CN112653506B - Block chain-based handover flow method for spatial information network - Google Patents
Block chain-based handover flow method for spatial information network Download PDFInfo
- Publication number
- CN112653506B CN112653506B CN202011510597.6A CN202011510597A CN112653506B CN 112653506 B CN112653506 B CN 112653506B CN 202011510597 A CN202011510597 A CN 202011510597A CN 112653506 B CN112653506 B CN 112653506B
- Authority
- CN
- China
- Prior art keywords
- mobile user
- satellite
- handover
- block chain
- low
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
- H04B7/15—Active relay systems
- H04B7/185—Space-based or airborne stations; Stations for satellite systems
- H04B7/1851—Systems using a satellite or space-based relay
- H04B7/18513—Transmission in a satellite or space-based system
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04B—TRANSMISSION
- H04B7/00—Radio transmission systems, i.e. using radiation field
- H04B7/14—Relay systems
- H04B7/15—Active relay systems
- H04B7/185—Space-based or airborne stations; Stations for satellite systems
- H04B7/1851—Systems using a satellite or space-based relay
- H04B7/18519—Operations control, administration or maintenance
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- Astronomy & Astrophysics (AREA)
- Aviation & Aerospace Engineering (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The invention discloses a block chain-based handover flow method of a spatial information network, which has two handover schemes, wherein the scheme for a low mobile user comprises the following specific steps: step 1.1: low mobile user preparation; step 1.2: low mobile user message handover; step 1.3: completing the handover by the low-mobility user; the specific steps of the scheme for the high mobile user are as follows: step 2.1: high mobile user preparation; step 2.2: high mobile user message handover; step 2.3: the high mobile user completes the handover. The invention can meet the requirements of rapid authentication and access authority confirmation of user equipment, enhances the data integrity and security of a mobile user in the process of using the space information network service by using a block chain technology, solves the problem of single-point failure of network control NCC in an actual scene, and provides access control and operation traceability functions. The invention provides a block chain-based handover flow method for a high-speed mobile user and a low-speed mobile user respectively.
Description
Technical Field
The present invention relates to the field of block chain technology, and in particular, to a handover flow method for a spatial information network based on a block chain.
Background
The spatial information network makes it possible for any object to connect to the internet anywhere, and the access authentication is the key of the access control of the secure user, mainly to prevent an illegal adversary from accessing the secure network service. However, the communication environment of the star sensor is very complex, which presents a challenging problem for designing a safe and efficient authentication scheme. Blockchains can be viewed as a common, digitized, and distributed ledger built upon peer-to-peer networks, and this technique has been introduced and applied to many network scenarios.
In a blockchain system, data generated by participating entities is issued as transactions that are packed into one block. Miners add data to the blockchain in chronological order. Notably, the miners who add data are independent entities, without an authority of three parties in the blockchain. All participating entities are stored in blockchains and the blockchains are updated periodically. It is easy for entities in multiple blockchains to accomplish information sharing. Blockchains facilitate systems that do not require a trusted party (e.g., a certificate authority). Therefore, blockchains are ideal techniques for user identity management and access control.
In the aspects of access control and authentication schemes of the spatial information network, an authentication protocol which can prove safe and effective and an effective switching mechanism are designed in the existing scheme. In this scheme, a new authentication system model is introduced, in which the satellite is given the capability to authenticate the user, to avoid online participation of the network control center NCC in authenticating the user, thereby reducing long authentication delays and avoiding single point bottlenecks in the NCC. Furthermore, the support for batch verification in the design of this solution can significantly improve handover efficiency when a group of users is handed over to another satellite.
Through analysis, the scheme is safe to various attacks and can meet various safety requirements. However, the above access control and authentication scheme for the spatial information network has problems in the following aspects:
1. the security of mutual authentication is not high enough
In the mutual authentication of the scheme, the used information is sent from both sides, and further information verification is carried out, so that only non-tampering of the information can be ensured, and a node sending the information cannot be ensured not to be forged maliciously.
2. The provided traceability is not strong
The scheme provides that the corresponding relation based on the user identity and the virtual identity is recorded through the NCC, then the operation behavior of the virtual identity is recorded through the log, and further the behavior of the user is tracked. However, the NCC under this scheme may be attacked or maliciously operated by an operator as a central mechanism, resulting in tampering or deleting the relevant log.
3. Fail to provide fine grained access control
According to the specific flow provided by the scheme, the scheme can only carry out authentication access, and in actual operation, according to the importance of resources, under the application scene of a spatial information network, fine-grained scheme control is necessary.
4. Idealized channel conditions
This scheme assumes that the hub is trusted by all entities in the system and that any adversary cannot compromise the hub. There is a secure channel between the network entity and the NCC to protect the registration process. This is practically impossible.
Disclosure of Invention
Aiming at the problems, the invention designs a handover flow method of a space information network based on a block chain, and in order to achieve the purpose of remedying the problems, the technical scheme provided by the invention is as follows:
a block chain-based handover flow method of a spatial information network is characterized in that two handover schemes are provided, and the specific steps of the scheme for low-mobility users are as follows: step 1.1: low mobile user preparation; step 1.2: low mobile user message handover; step 1.3: completing the handover by the low-mobility user; the specific steps of the scheme for the high mobile user are as follows: step 2.1: high mobile user preparation; step 2.2: high mobile user message handover; step 2.3: the high mobile user completes the handover.
Preferably, the step 1.1 specifically includes:
the ground station has the topology of the satellite constellation and the motion of the satellite, so that the upcoming satellite can be predicted; the ground station then writes the white list (mobile user temporary identity, current connected satellite identity, identity of the satellite to be converted) plus its own signature into the ground and inter-satellite block chain.
Preferably, the step 1.2 specifically includes:
when the mobile user is located at the overlap of the old and new satellite nodes, he or she decides whether to perform handover according to the received signal strength; before handover, a mobile user sends a request message to an old satellite node, wherein the request message comprises a temporary identity and a new satellite node identity; the old satellite then forwards the request message to the new satellite node.
Preferably, the step 1.3 specifically includes:
after receiving the request message, the new satellite node performs an inquiry action in the block chain, completes the inquiry and completes the comparison, and otherwise, returns a rejection message.
Preferably, the step 2.1 specifically comprises:
the ground station possesses the topology of the satellite constellation and the motion of the satellites, so that the upcoming satellites can be predicted. And then the ground station adds the signature of the ground station to the white list, writes the white list into the ground and the inter-satellite block chain, and additionally writes parameters such as the encrypted session key into the ground block chain.
Preferably, the step 2.2 specifically includes:
when the mobile user is in the overlap area, deciding whether to hand over according to the received signal strength; if the handover is decided, the mobile user sends a request message to the old satellite node, and the generation and the steps of the request message are the same as those in the low-speed moving scheme; then, the old satellite node forwards all the request messages to the new satellite node; after the new satellite node completes verification in the inter-satellite block chain, sending a request message to a new corresponding ground station;
preferably, the step 2.3 specifically includes:
and after receiving the message, the ground station finishes verification and takes out the related information from the ground block chain, and finishes the transfer work.
Compared with the prior art, the invention has the following advantages:
the invention can meet the requirements of rapid authentication and access authority confirmation of user equipment, enhances the data integrity and security of a mobile user in the process of using the space information network service by using a block chain technology, solves the problem of single-point failure of network control NCC in an actual scene, and provides access control and operation traceability functions. The invention provides a block chain-based handover flow method for a high-speed mobile user and a low-speed mobile user respectively.
Drawings
Fig. 1 is a system architecture diagram of a spatial information network access control system and an authentication method based on a block chain according to the present invention;
FIG. 2 is a flow chart of a handover scheme of a low speed mobile subscriber based on a spatial information network access control system and an authentication method of a block chain;
fig. 3 is a flow chart of a handover scheme of a high speed mobile subscriber based on a spatial information network access control system and an authentication method of a block chain.
Detailed Description
The present invention is described in detail below with reference to the drawings and examples, but the present invention is not limited thereto.
A block chain-based handover flow method of a spatial information network is characterized in that two handover schemes are provided, and the specific steps of the scheme for low-mobility users are as follows: step 1.1: low mobile user preparation; step 1.2: low mobile user message handover; step 1.3: completing the handover by the low-mobility user; the specific steps of the scheme for the high mobile user are as follows: step 2.1: high mobile user preparation; step 2.2: high mobile user message handover; step 2.3: the high mobile user completes the handover.
As a possible implementation, the step 1.1 specifically includes:
the ground station has the topology of the satellite constellation and the motion of the satellite, so that the upcoming satellite can be predicted; the ground station then writes the white list (mobile user temporary identity, current connection satellite identity, identity of the satellite to be converted) plus its own signature into the ground and inter-satellite block chain.
As a possible implementation manner, the step 1.2 specifically includes:
when the mobile user is located at the overlap of the old and new satellite nodes, he or she decides whether to perform handover according to the received signal strength; before handover, a mobile user sends a request message to an old satellite node, wherein the request message comprises a temporary identity and a new satellite node identity; the old satellite then forwards the request message to the new satellite node.
As a possible implementation, the step 1.3 specifically includes:
after receiving the request message, the new satellite node performs an inquiry action in the block chain, completes the inquiry and completes the comparison, and otherwise, returns a rejection message.
As a possible implementation, the step 2.1 specifically includes:
the ground station possesses the topology of the satellite constellation and the motion of the satellites, so that the upcoming satellites can be predicted. And then the ground station adds the signature of the ground station to the white list, writes the white list into the ground and the inter-satellite block chain, and additionally writes parameters such as the encrypted session key into the ground block chain.
As a possible implementation manner, the step 2.2 specifically includes:
when the mobile user is in the overlap area, deciding whether to hand over according to the received signal strength; if the handover is decided, the mobile user sends a request message to the old satellite node, and the generation and the steps of the request message are the same as those in the low-speed moving scheme; then, the old satellite node forwards all the request messages to the new satellite node; after the new satellite node completes verification in the inter-satellite block chain, sending a request message to a new corresponding ground station;
as a possible implementation, the step 2.3 specifically includes:
and after receiving the message, the ground station finishes verification and takes out the related information from the ground block chain, and finishes the transfer work.
The foregoing shows and describes the general principles, essential features, and advantages of the invention. It will be understood by those skilled in the art that the present invention is not limited to the embodiments described above, and the preferred embodiments of the present invention are described in the above embodiments and the description, and are not intended to limit the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.
Claims (2)
1. A block chain-based handover flow method of a spatial information network is characterized in that two handover schemes are provided, and the specific steps of the scheme for low-mobility users are as follows: step 1.1: low mobile user preparation; step 1.2: low mobile user message handover; step 1.3: completing the handover by the low-mobility user; the specific steps of the scheme for the high mobile user are as follows: step 2.1: high mobile user preparation; step 2.2: high mobile user message handover; step 2.3: the high mobile user completes the handover; the step 1.1 specifically comprises:
the ground station has the topology of the satellite constellation and the motion of the satellite, so that the upcoming satellite can be predicted; then the ground station writes a white list into the ground and the inter-satellite block chain, wherein the white list comprises the temporary identity of the mobile user, the identity of the currently connected satellite, the identity of the satellite to be converted and the own signature;
the step 1.2 specifically includes:
when the mobile user is positioned at the overlapping position of the new satellite node and the old satellite node, determining whether to perform handover according to the received signal strength; before handover, a mobile user sends a request message to an old satellite node, wherein the request message comprises a temporary identity and a new satellite node identity; then, the old satellite node forwards the request message to the new satellite node; the step 1.3 specifically includes:
after receiving the request message, the new satellite node performs an inquiry action in the block chain, completes the inquiry and completes the handover if the inquiry is completed and the comparison is successful, otherwise, returns a rejection message;
the step 2.1 specifically comprises:
the ground station has the topology of the satellite constellation and the motion of the satellite, so that the upcoming satellite can be predicted; then the ground station adds the signature of the ground station to the white list, writes the white list into the ground and the inter-satellite block chain, and additionally writes the encrypted session key parameters into the ground block chain;
the step 2.2 specifically comprises:
when the mobile user is in the overlap area, deciding whether to hand over according to the received signal strength; if the handover is decided, the mobile user sends a request message to the old satellite node, and the generation and the steps of the request message are the same as those in the low-speed moving scheme; then, the old satellite node forwards all the request messages to the new satellite node; and after the new satellite node completes verification in the inter-satellite block chain, sending a request message to a new corresponding ground station.
2. The method as claimed in claim 1, wherein the step 2.3 specifically includes:
and after receiving the message, the ground station finishes verification and takes out the related information from the ground block chain, and finishes the transfer work.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011510597.6A CN112653506B (en) | 2020-12-18 | 2020-12-18 | Block chain-based handover flow method for spatial information network |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011510597.6A CN112653506B (en) | 2020-12-18 | 2020-12-18 | Block chain-based handover flow method for spatial information network |
Publications (2)
Publication Number | Publication Date |
---|---|
CN112653506A CN112653506A (en) | 2021-04-13 |
CN112653506B true CN112653506B (en) | 2023-03-24 |
Family
ID=75355268
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202011510597.6A Active CN112653506B (en) | 2020-12-18 | 2020-12-18 | Block chain-based handover flow method for spatial information network |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN112653506B (en) |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN113328782B (en) * | 2021-05-25 | 2022-07-26 | 清华大学 | Block chain-based satellite-ground network resource sharing architecture system and operation method thereof |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN107147489B (en) * | 2017-05-02 | 2019-10-18 | 南京理工大学 | Distributed access authentication management method in a kind of LEO satellite network |
US11177961B2 (en) * | 2017-12-07 | 2021-11-16 | Nec Corporation | Method and system for securely sharing validation information using blockchain technology |
CN110972138B (en) * | 2018-09-30 | 2021-06-15 | 华为技术有限公司 | Data processing method and data processing equipment thereof |
-
2020
- 2020-12-18 CN CN202011510597.6A patent/CN112653506B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN112653506A (en) | 2021-04-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN112564775B (en) | Spatial information network access control system and authentication method based on block chain | |
US8295488B2 (en) | Exchange of key material | |
CN108260102B (en) | LTE-R vehicle-ground communication non-access layer authentication method based on proxy signature | |
CN113068187B (en) | Unmanned aerial vehicle-assisted terminal access authentication method, system, equipment and application | |
CN112332901B (en) | Heaven and earth integrated mobile access authentication method and device | |
CN104038937A (en) | Network access authentication method applicable to satellite mobile communication network | |
CN110636495B (en) | Method for terminal user safety roaming authentication in fog computing system | |
CN112235792A (en) | Multi-type terminal access and switching authentication method, system, equipment and application | |
CN115396887A (en) | Rapid and safe switching authentication method, device and system for high-speed mobile terminal | |
CN112653506B (en) | Block chain-based handover flow method for spatial information network | |
CN114071462B (en) | Unmanned aerial vehicle group satellite navigation defense decoy method | |
CN108495311B (en) | Safe switching method of high-speed train target base station based on relay station assistance | |
Zhu et al. | SMSS: Symmetric-masquerade security scheme for VANETs | |
CN100561912C (en) | Mobile proxy safety route method based on group's signature | |
CN112615721B (en) | Access authentication and authority management control flow method of spatial information network based on block chain | |
CN101005489A (en) | Method for protecting mobile communication system network safety | |
CN112821934A (en) | Block chain-based credible rapid switching method for spatial information network | |
CN109600745B (en) | Novel 5G cellular network channel safety system and safety implementation method | |
CN116032344A (en) | Network element state management method and device, electronic equipment and storage medium | |
Candolin | Securing military decision making in a network-centric environment | |
You et al. | ESS-FH: Enhanced security scheme for fast handover in hierarchical mobile IPv6 | |
CN100536471C (en) | Method for effective protecting signalling message between mobile route and hometown agent | |
CN112968765B (en) | Parameter initialization registration process method of spatial information network based on block chain | |
CN114584523B (en) | Safe link sinking method | |
CN113038457B (en) | Ad hoc network full-time space safety communication system and method based on distributed neural network |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |