CN104780535A - Method and device for authenticating safe center node in multi-terminal cooperative process - Google Patents
Method and device for authenticating safe center node in multi-terminal cooperative process Download PDFInfo
- Publication number
- CN104780535A CN104780535A CN201410016422.8A CN201410016422A CN104780535A CN 104780535 A CN104780535 A CN 104780535A CN 201410016422 A CN201410016422 A CN 201410016422A CN 104780535 A CN104780535 A CN 104780535A
- Authority
- CN
- China
- Prior art keywords
- centroid
- cooperative nodes
- authentication
- authentication result
- cooperative
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
- H04W12/062—Pre-authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/08—Access security
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
- H04W84/20—Master-slave selection or change arrangements
Abstract
The invention discloses a method and device for authenticating a safe center node in a multi-terminal cooperative process, relating to the technical field of wireless communication. The method comprises the steps that a terminal as a candidate center node sends an authentication request to other terminals as candidate cooperative nodes in the period of formation of a cooperative network; the candidate center node collects authentication results returned by all candidate cooperative nodes responding to the authentication request; according to the authentication result returned by each candidate cooperative node, the candidate center node judges whether the candidate center node itself can be a center node or not; if a judgment result shows that the candidate center node can be the center node, the candidate center node turns into the center node and sends a request to join the cooperative network to each candidate cooperative node so as to form the cooperative network. According to the method, through efficient authentication of the center node in a process of realizing joining of the terminal in the cooperative network, historical authentication information of each cooperative terminal is shared, and furthermore, the reliability of the center node is guaranteed according to the safety demand of a user.
Description
Technical field
The present invention relates to wireless communication technology field, particularly relate to authentication method and the device of security centre's node in the collaborative processes of a kind of multiple terminals.
Background technology
Along with the development of the communication technology and improving constantly of people's living standard, the scope that terminal comprises is also more and more extensive, meanwhile, single terminal has certain limitation due to the aspect such as function, characteristic, limits user to a certain extent and enjoys convenient information service of telling.When single terminal capability cannot be met consumers' demand, by collaborative periphery multiple terminal composition terminal group jointly for user provides service to be the key technology that current ubiquitous network synergy stage is studied, have broad application prospects.Because cooperation service provides process towards individual private possession network, in the collaborative processes of multiple terminals, higher to its security requirement.Working in coordination with due to terminal is a brand-new network interaction process, and the design of fail safe is also different from existing security architecture, and especially to the Centroid that whole collaborative processes administers and maintains, the overall security of its fail safe to contract network is most important.
Certification in existing ubiquitous terminal network and handoff procedure generally only has the certification to terminal, and lacks the certification to Centroid, and this is just difficult to the reliability ensureing access point.Especially, in collaborative processes, because Centroid is the transient node of electing, the checking of its fail safe, reliability and authenticity etc. is very necessary.Therefore, for improving Centroid authentication efficiency in ubiquitous terminal collaborative processes and fail safe, authentication method and the device of security centre's node in the collaborative processes of multiple terminals is provided.
Summary of the invention
The object of the present invention is to provide authentication method and the device of security centre's node in the collaborative processes of a kind of multiple terminals, for solving the shared utilization of multiple terminals unrealized history authentication information in collaborative processes and the problem of fail safe of Centroid cannot being ensured.
According to an aspect of the present invention, provide the authentication method of security centre's node in the collaborative processes of a kind of multiple terminals, comprise the following steps:
During formation contract network, a terminal as pre-Centroid initiates authentication request to the other-end as pre-cooperative nodes;
The authentication result that each pre-cooperative nodes of described pre-Centroid collection responds described authentication request and returns;
The authentication result that described pre-Centroid returns according to each pre-cooperative nodes, judges that can it become Centroid;
If judge, described pre-Centroid can become Centroid, then described pre-Centroid converts Centroid to, and by initiating to each pre-cooperative nodes the request adding contract network, forms described contract network.
Preferably, also comprise:
If when judging that described pre-Centroid can not become Centroid, convert described for cancellation pre-Centroid to Centroid.
Preferably, described pre-Centroid collects that each pre-cooperative nodes responds described authentication request and the authentication result that returns comprises:
After described each pre-cooperative nodes receives described authentication request, after other each pre-cooperative nodes are shared to the history authentication information of described pre-Centroid, obtain the history authentication information of other each pre-cooperative nodes described;
Described each pre-cooperative nodes forms authentication result according to the history authentication information of other obtained each pre-cooperative nodes and the secure threshold of self, and formed authentication result is sent to described pre-Centroid;
Described pre-Centroid collects the authentication result that described each pre-cooperative nodes sends.
Preferably, the authentication result that described pre-Centroid returns according to each pre-cooperative nodes, judges that can it become Centroid to comprise:
Described pre-Centroid, according to described each authentication result returned with cooperative nodes, calculates in described authentication result by its pre-cooperative nodes number as Centroid;
Calculated pre-cooperative nodes number and the minimum node number meeting contract network are compared;
If meet the minimum node number of contract network described in the pre-cooperative nodes number calculated is not less than, then judge that described pre-Centroid can become Centroid;
If meet the minimum node number of contract network described in the pre-cooperative nodes number calculated is less than, then judge that described pre-Centroid can not become Centroid.
Preferably, when judging that described pre-Centroid can become Centroid, according to described each authentication result returned with cooperative nodes, calculating the safe performance indexes of described pre-Centroid, and converting described pre-Centroid to Centroid.
Preferably, also comprise after forming contract network:
When there being new cooperative nodes to add described contract network, described new cooperative nodes obtains the safe performance indexes of described Centroid;
Described new cooperative nodes utilizes the safe performance indexes of the Centroid obtained, and determines whether it adds described contract network;
When determining that it adds described contract network, recalculate the safe performance indexes of described Centroid.
Preferably, also comprise after forming contract network:
When there being cooperative nodes to exit described contract network, described cooperative nodes obtains and preserves the safe performance indexes of described Centroid;
Described Centroid recalculates its safe performance indexes.
According to a further aspect in the invention, provide the authenticate device of security centre's node in the collaborative processes of a kind of multiple terminals, comprising:
Send authentication request module, for during formation contract network, a terminal as pre-Centroid initiates authentication request to the other-end as pre-cooperative nodes;
Collect authentication result module, the authentication result returned for each pre-cooperative nodes of described pre-Centroid collection responds described authentication request;
Judge Centroid module, for the authentication result that described pre-Centroid returns according to each pre-cooperative nodes, judge that can it become Centroid;
Determine Centroid module, for becoming Centroid when the described pre-Centroid of judgement, then described pre-Centroid converts Centroid to, and by initiating to each pre-cooperative nodes the request adding contract network, forms described contract network.
Preferably, described collection authentication result module comprises:
Obtain history authentication information unit, after receiving described authentication request for described each pre-cooperative nodes, after other each pre-cooperative nodes are shared to the history authentication information of described pre-Centroid, obtain the history authentication information of other each pre-cooperative nodes described;
Send authentication result unit, form authentication result for described each pre-cooperative nodes according to the history authentication information of other obtained each pre-cooperative nodes and the secure threshold of self, and formed authentication result is sent to described pre-Centroid;
Collect authentication result unit, collect the authentication result of described each pre-cooperative nodes transmission for described pre-Centroid.
Preferably, described judgement Centroid module comprises:
Computing unit, for described pre-Centroid according to described each authentication result returned with cooperative nodes, calculates in described authentication result by its pre-cooperative nodes number as Centroid;
Comparing unit, for comparing calculated pre-cooperative nodes number and the minimum node number meeting contract network;
Judging unit, for work as calculated pre-cooperative nodes number be not less than described in meet the minimum node number of contract network, then judge that described pre-Centroid can become Centroid, and work as calculated pre-cooperative nodes number be less than described in meet the minimum node number of contract network, then judge that described pre-Centroid can not become Centroid.
Compared with prior art, beneficial effect of the present invention is:
Sharing 1, by each cooperative nodes history authentication information, sufficient certification has been carried out to the safety and reliability of the Centroid of electing in collaborative processes, ensure that cooperative nodes is participating in the fail safe in cotasking process, has stopped individual node to the one-sidedness of center entity authentication and limitation.
2, consider that the efficiency of collaborative processes and user are to the different demands of safety, the security configuration of user self is fully combined in verification process, user can according to the demand of self, initiatively improve level of security, do not add the contract network that fail safe is lower, but this does not affect the participation of other node, between the fail safe high request and the efficiency of entirety of individual user, have found balance.
Accompanying drawing explanation
Fig. 1 is the flow chart of the authentication method of security centre's node in the collaborative processes of a kind of multiple terminals provided by the invention;
Fig. 2 is the schematic diagram of the authenticate device of security centre's node in the collaborative processes of a kind of multiple terminals provided by the invention;
Fig. 3 is the flow chart of the Centroid authentication method in the multiple terminals collaborative processes that provides of the embodiment of the present invention;
Fig. 4 is the structure chart of the Centroid authenticate device that the embodiment of the present invention provides;
Fig. 5 is the method flow diagram carrying out Centroid certification in the multiple terminals collaborative processes that provides of the embodiment of the present invention;
Fig. 6 is the schematic diagram of the multiple terminals collaborative processes Centroid certification that the embodiment of the present invention provides.
Embodiment
Below in conjunction with accompanying drawing to a preferred embodiment of the present invention will be described in detail, should be appreciated that following illustrated preferred embodiment is only for instruction and explanation of the present invention, is not intended to limit the present invention.
Fig. 1 shows the flow chart of the authentication method of security centre's node in the collaborative processes of a kind of multiple terminals provided by the invention, as shown in Figure 1, comprises the following steps:
Step S101: during formation contract network, a terminal as pre-Centroid initiates authentication request to the other-end as pre-cooperative nodes;
Step S102: the authentication result that each pre-cooperative nodes of described pre-Centroid collection responds described authentication request and returns;
Step S103: the authentication result that described pre-Centroid returns according to each pre-cooperative nodes, judges that can it become Centroid;
Step S104: described pre-Centroid can become Centroid if judge, then described pre-Centroid converts Centroid to, and by initiating to each pre-cooperative nodes the request adding contract network, form described contract network.
The present invention also comprises: if when judging that described pre-Centroid can not become Centroid, convert described for cancellation pre-Centroid to Centroid.
Specifically, the authentication result that each pre-cooperative nodes of described pre-Centroid collection responds described authentication request and returns comprises: after described each pre-cooperative nodes receives described authentication request, after other each pre-cooperative nodes are shared to the history authentication information of described pre-Centroid, obtain the history authentication information of other each pre-cooperative nodes described; Described each pre-cooperative nodes forms authentication result according to the history authentication information of other obtained each pre-cooperative nodes and the secure threshold of self, and formed authentication result is sent to described pre-Centroid; Described pre-Centroid collects the authentication result that described each pre-cooperative nodes sends.
Wherein, the authentication result that described pre-Centroid returns according to each pre-cooperative nodes, judge that can it become Centroid to comprise: described pre-Centroid, according to described each authentication result returned with cooperative nodes, calculates in described authentication result by its pre-cooperative nodes number as Centroid; Calculated pre-cooperative nodes number and the minimum node number meeting contract network are compared; If meet the minimum node number of contract network described in the pre-cooperative nodes number calculated is not less than, then judge that described pre-Centroid can become Centroid; If meet the minimum node number of contract network described in the pre-cooperative nodes number calculated is less than, then judge that described pre-Centroid can not become Centroid.
The present invention, when judging that described pre-Centroid can become Centroid, according to described each authentication result returned with cooperative nodes, calculates the safe performance indexes of described pre-Centroid, and converts described pre-Centroid to Centroid.
Wherein, also comprise after forming contract network: when there being new cooperative nodes to add described contract network, described new cooperative nodes obtains the safe performance indexes of described Centroid; Described new cooperative nodes utilizes the safe performance indexes of the Centroid obtained, and determines whether it adds described contract network; When determining that it adds described contract network, recalculate the safe performance indexes of described Centroid; And when there being cooperative nodes to exit described contract network, described cooperative nodes obtains and preserves the safe performance indexes of described Centroid; Described Centroid recalculates its safe performance indexes.
Fig. 2 shows the schematic diagram of the authenticate device of security centre's node in the collaborative processes of a kind of multiple terminals provided by the invention, as shown in Figure 2, comprise: send authentication request module 201, for during formation contract network, a terminal as pre-Centroid initiates authentication request to the other-end as pre-cooperative nodes; Collect authentication result module 202, the authentication result returned for each pre-cooperative nodes of described pre-Centroid collection responds described authentication request; Judge Centroid module 203, for the authentication result that described pre-Centroid returns according to each pre-cooperative nodes, judge that can it become Centroid; Determine Centroid module 204, for becoming Centroid when the described pre-Centroid of judgement, then described pre-Centroid converts Centroid to, and by initiating to each pre-cooperative nodes the request adding contract network, forms described contract network.
Wherein, described collection authentication result module 202 comprises: obtain history authentication information unit, after receiving described authentication request for described each pre-cooperative nodes, after other each pre-cooperative nodes are shared to the history authentication information of described pre-Centroid, obtain the history authentication information of other each pre-cooperative nodes described; Send authentication result unit, form authentication result for described each pre-cooperative nodes according to the history authentication information of other obtained each pre-cooperative nodes and the secure threshold of self, and formed authentication result is sent to described pre-Centroid; Collect authentication result unit, collect the authentication result of described each pre-cooperative nodes transmission for described pre-Centroid.
Wherein, described judgement Centroid module 203 comprises: computing unit, for described pre-Centroid according to described each authentication result returned with cooperative nodes, calculates in described authentication result by its pre-cooperative nodes number as Centroid; Comparing unit, for comparing calculated pre-cooperative nodes number and the minimum node number meeting contract network; Judging unit, for work as calculated pre-cooperative nodes number be not less than described in meet the minimum node number of contract network, then judge that described pre-Centroid can become Centroid, and work as calculated pre-cooperative nodes number be less than described in meet the minimum node number of contract network, then judge that described pre-Centroid can not become Centroid.
Fig. 3 shows the flow chart of the Centroid authentication method in the multiple terminals collaborative processes that the embodiment of the present invention provides, and as shown in Figure 3, comprises the following steps:
Step 301, certification is initiated in pre-Centroid broadcast;
Work in coordination with in multiple terminals in scene, collaborative terminal group has elected pre-Centroid to carry out better working in coordination with, and other terminal is as pre-cooperative nodes, and in order to ensure fail safe, pre-Centroid, to all pre-cooperative nodes broadcasts, initiates authentication request.
Step 302, pre-cooperative nodes broadcast and collection history authentication information;
Each pre-cooperative nodes is after the authentication request receiving pre-Centroid, what self stored under the pattern of peer-to-peer network shares to other pre-cooperative nodes to the history authentication information of this pre-Centroid, and collects the history authentication information shared from other pre-cooperative nodes.
Step 303, pre-cooperative nodes provides authentication result in conjunction with configuration needs;
Pre-cooperative nodes utilizes the history authentication information to this pre-Centroid of collected other the pre-cooperative nodes obtained as a reference, in conjunction with the level of security configuration needs of user, namely given secure threshold, forms authentication result and determines whether this pre-authentication center meets the safety requirements of this pre-cooperative nodes.
Step 304, pre-Centroid collects the authentication result of pre-cooperative nodes;
Authentication result is sent to pre-Centroid by each pre-cooperative nodes, and the content of transmission comprises whether meeting the requirement of pre-cooperative nodes to fail safe, if met, needs the number of levels sending safety.
Step 305, pre-Centroid result of calculation also initiates type conversion;
Pre-Centroid utilizes the authentication result obtained, statistical analysis is carried out to it, comprises the security requirement calculating and meet how many pre-cooperative nodes, if the nodes passed through is less than the lowest section point requirement that contract network requires, then initiate type conversion, cancel as Centroid; Count if the nodes passed through meets the lowest section that contract network requires, then calculate the safety indexes of authentication result mean value as this pre-Centroid of the pre-cooperative nodes passed through, and initiate type conversion, pre-Centroid transfers the Centroid of contract network to, authentication result supports that its pre-cooperative nodes as Centroid adds this contract network, and other pre-cooperative nodes is due to higher to security requirement and exit this network.
Step 306, Centroid broadcast result of calculation;
Centroid needs the result that will calculate, and namely safety indexes is broadcasted away, for the pre-cooperative nodes reference newly added, also can be kept in pre-cooperative nodes as history authentication information when pre-cooperative nodes exits simultaneously, for collaborative reference again later.
Does step 307, have new node to add?
If go to step 308; If do not go to step 310.
Step 308, new pre-cooperative nodes provides authentication result;
The pre-cooperative nodes newly added obtains the safety indexes result of calculation of Centroid, and contrasts inherently safe configuration needs and determine whether to add this contract network.
Step 309, Centroid upgrades result of calculation;
If this new pre-cooperative nodes adds, in conjunction with the authentication result newly adding pre-cooperative nodes, Centroid recalculates its safety indexes, upgrades result of calculation.
Does step 310, have node to exit?
If there is pre-cooperative nodes to exit, go to step 311; If do not have pre-cooperative nodes to exit, go to step 306;
Step 311, exits the authentication information that node updates stores;
The up-to-date safety indexes of the Centroid of acquisition is stored in this locality by the pre-cooperative nodes exited, as the foundation of next certification, as the history authentication information again setting up contract network.
Step 312, Centroid upgrades result of calculation;
After being deleted the certification of Centroid and evaluation information by the pre-cooperative nodes exited, Centroid recalculates its safety indexes, upgrades result of calculation.
Fig. 4 shows the structural representation of the Centroid authenticate device that the embodiment of the present invention provides, as shown in Figure 4, described Centroid authenticating device middleware 40 is implemented in the middle of application service and hardware device, run on ubiquitous terminal, described Centroid authenticating device middleware 40 comprises: Type Control and modular converter 41, user's configuration and memory module 42, certification decision-making module 43 and communication module 44.
Described Type Control and modular converter 41: for controlling ubiquitous terminal in the type of verification process and conversion thereof.Determine the job category of ubiquitous terminal: if be pre-Centroid, organize ubiquitous terminal to carry out pre-Centroid certification; If be pre-cooperative nodes, in peer-to-peer network, distributed authentication is carried out to pre-Centroid; Type conversion refers to that pre-Centroid becomes the Centroid of contract network after by ubiquitous terminal authentication, and pre-cooperative nodes will add the contract network that this Centroid controls, and become the terminal node of contract network.
That is, when being proceeded to pre-Centroid by election Centroid in collaborative processes, communicate with pre-cooperative nodes by communication module 44, by certification decision-making module 43, the pre-cooperative nodes authentication result obtained is calculated and decision-making, determine whether become the Centroid meeting safety requirements.And under the type of pre-cooperative nodes, communicate with other pre-cooperative nodes with (in advance) Centroid by communication module 44, to be configured by user and memory module 42 obtains the security configuration requirement of user and the authentication information of history, whether meet safety requirements by the pre-Centroid of certification decision-making module 43 decision-making.After certification is passed through, pre-Centroid is converted to Centroid, thinks that the pre-cooperative nodes of this Centroid safe enough joins this network and becomes terminal.
User's configuration and memory module 42: for providing level of security for user, the storage of window and authentication information is set.User security rank arranges and refers to that collaborative terminal is according to self demand to safety, arranges certain threshold value, after the authentication information obtaining other pre-cooperative nodes, determines whether pre-Centroid meets the demand for security of user with threshold comparison.Authentication information storage refers to security certification result when obtaining service in the contract network once controlled at this Centroid to preserve, and shares with other pre-cooperative nodes for when again carrying out certification with this Centroid.
That is, according to the type arrangement of Type Control and modular converter 41, if as pre-Centroid, then what store is the statistics of authentication result to all pre-cooperative nodes; If as pre-cooperative nodes, then can obtain the demand for security configuration of user, and store the history authentication information from other pre-cooperative nodes.The certification decision-making that the information of user's configuration and memory module 42 is certification decision-making module 43 provides foundation.
Certification decision-making module 43: for the certification decision-making of pre-Centroid.Pre-cooperative nodes determines whether pre-Centroid meets the demand for security of self; Determine that pre-Centroid obtains the contract network nodes approved and whether meets the requirement of contract network to nodes, determine to form contract network.In verification process, pre-cooperative nodes sharing by history authentication information, contrasts the user security demand of self, determines whether the fail safe admitting this pre-Centroid.Pre-Centroid, after the authentication result of collecting all pre-cooperative nodes, if the nodes passed through is lower than the lowest section point requirement needed for composition service network, then represents that its fail safe is inadequate, can not provide contract network service as Centroid.
That is, according to the type arrangement of Type Control and modular converter 41, if pre-Centroid, then according to the information that user's configuration and memory module 42 provide, judge whether certification meets the minimum node number requirement of contract network by its pre-cooperative nodes number as Centroid, if met, then becomes Centroid, if do not conform to symbol, then cancel as Centroid.According to the type arrangement of Type Control and modular converter 41, if pre-cooperative nodes, then according to the information that user's configuration and memory module 42 provide, whether the pre-Centroid of decision-making meets the requirement of user to fail safe, determines whether Centroid certification is passed through.
Communication module 44: for information mutual of verification process, comprise pre-Centroid and initiate authentication request to pre-cooperative nodes, pre-cooperative nodes is broadcasted and is collected the history authentication information of other pre-cooperative nodes, pre-Centroid is collected the authentication result of each pre-cooperative nodes and is broadcasted final result of calculation, the pre-cooperative nodes newly added and to exit authentication information between node and Centroid mutual etc.
That is, for the communication between (in advance) Centroid and pre-cooperative nodes and pre-cooperative nodes.The Type Control of the pre-Centroid in Type Control and modular converter 41 and convert requests are sent to each pre-cooperative nodes, the history authentication information realized in each pre-cooperative nodes user configuration and memory module 42 is shared, authentication result in the certification decision-making module 43 of its each pre-cooperative nodes is sent to pre-Centroid, the result of decision in the certification decision-making module 43 of Centroid is broadcast to each pre-cooperative nodes.
Fig. 5 shows the method flow diagram carrying out Centroid certification in the multiple terminals collaborative processes that the embodiment of the present invention provides, and as shown in Figure 5, comprises the following steps:
Step 501, after selecting pre-Centroid, pre-Centroid initiates authentication request to pre-cooperative nodes;
Step 502, the history authentication information to this pre-Centroid is broadcasted and collected to pre-cooperative nodes each other;
Step 503, after each pre-cooperative nodes certification decision-making, pre-Centroid collects the authentication result of pre-cooperative nodes;
Step 504, according to each pre-cooperative nodes authentication result, pre-Centroid calculates whether safe enough becomes Centroid, and initiate type conversion;
Step 505, the result of calculation in step 504 is broadcast to each pre-cooperative nodes by Centroid;
Step 506, when new node adds contract network, carry out certification to Centroid, Centroid obtains its authentication result, and recalculates safety index;
Step 507, when having pre-cooperative nodes to exit, obtain the result of calculation that Centroid is up-to-date, i.e. safety indexes, as the foundation of Centroid certification when again working in coordination with, meanwhile, after node exits, Centroid also will recalculate safety index.
Fig. 6 shows the schematic diagram of the multiple terminals collaborative processes Centroid certification that the embodiment of the present invention provides, as shown in Figure 6, the ubiquitous set of terminal be made up of notebook computer, mobile phone, flat board and iPad, need to carry out terminal to work in coordination with to complete data sharing and link aggregation etc., notebook computer is have selected as pre-Centroid by mechanism such as mutual discoveries before supposing, in order to ensure the fail safe of Centroid, need to carry out certification to it.Authentication request is initiated to each collaborative terminal, each collaborative terminal sharing by history authentication information, in conjunction with self demand to safety by notebook computer, such as, mobile phone is high especially to security requirement, and notebook may be considered as unreliable Centroid by authentication result, can not add contract network.After notebook collects the authentication result of all pre-cooperative nodes, through calculating, if accreditation notebook meets as the pre-cooperative nodes number of Centroid the minimum nodes number that data sharing and link aggregation require, so notebook just initiates casting request, notebook becomes this contract network Centroid, and miscellaneous equipment becomes pre-cooperative nodes.Notebook is to the safety indexes of all pre-cooperative nodes broadcast self, fashionable when there being new mobile phone to add, the node newly added is by obtaining the safety indexes of Centroid, and the demand for security contrasting self determines whether to add contract network, achieves the certification to Centroid.When there being pre-cooperative nodes to exit from network, need to obtain the up-to-date safety indexes value of notebook, as the foundation of Centroid certification when again working in coordination with.No matter have new node to add or node exits, Centroid notebook all needs to upgrade its safety indexes value.
In sum, the present invention has following technique effect:
The present invention is by the collaborative certification to the pre-Centroid of electing, eliminate unreliable node and serve as the potential safety hazard that Centroid brings, also the different demands of each pre-cooperative nodes to level of security have fully been examined simultaneously, pre-cooperative nodes comprehensively the authentication information of other node and the demand for security of self configuration can determine whether this pre-Centroid can meet, both ensure that fail safe also improve different demand under collaborative efficiency.
Although above to invention has been detailed description, the present invention is not limited thereto, those skilled in the art of the present technique can carry out various amendment according to principle of the present invention.Therefore, all amendments done according to the principle of the invention, all should be understood to fall into protection scope of the present invention.
Claims (10)
1. the authentication method of security centre's node in the collaborative processes of multiple terminals, is characterized in that, comprise the following steps:
During formation contract network, a terminal as pre-Centroid initiates authentication request to the other-end as pre-cooperative nodes;
The authentication result that each pre-cooperative nodes of described pre-Centroid collection responds described authentication request and returns;
The authentication result that described pre-Centroid returns according to each pre-cooperative nodes, judges that can it become Centroid;
If judge, described pre-Centroid can become Centroid, then described pre-Centroid converts Centroid to, and by initiating to each pre-cooperative nodes the request adding contract network, forms described contract network.
2. method according to claim 1, is characterized in that, also comprises:
If when judging that described pre-Centroid can not become Centroid, convert described for cancellation pre-Centroid to Centroid.
3. method according to claim 1, is characterized in that, the authentication result that each pre-cooperative nodes of described pre-Centroid collection responds described authentication request and returns comprises:
After described each pre-cooperative nodes receives described authentication request, after other each pre-cooperative nodes are shared to the history authentication information of described pre-Centroid, obtain the history authentication information of other each pre-cooperative nodes described;
Described each pre-cooperative nodes forms authentication result according to the history authentication information of other obtained each pre-cooperative nodes and the secure threshold of self, and formed authentication result is sent to described pre-Centroid;
Described pre-Centroid collects the authentication result that described each pre-cooperative nodes sends.
4. according to the method in claim 2 or 3, it is characterized in that, the authentication result that described pre-Centroid returns according to each pre-cooperative nodes, judge that can it become Centroid to comprise:
Described pre-Centroid, according to described each authentication result returned with cooperative nodes, calculates in described authentication result by its pre-cooperative nodes number as Centroid;
Calculated pre-cooperative nodes number and the minimum node number meeting contract network are compared;
If meet the minimum node number of contract network described in the pre-cooperative nodes number calculated is not less than, then judge that described pre-Centroid can become Centroid;
If meet the minimum node number of contract network described in the pre-cooperative nodes number calculated is less than, then judge that described pre-Centroid can not become Centroid.
5. method according to claim 4, it is characterized in that, when judging that described pre-Centroid can become Centroid, according to described each authentication result returned with cooperative nodes, calculate the safe performance indexes of described pre-Centroid, and convert described pre-Centroid to Centroid.
6. method according to claim 5, is characterized in that, also comprises after forming contract network:
When there being new cooperative nodes to add described contract network, described new cooperative nodes obtains the safe performance indexes of described Centroid;
Described new cooperative nodes utilizes the safe performance indexes of the Centroid obtained, and determines whether it adds described contract network;
When determining that it adds described contract network, recalculate the safe performance indexes of described Centroid.
7. method according to claim 5, is characterized in that, also comprises after forming contract network:
When there being cooperative nodes to exit described contract network, described cooperative nodes obtains and preserves the safe performance indexes of described Centroid;
Described Centroid recalculates its safe performance indexes.
8. the authenticate device of security centre's node in the collaborative processes of multiple terminals, is characterized in that, comprising:
Send authentication request module, for during formation contract network, a terminal as pre-Centroid initiates authentication request to the other-end as pre-cooperative nodes;
Collect authentication result module, the authentication result returned for each pre-cooperative nodes of described pre-Centroid collection responds described authentication request;
Judge Centroid module, for the authentication result that described pre-Centroid returns according to each pre-cooperative nodes, judge that can it become Centroid;
Determine Centroid module, for becoming Centroid when the described pre-Centroid of judgement, then described pre-Centroid converts Centroid to, and by initiating to each pre-cooperative nodes the request adding contract network, forms described contract network.
9. device according to claim 8, is characterized in that, described collection authentication result module comprises:
Obtain history authentication information unit, after receiving described authentication request for described each pre-cooperative nodes, after other each pre-cooperative nodes are shared to the history authentication information of described pre-Centroid, obtain the history authentication information of other each pre-cooperative nodes described;
Send authentication result unit, form authentication result for described each pre-cooperative nodes according to the history authentication information of other obtained each pre-cooperative nodes and the secure threshold of self, and formed authentication result is sent to described pre-Centroid;
Collect authentication result unit, collect the authentication result of described each pre-cooperative nodes transmission for described pre-Centroid.
10. device according to claim 8 or claim 9, it is characterized in that, described judgement Centroid module comprises:
Computing unit, for described pre-Centroid according to described each authentication result returned with cooperative nodes, calculates in described authentication result by its pre-cooperative nodes number as Centroid;
Comparing unit, for comparing calculated pre-cooperative nodes number and the minimum node number meeting contract network;
Judging unit, for work as calculated pre-cooperative nodes number be not less than described in meet the minimum node number of contract network, then judge that described pre-Centroid can become Centroid, and work as calculated pre-cooperative nodes number be less than described in meet the minimum node number of contract network, then judge that described pre-Centroid can not become Centroid.
Priority Applications (2)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410016422.8A CN104780535A (en) | 2014-01-14 | 2014-01-14 | Method and device for authenticating safe center node in multi-terminal cooperative process |
| PCT/CN2014/077497 WO2015106509A1 (en) | 2014-01-14 | 2014-05-14 | Method and device for authenticating security central node in multi-terminal cooperation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201410016422.8A CN104780535A (en) | 2014-01-14 | 2014-01-14 | Method and device for authenticating safe center node in multi-terminal cooperative process |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN104780535A true CN104780535A (en) | 2015-07-15 |
Family
ID=53542337
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201410016422.8A Pending CN104780535A (en) | 2014-01-14 | 2014-01-14 | Method and device for authenticating safe center node in multi-terminal cooperative process |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN104780535A (en) |
| WO (1) | WO2015106509A1 (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108055288A (en) * | 2018-01-29 | 2018-05-18 | 平安科技(深圳)有限公司 | Authentication method, terminal device and the medium of identity information |
| WO2019178766A1 (en) * | 2018-03-21 | 2019-09-26 | Nokia Technologies Oy | Remote attestation in network |
| CN111131286A (en) * | 2019-12-30 | 2020-05-08 | 百度在线网络技术(北京)有限公司 | Access control method, device, equipment and medium for block link points |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11803885B2 (en) * | 2018-02-28 | 2023-10-31 | Disney Enterprises, Inc. | Configuration for authenticating a virtual item |
| CN117081867B (en) * | 2023-10-17 | 2024-01-23 | 北京交通大学 | Cooperative physical layer authentication method based on impression weighting and electronic equipment |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101159748A (en) * | 2007-11-14 | 2008-04-09 | 北京科技大学 | Entity authentication method in wireless sensor network |
| CN101572645A (en) * | 2009-06-12 | 2009-11-04 | 杭州华三通信技术有限公司 | Method for establishing tunnel and device thereof |
| CN101984625A (en) * | 2010-10-29 | 2011-03-09 | 北京工业大学 | Safety start method of tree topology in IPv6 over low power wireless personal area network (6LoWPAN) |
| CN104426874A (en) * | 2013-08-30 | 2015-03-18 | 中兴通讯股份有限公司 | Authentication method and authentication device applied to ubiquitous terminal network |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102694833B (en) * | 2011-03-22 | 2015-07-29 | 日电(中国)有限公司 | Server in multicast tree method for building up and multicast system and node |
-
2014
- 2014-01-14 CN CN201410016422.8A patent/CN104780535A/en active Pending
- 2014-05-14 WO PCT/CN2014/077497 patent/WO2015106509A1/en active Application Filing
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101159748A (en) * | 2007-11-14 | 2008-04-09 | 北京科技大学 | Entity authentication method in wireless sensor network |
| CN101572645A (en) * | 2009-06-12 | 2009-11-04 | 杭州华三通信技术有限公司 | Method for establishing tunnel and device thereof |
| CN101984625A (en) * | 2010-10-29 | 2011-03-09 | 北京工业大学 | Safety start method of tree topology in IPv6 over low power wireless personal area network (6LoWPAN) |
| CN104426874A (en) * | 2013-08-30 | 2015-03-18 | 中兴通讯股份有限公司 | Authentication method and authentication device applied to ubiquitous terminal network |
Non-Patent Citations (1)
| Title |
|---|
| 辛海涛: "P2P网络中信任模型的研究", 《中国优秀硕士学位论文全文数据库 信息科技辑》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108055288A (en) * | 2018-01-29 | 2018-05-18 | 平安科技(深圳)有限公司 | Authentication method, terminal device and the medium of identity information |
| WO2019178766A1 (en) * | 2018-03-21 | 2019-09-26 | Nokia Technologies Oy | Remote attestation in network |
| CN111131286A (en) * | 2019-12-30 | 2020-05-08 | 百度在线网络技术(北京)有限公司 | Access control method, device, equipment and medium for block link points |
| CN111131286B (en) * | 2019-12-30 | 2022-06-17 | 百度在线网络技术(北京)有限公司 | Access control method, device, equipment and medium for block link points |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2015106509A1 (en) | 2015-07-23 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| He et al. | Secure social networks in 5G systems with mobile edge computing, caching, and device-to-device communications | |
| Li et al. | Optimization of free space optical wireless network for cellular backhauling | |
| CN104780535A (en) | Method and device for authenticating safe center node in multi-terminal cooperative process | |
| CN103262593A (en) | Apparatus and method for determining a core network configuration of a wireless communication system | |
| CN104038995B (en) | Distributed dynamic cluster power-economizing method in heterogeneous network | |
| CN110381161B (en) | Game theory-based resource scheduling method in power Internet of things system | |
| Mohammadi et al. | Role of communication on the convergence rate of fully distributed DC optimal power flow | |
| Shaoshuai et al. | MODM-based evaluation model of service quality in the Internet of Things | |
| CN115552933A (en) | Federal learning in a telecommunications system | |
| Nguyen et al. | Fair sharing of backup power supply in multi-operator wireless cellular towers | |
| CN109996240B (en) | Dynamic stacking configuration method and device for edge data center | |
| Wang et al. | Blockchain empowered dynamic spectrum sharing: Standards, state of research and road ahead | |
| CN101662786A (en) | Fit AP network site determining method and equipment thereof | |
| CN104426874B (en) | A kind of authentication method and device for ubiquitous terminal network | |
| CN115412565A (en) | Block chain-based edge node ad hoc network method, device and equipment | |
| KR101579847B1 (en) | Demand response server, terminal and control method | |
| CN103428767B (en) | Based on the High-energy-efficienresource resource optimization method of fractional programming and penalty function method | |
| CN116017570A (en) | Edge computing system resource management method based on block chain | |
| Yin et al. | Multi-cell cooperative outage compensation in cloud-RANs based 5G public safety network | |
| CN114423007A (en) | Terminal access point determining method, terminal access point determining device, electronic equipment and storage medium | |
| US9722725B2 (en) | System and method for resource management in heterogeneous wireless networks | |
| US9813922B2 (en) | System and method for resource management in heterogeneous wireless networks | |
| Zheng et al. | Dynamic resource allocation based on service time prediction for device‐to‐device communication underlaying cellular networks | |
| Yuchen et al. | Stochastic geometric analysis of the uplink throughput in cognitive radio cellular networks | |
| CN113497816B (en) | Intelligent Internet of things edge gateway server collaborative task unloading method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20150715 |