CN109963282B - Privacy protection access control method in IP-supported wireless sensor network - Google Patents
Privacy protection access control method in IP-supported wireless sensor network Download PDFInfo
- Publication number
- CN109963282B CN109963282B CN201910245853.4A CN201910245853A CN109963282B CN 109963282 B CN109963282 B CN 109963282B CN 201910245853 A CN201910245853 A CN 201910245853A CN 109963282 B CN109963282 B CN 109963282B
- Authority
- CN
- China
- Prior art keywords
- user
- group
- access control
- control server
- ticket
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/04—Key management, e.g. using generic bootstrapping architecture [GBA]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W84/00—Network topologies
- H04W84/18—Self-organising networks, e.g. ad-hoc networks or sensor networks
Abstract
The invention discloses a privacy protection access control method in an IP-supported wireless sensor network. The method applies a group signature technology to divide system users into different user groups according to different access authorities, and the group users use the group signature to carry out anonymous access to ensure the access privacy of user data and prevent the leakage of user behavior patterns. The method utilizes the group signature technology to divide users into different user groups according to different access rights, the group users generate group signatures to carry out identity authentication, anyone in the network can verify the correctness of the group signatures, but cannot know the identity of a signer; the identity authentication and authorization process of the Hidra protocol is improved by using a fake ticket mechanism and a self-updating ticket mechanism, and the unlinkability of protocol messages is ensured; the public key of the group is managed by using a block chain technology, so that the key management and the user revocation process of the Hidra protocol are more flexible; the block chain technology is used for improving the accountability mechanism, so that the accountability process is public and transparent, and the possible accountability disputes are solved.
Description
Technical Field
The invention belongs to the field of Internet of things security, and particularly relates to a privacy protection access control method in an IP-supported wireless sensor network.
Background
In recent years, thanks to the development of the 6LoWPAN standard, the problem of hindering the original combination of the sensor and the Internet is solved, the end-to-end communication between the Internet user and the node is really realized, and the application of the sensor network is promoted. But also introduces a new security crisis, and an attacker on the internet can more easily access the sensor nodes in a global addressing mode. Due to the high vulnerability of the wireless sensor network itself, such as limited device resources, complex deployment environment, etc., the wireless sensor network is easily targeted by many security attacks or is reduced to a tool for hackers to launch security attacks (for example, Mira forms a hundred thousand levels of botnet networks by internet of things devices, and has launched mad resource consumption attacks on krebson security, etc.). Thus, strict control must be exercised over the data access of the nodes. A basic access control solution contains at least three components: authentication, authorization and auditing. The authentication and authorization process means that the user needs to provide identity-related information to the target service, which in turn raises new security issues: user data access privacy. The access behavior of the user becomes a target of data collection, and the behavior pattern and preference of the user are summarized and obtained, so that the privacy security of the user is threatened. Therefore, in order to ensure the secure access of the wireless sensor network, strict control must be performed on the data of the access node without revealing the privacy of the user.
The following two problems mainly exist in implementing the conventional access control scheme in the wireless sensor network: 1) the sensor resources are limited: sensors, whether on the computational power, storage power, or affordable transmission overhead, are subject to strict resource constraints, making complex security mechanisms unusable. 2) Privacy disclosure: the access behavior of the user to the sensor service may be closely related to the privacy information of the user, such as social work, preference, and the like. Implementing access control requires a user to provide information such as identity for authentication. And a potential malicious listener collects and analyzes the user identity and the data access record, further acquires the privacy information of the user and threatens the security of the user.
The current privacy protection access control methods are roughly of two types, one is to hide the true identity of a user by introducing a cryptographic mechanism (such as group signature, ring signature, etc.), and the privacy security of the user is usually based on a difficult problem and has strong privacy security. These approaches lack feasibility considerations in constrained device scenarios. Another type of solution implements access control by introducing an absolutely trusted third party that stores a mapping table of the true identity and the pseudonym of the user, so that the user can authenticate and authorize by sending the pseudonym to the third party during the process of accessing data. However, the method completely trusts the privacy security of the user to the third party, and once the third party is attacked to cause data leakage, the data access privacy security of all the users is threatened. Blind trust of a third party may have more serious consequences, such as that the third party sells the data access records of the user privately, or hands over to a government agency, and the access tendency and privacy preference of the user are monitored.
Disclosure of Invention
The invention aims to provide a privacy protection access control method in an IP-supported wireless sensor network, which solves the problem of privacy protection of access control in the IP-supported wireless sensor network.
The purpose of the invention is realized by at least one of the following technical solutions.
The inventive method framework comprises system users, a blockchain network, a target sensor node and an access control server (access control server) and local Legal Authorities (LA) as third parties. In order to guarantee the access privacy of the users, the system users are divided into different groups according to different access control authorities, and the group users use group signatures to perform identity authentication. In the system setting stage, the access control server and the legal organization cooperate to generate a group key, wherein the group key is issued to the blockchain by the access control server, and the public key is managed by using the blockchain platform. And the new user executes the group adding operation by acquiring the corresponding group public key on the block chain.
The privacy protection access control method in the wireless sensor network supported by the IP is applied to the wireless sensor network supported by the IP, and the access control is based on Hidra protocol, so that the feasibility in the resource-limited environment is ensured; by utilizing the group signature technology, users are divided into different user groups according to different access authorities, group users generate group signatures for identity authentication, and anyone in a network can verify the correctness of the group signatures but cannot know the identity of a signer; the identity authentication and authorization process of the Hidra protocol is improved by using a fake ticket mechanism and a self-updating ticket mechanism, and the unlinkability of protocol messages is ensured; the public key of the group is managed by using a block chain technology, so that the key management and the user revocation process of the Hidra protocol are more flexible; the block chain technology is used for improving the accountability mechanism, so that the accountability process is public and transparent, and the possible accountability disputes are solved.
Furthermore, the method divides the opening key in the group signature into two parts which are generated and stored by two different arbitration mechanisms accessing the control server and the legal mechanism. Any party arbitration mechanism cannot independently open the group signature, and only when a user has illegal behaviors and needs to start the accountability process, the two arbitration mechanisms with the open key cooperate to open the group signature to reveal the identity of the signer.
Further, Hidra protocol is improved by using a self-updating ticket mechanism, the access control server encrypts a Ticket Granting Ticket (TGT) in a user authorization request message and sends the Ticket Granting Ticket (TGT) to a requesting user, and the user uses the updated ticket as a ticket of the next authorization request to ensure the non-connectivity of the two authorization processes. The Hidra protocol is improved by using a fake ticket mechanism, the access control server fills in the field of the original resource ticket by using invalid data, and the real resource ticket is carried and transmitted by using a new field for ensuring the integrity and confidentiality, so that the non-connectivity of an authorization process and a security access process is ensured.
Further, the generated group public key information is distributed to the blockchain by the access control server using the blockchain management group signature public key. When a user in the group needs to be revoked, the access control server issues a revocation transaction containing revocation information to the blockchain network and updates the group public key on the chain without broadcasting the revocation information and the updated public key to the non-revoked user.
In further embodiments, the method of the present invention comprises the following steps:
1) and (3) starting a system: the legal organization and the access control server generate a group public key for each user group;
2) the new user is added: a new user generates a member private key, and registers the member private key at an access control server to obtain a member identity certificate;
3) an identity authentication stage; the user generated group signature is authenticated at the access control server, which can only verify if the user belongs to the group it claims to be, and cannot know in particular which member of the group.
4) And (3) an authorization stage: and the user requests the access control server to issue the resource ticket by using the certificate acquired in the identity authentication stage.
5) Safety access and audit stage: a user accesses a target sensor by using a resource ticket obtained in an authorization stage, and a log is generated for each security connection in a sensor stage and is sent to an access control server for auditing;
6) and (3) user revocation: after the lifetime of the user is over or the user has illegal behavior, the group membership of the user needs to be revoked. The access control server updates the group public key and issues a revocation transaction on the blockchain;
7) and a stage of accountability and dispute resolution: when a user has illegal behaviors against the access strategy, the legal mechanism and the access control server are used as arbitration mechanisms and cooperate through the block chain platform to use the respectively held partial open keys to uncover the identity of the signer.
In the access control server, the group management related operations include: group key generation, user joining and revocation are performed by the Group Management Server (GMS). Authentication and issuance of ticket granting tickets is handled by an identity Authentication Server (AS). In the authorization phase, the identity authentication server extracts the group signature from the request message and then verifies the group signature with a group signature verifier (GMS). The group signature verifier returns a verification result to the identity authentication server. A ticket issuance server (TGS) is responsible for authorizing and issuing resource tickets. An accountability Administrator (ACM) performs auditing and accountability operations.
The invention is based on an enhanced version Kerberos protocol-Hidra access control protocol, and combines a group signature technology to ensure the anonymity of a user and the unlinkability of protocol messages in the protocol authentication process. In addition, the method of the invention combines the block chain technology to improve the traditional accountability mechanism, so that the accountability process can be open and transparent, and the disputes which may exist are solved.
Drawings
Fig. 1 is a block diagram of a privacy-preserving access control method in an IP-supported wireless sensor network according to an embodiment.
Fig. 2 is a protocol flow diagram in an embodiment.
FIG. 3 is a flowchart of the accountability mechanism in an embodiment.
Detailed Description
Embodiments of the present invention will be further described with reference to the accompanying drawings and examples, but the practice and protection of the invention are not limited thereto, and it is noted that the following procedures or symbols, which are not specifically described in detail, can be implemented or understood by those skilled in the art with reference to the prior art.
Referring to fig. 1, a privacy protection access control method in an IP-supported wireless sensor network is implemented as follows.
Description of the symbols:
u: registered users of a wireless sensor network having access to specific sensor nodes in the network
IK: issuing a secret key, the access control server using the secret key to issue a group member identification to the registered user
OK: opening a key that contains two parts { ξ 1 ,ξ 2 These two parts are generated by the access control server and the legal authorities, respectively.
e X : elliptic curve diffie-hellman private key of entity X (entities such as access control server, user, etc.). For example, the elliptic curve diffie-hellman private key of user U is e U 。
E X : elliptic curve diffie-hellman public key for entity X (entities such as access control server, user, etc.)
gsk: group private key
gpk: group public key
UK: user key generated and stored by registered user for generating group signature for identity authentication
UCert: group member identification
Cert: personal identification certificate for registered user
upk: public key corresponding to registered user personal identity certificate
usk: private key corresponding to personal identity certificate of registered user
ACS access control server
And AS: identity authentication server in access control server
And (4) TGS: ticket granting server in access control server
σ: registered user generated group signatures
GID j : group identification of jth user group
BCAddr X : block chain address of entity X (entity such as access control server, user, etc.)
ESK X,y : elliptic curve diffie-hellman based temporary session key between entities X and Y (access control server, user, etc.)
K X,y : shared secret between entities X and Y (entities such as access control server, user, etc.)
K X : shared key between entity X (user, etc.) and access control server
Ith value of one-way keychain to provide freshness proof of communication messages between entities X and Y (access control server, user, etc. entities)
Subkey: session keys between the user and the sensor nodes.
Step 1: system start-up
An access control server generates a group public key, a partial open key and an elliptic curve diffie-hellman (ECDH) public and private key pair (E) for each user group ACS ,e ACS ) Wherein the elliptic curve diffie-hellman public key E ACS As part of the group public key release, the access control server invokes an intelligent contract to store the group public key on the blockchain. Since the access control server can not know the true identity of the requesting user in the access control process and can not preset the session key between the access control server and each user, the method uses a key negotiation algorithm based on elliptic curve diffie-hellman to establish the temporary session key (ESK) of the access control server and the requesting user U,ACS 。
Specifically, the procedure of accessing the control server is as follows:
1)andis a bilinear group of three orders of prime p, G 1 K isTwo independent generators of G 2 Is composed ofThe generator of (2). Psi isToOne-way isomorphic mapping of: psi (G) 2 )=G 2 。 Is an efficient bilinear map.
3) Generating Diffie-Hellman keysThe IK is referred to as an issuance key and is used to issue group member identification and a user member key. ComputingAs the public key for IK correspondence.
5) Selecting random numbersCalculating elliptic curve diffie-hellman public key E as elliptic curve diffie-hellman private key ACS =e ACS ×K。
The legal authorities perform the following procedures:
1) generating a partial opening key ξ 2 Calculating the corresponding public key G ═ K ξ2 。
2) And sending the G to the access control server.
After this stage, a group public key gpk and a group private key gsk (including the issuance key IK, the opening key OK, and the ECDH private key e) are generated ACS ). The method comprises the following specific steps:
——gsk={IK,OK,e ACS }
--OK={ξ 1 ,ξ 2 }
after the complete public key is generated, the access control server calls an intelligent contract to store the public key to the block chain.
Step two: new user joining
Before applying for joining a user group, a new user U needs to be registered with its true identity, assuming that each user U has obtained a personal authentication public key and an associated private key (upk, usk). When applying for joining a certain user group, he must verify to the access control server that he is a registered legitimate user, to obtain his group member certificate and user key, the procedure is as follows:
1) the group public key is obtained from the blockchain.
3) Calculating extractable commitment c-g UK 。
4) Generating zero knowledge proof NIZKPEqDL: selecting a random number r ∈ R (Z \ nZ), calculating R 1 =g r mod n 2 ,R 2 =H r ,h=Hash(g,n 2 ,c,C,H,R 1 ,R 2 ),s=r-h·UK。
5) And sending { C, C, h, s } to the access control server through a secure channel.
The NIZKPEqDL in step (4) is a zero knowledge proof, and the extractable commitment in step (3) is a knowledge proof: the user U knows the user key UK.
Upon receiving the message, the access control server will perform the following:
1) verification of zero knowledge proof NIZKPEqDL: calculation of R 1 =g s ·c h mod n 2 ,R 2 =H s ·C h And verifies whether the challenge value h is correct.If the verification is successful, generating a certificate UCert for the user U; otherwise the procedure is terminated.
2) SelectingAnd calculating a ═ G 1 ·C) 1/(IK+x) . The group membership card of user U is UCert ═ (a, x).
3) Calculating B-e (G) 1 ·C,G 2 )/e(A,W),D=e(A,G 2 ),T 1 =B IK and T 2 =D IK . Generating NIZKPoKDL (B, D): selectingCalculating the temporary variable s-r-c.x
4) The { A, T, s } is sent over the secure channel to user U, where A is the left half of the group membership identification.
NIZKPoKDL (B, D) is a discrete log zero knowledge proof of knowledge that B is based on D.
After receiving the message, the access control server executes the following processes:
2) If the challenge value h is correct, the user U signs the A by using the personal private key usk to generate a digital signature S, and S is equal to Sign usk (A) The doublet (Cert, S) is sent to the access control server.
The access control server verifies the validity of the Cert and extracts the left half a' of the signed group membership certificate from the digital signature S. If the certificate Cert is valid, and a' ═ a. The access control server registers user U in the database and then sends the right half x of the group membership identification to user U over the secure channel. User U saves the group membership identification { UCert (A, x), UK }.
Step three: identity authentication phase
In the authentication phase, the user generates a group signature using the user key to authenticate the access control server. It can only check whether the requester is a member of the corresponding group and cannot identify which user is specific. If the check is successful, the identity authentication server issues a Ticket Granting Ticket (TGT) to the requester through the block chain. The operation of this stage is as follows (the subscript n of the symbol is used only to distinguish it from the temporary variable symbol used in the previous stage):
the user side executes the following steps:
1) user generated disposable block chain address BCAddr U (ii) a Selecting a random numberAs the ECDH private key of the user U, the subscript U refers to the user side parameter, and the corresponding public key E is calculated U =e U xK (K is the public key parameter generated in step one). GeneratingRequest message M n Group identification GID containing the jth user group j Identification ID of Ticket Granting Server (TGS) in access control server TGS The life cycle Lifecime of the ticket granting ticket, and the disposable block chain address BCAddr of the user U U And E for establishing and accessing a temporary session key between the control servers U 。
3) Generating { alpha n ,β n Demonstration of UCert }: random selection(the subscripts α, β, x, y, z are used only to distinguish individual random numbers, n is used to distinguish temporary variables used in the system setup phase); and (3) calculating:c n =Hash(M n ,T 1,n ,T 2,n ,T 3,n ,R 1,n ,R 2,n ,R 3,n );
and (3) calculating:
s α,n =r α,n +c n ·α n mod p,s β,n =r β,n +c n ·β n mod p,s x,n =r x,n +c n ·x mod p,s y,n =r y,n +c n ·y n mod p and s z,n =r z,n +c n ·z n mod p where y n =x·β n mod p,z n =x·α n +UK mod p。
4) generating a group signature σ (T) 1,n ,T 2,n ,T 3,n ,c n ,s α,n ,s β,n ,s x,n ,s y,n ,s z,n )。
5) And randomly selecting a disposable blockchain address, packaging the request message into a transaction, and sending the transaction to a blockchain address of the access control server.
An authentication server in an access control server monitors all transactions addressed to a local blockchain address, extracts a group signature sigma therefrom n And sent to a Group Signature Verifier (GSV) for verification, as follows:
If the verification is successful, the identity authentication server generates a temporary Identity (ID) for the requester, the identity is valid only in the lifetime of the ticket granting, and the identity authentication server stores the temporary identity in an active connection information database.
The identity authentication server provides the ticket granting ticket, the temporary identity and the secret key K for the requester U,TGS Examples of (session keys of user U and ticket granting server TGS) so that the user can communicate with the ticket granting server TGS. The identity authentication server uses the ESK u,ACS =E U ×e ACS And encrypting the identity authentication reply message HID _ AS _ REP, and sending the encrypted reply message to the disposable blockchain address of the requester through the blockchain network.
Step four: authorisation phase
After the last stage is completed, user U obtains the ticket granting ticket and his temporary identity, and nobody knows his real identity in the whole process, including the access control server. And an identity authentication server. At this stage, as in fig. 2, user U applies for a resource ticket by sending a HID _ TGS _ REQ authorization request message to the Ticket Granting Server (TGS) of the access control server. To support service access unlinkability and exchange untraceability, two mechanisms are used to modify the HID _ TGS _ REP message of the TGS response requester, a self-updating ticket granting ticket mechanism and a fake ticket mechanism. With respect to the former, the ticket granting ticket generates a new ticket granting ticket for the requestor that is embedded in a new type field called PA-SR-TGT (supported by Kerberos v 5), carried in the PA-PRIV field in the HID _ TGS _ REP message. On the other hand, the original resource TICKET field is filled with invalid numbers, the actual resource TICKET is embedded in a new field called PA-TICKET and contained in the PA-PRIV field, and the PA-PRIV field provides integrity, confidentiality and anti-replay attacks, so that an attacker cannot establish any contact for subsequent message exchange.
Step five: secure access and audit phase
After obtaining the resource ticket, the user may initiate a service request to the restricted device, and send the resource ticket to the device providing the service through the message HID _ U _ R _ REQ. If the device verifies that the resource ticket is valid, it can determine that the requester has passed the authentication and authorization, and send a message HID _ U _ S _ REP back to the requester to establish the security association. For further service requests, the device will check the policy instance against the requested action to match the appropriate rule, performing local access control. In the subsequent service providing process, the device and the requester use the session key secret key encryption transmission in the message HID _ U _ R _ REQ to ensure the end-to-end communication security. In addition, each resource access request may trigger a message HID _ S _ IND to send an activity log to the access control server. Upon receipt by the access control server, the log is associated with the user's signature based on the user's temporary identity in the message and the entry is stored for logging, tracking, billing and further auditing purposes. After receiving the information HID _ S _ ACK returned by the access control server, the equipment deletes the log cache to prevent the storage overflow.
Step six: user revocation
When the lifetime of the user is over or the improper behavior is cancelled, the access control server needs to be updatedCommon parameters of the group and the identity cards of the group members that are not revoked. Assume to have membership card UCer m =(A m ,x m ) To be revoked, the access control server will perform the following revocation procedure:
1) updating the group public key:
2) calling the withdrawal function of the intelligent contract, and sending the withdrawal function containing x r The corresponding group public key on the chain is modified. Assuming that the user U, who is not revoked, listens to the revocation transaction, he will perform the following operations:
1) obtaining the updated group public key on the chain to update the locally cached group public key
2) Based on the updated group public key and the revocation parameter x in the revocation transaction r Updating the identity:
4) signing using private key upkSending the signed result to the access controllerAnd (5) making a server.
After the access control server receives the user's updated identification signature,
Step seven: stage of accountability and dispute resolution
If the user action violates the network access policy, the access control server and legal authorities will collaborate to revoke the anonymity of the group signature, as shown in FIG. 3 by means of blockchain techniques to reveal the signer identity in a publicly transparent manner.
When a user acts illegally, the system needs to uncover the real identity of the user to investigate the responsibility of the user. The accountability process is as follows:
1) access control server uses its own partial opening key ξ 1 Computing(See step three), calculate V 1 Hash value of h (V) 1 ) Invoking the accountability function in the intelligent contract to convert h (V) 1 ) As a commitment to the blockchain. Similarly, the legal organization uses its own private key xi 2 Computing(See step three), calculate V 2 Hash value of h (V) 2 ) Call outThe accountability function in the intelligent contract is h (V) 2 ) As a commitment to be released onto the blockchain.
2) The control server to be accessed and the legal institution detect that both sides have submitted the commitment, and call the intelligent contracts to respectively submit V 1 、V 2 . The access control server calculates the group member identity A of the signer s =T 3,n ×V 1 ×V 2 (A s Identification of group members for signers, T 3,n See step three).
3) The access control server searches A in the user registration database s Corresponding to the true identity of the user, A s User identity and user pair A s Signature Sign of (1) usk (A s ) And issuing to the block chain.
The above-mentioned procedures are preferred embodiments of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention shall be covered by the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the protection scope of the claims.
Claims (4)
1. The privacy protection access control method in the wireless sensor network supported by the IP is characterized in that the privacy protection access control method is applied to the wireless sensor network supported by the IP, and the access control is based on a Hidra protocol to ensure the feasibility in a resource limited environment; the users are divided into different user groups according to different access rights, the group users generate group signatures by using a group signature technology for identity authentication, and anyone in a network can verify the correctness of the group signatures but cannot know the identity of a signer; the identity authentication and authorization process of the Hidra protocol is improved by using a fake ticket mechanism and a self-updating ticket mechanism, and the unlinkability of protocol messages is ensured; the public key of the group is managed by using a block chain technology, so that the key management and the user revocation process of the Hidra protocol are more flexible; the block chain technology is utilized to improve the accountability mechanism, so that the accountability process is public and transparent, and possible accountability disputes are solved; the Hidra protocol is improved by using a self-updating ticket mechanism, the access control server encrypts a ticket granting ticket in a user authorization request message and sends the ticket granting ticket to a requesting user, and the user uses the updated ticket as a certificate of the next authorization request to ensure the unlinkability of the two authorization processes; the Hidra protocol is improved by using a fake ticket mechanism, the access control server fills in the field of the original resource ticket by using invalid data, and the real resource ticket is carried and transmitted by using a new field for ensuring integrity and confidentiality, so that the unlinkability of an authorization process and a secure access process is ensured.
2. The privacy protection access control method in an IP-supported wireless sensor network according to claim 1, characterized in that: dividing an opening key in the group signature into two parts, and generating and storing the two parts by two different arbitration mechanisms accessing a control server and a legal mechanism; any party arbitration mechanism cannot independently open the group signature, and only when a user has illegal behaviors and needs to start the accountability process, the two arbitration mechanisms with the open key cooperate to open the group signature to reveal the identity of the signer.
3. The privacy-preserving access control method in an IP-supported wireless sensor network as claimed in claim 1, managing a group signature public key using a blockchain, publishing the generated group public key information to the blockchain by an access control server; when a user in the group needs to be revoked, the access control server issues a revocation transaction containing revocation information to the blockchain network and updates the group public key on the chain without broadcasting the revocation information and the updated public key to the non-revoked user.
4. The privacy protection access control method in an IP-supported wireless sensor network according to claim 1, characterized in that: the method comprises the following execution flows:
1) starting a system: a legal organization and an access control server generate a group public key for each user group;
2) the new user is added: the new user generates a member private key, and registers the member private key at the access control server to obtain a member identity certificate;
3) an identity authentication stage; the user generates a group signature to carry out identity authentication at an access control server, and the access control server can only verify whether the user belongs to the claimed group and cannot know which member in the group specifically belongs to;
4) and an authorization stage: the user requests the access control server to issue a resource ticket by using the certificate acquired in the identity authentication stage;
5) a security access and audit stage: a user accesses a target sensor by using a resource ticket obtained in an authorization stage, and a log is generated for each security connection in a sensor stage and is sent to an access control server for auditing;
6) user revocation: after the life cycle of the user is over or the user has illegal behavior, the group membership of the user needs to be revoked; the access control server updates the group public key and issues a revocation transaction on the blockchain;
7) and a stage of accountability and dispute resolution: when a user has illegal behaviors against the access strategy, the legal mechanism and the access control server are used as arbitration mechanisms and cooperate through the block chain platform to use the respectively held partial open keys to uncover the identity of the signer.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910245853.4A CN109963282B (en) | 2019-03-28 | 2019-03-28 | Privacy protection access control method in IP-supported wireless sensor network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910245853.4A CN109963282B (en) | 2019-03-28 | 2019-03-28 | Privacy protection access control method in IP-supported wireless sensor network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN109963282A CN109963282A (en) | 2019-07-02 |
CN109963282B true CN109963282B (en) | 2022-07-26 |
Family
ID=67025293
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910245853.4A Active CN109963282B (en) | 2019-03-28 | 2019-03-28 | Privacy protection access control method in IP-supported wireless sensor network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109963282B (en) |
Families Citing this family (8)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110502931B (en) * | 2019-08-15 | 2021-05-04 | 广东工业大学 | Block chain-based internet arbitration and privacy protection method |
CN110572268B (en) * | 2019-09-12 | 2021-06-15 | 腾讯科技(深圳)有限公司 | Anonymous authentication method and device |
CN110784488B (en) * | 2019-11-07 | 2021-10-19 | 深圳职业技术学院 | Controllable anonymous block chain system |
CN111324881B (en) * | 2020-02-20 | 2020-10-30 | 铭数科技(青岛)有限公司 | Data security sharing system and method fusing Kerberos authentication server and block chain |
CN112003705B (en) * | 2020-08-12 | 2021-06-08 | 北京天融信网络安全技术有限公司 | Identity authentication method and device based on zero-knowledge proof |
CN112566106B (en) * | 2020-12-11 | 2022-05-27 | 杭州叙简科技股份有限公司 | Multi-network and multi-link equipment authentication method based on 5G |
CN112887339B (en) * | 2021-04-22 | 2021-07-13 | 杭州雅观科技有限公司 | Distributed grouping management method of terminal equipment |
CN113127910B (en) * | 2021-04-30 | 2022-04-12 | 复旦大学 | Controllable anonymous voting system based on block chain and decentralization traceable attribute signature |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20090098933A (en) * | 2008-03-15 | 2009-09-18 | 고려대학교 산학협력단 | Method for protecting location privacy in wireless sensor network, and wireless sensor network system and recording medium using thereof |
CN103428692A (en) * | 2013-08-07 | 2013-12-04 | 华南理工大学 | Wireless access network authentication method and wireless access network authentication system capable of holding accountability and protecting privacy |
CN107749836A (en) * | 2017-09-15 | 2018-03-02 | 江苏大学 | User oriented secret protection and the mobility aware system and its mobile awareness method of data reliability |
-
2019
- 2019-03-28 CN CN201910245853.4A patent/CN109963282B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR20090098933A (en) * | 2008-03-15 | 2009-09-18 | 고려대학교 산학협력단 | Method for protecting location privacy in wireless sensor network, and wireless sensor network system and recording medium using thereof |
CN103428692A (en) * | 2013-08-07 | 2013-12-04 | 华南理工大学 | Wireless access network authentication method and wireless access network authentication system capable of holding accountability and protecting privacy |
CN107749836A (en) * | 2017-09-15 | 2018-03-02 | 江苏大学 | User oriented secret protection and the mobility aware system and its mobile awareness method of data reliability |
Non-Patent Citations (2)
Title |
---|
《无线传感器网络隐私保护关键技术研究》;赵宝康;《中国博士学位论文全文数据库》;20110415;全文 * |
基于群密钥协商的无线传感器网络签名协议;于斌斌、武欣雨、初剑峰、胡亮;《吉林大学学报(工学版)》;20170531;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN109963282A (en) | 2019-07-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN109963282B (en) | Privacy protection access control method in IP-supported wireless sensor network | |
Xu et al. | An identity management and authentication scheme based on redactable blockchain for mobile networks | |
Chatterjee et al. | Secure biometric-based authentication scheme using Chebyshev chaotic map for multi-server environment | |
CN108964919B (en) | Lightweight anonymous authentication method with privacy protection based on Internet of vehicles | |
Limbasiya et al. | Advanced formal authentication protocol using smart cards for network applicants | |
Zhang et al. | SMAKA: Secure many-to-many authentication and key agreement scheme for vehicular networks | |
Chattaraj et al. | A new two-server authentication and key agreement protocol for accessing secure cloud services | |
Rasheed et al. | Adaptive group-based zero knowledge proof-authentication protocol in vehicular ad hoc networks | |
Ghaffar et al. | An improved authentication scheme for remote data access and sharing over cloud storage in cyber-physical-social-systems | |
JP2003536320A (en) | System, method and software for remote password authentication using multiple servers | |
Xue et al. | A distributed authentication scheme based on smart contract for roaming service in mobile vehicular networks | |
Arasan et al. | Computationally efficient and secure anonymous authentication scheme for cloud users | |
Asghar et al. | PRIMA: Privacy-preserving identity and access management at internet-scale | |
He et al. | An accountable, privacy-preserving, and efficient authentication framework for wireless access networks | |
Xiong et al. | A novel multiserver authentication scheme using proxy resignature with scalability and strong user anonymity | |
Tong et al. | CCAP: A complete cross-domain authentication based on blockchain for Internet of things | |
Itoo et al. | CKMIB: Construction of key agreement protocol for cloud medical infrastructure using blockchain | |
Rehman et al. | A secure and improved multi server authentication protocol using fuzzy commitment | |
WO2008020991A2 (en) | Notarized federated identity management | |
Tiwari et al. | ACDAS: Authenticated controlled data access and sharing scheme for cloud storage | |
Xie et al. | Provable secure and lightweight blockchain-based V2I handover authentication and V2V broadcast protocol for VANETs | |
Ghaffar et al. | A lightweight and efficient remote data authentication protocol over cloud storage environment | |
Addobea et al. | Secure multi-factor access control mechanism for pairing blockchains | |
Tang et al. | Privacy-preserving authentication scheme based on zero trust architecture | |
Mao et al. | BTAA: Blockchain and TEE Assisted Authentication for IoT Systems |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |