2021-05-11 南京邮电大学 Aggregation method and device for detecting virtual dummy data injection in edge calculation
CN113132360A (en) * 2021-03-30 2021-07-16 湘潭大学 False data detection method for ammeter metering system based on edge calculation
CN113271598A (en) * 2021-05-18 2021-08-17 全球能源互联网研究院有限公司 Edge safety protection architecture for electric power 5G network
CN114050914A (en) * 2021-10-21 2022-02-15 广州大学 Revocable lightweight group authentication method, system and medium for edge controller
CN116074841A (en) * 2023-03-07 2023-05-05 鹏城实验室 Edge computing trusted access method, device, equipment and computer storage medium
CN117195292A (en) * 2023-09-08 2023-12-08 广州星屋智能科技有限公司 Power business evaluation method based on data fusion and edge calculation

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110083011A1 (en) * 2009-10-07 2011-04-07 Telcordia Technologies, Inc. Method for a public-key infrastructure for vehicular networks with limited number of infrastructure servers
CN102413474A (en) * 2012-01-04 2012-04-11 西安电子科技大学 Self-adaption trust management system and method of cognitive radio network
US20170126652A1 (en) * 2012-10-25 2017-05-04 Edward J. Gaudet Secure content sharing
CN107070644A (en) * 2016-12-26 2017-08-18 北京科技大学 A kind of decentralization public key management method and management system based on trust network
CN107770263A (en) * 2017-10-16 2018-03-06 电子科技大学 A kind of internet-of-things terminal safety access method and system based on edge calculations

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110083011A1 (en) * 2009-10-07 2011-04-07 Telcordia Technologies, Inc. Method for a public-key infrastructure for vehicular networks with limited number of infrastructure servers
CN102413474A (en) * 2012-01-04 2012-04-11 西安电子科技大学 Self-adaption trust management system and method of cognitive radio network
US20170126652A1 (en) * 2012-10-25 2017-05-04 Edward J. Gaudet Secure content sharing
CN107070644A (en) * 2016-12-26 2017-08-18 北京科技大学 A kind of decentralization public key management method and management system based on trust network
CN107770263A (en) * 2017-10-16 2018-03-06 电子科技大学 A kind of internet-of-things terminal safety access method and system based on edge calculations

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
张佳乐: ""边缘计算数据安全与隐私保护研究综述"", 《通信学报》 *

Cited By (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109784718A (en) * 2019-01-14 2019-05-21 四川长虹电器股份有限公司 It is a kind of that system and method is dispatched using the Discrete Manufacturing Process for more acting on behalf of edge calculations
CN109862114B (en) * 2019-03-12 2021-08-10 南京邮电大学 Safe vehicle crowd-sourcing sensing method based on fog calculation
CN109862114A (en) * 2019-03-12 2019-06-07 南京邮电大学 A kind of safety vehicle intelligent perception method calculated based on mist
CN110191089A (en) * 2019-04-25 2019-08-30 西安邮电大学 Non-interactive type authentication method and system for internet of things data processing
CN110650187A (en) * 2019-09-09 2020-01-03 北京邮电大学 Node type determination method for edge node and target network
CN110650187B (en) * 2019-09-09 2020-09-18 北京邮电大学 Node type determination method for edge node and target network
CN111062043B (en) * 2019-11-29 2022-05-20 清华大学 Medical image identification method and system based on edge calculation
CN111062043A (en) * 2019-11-29 2020-04-24 清华大学 Medical image identification method and system based on edge calculation
CN112600886A (en) * 2020-12-04 2021-04-02 支付宝(杭州)信息技术有限公司 Privacy protection method, device and equipment with combination of end cloud and device
CN112600886B (en) * 2020-12-04 2022-08-26 支付宝(杭州)信息技术有限公司 Privacy protection method, device and equipment with combination of end cloud and device
CN112787796A (en) * 2021-01-06 2021-05-11 南京邮电大学 Aggregation method and device for detecting virtual dummy data injection in edge calculation
CN113132360A (en) * 2021-03-30 2021-07-16 湘潭大学 False data detection method for ammeter metering system based on edge calculation
CN113271598A (en) * 2021-05-18 2021-08-17 全球能源互联网研究院有限公司 Edge safety protection architecture for electric power 5G network
CN114050914A (en) * 2021-10-21 2022-02-15 广州大学 Revocable lightweight group authentication method, system and medium for edge controller
CN114050914B (en) * 2021-10-21 2022-08-02 广州大学 Revocable lightweight group authentication method, system and medium for edge controller
CN116074841A (en) * 2023-03-07 2023-05-05 鹏城实验室 Edge computing trusted access method, device, equipment and computer storage medium
CN116074841B (en) * 2023-03-07 2023-06-13 鹏城实验室 Edge computing trusted access method, device, equipment and computer storage medium
CN117195292A (en) * 2023-09-08 2023-12-08 广州星屋智能科技有限公司 Power business evaluation method based on data fusion and edge calculation
CN117195292B (en) * 2023-09-08 2024-04-09 广州星屋智能科技有限公司 Power business evaluation method based on data fusion and edge calculation

Also Published As

Publication number Publication date
CN108924081B (en) 2021-04-30

Similar Documents

Publication Publication Date Title
CN108924081A (en) Privacy of user is protected to resist malicious user method in Internet of Things based on edge calculations
Khaliq et al. A secure and privacy preserved parking recommender system using elliptic curve cryptography and local differential privacy
Yavari et al. An improved blockchain-based authentication protocol for IoT network management
US20180219917A1 (en) Recommendations for security associated with accounts
Shi et al. Blockchain-based multimedia sharing in vehicular social networks with privacy protection
CN116668032A (en) System and method for authentication control of content delivery
Lu et al. Trust-based privacy preservation for peer-to-peer data sharing
Carullo et al. Feeltrust: providing trustworthy communications in ubiquitous mobile environment
CN109688119A (en) In a kind of cloud computing can anonymous traceability identity identifying method
US20220407701A1 (en) Processing of requests to control information stored at multiple servers
Hu et al. Efficient location privacy-preserving range query scheme for vehicle sensing systems
Hasan et al. WORAL: A witness oriented secure location provenance framework for mobile devices
Salek et al. A review on cybersecurity of cloud computing for supporting connected vehicle applications
Amuthan et al. Hybrid GSW and DM based fully homomorphic encryption scheme for handling false data injection attacks under privacy preserving data aggregation in fog computing
EP4052160A1 (en) Privacy preserving centroid models using secure multi-party computation
US11698980B2 (en) System, devices and/or processes for secure computation on a virtual machine
Dai et al. Pairing-free certificateless aggregate signcryption scheme for vehicular sensor networks
Ma et al. Decentralized privacy-preserving reputation management for mobile crowdsensing
WO2017124887A1 (en) Device, server, system and method for data attestation
Huang et al. ZT-Access: A combining zero trust access control with attribute-based encryption scheme against compromised devices in power IoT environments
CN114731293A (en) Preventing data manipulation and protecting user privacy when determining accurate location event measurements
Lin et al. InviCloak: an end-to-end approach to privacy and performance in web content distribution
CN109905408A (en) Network safety protection method, system, readable storage medium storing program for executing and terminal device
Barriga A et al. Enhancement to the privacy-aware authentication for wi-fi based indoor positioning systems
Hsu et al. Privacy-preserving data sharing with attribute-based private matching based on edge computation in the Internet-of-Things

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant