CN109963282B - Privacy protection access control method in IP-supported wireless sensor network - Google Patents

Privacy protection access control method in IP-supported wireless sensor network Download PDF

Info

Publication number
CN109963282B
CN109963282B CN201910245853.4A CN201910245853A CN109963282B CN 109963282 B CN109963282 B CN 109963282B CN 201910245853 A CN201910245853 A CN 201910245853A CN 109963282 B CN109963282 B CN 109963282B
Authority
CN
China
Prior art keywords
user
group
access control
control server
ticket
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201910245853.4A
Other languages
Chinese (zh)
Other versions
CN109963282A (en
Inventor
刘发贵
唐阳雨
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
South China University of Technology SCUT
Original Assignee
South China University of Technology SCUT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by South China University of Technology SCUT filed Critical South China University of Technology SCUT
Priority to CN201910245853.4A priority Critical patent/CN109963282B/en
Publication of CN109963282A publication Critical patent/CN109963282A/en
Application granted granted Critical
Publication of CN109963282B publication Critical patent/CN109963282B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/04Key management, e.g. using generic bootstrapping architecture [GBA]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Abstract

The invention discloses a privacy protection access control method in an IP-supported wireless sensor network. The method applies a group signature technology to divide system users into different user groups according to different access authorities, and the group users use the group signature to carry out anonymous access to ensure the access privacy of user data and prevent the leakage of user behavior patterns. The method utilizes the group signature technology to divide users into different user groups according to different access rights, the group users generate group signatures to carry out identity authentication, anyone in the network can verify the correctness of the group signatures, but cannot know the identity of a signer; the identity authentication and authorization process of the Hidra protocol is improved by using a fake ticket mechanism and a self-updating ticket mechanism, and the unlinkability of protocol messages is ensured; the public key of the group is managed by using a block chain technology, so that the key management and the user revocation process of the Hidra protocol are more flexible; the block chain technology is used for improving the accountability mechanism, so that the accountability process is public and transparent, and the possible accountability disputes are solved.

Description

Privacy protection access control method in IP-supported wireless sensor network
Technical Field
The invention belongs to the field of Internet of things security, and particularly relates to a privacy protection access control method in an IP-supported wireless sensor network.
Background
In recent years, thanks to the development of the 6LoWPAN standard, the problem of hindering the original combination of the sensor and the Internet is solved, the end-to-end communication between the Internet user and the node is really realized, and the application of the sensor network is promoted. But also introduces a new security crisis, and an attacker on the internet can more easily access the sensor nodes in a global addressing mode. Due to the high vulnerability of the wireless sensor network itself, such as limited device resources, complex deployment environment, etc., the wireless sensor network is easily targeted by many security attacks or is reduced to a tool for hackers to launch security attacks (for example, Mira forms a hundred thousand levels of botnet networks by internet of things devices, and has launched mad resource consumption attacks on krebson security, etc.). Thus, strict control must be exercised over the data access of the nodes. A basic access control solution contains at least three components: authentication, authorization and auditing. The authentication and authorization process means that the user needs to provide identity-related information to the target service, which in turn raises new security issues: user data access privacy. The access behavior of the user becomes a target of data collection, and the behavior pattern and preference of the user are summarized and obtained, so that the privacy security of the user is threatened. Therefore, in order to ensure the secure access of the wireless sensor network, strict control must be performed on the data of the access node without revealing the privacy of the user.
The following two problems mainly exist in implementing the conventional access control scheme in the wireless sensor network: 1) the sensor resources are limited: sensors, whether on the computational power, storage power, or affordable transmission overhead, are subject to strict resource constraints, making complex security mechanisms unusable. 2) Privacy disclosure: the access behavior of the user to the sensor service may be closely related to the privacy information of the user, such as social work, preference, and the like. Implementing access control requires a user to provide information such as identity for authentication. And a potential malicious listener collects and analyzes the user identity and the data access record, further acquires the privacy information of the user and threatens the security of the user.
The current privacy protection access control methods are roughly of two types, one is to hide the true identity of a user by introducing a cryptographic mechanism (such as group signature, ring signature, etc.), and the privacy security of the user is usually based on a difficult problem and has strong privacy security. These approaches lack feasibility considerations in constrained device scenarios. Another type of solution implements access control by introducing an absolutely trusted third party that stores a mapping table of the true identity and the pseudonym of the user, so that the user can authenticate and authorize by sending the pseudonym to the third party during the process of accessing data. However, the method completely trusts the privacy security of the user to the third party, and once the third party is attacked to cause data leakage, the data access privacy security of all the users is threatened. Blind trust of a third party may have more serious consequences, such as that the third party sells the data access records of the user privately, or hands over to a government agency, and the access tendency and privacy preference of the user are monitored.
Disclosure of Invention
The invention aims to provide a privacy protection access control method in an IP-supported wireless sensor network, which solves the problem of privacy protection of access control in the IP-supported wireless sensor network.
The purpose of the invention is realized by at least one of the following technical solutions.
The inventive method framework comprises system users, a blockchain network, a target sensor node and an access control server (access control server) and local Legal Authorities (LA) as third parties. In order to guarantee the access privacy of the users, the system users are divided into different groups according to different access control authorities, and the group users use group signatures to perform identity authentication. In the system setting stage, the access control server and the legal organization cooperate to generate a group key, wherein the group key is issued to the blockchain by the access control server, and the public key is managed by using the blockchain platform. And the new user executes the group adding operation by acquiring the corresponding group public key on the block chain.
The privacy protection access control method in the wireless sensor network supported by the IP is applied to the wireless sensor network supported by the IP, and the access control is based on Hidra protocol, so that the feasibility in the resource-limited environment is ensured; by utilizing the group signature technology, users are divided into different user groups according to different access authorities, group users generate group signatures for identity authentication, and anyone in a network can verify the correctness of the group signatures but cannot know the identity of a signer; the identity authentication and authorization process of the Hidra protocol is improved by using a fake ticket mechanism and a self-updating ticket mechanism, and the unlinkability of protocol messages is ensured; the public key of the group is managed by using a block chain technology, so that the key management and the user revocation process of the Hidra protocol are more flexible; the block chain technology is used for improving the accountability mechanism, so that the accountability process is public and transparent, and the possible accountability disputes are solved.
Furthermore, the method divides the opening key in the group signature into two parts which are generated and stored by two different arbitration mechanisms accessing the control server and the legal mechanism. Any party arbitration mechanism cannot independently open the group signature, and only when a user has illegal behaviors and needs to start the accountability process, the two arbitration mechanisms with the open key cooperate to open the group signature to reveal the identity of the signer.
Further, Hidra protocol is improved by using a self-updating ticket mechanism, the access control server encrypts a Ticket Granting Ticket (TGT) in a user authorization request message and sends the Ticket Granting Ticket (TGT) to a requesting user, and the user uses the updated ticket as a ticket of the next authorization request to ensure the non-connectivity of the two authorization processes. The Hidra protocol is improved by using a fake ticket mechanism, the access control server fills in the field of the original resource ticket by using invalid data, and the real resource ticket is carried and transmitted by using a new field for ensuring the integrity and confidentiality, so that the non-connectivity of an authorization process and a security access process is ensured.
Further, the generated group public key information is distributed to the blockchain by the access control server using the blockchain management group signature public key. When a user in the group needs to be revoked, the access control server issues a revocation transaction containing revocation information to the blockchain network and updates the group public key on the chain without broadcasting the revocation information and the updated public key to the non-revoked user.
In further embodiments, the method of the present invention comprises the following steps:
1) and (3) starting a system: the legal organization and the access control server generate a group public key for each user group;
2) the new user is added: a new user generates a member private key, and registers the member private key at an access control server to obtain a member identity certificate;
3) an identity authentication stage; the user generated group signature is authenticated at the access control server, which can only verify if the user belongs to the group it claims to be, and cannot know in particular which member of the group.
4) And (3) an authorization stage: and the user requests the access control server to issue the resource ticket by using the certificate acquired in the identity authentication stage.
5) Safety access and audit stage: a user accesses a target sensor by using a resource ticket obtained in an authorization stage, and a log is generated for each security connection in a sensor stage and is sent to an access control server for auditing;
6) and (3) user revocation: after the lifetime of the user is over or the user has illegal behavior, the group membership of the user needs to be revoked. The access control server updates the group public key and issues a revocation transaction on the blockchain;
7) and a stage of accountability and dispute resolution: when a user has illegal behaviors against the access strategy, the legal mechanism and the access control server are used as arbitration mechanisms and cooperate through the block chain platform to use the respectively held partial open keys to uncover the identity of the signer.
In the access control server, the group management related operations include: group key generation, user joining and revocation are performed by the Group Management Server (GMS). Authentication and issuance of ticket granting tickets is handled by an identity Authentication Server (AS). In the authorization phase, the identity authentication server extracts the group signature from the request message and then verifies the group signature with a group signature verifier (GMS). The group signature verifier returns a verification result to the identity authentication server. A ticket issuance server (TGS) is responsible for authorizing and issuing resource tickets. An accountability Administrator (ACM) performs auditing and accountability operations.
The invention is based on an enhanced version Kerberos protocol-Hidra access control protocol, and combines a group signature technology to ensure the anonymity of a user and the unlinkability of protocol messages in the protocol authentication process. In addition, the method of the invention combines the block chain technology to improve the traditional accountability mechanism, so that the accountability process can be open and transparent, and the disputes which may exist are solved.
Drawings
Fig. 1 is a block diagram of a privacy-preserving access control method in an IP-supported wireless sensor network according to an embodiment.
Fig. 2 is a protocol flow diagram in an embodiment.
FIG. 3 is a flowchart of the accountability mechanism in an embodiment.
Detailed Description
Embodiments of the present invention will be further described with reference to the accompanying drawings and examples, but the practice and protection of the invention are not limited thereto, and it is noted that the following procedures or symbols, which are not specifically described in detail, can be implemented or understood by those skilled in the art with reference to the prior art.
Referring to fig. 1, a privacy protection access control method in an IP-supported wireless sensor network is implemented as follows.
Description of the symbols:
u: registered users of a wireless sensor network having access to specific sensor nodes in the network
IK: issuing a secret key, the access control server using the secret key to issue a group member identification to the registered user
OK: opening a key that contains two parts { ξ 1 ,ξ 2 These two parts are generated by the access control server and the legal authorities, respectively.
e X : elliptic curve diffie-hellman private key of entity X (entities such as access control server, user, etc.). For example, the elliptic curve diffie-hellman private key of user U is e U
E X : elliptic curve diffie-hellman public key for entity X (entities such as access control server, user, etc.)
gsk: group private key
gpk: group public key
UK: user key generated and stored by registered user for generating group signature for identity authentication
UCert: group member identification
Cert: personal identification certificate for registered user
upk: public key corresponding to registered user personal identity certificate
usk: private key corresponding to personal identity certificate of registered user
ACS access control server
And AS: identity authentication server in access control server
And (4) TGS: ticket granting server in access control server
σ: registered user generated group signatures
GID j : group identification of jth user group
BCAddr X : block chain address of entity X (entity such as access control server, user, etc.)
ESK X,y : elliptic curve diffie-hellman based temporary session key between entities X and Y (access control server, user, etc.)
K X,y : shared secret between entities X and Y (entities such as access control server, user, etc.)
K X : shared key between entity X (user, etc.) and access control server
Figure BDA0002011032360000041
Ith value of one-way keychain to provide freshness proof of communication messages between entities X and Y (access control server, user, etc. entities)
Subkey: session keys between the user and the sensor nodes.
Step 1: system start-up
An access control server generates a group public key, a partial open key and an elliptic curve diffie-hellman (ECDH) public and private key pair (E) for each user group ACS ,e ACS ) Wherein the elliptic curve diffie-hellman public key E ACS As part of the group public key release, the access control server invokes an intelligent contract to store the group public key on the blockchain. Since the access control server can not know the true identity of the requesting user in the access control process and can not preset the session key between the access control server and each user, the method uses a key negotiation algorithm based on elliptic curve diffie-hellman to establish the temporary session key (ESK) of the access control server and the requesting user U,ACS
Specifically, the procedure of accessing the control server is as follows:
1)
Figure BDA0002011032360000051
and
Figure BDA0002011032360000052
is a bilinear group of three orders of prime p, G 1 K is
Figure BDA0002011032360000053
Two independent generators of G 2 Is composed of
Figure BDA0002011032360000054
The generator of (2). Psi is
Figure BDA0002011032360000055
To
Figure BDA0002011032360000056
One-way isomorphic mapping of: psi (G) 2 )=G 2
Figure BDA0002011032360000057
Figure BDA0002011032360000058
Is an efficient bilinear map.
2) Selecting the modulus n of RSA, an
Figure BDA0002011032360000059
The highest order element g.
3) Generating Diffie-Hellman keys
Figure BDA00020110323600000510
The IK is referred to as an issuance key and is used to issue group member identification and a user member key. Computing
Figure BDA00020110323600000511
As the public key for IK correspondence.
4)Generating partial unlock keys
Figure BDA00020110323600000512
Calculating its corresponding public key H ═ K xi 1
5) Selecting random numbers
Figure BDA00020110323600000513
Calculating elliptic curve diffie-hellman public key E as elliptic curve diffie-hellman private key ACS =e ACS ×K。
The legal authorities perform the following procedures:
1) generating a partial opening key ξ 2 Calculating the corresponding public key G ═ K ξ2
2) And sending the G to the access control server.
After this stage, a group public key gpk and a group private key gsk (including the issuance key IK, the opening key OK, and the ECDH private key e) are generated ACS ). The method comprises the following specific steps:
——
Figure BDA00020110323600000514
——gsk={IK,OK,e ACS }
--OK={ξ 1 ,ξ 2 }
after the complete public key is generated, the access control server calls an intelligent contract to store the public key to the block chain.
Step two: new user joining
Before applying for joining a user group, a new user U needs to be registered with its true identity, assuming that each user U has obtained a personal authentication public key and an associated private key (upk, usk). When applying for joining a certain user group, he must verify to the access control server that he is a registered legitimate user, to obtain his group member certificate and user key, the procedure is as follows:
1) the group public key is obtained from the blockchain.
2) Selecting a user key
Figure BDA0002011032360000061
And calculating C ═ H UK
3) Calculating extractable commitment c-g UK
4) Generating zero knowledge proof NIZKPEqDL: selecting a random number r ∈ R (Z \ nZ), calculating R 1 =g r mod n 2 ,R 2 =H r ,h=Hash(g,n 2 ,c,C,H,R 1 ,R 2 ),s=r-h·UK。
5) And sending { C, C, h, s } to the access control server through a secure channel.
The NIZKPEqDL in step (4) is a zero knowledge proof, and the extractable commitment in step (3) is a knowledge proof: the user U knows the user key UK.
Upon receiving the message, the access control server will perform the following:
1) verification of zero knowledge proof NIZKPEqDL: calculation of R 1 =g s ·c h mod n 2 ,R 2 =H s ·C h And verifies whether the challenge value h is correct.
Figure BDA0002011032360000062
If the verification is successful, generating a certificate UCert for the user U; otherwise the procedure is terminated.
2) Selecting
Figure BDA0002011032360000063
And calculating a ═ G 1 ·C) 1/(IK+x) . The group membership card of user U is UCert ═ (a, x).
3) Calculating B-e (G) 1 ·C,G 2 )/e(A,W),D=e(A,G 2 ),T 1 =B IK and T 2 =D IK . Generating NIZKPoKDL (B, D): selecting
Figure BDA0002011032360000064
Calculating the temporary variable s-r-c.x
4) The { A, T, s } is sent over the secure channel to user U, where A is the left half of the group membership identification.
NIZKPoKDL (B, D) is a discrete log zero knowledge proof of knowledge that B is based on D.
After receiving the message, the access control server executes the following processes:
1) calculating B ═ e (G) 1 ·C,G 2 )/e(A,W),D=e(A,G 2 ),
Figure BDA0002011032360000065
2) If the challenge value h is correct, the user U signs the A by using the personal private key usk to generate a digital signature S, and S is equal to Sign usk (A) The doublet (Cert, S) is sent to the access control server.
The access control server verifies the validity of the Cert and extracts the left half a' of the signed group membership certificate from the digital signature S. If the certificate Cert is valid, and a' ═ a. The access control server registers user U in the database and then sends the right half x of the group membership identification to user U over the secure channel. User U saves the group membership identification { UCert (A, x), UK }.
Step three: identity authentication phase
In the authentication phase, the user generates a group signature using the user key to authenticate the access control server. It can only check whether the requester is a member of the corresponding group and cannot identify which user is specific. If the check is successful, the identity authentication server issues a Ticket Granting Ticket (TGT) to the requester through the block chain. The operation of this stage is as follows (the subscript n of the symbol is used only to distinguish it from the temporary variable symbol used in the previous stage):
the user side executes the following steps:
1) user generated disposable block chain address BCAddr U (ii) a Selecting a random number
Figure BDA0002011032360000071
As the ECDH private key of the user U, the subscript U refers to the user side parameter, and the corresponding public key E is calculated U =e U xK (K is the public key parameter generated in step one). GeneratingRequest message M n Group identification GID containing the jth user group j Identification ID of Ticket Granting Server (TGS) in access control server TGS The life cycle Lifecime of the ticket granting ticket, and the disposable block chain address BCAddr of the user U U And E for establishing and accessing a temporary session key between the control servers U
2) Random selection
Figure BDA0002011032360000072
Computing
Figure BDA0002011032360000073
3) Generating { alpha n ,β n Demonstration of UCert }: random selection
Figure BDA0002011032360000074
(the subscripts α, β, x, y, z are used only to distinguish individual random numbers, n is used to distinguish temporary variables used in the system setup phase); and (3) calculating:
Figure BDA0002011032360000075
c n =Hash(M n ,T 1,n ,T 2,n ,T 3,n ,R 1,n ,R 2,n ,R 3,n );
and (3) calculating:
s α,n =r α,n +c n ·α n mod p,s β,n =r β,n +c n ·β n mod p,s x,n =r x,n +c n ·x mod p,s y,n =r y,n +c n ·y n mod p and s z,n =r z,n +c n ·z n mod p where y n =x·β n mod p,z n =x·α n +UK mod p。
4) generating a group signature σ (T) 1,n ,T 2,n ,T 3,n ,c n ,s α,n ,s β,n ,s x,n ,s y,n ,s z,n )。
5) And randomly selecting a disposable blockchain address, packaging the request message into a transaction, and sending the transaction to a blockchain address of the access control server.
An authentication server in an access control server monitors all transactions addressed to a local blockchain address, extracts a group signature sigma therefrom n And sent to a Group Signature Verifier (GSV) for verification, as follows:
1) computing
Figure BDA0002011032360000076
Figure BDA0002011032360000077
2) Authentication
Figure BDA0002011032360000078
If the verification is successful, the identity authentication server generates a temporary Identity (ID) for the requester, the identity is valid only in the lifetime of the ticket granting, and the identity authentication server stores the temporary identity in an active connection information database.
The identity authentication server provides the ticket granting ticket, the temporary identity and the secret key K for the requester U,TGS Examples of (session keys of user U and ticket granting server TGS) so that the user can communicate with the ticket granting server TGS. The identity authentication server uses the ESK u,ACS =E U ×e ACS And encrypting the identity authentication reply message HID _ AS _ REP, and sending the encrypted reply message to the disposable blockchain address of the requester through the blockchain network.
Step four: authorisation phase
After the last stage is completed, user U obtains the ticket granting ticket and his temporary identity, and nobody knows his real identity in the whole process, including the access control server. And an identity authentication server. At this stage, as in fig. 2, user U applies for a resource ticket by sending a HID _ TGS _ REQ authorization request message to the Ticket Granting Server (TGS) of the access control server. To support service access unlinkability and exchange untraceability, two mechanisms are used to modify the HID _ TGS _ REP message of the TGS response requester, a self-updating ticket granting ticket mechanism and a fake ticket mechanism. With respect to the former, the ticket granting ticket generates a new ticket granting ticket for the requestor that is embedded in a new type field called PA-SR-TGT (supported by Kerberos v 5), carried in the PA-PRIV field in the HID _ TGS _ REP message. On the other hand, the original resource TICKET field is filled with invalid numbers, the actual resource TICKET is embedded in a new field called PA-TICKET and contained in the PA-PRIV field, and the PA-PRIV field provides integrity, confidentiality and anti-replay attacks, so that an attacker cannot establish any contact for subsequent message exchange.
Step five: secure access and audit phase
After obtaining the resource ticket, the user may initiate a service request to the restricted device, and send the resource ticket to the device providing the service through the message HID _ U _ R _ REQ. If the device verifies that the resource ticket is valid, it can determine that the requester has passed the authentication and authorization, and send a message HID _ U _ S _ REP back to the requester to establish the security association. For further service requests, the device will check the policy instance against the requested action to match the appropriate rule, performing local access control. In the subsequent service providing process, the device and the requester use the session key secret key encryption transmission in the message HID _ U _ R _ REQ to ensure the end-to-end communication security. In addition, each resource access request may trigger a message HID _ S _ IND to send an activity log to the access control server. Upon receipt by the access control server, the log is associated with the user's signature based on the user's temporary identity in the message and the entry is stored for logging, tracking, billing and further auditing purposes. After receiving the information HID _ S _ ACK returned by the access control server, the equipment deletes the log cache to prevent the storage overflow.
Step six: user revocation
When the lifetime of the user is over or the improper behavior is cancelled, the access control server needs to be updatedCommon parameters of the group and the identity cards of the group members that are not revoked. Assume to have membership card UCer m =(A m ,x m ) To be revoked, the access control server will perform the following revocation procedure:
1) updating the group public key:
Figure BDA0002011032360000091
Figure BDA0002011032360000092
Figure BDA0002011032360000093
2) calling the withdrawal function of the intelligent contract, and sending the withdrawal function containing x r The corresponding group public key on the chain is modified. Assuming that the user U, who is not revoked, listens to the revocation transaction, he will perform the following operations:
1) obtaining the updated group public key on the chain to update the locally cached group public key
2) Based on the updated group public key and the revocation parameter x in the revocation transaction r Updating the identity:
Figure BDA0002011032360000094
3) authentication
Figure BDA0002011032360000095
The effectiveness of (2):
Figure BDA0002011032360000096
4) signing using private key upk
Figure BDA0002011032360000097
Sending the signed result to the access controllerAnd (5) making a server.
After the access control server receives the user's updated identification signature,
1) computing
Figure BDA0002011032360000098
2) Use of
Figure BDA0002011032360000099
Update C, use
Figure BDA00020110323600000910
And updating the A.
Step seven: stage of accountability and dispute resolution
If the user action violates the network access policy, the access control server and legal authorities will collaborate to revoke the anonymity of the group signature, as shown in FIG. 3 by means of blockchain techniques to reveal the signer identity in a publicly transparent manner.
When a user acts illegally, the system needs to uncover the real identity of the user to investigate the responsibility of the user. The accountability process is as follows:
1) access control server uses its own partial opening key ξ 1 Computing
Figure BDA00020110323600000911
(
Figure BDA00020110323600000914
See step three), calculate V 1 Hash value of h (V) 1 ) Invoking the accountability function in the intelligent contract to convert h (V) 1 ) As a commitment to the blockchain. Similarly, the legal organization uses its own private key xi 2 Computing
Figure BDA00020110323600000912
(
Figure BDA00020110323600000913
See step three), calculate V 2 Hash value of h (V) 2 ) Call outThe accountability function in the intelligent contract is h (V) 2 ) As a commitment to be released onto the blockchain.
2) The control server to be accessed and the legal institution detect that both sides have submitted the commitment, and call the intelligent contracts to respectively submit V 1 、V 2 . The access control server calculates the group member identity A of the signer s =T 3,n ×V 1 ×V 2 (A s Identification of group members for signers, T 3,n See step three).
3) The access control server searches A in the user registration database s Corresponding to the true identity of the user, A s User identity and user pair A s Signature Sign of (1) usk (A s ) And issuing to the block chain.
The above-mentioned procedures are preferred embodiments of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention shall be covered by the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the protection scope of the claims.

Claims (4)

1. The privacy protection access control method in the wireless sensor network supported by the IP is characterized in that the privacy protection access control method is applied to the wireless sensor network supported by the IP, and the access control is based on a Hidra protocol to ensure the feasibility in a resource limited environment; the users are divided into different user groups according to different access rights, the group users generate group signatures by using a group signature technology for identity authentication, and anyone in a network can verify the correctness of the group signatures but cannot know the identity of a signer; the identity authentication and authorization process of the Hidra protocol is improved by using a fake ticket mechanism and a self-updating ticket mechanism, and the unlinkability of protocol messages is ensured; the public key of the group is managed by using a block chain technology, so that the key management and the user revocation process of the Hidra protocol are more flexible; the block chain technology is utilized to improve the accountability mechanism, so that the accountability process is public and transparent, and possible accountability disputes are solved; the Hidra protocol is improved by using a self-updating ticket mechanism, the access control server encrypts a ticket granting ticket in a user authorization request message and sends the ticket granting ticket to a requesting user, and the user uses the updated ticket as a certificate of the next authorization request to ensure the unlinkability of the two authorization processes; the Hidra protocol is improved by using a fake ticket mechanism, the access control server fills in the field of the original resource ticket by using invalid data, and the real resource ticket is carried and transmitted by using a new field for ensuring integrity and confidentiality, so that the unlinkability of an authorization process and a secure access process is ensured.
2. The privacy protection access control method in an IP-supported wireless sensor network according to claim 1, characterized in that: dividing an opening key in the group signature into two parts, and generating and storing the two parts by two different arbitration mechanisms accessing a control server and a legal mechanism; any party arbitration mechanism cannot independently open the group signature, and only when a user has illegal behaviors and needs to start the accountability process, the two arbitration mechanisms with the open key cooperate to open the group signature to reveal the identity of the signer.
3. The privacy-preserving access control method in an IP-supported wireless sensor network as claimed in claim 1, managing a group signature public key using a blockchain, publishing the generated group public key information to the blockchain by an access control server; when a user in the group needs to be revoked, the access control server issues a revocation transaction containing revocation information to the blockchain network and updates the group public key on the chain without broadcasting the revocation information and the updated public key to the non-revoked user.
4. The privacy protection access control method in an IP-supported wireless sensor network according to claim 1, characterized in that: the method comprises the following execution flows:
1) starting a system: a legal organization and an access control server generate a group public key for each user group;
2) the new user is added: the new user generates a member private key, and registers the member private key at the access control server to obtain a member identity certificate;
3) an identity authentication stage; the user generates a group signature to carry out identity authentication at an access control server, and the access control server can only verify whether the user belongs to the claimed group and cannot know which member in the group specifically belongs to;
4) and an authorization stage: the user requests the access control server to issue a resource ticket by using the certificate acquired in the identity authentication stage;
5) a security access and audit stage: a user accesses a target sensor by using a resource ticket obtained in an authorization stage, and a log is generated for each security connection in a sensor stage and is sent to an access control server for auditing;
6) user revocation: after the life cycle of the user is over or the user has illegal behavior, the group membership of the user needs to be revoked; the access control server updates the group public key and issues a revocation transaction on the blockchain;
7) and a stage of accountability and dispute resolution: when a user has illegal behaviors against the access strategy, the legal mechanism and the access control server are used as arbitration mechanisms and cooperate through the block chain platform to use the respectively held partial open keys to uncover the identity of the signer.
CN201910245853.4A 2019-03-28 2019-03-28 Privacy protection access control method in IP-supported wireless sensor network Active CN109963282B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201910245853.4A CN109963282B (en) 2019-03-28 2019-03-28 Privacy protection access control method in IP-supported wireless sensor network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910245853.4A CN109963282B (en) 2019-03-28 2019-03-28 Privacy protection access control method in IP-supported wireless sensor network

Publications (2)

Publication Number Publication Date
CN109963282A CN109963282A (en) 2019-07-02
CN109963282B true CN109963282B (en) 2022-07-26

Family

ID=67025293

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201910245853.4A Active CN109963282B (en) 2019-03-28 2019-03-28 Privacy protection access control method in IP-supported wireless sensor network

Country Status (1)

Country Link
CN (1) CN109963282B (en)

Families Citing this family (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110502931B (en) * 2019-08-15 2021-05-04 广东工业大学 Block chain-based internet arbitration and privacy protection method
CN110572268B (en) * 2019-09-12 2021-06-15 腾讯科技(深圳)有限公司 Anonymous authentication method and device
CN110784488B (en) * 2019-11-07 2021-10-19 深圳职业技术学院 Controllable anonymous block chain system
CN111324881B (en) * 2020-02-20 2020-10-30 铭数科技(青岛)有限公司 Data security sharing system and method fusing Kerberos authentication server and block chain
CN112003705B (en) * 2020-08-12 2021-06-08 北京天融信网络安全技术有限公司 Identity authentication method and device based on zero-knowledge proof
CN112566106B (en) * 2020-12-11 2022-05-27 杭州叙简科技股份有限公司 Multi-network and multi-link equipment authentication method based on 5G
CN112887339B (en) * 2021-04-22 2021-07-13 杭州雅观科技有限公司 Distributed grouping management method of terminal equipment
CN113127910B (en) * 2021-04-30 2022-04-12 复旦大学 Controllable anonymous voting system based on block chain and decentralization traceable attribute signature

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20090098933A (en) * 2008-03-15 2009-09-18 고려대학교 산학협력단 Method for protecting location privacy in wireless sensor network, and wireless sensor network system and recording medium using thereof
CN103428692A (en) * 2013-08-07 2013-12-04 华南理工大学 Wireless access network authentication method and wireless access network authentication system capable of holding accountability and protecting privacy
CN107749836A (en) * 2017-09-15 2018-03-02 江苏大学 User oriented secret protection and the mobility aware system and its mobile awareness method of data reliability

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20090098933A (en) * 2008-03-15 2009-09-18 고려대학교 산학협력단 Method for protecting location privacy in wireless sensor network, and wireless sensor network system and recording medium using thereof
CN103428692A (en) * 2013-08-07 2013-12-04 华南理工大学 Wireless access network authentication method and wireless access network authentication system capable of holding accountability and protecting privacy
CN107749836A (en) * 2017-09-15 2018-03-02 江苏大学 User oriented secret protection and the mobility aware system and its mobile awareness method of data reliability

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
《无线传感器网络隐私保护关键技术研究》;赵宝康;《中国博士学位论文全文数据库》;20110415;全文 *
基于群密钥协商的无线传感器网络签名协议;于斌斌、武欣雨、初剑峰、胡亮;《吉林大学学报(工学版)》;20170531;全文 *

Also Published As

Publication number Publication date
CN109963282A (en) 2019-07-02

Similar Documents

Publication Publication Date Title
CN109963282B (en) Privacy protection access control method in IP-supported wireless sensor network
Xu et al. An identity management and authentication scheme based on redactable blockchain for mobile networks
Chatterjee et al. Secure biometric-based authentication scheme using Chebyshev chaotic map for multi-server environment
CN108964919B (en) Lightweight anonymous authentication method with privacy protection based on Internet of vehicles
Limbasiya et al. Advanced formal authentication protocol using smart cards for network applicants
Zhang et al. SMAKA: Secure many-to-many authentication and key agreement scheme for vehicular networks
Chattaraj et al. A new two-server authentication and key agreement protocol for accessing secure cloud services
Rasheed et al. Adaptive group-based zero knowledge proof-authentication protocol in vehicular ad hoc networks
Ghaffar et al. An improved authentication scheme for remote data access and sharing over cloud storage in cyber-physical-social-systems
JP2003536320A (en) System, method and software for remote password authentication using multiple servers
Xue et al. A distributed authentication scheme based on smart contract for roaming service in mobile vehicular networks
Arasan et al. Computationally efficient and secure anonymous authentication scheme for cloud users
Asghar et al. PRIMA: Privacy-preserving identity and access management at internet-scale
He et al. An accountable, privacy-preserving, and efficient authentication framework for wireless access networks
Xiong et al. A novel multiserver authentication scheme using proxy resignature with scalability and strong user anonymity
Tong et al. CCAP: A complete cross-domain authentication based on blockchain for Internet of things
Itoo et al. CKMIB: Construction of key agreement protocol for cloud medical infrastructure using blockchain
Rehman et al. A secure and improved multi server authentication protocol using fuzzy commitment
WO2008020991A2 (en) Notarized federated identity management
Tiwari et al. ACDAS: Authenticated controlled data access and sharing scheme for cloud storage
Xie et al. Provable secure and lightweight blockchain-based V2I handover authentication and V2V broadcast protocol for VANETs
Ghaffar et al. A lightweight and efficient remote data authentication protocol over cloud storage environment
Addobea et al. Secure multi-factor access control mechanism for pairing blockchains
Tang et al. Privacy-preserving authentication scheme based on zero trust architecture
Mao et al. BTAA: Blockchain and TEE Assisted Authentication for IoT Systems

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant