CN112653506B - Block chain-based handover flow method for spatial information network - Google Patents

Block chain-based handover flow method for spatial information network Download PDF

Info

Publication number
CN112653506B
CN112653506B CN202011510597.6A CN202011510597A CN112653506B CN 112653506 B CN112653506 B CN 112653506B CN 202011510597 A CN202011510597 A CN 202011510597A CN 112653506 B CN112653506 B CN 112653506B
Authority
CN
China
Prior art keywords
mobile user
satellite
handover
block chain
low
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011510597.6A
Other languages
Chinese (zh)
Other versions
CN112653506A (en
Inventor
霍如
王志浩
汪硕
魏亮
刘江
黄韬
刘韵洁
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Jiangsu Future Networks Innovation Institute
Original Assignee
Jiangsu Future Networks Innovation Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Jiangsu Future Networks Innovation Institute filed Critical Jiangsu Future Networks Innovation Institute
Priority to CN202011510597.6A priority Critical patent/CN112653506B/en
Publication of CN112653506A publication Critical patent/CN112653506A/en
Application granted granted Critical
Publication of CN112653506B publication Critical patent/CN112653506B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • H04B7/15Active relay systems
    • H04B7/185Space-based or airborne stations; Stations for satellite systems
    • H04B7/1851Systems using a satellite or space-based relay
    • H04B7/18513Transmission in a satellite or space-based system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04BTRANSMISSION
    • H04B7/00Radio transmission systems, i.e. using radiation field
    • H04B7/14Relay systems
    • H04B7/15Active relay systems
    • H04B7/185Space-based or airborne stations; Stations for satellite systems
    • H04B7/1851Systems using a satellite or space-based relay
    • H04B7/18519Operations control, administration or maintenance
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/70Reducing energy consumption in communication networks in wireless communication networks

Abstract

The invention discloses a block chain-based handover flow method of a spatial information network, which has two handover schemes, wherein the scheme for a low mobile user comprises the following specific steps: step 1.1: low mobile user preparation; step 1.2: low mobile user message handover; step 1.3: completing the handover by the low-mobility user; the specific steps of the scheme for the high mobile user are as follows: step 2.1: high mobile user preparation; step 2.2: high mobile user message handover; step 2.3: the high mobile user completes the handover. The invention can meet the requirements of rapid authentication and access authority confirmation of user equipment, enhances the data integrity and security of a mobile user in the process of using the space information network service by using a block chain technology, solves the problem of single-point failure of network control NCC in an actual scene, and provides access control and operation traceability functions. The invention provides a block chain-based handover flow method for a high-speed mobile user and a low-speed mobile user respectively.

Description

Block chain-based handover flow method for spatial information network
Technical Field
The present invention relates to the field of block chain technology, and in particular, to a handover flow method for a spatial information network based on a block chain.
Background
The spatial information network makes it possible for any object to connect to the internet anywhere, and the access authentication is the key of the access control of the secure user, mainly to prevent an illegal adversary from accessing the secure network service. However, the communication environment of the star sensor is very complex, which presents a challenging problem for designing a safe and efficient authentication scheme. Blockchains can be viewed as a common, digitized, and distributed ledger built upon peer-to-peer networks, and this technique has been introduced and applied to many network scenarios.
In a blockchain system, data generated by participating entities is issued as transactions that are packed into one block. Miners add data to the blockchain in chronological order. Notably, the miners who add data are independent entities, without an authority of three parties in the blockchain. All participating entities are stored in blockchains and the blockchains are updated periodically. It is easy for entities in multiple blockchains to accomplish information sharing. Blockchains facilitate systems that do not require a trusted party (e.g., a certificate authority). Therefore, blockchains are ideal techniques for user identity management and access control.
In the aspects of access control and authentication schemes of the spatial information network, an authentication protocol which can prove safe and effective and an effective switching mechanism are designed in the existing scheme. In this scheme, a new authentication system model is introduced, in which the satellite is given the capability to authenticate the user, to avoid online participation of the network control center NCC in authenticating the user, thereby reducing long authentication delays and avoiding single point bottlenecks in the NCC. Furthermore, the support for batch verification in the design of this solution can significantly improve handover efficiency when a group of users is handed over to another satellite.
Through analysis, the scheme is safe to various attacks and can meet various safety requirements. However, the above access control and authentication scheme for the spatial information network has problems in the following aspects:
1. the security of mutual authentication is not high enough
In the mutual authentication of the scheme, the used information is sent from both sides, and further information verification is carried out, so that only non-tampering of the information can be ensured, and a node sending the information cannot be ensured not to be forged maliciously.
2. The provided traceability is not strong
The scheme provides that the corresponding relation based on the user identity and the virtual identity is recorded through the NCC, then the operation behavior of the virtual identity is recorded through the log, and further the behavior of the user is tracked. However, the NCC under this scheme may be attacked or maliciously operated by an operator as a central mechanism, resulting in tampering or deleting the relevant log.
3. Fail to provide fine grained access control
According to the specific flow provided by the scheme, the scheme can only carry out authentication access, and in actual operation, according to the importance of resources, under the application scene of a spatial information network, fine-grained scheme control is necessary.
4. Idealized channel conditions
This scheme assumes that the hub is trusted by all entities in the system and that any adversary cannot compromise the hub. There is a secure channel between the network entity and the NCC to protect the registration process. This is practically impossible.
Disclosure of Invention
Aiming at the problems, the invention designs a handover flow method of a space information network based on a block chain, and in order to achieve the purpose of remedying the problems, the technical scheme provided by the invention is as follows:
a block chain-based handover flow method of a spatial information network is characterized in that two handover schemes are provided, and the specific steps of the scheme for low-mobility users are as follows: step 1.1: low mobile user preparation; step 1.2: low mobile user message handover; step 1.3: completing the handover by the low-mobility user; the specific steps of the scheme for the high mobile user are as follows: step 2.1: high mobile user preparation; step 2.2: high mobile user message handover; step 2.3: the high mobile user completes the handover.
Preferably, the step 1.1 specifically includes:
the ground station has the topology of the satellite constellation and the motion of the satellite, so that the upcoming satellite can be predicted; the ground station then writes the white list (mobile user temporary identity, current connected satellite identity, identity of the satellite to be converted) plus its own signature into the ground and inter-satellite block chain.
Preferably, the step 1.2 specifically includes:
when the mobile user is located at the overlap of the old and new satellite nodes, he or she decides whether to perform handover according to the received signal strength; before handover, a mobile user sends a request message to an old satellite node, wherein the request message comprises a temporary identity and a new satellite node identity; the old satellite then forwards the request message to the new satellite node.
Preferably, the step 1.3 specifically includes:
after receiving the request message, the new satellite node performs an inquiry action in the block chain, completes the inquiry and completes the comparison, and otherwise, returns a rejection message.
Preferably, the step 2.1 specifically comprises:
the ground station possesses the topology of the satellite constellation and the motion of the satellites, so that the upcoming satellites can be predicted. And then the ground station adds the signature of the ground station to the white list, writes the white list into the ground and the inter-satellite block chain, and additionally writes parameters such as the encrypted session key into the ground block chain.
Preferably, the step 2.2 specifically includes:
when the mobile user is in the overlap area, deciding whether to hand over according to the received signal strength; if the handover is decided, the mobile user sends a request message to the old satellite node, and the generation and the steps of the request message are the same as those in the low-speed moving scheme; then, the old satellite node forwards all the request messages to the new satellite node; after the new satellite node completes verification in the inter-satellite block chain, sending a request message to a new corresponding ground station;
preferably, the step 2.3 specifically includes:
and after receiving the message, the ground station finishes verification and takes out the related information from the ground block chain, and finishes the transfer work.
Compared with the prior art, the invention has the following advantages:
the invention can meet the requirements of rapid authentication and access authority confirmation of user equipment, enhances the data integrity and security of a mobile user in the process of using the space information network service by using a block chain technology, solves the problem of single-point failure of network control NCC in an actual scene, and provides access control and operation traceability functions. The invention provides a block chain-based handover flow method for a high-speed mobile user and a low-speed mobile user respectively.
Drawings
Fig. 1 is a system architecture diagram of a spatial information network access control system and an authentication method based on a block chain according to the present invention;
FIG. 2 is a flow chart of a handover scheme of a low speed mobile subscriber based on a spatial information network access control system and an authentication method of a block chain;
fig. 3 is a flow chart of a handover scheme of a high speed mobile subscriber based on a spatial information network access control system and an authentication method of a block chain.
Detailed Description
The present invention is described in detail below with reference to the drawings and examples, but the present invention is not limited thereto.
A block chain-based handover flow method of a spatial information network is characterized in that two handover schemes are provided, and the specific steps of the scheme for low-mobility users are as follows: step 1.1: low mobile user preparation; step 1.2: low mobile user message handover; step 1.3: completing the handover by the low-mobility user; the specific steps of the scheme for the high mobile user are as follows: step 2.1: high mobile user preparation; step 2.2: high mobile user message handover; step 2.3: the high mobile user completes the handover.
As a possible implementation, the step 1.1 specifically includes:
the ground station has the topology of the satellite constellation and the motion of the satellite, so that the upcoming satellite can be predicted; the ground station then writes the white list (mobile user temporary identity, current connection satellite identity, identity of the satellite to be converted) plus its own signature into the ground and inter-satellite block chain.
As a possible implementation manner, the step 1.2 specifically includes:
when the mobile user is located at the overlap of the old and new satellite nodes, he or she decides whether to perform handover according to the received signal strength; before handover, a mobile user sends a request message to an old satellite node, wherein the request message comprises a temporary identity and a new satellite node identity; the old satellite then forwards the request message to the new satellite node.
As a possible implementation, the step 1.3 specifically includes:
after receiving the request message, the new satellite node performs an inquiry action in the block chain, completes the inquiry and completes the comparison, and otherwise, returns a rejection message.
As a possible implementation, the step 2.1 specifically includes:
the ground station possesses the topology of the satellite constellation and the motion of the satellites, so that the upcoming satellites can be predicted. And then the ground station adds the signature of the ground station to the white list, writes the white list into the ground and the inter-satellite block chain, and additionally writes parameters such as the encrypted session key into the ground block chain.
As a possible implementation manner, the step 2.2 specifically includes:
when the mobile user is in the overlap area, deciding whether to hand over according to the received signal strength; if the handover is decided, the mobile user sends a request message to the old satellite node, and the generation and the steps of the request message are the same as those in the low-speed moving scheme; then, the old satellite node forwards all the request messages to the new satellite node; after the new satellite node completes verification in the inter-satellite block chain, sending a request message to a new corresponding ground station;
as a possible implementation, the step 2.3 specifically includes:
and after receiving the message, the ground station finishes verification and takes out the related information from the ground block chain, and finishes the transfer work.
The foregoing shows and describes the general principles, essential features, and advantages of the invention. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, and the preferred embodiments of the present invention are described in the above embodiments and the description, and are not intended to limit the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims (2)

1. A block chain-based handover flow method of a spatial information network is characterized in that two handover schemes are provided, and the specific steps of the scheme for low-mobility users are as follows: step 1.1: low mobile user preparation; step 1.2: low mobile user message handover; step 1.3: completing the handover by the low-mobility user; the specific steps of the scheme for the high mobile user are as follows: step 2.1: high mobile user preparation; step 2.2: high mobile user message handover; step 2.3: the high mobile user completes the handover; the step 1.1 specifically comprises:
the ground station has the topology of the satellite constellation and the motion of the satellite, so that the upcoming satellite can be predicted; then the ground station writes a white list into the ground and the inter-satellite block chain, wherein the white list comprises the temporary identity of the mobile user, the identity of the currently connected satellite, the identity of the satellite to be converted and the own signature;
the step 1.2 specifically includes:
when the mobile user is positioned at the overlapping position of the new satellite node and the old satellite node, determining whether to perform handover according to the received signal strength; before handover, a mobile user sends a request message to an old satellite node, wherein the request message comprises a temporary identity and a new satellite node identity; then, the old satellite node forwards the request message to the new satellite node; the step 1.3 specifically includes:
after receiving the request message, the new satellite node performs an inquiry action in the block chain, completes the inquiry and completes the handover if the inquiry is completed and the comparison is successful, otherwise, returns a rejection message;
the step 2.1 specifically comprises:
the ground station has the topology of the satellite constellation and the motion of the satellite, so that the upcoming satellite can be predicted; then the ground station adds the signature of the ground station to the white list, writes the white list into the ground and the inter-satellite block chain, and additionally writes the encrypted session key parameters into the ground block chain;
the step 2.2 specifically comprises:
when the mobile user is in the overlap area, deciding whether to hand over according to the received signal strength; if the handover is decided, the mobile user sends a request message to the old satellite node, and the generation and the steps of the request message are the same as those in the low-speed moving scheme; then, the old satellite node forwards all the request messages to the new satellite node; and after the new satellite node completes verification in the inter-satellite block chain, sending a request message to a new corresponding ground station.
2. The method as claimed in claim 1, wherein the step 2.3 specifically includes:
and after receiving the message, the ground station finishes verification and takes out the related information from the ground block chain, and finishes the transfer work.
CN202011510597.6A 2020-12-18 2020-12-18 Block chain-based handover flow method for spatial information network Active CN112653506B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011510597.6A CN112653506B (en) 2020-12-18 2020-12-18 Block chain-based handover flow method for spatial information network

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011510597.6A CN112653506B (en) 2020-12-18 2020-12-18 Block chain-based handover flow method for spatial information network

Publications (2)

Publication Number Publication Date
CN112653506A CN112653506A (en) 2021-04-13
CN112653506B true CN112653506B (en) 2023-03-24

Family

ID=75355268

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011510597.6A Active CN112653506B (en) 2020-12-18 2020-12-18 Block chain-based handover flow method for spatial information network

Country Status (1)

Country Link
CN (1) CN112653506B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113328782B (en) * 2021-05-25 2022-07-26 清华大学 Block chain-based satellite-ground network resource sharing architecture system and operation method thereof

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107147489B (en) * 2017-05-02 2019-10-18 南京理工大学 Distributed access authentication management method in a kind of LEO satellite network
US11177961B2 (en) * 2017-12-07 2021-11-16 Nec Corporation Method and system for securely sharing validation information using blockchain technology
CN110972138B (en) * 2018-09-30 2021-06-15 华为技术有限公司 Data processing method and data processing equipment thereof

Also Published As

Publication number Publication date
CN112653506A (en) 2021-04-13

Similar Documents

Publication Publication Date Title
CN112564775B (en) Spatial information network access control system and authentication method based on block chain
US8295488B2 (en) Exchange of key material
CN108260102B (en) LTE-R vehicle-ground communication non-access layer authentication method based on proxy signature
CN112332901B (en) Heaven and earth integrated mobile access authentication method and device
CN113068187B (en) Unmanned aerial vehicle-assisted terminal access authentication method, system, equipment and application
CN104038937A (en) Network access authentication method applicable to satellite mobile communication network
Liu et al. A secure and efficient authentication protocol for satellite-terrestrial networks
CN110636495A (en) Method for terminal user safety roaming authentication in fog computing system
CN112653506B (en) Block chain-based handover flow method for spatial information network
CN112235792A (en) Multi-type terminal access and switching authentication method, system, equipment and application
CN115396887A (en) Rapid and safe switching authentication method, device and system for high-speed mobile terminal
CN108495311B (en) Safe switching method of high-speed train target base station based on relay station assistance
Zhu et al. SMSS: Symmetric-masquerade security scheme for VANETs
CN100561912C (en) Mobile proxy safety route method based on group's signature
CN112615721B (en) Access authentication and authority management control flow method of spatial information network based on block chain
CN101005489A (en) Method for protecting mobile communication system network safety
CN112821934A (en) Block chain-based credible rapid switching method for spatial information network
CN109600745B (en) Novel 5G cellular network channel safety system and safety implementation method
Candolin Securing military decision making in a network-centric environment
Rahman et al. Man in the middle attack prevention for edge-fog, mutual authentication scheme
You et al. ESS-FH: Enhanced security scheme for fast handover in hierarchical mobile IPv6
CN100536471C (en) Method for effective protecting signalling message between mobile route and hometown agent
CN112968765B (en) Parameter initialization registration process method of spatial information network based on block chain
CN113038457B (en) Ad hoc network full-time space safety communication system and method based on distributed neural network
US20090046634A1 (en) Qos server in mobile communication system

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant