CN110855435B - Access control method based on attribute cryptosystem in wireless sensor network - Google Patents

Access control method based on attribute cryptosystem in wireless sensor network Download PDF

Info

Publication number
CN110855435B
CN110855435B CN201911114810.9A CN201911114810A CN110855435B CN 110855435 B CN110855435 B CN 110855435B CN 201911114810 A CN201911114810 A CN 201911114810A CN 110855435 B CN110855435 B CN 110855435B
Authority
CN
China
Prior art keywords
cluster head
base station
data
data user
head node
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911114810.9A
Other languages
Chinese (zh)
Other versions
CN110855435A (en
Inventor
李伟
张彤
司敬
张永静
郑春一
朱英泮
李同宇
李景田
徐海
姚帅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Jinghang Computing Communication Research Institute
Original Assignee
Beijing Jinghang Computing Communication Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Jinghang Computing Communication Research Institute filed Critical Beijing Jinghang Computing Communication Research Institute
Priority to CN201911114810.9A priority Critical patent/CN110855435B/en
Publication of CN110855435A publication Critical patent/CN110855435A/en
Application granted granted Critical
Publication of CN110855435B publication Critical patent/CN110855435B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/101Access control lists [ACL]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • H04L9/3066Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy involving algebraic varieties, e.g. elliptic or hyper-elliptic curves
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/009Security arrangements; Authentication; Protecting privacy or anonymity specially adapted for networks, e.g. wireless sensor networks, ad-hoc networks, RFID networks or cloud networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W84/00Network topologies
    • H04W84/18Self-organising networks, e.g. ad-hoc networks or sensor networks

Abstract

The invention belongs to the technical field of data encryption and decryption in a wireless sensor network, and particularly relates to an access control method based on an attribute cryptosystem in the wireless sensor network. In order to enable data users authenticated by a base station and a sensor node to access real-time data of the sensor node, different types of data users can be endowed with different access rights, and users who do not pass authentication do not have access rights to the data, the method comprises the following steps: in a wireless sensor network, deploying sensor nodes and cluster head nodes in advance; establishing a safety channel among the sensor node, the cluster head node and the base station; the data user registers in the base station, and the base station generates an access structure and an intelligent card for the data user; the data user logs in the wireless sensor network, and the identity of the data user is authenticated by the base station and the cluster head node together; the cluster head node encrypts real-time data, and the data user decrypts the data. Compared with the prior art, the invention ensures the data security and improves the efficiency of data access control.

Description

Access control method based on attribute cryptosystem in wireless sensor network
Technical Field
The invention belongs to the technical field related to data encryption and decryption in a wireless sensor network, and particularly relates to an access control method based on an attribute cryptosystem in the wireless sensor network.
Background
As early as the nineties of the 20 th century, american businesses have written text indicating that wireless sensor networks will become one of the most important technologies in the 21 st century. China also points out that the wireless sensor network is a core technology which needs key breakthrough in China in the long-term planning (outline) in 2020. With the continuous progress of microelectronic technology and wireless communication technology, the functions of information acquisition, data processing, communication and the like are integrated in a tiny volume, which further promotes the rapid development of multifunctional sensors. The wireless sensor network consists of a large number of miniature sensors deployed in a monitoring area, wireless communication is carried out among sensor nodes, and information is exchanged to form the network in a self-organizing mode. The data monitored by the nodes are transmitted in a hop-by-hop mode through other nodes. In this process, the monitoring data may be processed by a plurality of relay nodes, and the data is transmitted to the base station after passing through a multi-hop route, and finally reaches the data user through the internet or other communication links. For a large-scale network, a clustering and layering mode can be adopted to divide the sensor nodes in the network into a plurality of cluster structures. Each cluster is provided with a cluster head node for collecting data collected by all nodes in the cluster, and the data are transmitted to a base station after the data are fused by the cluster head nodes.
In recent years, with the diversification of wireless sensor network applications, user access control to data in a network becomes a hot issue. In a wireless sensor network, an authenticated user allows access to data. Through an effective access control mechanism, correct information and access rights of different service resources can be provided for the authenticated user. While different types of users may be given different access rights through appropriate user authentication. In application scenarios such as healthcare and battlefield monitoring, real-time monitoring by experts is of great importance. Thus, the real-time data perceived by the sensors needs to be monitored directly by the authenticated user when necessary. The user must authenticate specific access rights through the base stations and sensor nodes in the network before being allowed access to sensitive real-time data.
Therefore, it is necessary to invent an access control method in a wireless sensor network, which enables data users authenticated by a base station and a sensor node to access real-time data of the sensor node, and different types of data users can be given different access rights, while users who do not pass authentication do not have access rights to data. The access control method has higher access control efficiency on the premise of ensuring data security.
Disclosure of Invention
Technical problem to be solved
The technical problem to be solved by the invention is as follows: how to provide an access control method based on an attribute cryptosystem in a wireless sensor network.
(II) technical scheme
In order to solve the above technical problem, the present invention provides an access control method based on an attribute cryptosystem in a wireless sensor network, which comprises the following steps:
step 1: in a wireless sensor network, sensor nodes and cluster head nodes are deployed in advance;
step 2: establishing a safety channel among the sensor node, the cluster head node and the base station;
and step 3: the data user registers in the base station, and the base station generates an access structure and an intelligent card for the data user;
and 4, step 4: the data user logs in the wireless sensor network, and the identity of the data user is authenticated by the base station and the cluster head node together;
and 5: the cluster head node encrypts real-time data and transmits the encrypted data to the data users.
Wherein the step 1 comprises:
step 11: based on an elliptic curve group constructed by super-singular curves in a finite field, a base station generates related network parameters in a wireless sensor network;
step 12: the base station loads the relevant network parameters into the memory of each cluster head node.
Wherein the relevant network parameters include:
the base station randomly selects a large prime number not less than 160 bits as the order of the elliptic curve group;
selecting a random number on the elliptic curve group to correspond to each attribute element in the attribute space;
the base station selects unique identifiers for each cluster head node and each sensor node;
wherein the attribute space is a set composed of all attribute elements of all wireless sensors in the wireless sensor network.
In the step 2, once the sensor node is deployed successfully, the sensor node locates adjacent nodes within the communication range; the cluster head nodes position adjacent sensor nodes in respective clusters and also position other cluster head nodes in the communication range of the cluster head nodes; in order to realize safe communication between the sensor node and the cluster head node of the cluster where the sensor node is located and other sensor nodes, a session key needs to be established between the nodes; thus, a session key is established between the sensor node and the cluster head node; therefore, the sensor node can safely communicate with the adjacent nodes and the cluster head node, and the cluster head node can safely communicate with other cluster head nodes and the base station.
Wherein the step 3 comprises:
step 31: the data user generates registration request information by the unique identifier, the password and the random number through composite operation and sends the registration request information to the base station;
step 32: after receiving registration request information of a data user, a base station generates an access structure for the data user, wherein the access structure is a logic expression composed of attribute elements in an attribute space and is represented by an access tree, leaf nodes of the access tree represent the attribute elements, non-leaf nodes represent a threshold, and the base station constructs a polynomial for each node in the access tree by utilizing the Lagrange interpolation theorem;
step 33: and the base station stores the relevant network parameters, the access structure, the registration timestamp of the data user, the guide time and the expiration time information of all cluster head nodes into the intelligent card and sends the intelligent card to the data user.
Wherein the step 4 comprises:
step 41: the data user inserts the intelligent card into a card reader of a specific terminal, inputs the unique identifier and the password of the data user, the intelligent card verifies the unique identifier and the password, and if the verification fails, the flow is terminated; if the authentication is passed, the smart card generates partial login information containing the unique identifier and the password of the data user; the data user selects a cluster head node which the data user wants to access, and the cluster head node and part of login information generated by the intelligent card form complete login information which is sent to the base station by the data user;
step 42: after receiving the login information, the base station firstly performs identity authentication, and if the login information does not pass, the flow is terminated; if the authentication is passed, the base station sends authentication information to the corresponding cluster head node, the cluster head node performs identity authentication again, and if the authentication is not passed, the flow is terminated; and if the authentication is passed, confirming that the data user is to access the real-time data provided by the cluster head node.
In step 41, the login information is encrypted by the data user through a symmetric encryption algorithm using a session key generated when the secure channel is established, and then sent to the base station.
In step 42, after receiving the login information, the base station decrypts the login information by using the session key through a symmetric decryption algorithm to obtain the login information; after the base station passes the authentication, the base station encrypts the login information by using a session key through a symmetric encryption algorithm and then sends the encrypted login information to the corresponding cluster head node;
and after receiving the login information, the cluster head node decrypts the login information by using the session key through a symmetric decryption algorithm to obtain the login information.
Wherein the step 5 comprises:
step 51: the cluster head node generates a symmetric key by using the unique identifier of the cluster head node, the unique identifier of the data user, the guide time of the cluster head node and the registration timestamp of the data user, and encrypts real-time data by using a symmetric encryption algorithm to generate a ciphertext;
step 52: the cluster head node calculates and generates a correlation value for each attribute element in the attribute set by using the random number stored in the memory of the cluster head node, records a timestamp when the correlation value is generated, and takes the timestamp as the timestamp of the cluster head node; then, the correlation value, the ciphertext generated by encrypting in real time in the step 51 and the timestamp of the cluster head node are sent to the data user;
step 53: after receiving the information sent by the cluster head node in step 52, the data user first verifies the message authentication code thereof by using a hash algorithm to ensure the integrity of the message, and if the verification fails, the flow is terminated; if the verification is passed, the data user utilizes the access structure of the data user and the correlation value of the attribute elements in the attribute set of the cluster head node to calculate, recovers the symmetric key, and utilizes a symmetric decryption algorithm to obtain the data plaintext.
Wherein, the calculation process in the step 53 is as follows: the leaf nodes of the access tree are processed from bottom to top and finally reach the root node of the access tree, so that the symmetric key is recovered, and then the data user obtains the data plaintext by using a symmetric decryption algorithm, so that the real-time data of the cluster head node which the data user wants to access is obtained.
(III) advantageous effects
Compared with the prior art, the access control method based on the attribute cryptosystem in the wireless sensor network can enable data users authenticated by the base station and the sensor nodes to access real-time data of the sensor nodes, different types of data users can be endowed with different access rights, and users who do not pass authentication do not have the right to access the data. According to the scheme, the data user can efficiently and safely access the real-time data in the wireless sensor network.
It has the following beneficial effects:
(1) the attribute-based cryptosystem is applied to the wireless sensor network, so that different types of data users are endowed with specific access rights according to different access structures, and the access control mechanism is more flexible;
(2) a data user jointly authenticated by the base station and the sensor node can efficiently and safely access real-time data of a specific cluster head node in the wireless sensor network.
Drawings
FIG. 1 is a flow chart of the method according to the present invention.
Fig. 2 is a schematic diagram of a network structure according to the technical solution of the present invention.
Detailed Description
In order to make the objects, contents, and advantages of the present invention clearer, the following detailed description of the embodiments of the present invention will be made in conjunction with the accompanying drawings and examples.
In order to solve the problems in the prior art, the present invention provides an access control method based on an attribute cryptosystem in a wireless sensor network, which is characterized in that, as shown in fig. 1 and fig. 2, the method comprises the following steps:
step 1: in a wireless sensor network, sensor nodes and cluster head nodes are deployed in advance;
step 2: establishing a safety channel among the sensor node, the cluster head node and the base station;
and step 3: the data user registers in the base station, and the base station generates an access structure and an intelligent card for the data user;
and 4, step 4: the data user logs in the wireless sensor network, and the identity of the data user is authenticated by the base station and the cluster head node together;
and 5: the cluster head node encrypts real-time data and transmits the encrypted data to the data users.
Wherein the step 1 comprises:
step 11: based on an elliptic curve group constructed by super-singular curves in a finite field, a base station generates related network parameters in a wireless sensor network;
step 12: the base station loads the relevant network parameters into the memory of each cluster head node.
Wherein the relevant network parameters include:
the base station randomly selects a large prime number not less than 160 bits as the order of the elliptic curve group;
selecting a random number on the elliptic curve group to correspond to each attribute element in the attribute space;
the base station selects unique identifiers for each cluster head node and each sensor node;
the base station generates a master key for each cluster head node and each sensor node;
wherein the attribute space is a set composed of all attribute elements of all wireless sensors in the wireless sensor network.
In the step 2, once the sensor node is deployed successfully, the sensor node locates adjacent nodes within the communication range; the cluster head nodes position adjacent sensor nodes in respective clusters and also position other cluster head nodes in the communication range of the cluster head nodes; in order to realize safe communication between the sensor node and the cluster head node of the cluster where the sensor node is located and other sensor nodes, a session key needs to be established between the nodes; therefore, a session key is established between the sensor node and the cluster head node by using the existing key establishment scheme; therefore, the sensor node can safely communicate with the adjacent nodes and the cluster head node, and the cluster head node can safely communicate with other cluster head nodes and the base station.
Wherein the step 3 comprises:
step 31: the data user generates registration request information by the unique identifier, the password and the random number through compound operation including operations such as Hash and connection and the like, and sends the registration request information to the base station through a secure channel;
step 32: after receiving registration request information of a data user, a base station generates an access structure for the data user, wherein the access structure is a logic expression composed of attribute elements in an attribute space and is represented by an access tree, leaf nodes of the access tree represent the attribute elements, non-leaf nodes represent a threshold, and the base station constructs a polynomial for each node in the access tree by utilizing the Lagrange interpolation theorem;
step 33: and the base station stores the relevant network parameters, the access structure, the registration timestamp of the data user, the guide time and the expiration time information of all cluster head nodes into the intelligent card and sends the intelligent card to the data user.
Wherein the step 4 comprises:
step 41: the data user inserts the intelligent card into a card reader of a specific terminal, inputs the unique identifier and the password of the data user, the intelligent card verifies the unique identifier and the password, and if the verification fails, the flow is terminated; if the authentication is passed, the smart card generates partial login information containing the unique identifier and the password of the data user; the data user selects a cluster head node which the data user wants to access, and the cluster head node and part of login information generated by the intelligent card form complete login information which is sent to the base station by the data user;
step 42: after receiving the login information, the base station firstly performs identity authentication, and if the login information does not pass, the flow is terminated; if the authentication is passed, the base station sends authentication information to the corresponding cluster head node, the cluster head node performs identity authentication again, and if the authentication is not passed, the flow is terminated; and if the authentication is passed, confirming that the data user is to access the real-time data provided by the cluster head node.
In step 41, the login information is encrypted by the data user through a symmetric encryption algorithm using a session key generated when the secure channel is established, and then sent to the base station.
In step 42, after receiving the login information, the base station decrypts the login information by using the session key through a symmetric decryption algorithm to obtain the login information; after the base station passes the authentication, the base station encrypts the login information by using a session key through a symmetric encryption algorithm and then sends the encrypted login information to the corresponding cluster head node;
and after receiving the login information, the cluster head node decrypts the login information by using the session key through a symmetric decryption algorithm to obtain the login information.
Wherein the step 5 comprises:
step 51: the cluster head node generates a symmetric key by using the unique identifier of the cluster head node, the unique identifier of the data user, the guide time of the cluster head node and the registration timestamp of the data user, and encrypts real-time data by using a symmetric encryption algorithm to generate a ciphertext;
step 52: the cluster head node calculates and generates a correlation value for each attribute element in the attribute set by using the random number stored in the memory of the cluster head node, records a timestamp when the correlation value is generated, and takes the timestamp as the timestamp of the cluster head node; then, the correlation value, the ciphertext generated by encrypting in real time in the step 51 and the timestamp of the cluster head node are sent to the data user;
step 53: after receiving the information sent by the cluster head node in step 52, the data user first verifies the message authentication code thereof by using a hash algorithm to ensure the integrity of the message, and if the verification fails, the flow is terminated; if the verification is passed, the data user utilizes the access structure of the data user and the correlation value of the attribute elements in the attribute set of the cluster head node to calculate, recovers the symmetric key, and utilizes a symmetric decryption algorithm to obtain the data plaintext.
Wherein, the calculation process in the step 53 is as follows: the leaf nodes of the access tree are processed from bottom to top and finally reach the root node of the access tree, so that the symmetric key is recovered, and then the data user obtains the data plaintext by using a symmetric decryption algorithm, so that the real-time data of the cluster head node which the data user wants to access is obtained.
The above description is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, several modifications and variations can be made without departing from the technical principle of the present invention, and these modifications and variations should also be regarded as the protection scope of the present invention.

Claims (4)

1. An access control method based on an attribute cryptosystem in a wireless sensor network is characterized by comprising the following steps:
step 1: in a wireless sensor network, sensor nodes and cluster head nodes are deployed in advance;
step 2: establishing a safety channel among the sensor node, the cluster head node and the base station;
and step 3: the data user registers in the base station, and the base station generates an access structure and an intelligent card for the data user;
and 4, step 4: the data user logs in the wireless sensor network, and the identity of the data user is authenticated by the base station and the cluster head node together;
and 5: the cluster head node encrypts real-time data and transmits the encrypted data to a data user;
the step 1 comprises the following steps:
step 11: based on an elliptic curve group constructed by super-singular curves in a finite field, a base station generates related network parameters in a wireless sensor network;
step 12: the base station loads relevant network parameters into a memory of each cluster head node;
the relevant network parameters include:
the base station randomly selects a large prime number not less than 160 bits as the order of the elliptic curve group;
selecting a random number on the elliptic curve group to correspond to each attribute element in the attribute space;
the base station selects unique identifiers for each cluster head node and each sensor node;
wherein the attribute space is a set composed of all attribute elements of all wireless sensors in the wireless sensor network;
in the step 2, once the sensor node is deployed successfully, the sensor node locates adjacent nodes within the communication range; the cluster head nodes position adjacent sensor nodes in respective clusters and also position other cluster head nodes in the communication range of the cluster head nodes; in order to realize safe communication between the sensor node and the cluster head node of the cluster where the sensor node is located and other sensor nodes, a session key needs to be established between the nodes; thus, a session key is established between the sensor node and the cluster head node; the sensor node communicates with the adjacent nodes and the cluster head node safely, and the cluster head node communicates with other cluster head nodes and the base station safely;
wherein the step 3 comprises:
step 31: the data user generates registration request information by the unique identifier, the password and the random number through composite operation and sends the registration request information to the base station;
step 32: after receiving registration request information of a data user, a base station generates an access structure for the data user, wherein the access structure is a logic expression composed of attribute elements in an attribute space and is represented by an access tree, leaf nodes of the access tree represent the attribute elements, non-leaf nodes represent a threshold, and the base station constructs a polynomial for each node in the access tree by utilizing the Lagrange interpolation theorem;
step 33: the base station stores the relevant network parameters, the access structure, the registration timestamp of the data user, the guide time and the expiration time information of all cluster head nodes into the intelligent card and sends the intelligent card to the data user;
wherein the step 4 comprises:
step 41: the data user inserts the intelligent card into a card reader of a specific terminal, inputs the unique identifier and the password of the data user, the intelligent card verifies the unique identifier and the password, and if the verification fails, the flow is terminated; if the authentication is passed, the smart card generates partial login information containing the unique identifier and the password of the data user; the data user selects a cluster head node which the data user wants to access, and the cluster head node and part of login information generated by the intelligent card form complete login information which is sent to the base station by the data user;
step 42: after receiving the login information, the base station firstly performs identity authentication, and if the login information does not pass, the flow is terminated; if the authentication is passed, the base station sends authentication information to the corresponding cluster head node, the cluster head node performs identity authentication again, and if the authentication is not passed, the flow is terminated; if the authentication is passed, the data user is confirmed to access the real-time data provided by the cluster head node;
wherein the step 5 comprises:
step 51: the cluster head node generates a symmetric key by using the unique identifier of the cluster head node, the unique identifier of the data user, the guide time of the cluster head node and the registration timestamp of the data user, and encrypts real-time data by using a symmetric encryption algorithm to generate a ciphertext;
step 52: the cluster head node calculates and generates a correlation value for each attribute element in the attribute set by using the random number stored in the memory of the cluster head node, records a timestamp when the correlation value is generated, and takes the timestamp as the timestamp of the cluster head node; then, the correlation value, the ciphertext generated by encrypting in real time in the step 51 and the timestamp of the cluster head node are sent to the data user;
step 53: after receiving the information sent by the cluster head node in step 52, the data user first verifies the message authentication code thereof by using a hash algorithm to ensure the integrity of the message, and if the verification fails, the flow is terminated; if the verification is passed, the data user utilizes the access structure of the data user and the correlation value of the attribute elements in the attribute set of the cluster head node to calculate, recovers the symmetric key, and utilizes a symmetric decryption algorithm to obtain the data plaintext.
2. The method according to claim 1, wherein in step 41, the login information is encrypted by the data user through a symmetric encryption algorithm using a session key generated when the secure channel is established, and then sent to the base station.
3. The method according to claim 2, wherein in step 42, after receiving the login information, the base station decrypts the login information by using the session key through a symmetric decryption algorithm to obtain the login information; after the base station passes the authentication, the base station encrypts the login information by using a session key through a symmetric encryption algorithm and then sends the encrypted login information to the corresponding cluster head node;
and after receiving the login information, the cluster head node decrypts the login information by using the session key through a symmetric decryption algorithm to obtain the login information.
4. The method for controlling access based on attribute cryptosystem in wireless sensor network according to claim 1, wherein the calculation process in step 53 is as follows: the leaf nodes of the access tree are processed from bottom to top and finally reach the root node of the access tree, so that the symmetric key is recovered, and then the data user obtains the data plaintext by using a symmetric decryption algorithm, so that the real-time data of the cluster head node which the data user wants to access is obtained.
CN201911114810.9A 2019-11-14 2019-11-14 Access control method based on attribute cryptosystem in wireless sensor network Active CN110855435B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911114810.9A CN110855435B (en) 2019-11-14 2019-11-14 Access control method based on attribute cryptosystem in wireless sensor network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911114810.9A CN110855435B (en) 2019-11-14 2019-11-14 Access control method based on attribute cryptosystem in wireless sensor network

Publications (2)

Publication Number Publication Date
CN110855435A CN110855435A (en) 2020-02-28
CN110855435B true CN110855435B (en) 2022-04-19

Family

ID=69600927

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911114810.9A Active CN110855435B (en) 2019-11-14 2019-11-14 Access control method based on attribute cryptosystem in wireless sensor network

Country Status (1)

Country Link
CN (1) CN110855435B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110691358B (en) * 2019-11-14 2022-10-14 北京京航计算通讯研究所 Access control system based on attribute cryptosystem in wireless sensor network

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102404726A (en) * 2011-11-18 2012-04-04 重庆邮电大学 Distributed control method for information of accessing internet of things by user
CN102892113A (en) * 2012-09-20 2013-01-23 苏州两江科技有限公司 Method for safety transmission of data between nodes in hierarchical wireless sensor network
CN103929744A (en) * 2014-04-03 2014-07-16 东南大学 Wireless sensor network key management method
WO2018147673A1 (en) * 2017-02-09 2018-08-16 에스지에이솔루션즈 주식회사 Symmetric key-based user authentication method for ensuring anonymity in wireless sensor network environment
CN108880814A (en) * 2018-06-28 2018-11-23 西安理工大学 A kind of dynamic cluster wireless sensor network key management method

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030151513A1 (en) * 2002-01-10 2003-08-14 Falk Herrmann Self-organizing hierarchical wireless network for surveillance and control
WO2012116483A1 (en) * 2011-02-28 2012-09-07 Renesas Mobile Corporation Multimode user equipment accessing wireless sensor network

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102404726A (en) * 2011-11-18 2012-04-04 重庆邮电大学 Distributed control method for information of accessing internet of things by user
CN102892113A (en) * 2012-09-20 2013-01-23 苏州两江科技有限公司 Method for safety transmission of data between nodes in hierarchical wireless sensor network
CN103929744A (en) * 2014-04-03 2014-07-16 东南大学 Wireless sensor network key management method
WO2018147673A1 (en) * 2017-02-09 2018-08-16 에스지에이솔루션즈 주식회사 Symmetric key-based user authentication method for ensuring anonymity in wireless sensor network environment
CN108880814A (en) * 2018-06-28 2018-11-23 西安理工大学 A kind of dynamic cluster wireless sensor network key management method

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
基于ABE-IBS的无线传感器网络签名加密一体化方法;祁正华等;《通信学报》;20100425;第第31卷卷(第04期);第37-44页 *
基于多级分簇无线传感器网络的身份认证机制;张旸等;《计算机工程与设计》;20130116;第第34卷卷(第01期);第37-41页 *

Also Published As

Publication number Publication date
CN110855435A (en) 2020-02-28

Similar Documents

Publication Publication Date Title
CN112073379B (en) Lightweight Internet of things security key negotiation method based on edge calculation
CN110691358B (en) Access control system based on attribute cryptosystem in wireless sensor network
CN102883316B (en) Connection establishing method, terminal and access point
CN110267270B (en) Identity authentication method for sensor terminal access edge gateway in transformer substation
CN109756872B (en) Power grid NB-IoT end-to-end data processing method based on physical unclonable function
CN102859945A (en) Key management device, system and method having a rekey mechanism
Ataei Nezhad et al. An authentication-based secure data aggregation method in internet of things
CN114448727B (en) Information processing method and system based on industrial internet identification analysis system
CN113965930B (en) Quantum key-based industrial internet active identification analysis method and system
CN109691156A (en) The enhanced gathering re-authentication of wireless device
CN112311533B (en) Terminal identity authentication method, system and storage medium
CN106960166A (en) A kind of smart jack management system and its method based on distributed general ledger technology
CN109150899B (en) Mobile communication method and system for Internet of things
CN112491908A (en) Security certification management system based on block chain big data
CN107094138A (en) A kind of smart home safe communication system and communication means
Smys et al. Performance optimization of wireless adhoc networks with authentication
CN106452767A (en) Identity authentication public key management system based access authentication method
Weng et al. A lightweight anonymous authentication and secure communication scheme for fog computing services
CN110855435B (en) Access control method based on attribute cryptosystem in wireless sensor network
CN102612035B (en) Energy-efficient identity authentication method in multi-level clustering wireless sensor network
CN107231628B (en) Safety data fusion method suitable for multiple application scenes
JP6804026B2 (en) Encrypted communication system
CN111435389A (en) Power distribution terminal operation and maintenance tool safety protection system
CN110650019B (en) RFID authentication method and system based on PUF and security sketch
CN103781026A (en) Authentication method of general authentication mechanism

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant