CN114745151A - Edge calculation-based power 5G network slice authentication message matching method and device - Google Patents

Edge calculation-based power 5G network slice authentication message matching method and device Download PDF

Info

Publication number
CN114745151A
CN114745151A CN202210179452.5A CN202210179452A CN114745151A CN 114745151 A CN114745151 A CN 114745151A CN 202210179452 A CN202210179452 A CN 202210179452A CN 114745151 A CN114745151 A CN 114745151A
Authority
CN
China
Prior art keywords
slice
encryption parameter
authentication
feature vector
request
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202210179452.5A
Other languages
Chinese (zh)
Other versions
CN114745151B (en
Inventor
王玮
黄红兵
姚继明
章毅
虞跃
邱兰馨
彭少武
万长胜
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
State Grid Corp of China SGCC
Southeast University
Global Energy Interconnection Research Institute
Information and Telecommunication Branch of State Grid Zhejiang Electric Power Co Ltd
Original Assignee
State Grid Corp of China SGCC
Southeast University
Global Energy Interconnection Research Institute
Information and Telecommunication Branch of State Grid Zhejiang Electric Power Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by State Grid Corp of China SGCC, Southeast University, Global Energy Interconnection Research Institute, Information and Telecommunication Branch of State Grid Zhejiang Electric Power Co Ltd filed Critical State Grid Corp of China SGCC
Priority to CN202210179452.5A priority Critical patent/CN114745151B/en
Publication of CN114745151A publication Critical patent/CN114745151A/en
Application granted granted Critical
Publication of CN114745151B publication Critical patent/CN114745151B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/083Network architectures or network communication protocols for network security for authentication of entities using passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0407Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the identity of one or more communicating identities is hidden
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • H04L9/0869Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses an electric power 5G network slice authentication message matching and device based on edge calculation, wherein the method carries out data interaction through a user terminal UE and a core network element management module AMF, the user terminal UE calculates Euclidean distances between slice request characteristic vector sets and all slice supply scheme characteristic vectors provided by the core network element management module AMF, and selects the nearest slice supply scheme as own slice selection. The random number set C and the random key r are used for hiding the characteristic information of the slicing request scheme and the slicing supply scheme in the slicing selection matching process, so that a third-party attacker is prevented from illegally obtaining the slicing information, and the safety of the slicing scheme characteristic information is ensured. In addition, the deployment scheme is simple, a PKI system is not needed, and through simple mathematical operation, the data calculation and data transmission overhead is favorably reduced, the transmission time delay is reduced, and the calculation and communication efficiency is improved.

Description

Edge calculation-based power 5G network slice authentication message matching method and device
Technical Field
The invention relates to the technical field of 5G network slice communication, in particular to a power 5G network slice authentication message matching method and device based on edge calculation.
Background
With the popularization of 5G network communication technology, the application of network slices is more and more extensive. For example: in the application of the smart power grid, along with the rapid development of services such as large-scale power distribution network automation, advanced metering, distributed energy access, user two-way interaction and the like, the communication requirements of various power grid equipment, power terminals and power consumers are increased explosively, and a safe and reliable power distribution communication access network with flexible access and two-way real-time interaction, namely ubiquitous and full-coverage power distribution communication, is urgently required to be constructed.
The 5G network provides bandwidth of more than 10Gps, millisecond-level time delay and ultrahigh-density connection by a brand-new network architecture, and realizes great jump of network performance. And the 5G network slice allows an operator to divide a plurality of virtual logic end-to-end networks on the same hardware infrastructure, and can adapt to diversified requirements of different services. In a 5G intelligent power grid, a user needs to select a proper network slice for access, the performance of the network slice is directly related to whether the service quality of the user can be guaranteed or not, and the utilization efficiency of system resources is determined.
In the related technology, in the network slice authentication selection, information interaction is performed between a User Equipment (UE) and a core network element AUSF, identity authentication work is executed through the core network element AUSF, a shared key is mutually negotiated, and the shared key is used for ensuring the data security of a network slice. Or, with the help of the PKI authentication system, the user deploys the PKI and applies for the public key certificate, and both of the two ways need to complete the encryption of the shared public key through a complex encryption algorithm, so that the communication authentication process is complex, the data calculation and data transmission costs are high, and interaction with a plurality of secure network elements is also needed, which affects the transmission delay.
Disclosure of Invention
Therefore, the technical problem to be solved by the present invention is to overcome the problems in the prior art that the communication authentication process is complex, the data calculation and data transmission overhead is high, and the transmission delay is affected by interaction with a plurality of security network elements, so as to provide a method and a device for matching an authentication message of an electric power 5G network slice based on edge calculation.
According to a first aspect, an embodiment of the present invention provides a power 5G network slice authentication message matching method based on edge calculation, which is used for a user terminal, and includes the following steps:
determining a slice request feature vector set according to service requirements and network characteristics, wherein the slice request feature vector set comprises a plurality of slice request feature elements;
calculating a first slice authentication ciphertext set used for encrypting each slice request characteristic element in the slice request characteristic vector set according to a random data set and a random key which are randomly generated;
generating a slice authentication request message according to the random data set and the first slice authentication ciphertext set, and forwarding the slice authentication request message to a core network element management module through a base station;
receiving a slice authentication response message forwarded by the core network element management module through the base station, wherein the slice authentication response message is loaded with a second slice authentication ciphertext set used for encrypting each slice supply scheme in the slice supply characteristic vector set, and each element in the second slice authentication ciphertext set is obtained by calculating a first encryption parameter, a second encryption parameter and a third encryption parameter;
calculating Euclidean distances between the slice request feature vector set and each slice supply scheme in the slice supply feature vector set according to the first encryption parameter, the second encryption parameter, the third encryption parameter and the random key;
and determining the minimum distance from the Euclidean distances as a slice supply scheme matched with the slice request feature vector set, and forwarding the slice supply scheme to the core network element management module through the base station.
In one embodiment, a first slice authentication secret set used for encrypting each slice request feature element in the slice request feature vector set is calculated according to a randomly generated random data set and a random key, and is calculated by the following formula:
FUE′={x′j=xj+rcj,1≤j≤t};
wherein, FUE' authenticating the first slice with a ciphertext set, xjRequesting feature elements for the jth slice in the set of slice request feature vectors, r being the random key, cjIs the j-th digital element, x 'in the random data set'jAnd t is the number of elements of the first slice authentication ciphertext set or the slice request feature vector set.
In one embodiment, each euclidean distance between the slice request feature vector set and each slice supply scheme in the slice supply feature vector set is calculated according to the first encryption parameter, the second encryption parameter, the third encryption parameter, and the random key by the following formula:
Figure BDA0003521851640000031
wherein E is1For the first auxiliary calculation of the parameter, xjRequesting the jth slice feature element in the feature vector set for a slice, E2Second secondary calculation parameter, E3For the third auxiliary calculation of the parameter, Ml1For the first encryption parameter, Ml2For the second encryption parameter, Ml3R is the random key, d is the third encryption parameterlRequesting Euclidean distances for an l-th element between the feature vector set and the slice supply schemes in the slice supply feature vector set for the slice.
According to a second aspect, an embodiment of the present invention further provides a method for matching authentication messages of a power 5G network slice based on edge computing, where the method is used for a core network element management module, and includes the following steps:
receiving a slice authentication request message forwarded by a user terminal through a base station, wherein the slice authentication request message is loaded with a first slice authentication ciphertext set used for encrypting each slice request characteristic element in the slice request characteristic vector set and a random data set randomly generated by the user terminal;
determining a slice supply feature vector set for supplying the slice request feature vector set by parsing the first slice authentication ciphertext set and the random data set, the slice supply feature vector set including a plurality of slice supply schemes, each slice supply scheme being composed of a plurality of slice supply feature elements;
calculating a first encryption parameter, a second encryption parameter and a third encryption parameter according to the first slice authentication ciphertext set, the random data set and the feature element supplied by each slice;
determining a second slice authentication ciphertext set for encrypting each slice supply scheme in the slice supply feature vector according to the first encryption parameter, the second encryption parameter and the third encryption parameter;
and generating a slice authentication response message according to the second slice authentication ciphertext set, and forwarding the slice authentication response message to the user terminal through the base station.
In one embodiment, a first encryption parameter, a second encryption parameter, and a third encryption parameter are calculated from the first slice authentication ciphertext set, the random data set, and each slice supply feature element, by the following equations:
Figure BDA0003521851640000041
wherein M isl1For the first encryption parameter, Ml2For the second encryption parameter, Ml3Is the third encryption parameter, x'jAuthenticating the ciphertext element for the jth slice, yjSupplying characteristic elements for the jth slice in the scheme for each slice, cjIs the jth digital element in the random data set.
In one embodiment, a second slice authentication ciphertext set for encrypting each slice supply scheme in the slice supply feature vector is determined based on the first encryption parameter, the second encryption parameter, and the third encryption parameter, and is calculated by:
M={Ml,1≤l≤n},Ml=(Ml1,Ml2,Ml3);
wherein M is the second slice authentication ciphertext set, MlFor the ciphertext parameter element, Ml1For the first encryption parameter, Ml2For the second encryption parameter, Ml3Is the third encryption parameter.
According to a third aspect, an embodiment of the present invention further provides an edge-computing-based power 5G network slice authentication message matching apparatus, which is used for a user terminal, and includes the following modules:
the system comprises a slicing request feature vector determining module, a slicing request feature vector determining module and a slicing request feature vector processing module, wherein the slicing request feature vector determining module is used for determining a slicing request feature vector set according to service requirements and network characteristics, and the slicing request feature vector set comprises a plurality of slicing request feature elements;
the first slice authentication ciphertext calculation module is used for calculating a first slice authentication ciphertext set used for encrypting each slice request characteristic element in the slice request characteristic vector set according to a random data set and a random key which are randomly generated;
a slice authentication request message generation module, configured to generate a slice authentication request message according to the random data set and the first slice authentication ciphertext set, and forward the slice authentication request message to a core network element management module through a base station;
a slice authentication response message receiving module, configured to receive a slice authentication response message forwarded by the core network element management module through the base station, where the slice authentication response message is loaded with a second slice authentication ciphertext set used to encrypt each slice provision scheme in a slice provision feature vector set, and each element in the second slice authentication ciphertext set is obtained by calculating a first encryption parameter, a second encryption parameter, and a third encryption parameter;
the Euclidean distance calculation module is used for calculating various Euclidean distances between the slice request feature vector set and each slice supply scheme in the slice supply feature vector set according to the first encryption parameter, the second encryption parameter, the third encryption parameter and the random key;
and the slice supply scheme matching module is used for determining the minimum distance from the Euclidean distances as a slice supply scheme matched with the slice request feature vector set, and forwarding the slice supply scheme to the core network element management module through the base station.
According to a fourth aspect, an embodiment of the present invention further provides an apparatus for matching an authentication message of a power 5G network slice based on edge computing, where the apparatus is used for a core network element management module, and includes the following modules:
a slice authentication request message receiving module, configured to receive a slice authentication request message forwarded by a user terminal through a base station, where the slice authentication request message is loaded with a first slice authentication ciphertext set used to encrypt each slice request feature element in the slice request feature vector set, and a random data set randomly generated by the user terminal;
a slice supply feature vector determination module, configured to determine a slice supply feature vector set used for supplying the slice request feature vector set by parsing the first slice authentication ciphertext set and the random data set, where the slice supply feature vector set includes a plurality of slice supply schemes, and each slice supply scheme is composed of a plurality of slice supply feature elements;
the encryption parameter calculation module is used for calculating a first encryption parameter, a second encryption parameter and a third encryption parameter according to the first slice authentication ciphertext set, the random data set and the feature element supply of each slice;
a second slice authentication ciphertext set determining module, configured to determine, according to the first encryption parameter, the second encryption parameter, and the third encryption parameter, a second slice authentication ciphertext set used for encrypting each slice supply scheme in the slice supply feature vector;
and the slice authentication response message generating module is used for generating a slice authentication response message according to the second slice authentication ciphertext set and forwarding the slice authentication response message to the user terminal through the base station.
According to a fifth aspect, the present invention further provides a computer-readable storage medium storing computer instructions for causing a computer to execute the method for matching an authentication message of an edge-computing-based power 5G network slice according to the first aspect, or any implementation manner of the second aspect.
According to a sixth aspect, an embodiment of the present invention further provides a computer device, including: a memory and a processor, the memory and the processor being communicatively connected to each other, the memory storing therein computer instructions, and the processor executing the computer instructions to execute the method for matching an authentication message of an edge computing-based power 5G network slice as described in the first aspect or any of the embodiments of the first aspect or in the second aspect or any of the embodiments of the second aspect.
The technical scheme of the invention has the following advantages:
the invention discloses an electric power 5G network slice authentication message matching method and device based on edge calculation, wherein the method carries out data interaction with a core network element management module AMF through a user terminal UE, the user terminal UE calculates Euclidean distances between slice request characteristic vector sets and all slice supply scheme characteristic vectors provided by the core network element management module AMF, and selects the nearest slice supply scheme as own slice selection. The random number set C and the random key r are used for hiding the characteristic information of the slicing request scheme and the slicing supply scheme in the slicing selection matching process, so that a third-party attacker is prevented from illegally obtaining the slicing information, and the safety of the slicing scheme characteristic information is ensured. In addition, the deployment scheme is simple, a PKI system is not needed, and through simple mathematical operation, the data calculation and data transmission overhead is favorably reduced, the transmission time delay is reduced, and the calculation and communication efficiency is improved.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings used in the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and other drawings can be obtained by those skilled in the art without creative efforts.
Fig. 1 is a flowchart of a specific example of an edge-computing-based power 5G network slice authentication message matching method in an embodiment of the present invention;
fig. 2 is a schematic block diagram of another specific example of the power 5G network slice authentication message matching method based on edge calculation in the embodiment of the present invention;
fig. 3 is a schematic diagram of communication authentication interaction among a base station, a user terminal, and a core network element management module in an embodiment of the present invention;
FIG. 4 is a block diagram of an embodiment of the present invention, which is a block diagram of an apparatus for matching slice authentication messages of a power 5G network based on edge computing;
fig. 5 is another block diagram of the power 5G network slice authentication message matching device based on edge calculation according to the embodiment of the present invention;
fig. 6 is a hardware diagram of a computer device according to an embodiment of the present invention.
Detailed Description
The technical solutions of the present invention will be described clearly and completely with reference to the accompanying drawings, and it should be understood that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
In the description of the present invention, it should be noted that the terms "center", "upper", "lower", "left", "right", "vertical", "horizontal", "inner", "outer", etc., indicate orientations or positional relationships based on the orientations or positional relationships shown in the drawings, and are only for convenience of description and simplicity of description, but do not indicate or imply that the device or element being referred to must have a particular orientation, be constructed and operated in a particular orientation, and thus, should not be construed as limiting the present invention. Furthermore, the terms "first," "second," and "third" are used for descriptive purposes only and are not to be construed as indicating or implying relative importance.
In the description of the present invention, it should be noted that, unless otherwise explicitly specified or limited, the terms "mounted," "connected," and "connected" are to be construed broadly, e.g., as meaning either a fixed connection, a removable connection, or an integral connection; can be mechanically or electrically connected; the two elements may be directly connected or indirectly connected through an intermediate medium, or may be communicated with each other inside the two elements, or may be wirelessly connected or wired connected. The specific meanings of the above terms in the present invention can be understood in specific cases to those skilled in the art.
In addition, the technical features involved in the different embodiments of the present invention described below may be combined with each other as long as they do not conflict with each other.
The embodiment of the invention discloses an electric power 5G network slice authentication message matching method based on edge calculation, which is used for a user terminal, wherein the user terminal can be an intelligent power grid user terminal or other types of user terminals. The embodiment of the invention can be applied to an application scene of the smart grid based on edge computing 5G network slice power internet of things communication authentication.
In the smart grid, there are many low power consumers who are not suitable for using a sophisticated communication authentication scheme. The embodiment of the invention designs a new security authentication scheme based on the privacy point multiplication algorithm aiming at the problem that the existing 5G network slice selection scheme has poor performance. The method comprises the steps that a safe and efficient slice selection scheme is designed for a slice selection matching process of a user terminal UE, a base station gNB and a core network element management module AMF in a 5G smart power grid and is used for protecting slice selection information privacy between the user terminal UE and the core network element management module AMF, and in the scheme, the user terminal UE can calculate a slice scheme F requested by the user terminal UEUEAnd the matching degree of the slicing scheme on the AMF, and the slicing scheme with the closest matching degree is selected as the own slicing selection, so that the method is suitable for the scene requiring partial slicing matching. Slicing scheme F using random number set C in slice selection matching processUEAnd FAMFThe characteristic information is hidden, so that a third-party attacker is prevented from illegally obtaining the slice information.
Example 1
The method for matching the slice authentication message of the power 5G network based on the edge calculation, which is provided by the embodiment of the invention, is used for a user terminal, and comprises the following steps as shown in figure 1:
step S11: and determining a slice request feature vector set according to the service requirement and the network characteristics, wherein the slice request feature vector set comprises a plurality of slice request feature elements.
The slice in the embodiment of the present invention may be a 5G network slice. The service requirement mentioned above is a service condition required by the user terminal for executing the service application. And the network characteristics are the slicing speed, bandwidth, time delay, security level and other characteristics. Physical network resource according to rate and bandwidthAnd the characteristics of time delay, safety level and the like are divided into a plurality of fine-grained network slices. Physical network resource PNR ═ slice1,slice2,…,slicenDS, which denotes the default network slice. Each network sliceiHas a group of different characteristic values for representing the characteristics of speed, bandwidth, time delay, safety level and the like, and uses a vector SiF=(siF1,SiF2,…,SiFt) Representing (containing t features) the network slice feature value numbered i.
For example: determining a slice request feature vector set to be F according to the service requirement and the network characteristicsUE=(x1,…,xj,…,xt) Wherein each element xjFor a slice feature (e.g. delay, etc.), each element xj∈FUEThe slice request feature vector set contains t slice request feature elements.
Step S12: and calculating a first slice authentication ciphertext set used for encrypting each slice request characteristic element in the slice request characteristic vector set according to the random data set and the random key which are randomly generated.
In the slice authentication and matching process, only a core network entity is credible, but entities such as a user terminal, an access network and the like are not completely credible and may be threatened by man-in-the-middle attack, eavesdropping attack and the like, the slice scheme characteristic information is required to be protected from being leaked, and the user terminal UE randomly generates t random numbers to form a set C ═ (C ═1,…,cj,…,ct) Simultaneously, a random key r is randomly generated, and a scheme F is requested for the slicingUEThe characteristic information of (2) is encrypted.
In one embodiment, in step S12, a first slice authentication secret set for encrypting each slice request feature element in the slice request feature vector set is calculated according to a randomly generated random data set and a random key, and is calculated by the following formula (1):
FUE′={x′j=xj+rcj,1≤j≤t}; (1)
wherein, FUE' authentication of the ciphertext set for the first slice, xjRequesting feature elements for the jth slice in the set of slice request feature vectors, r being a random key, cjIs the j-th digital element, x 'in the random data set'jAnd f, authenticating the cipher text element for the jth slice, and t is the number of elements of the first slice authentication cipher text set or the slice request feature vector set.
A slice request feature vector set F is obtained through each digital element in the random data set C and a random secret key rUEThe characteristic elements of each slice request are encrypted to obtain a first slice authentication ciphertext set ciphertext FUE' prevent the third party attacker from illegally obtaining the slicing information, and achieve the effect of protecting the slicing scheme characteristic information from being revealed.
Step S13: and generating a slice authentication request message according to the random data set and the first slice authentication ciphertext set, and forwarding the slice authentication request message to a core network element management module through a base station.
The base station here can be represented by a gbb, and the base station serves as an intermediate bridge for the user equipment UE to communicate with the core network element management module AMF. And the base station checks the slice authentication request message, selects a proper core network element management module AMF according to the slice authentication request message sent by the user terminal UE, and forwards the slice authentication request to the corresponding AMF for processing. As shown in fig. 3, a schematic diagram of communication authentication interaction among a base station gNB, a user equipment UE, and a core network element management module AMF is shown.
Step S14: and receiving a slice authentication response message forwarded by the core network element management module through the base station, wherein the slice authentication response message is loaded with a second slice authentication ciphertext set used for encrypting each slice supply scheme in the slice supply characteristic vector set, and each element in the second slice authentication ciphertext set is obtained by calculating a first encryption parameter, a second encryption parameter and a third encryption parameter.
The second slice authentication ciphertext set may be denoted by M, M ═ Ml,1≤l≤n},Ml=(Ml1,Ml2,Ml3) The first encryption parameter is Ml1The second encryption parameter is Ml2And the third encryption parameter is Ml3. Core network element management module pair Ml1、Ml2、Ml3Further calculations are performed.
Step S15: and calculating Euclidean distances between the slice request feature vector set and each slice supply scheme in the slice supply feature vector set according to the first encryption parameter, the second encryption parameter, the third encryption parameter and the random key.
And determining the optimal slice supply scheme meeting the requirements of the user terminal UE through the Euclidean distance.
In one embodiment, in step S14, the euclidean distances between the slice request feature vector set and the slice supply schemes in the slice supply feature vector set are calculated according to the first encryption parameter, the second encryption parameter, the third encryption parameter and the random key, and are calculated by the following formula (2):
Figure BDA0003521851640000121
wherein E is1For the first auxiliary calculation of the parameter, xjRequesting the jth slice feature element, E, in the feature vector set for a slice2Second secondary calculation parameter, E3For the third auxiliary calculation parameter, Ml1Is a first encryption parameter, Ml2For the second encryption parameter, Ml3Is a third encryption parameter, r is a random key, dlThe euclidean distance of the ith element between the feature vector set for the slice request and the respective slice supply schemes in the slice supply feature vector set.
After receiving the slice authentication response message forwarded by the base station gNB, the user terminal UE analyzes the slice authentication response message to obtain a second slice authentication secret set M, and calculates a slice request feature vector set F according to the second slice authentication secret set M and the random secret key rUEAnd each supply slicing scheme F provided by core network element management module AMFAMFl∈FAMFEuclidean distances between feature vectors.
Step S16: and determining the minimum distance from the Euclidean distances as a slice supply scheme of the matching slice request feature vector set, and forwarding the slice supply scheme to the core network element management module through the base station.
User terminal UE obtains slice request feature vector set FUETo each slice supply scheme FAMFl∈FAMFWith respect to the distance between the two electrodes, and the set of these distances is D ═ D1,…,dl,…,dn}. The UE selects D ═ min { D } with the smallest euclidean distance from the set D, and sends the number l of the slice scheme corresponding to D to the AMF as the slice scheme selected by the UE.
Therefore, in the method for matching the authentication message of the power 5G network slice based on the edge calculation in the embodiment of the invention, the user terminal does not need to interact with the AUSF (autonomous Underwater infrastructure) of the core network element, and a PKI (public key infrastructure) system is not required to be deployed, so that the communication interaction flow is obviously simplified. The user terminal UE calculates the slice request feature vector set F only by data interaction between the user terminal UE and the core network element management module AMFUEAnd each slice supply scheme F provided by core network element management module AMFAMFl∈FAMFEuclidean distances between feature vectors and selecting the closest slice scheme as its own slice selection. And using the random number set C and the random key r to select and match the slicing scheme F in the slicing selection matching processUEAnd FAMFThe characteristic information of the slicing scheme is hidden, so that a third-party attacker is prevented from illegally obtaining the slicing information, and the safety of the slicing scheme characteristic information is ensured.
Example 2
The embodiment of the invention also discloses an edge-computing-based matching method for the authentication message of the slice of the electric 5G network, which is used for a core network element management module, wherein the core network element management module can be represented by AMF (advanced metering framework), and as shown in figure 2, the method comprises the following steps:
step S21: and receiving a slice authentication request message forwarded by the user terminal through the base station, wherein the slice authentication request message is loaded with a first slice authentication ciphertext set used for encrypting each slice request characteristic element in the slice request characteristic vector set and a random data set randomly generated by the user terminal.
The first slice authentication ciphertext set is shown in equation (1) above, namely FUE′={x′j=xj+rcjJ is more than or equal to 1 and less than or equal to t }; and the random data set generated randomly by the user terminal is C ═ C1,…,cj,…,ct)。
After receiving the slice authentication request message sent by the user terminal UE, the base station gNB checks the slice authentication request message, selects an appropriate core network element management module AMF according to the slice authentication request message sent by the user terminal UE, and forwards the slice authentication request message to the corresponding core network element management module AMF for processing.
Step S22: and determining a slice supply feature vector set for supplying the slice request feature vector set by analyzing the first slice authentication ciphertext set and the random data set, wherein the slice supply feature vector set comprises a plurality of slice supply schemes, and each slice supply scheme is composed of a plurality of slice supply feature elements.
After receiving the slice authentication request message forwarded by the base station gNB, the core network element management module AMF analyzes the received slice authentication request message to obtain a first slice authentication ciphertext set FUE' and random data set C, and then examine multiple slicing schemes F available to itselfAMF=(FAMF1,…,FAMFl,…,FAMFn) The multiple slicing schemes may be candidates. For each slice scheme feature vector FAMFl∈FAMFWhich is defined as FAMFl=(y1,…,yj,…,yt)。
Step S23: and calculating a first encryption parameter, a second encryption parameter and a third encryption parameter according to the first slice authentication ciphertext set, the random data set and the feature element supplied by each slice.
The first encryption parameter is Ml1The second encryption parameter is Ml2And the third encryption parameter is Ml3
In one embodiment, in step S23, the first encryption parameter, the second encryption parameter, and the third encryption parameter are calculated according to the first slice authentication secret set, the random data set, and the feature element supplied by each slice, and are calculated according to the following formula (3):
Figure BDA0003521851640000151
wherein, Ml1Is a first encryption parameter, Ml2As a second encryption parameter, Ml3Is a third encryption parameter, x'jAuthenticating the ciphertext element, y, for the jth slicejSupplying characteristic elements for the jth slice in the scheme for each slice, cjIs the j-th digital element in the random data set.
Step S24: and determining a second slice authentication ciphertext set for encrypting each slice supply scheme in the slice supply characteristic vector according to the first encryption parameter, the second encryption parameter and the third encryption parameter.
In one embodiment, the step S24 determines a second slice authentication ciphertext set for encrypting each slice supply scheme in the slice supply feature vector according to the first encryption parameter, the second encryption parameter and the third encryption parameter, and is calculated by the following formula (4):
M={Ml,1≤l≤n},Ml=(Ml1,Ml2,Ml3); (4)
wherein M is a second slice authentication ciphertext set, MlAs ciphertext parameter elements, Ml1Is a first encryption parameter, Ml2For the second encryption parameter, Ml3Is the third encryption parameter. Within M is a set of ciphertexts containing a slice request scheme and a slice supply scheme.
Step S25: and generating a slice authentication response message according to the second slice authentication ciphertext set, and forwarding the slice authentication response message to the user terminal through the base station.
The core network element management module AMF sets M as { M ═ MlAnd l is more than or equal to 1 and less than or equal to n, and the slice authentication response message is sent to the user terminal UE through the base station gNB.
Therefore, in the method for matching slice authentication messages of the power 5G network based on edge computing in the embodiment of the present invention, the second slice authentication ciphertext set M is computed through the core network element management module AMF, so as to perform authentication interaction with the user terminal UE, which is beneficial for the user terminal UE to compute the slice request feature vector set FUEAnd each slice supply scheme f provided by core network element management module AMFAMFl∈FAMFThe euclidean distance between the feature vectors,and selects the most recent slice scheme as its own slice selection. The deployment scheme of the invention is simple, does not need to use a PKI system, and except that the user terminal UE and the core network element management module AMF carry out simple mathematical operation, other network elements only need to transmit messages and execute slice-related work, thus being beneficial to reducing calculation and data transmission expenses, reducing transmission delay and improving calculation and communication efficiency.
In fig. 3, a schematic diagram of communication authentication interaction among the base station gNB, the user equipment UE, and the core network element management module AMF is clearly shown.
Example 3
The embodiment of the invention also provides an electric power 5G network slice authentication message matching device based on edge calculation, which is used for a user terminal and comprises the following modules as shown in figure 4:
a slice request feature vector determining module 41, configured to determine a slice request feature vector set according to the service requirement and the network characteristic, where the slice request feature vector set includes multiple slice request feature elements.
And the first slice authentication ciphertext calculation module 42 is configured to calculate, according to the random data set and the random key that are randomly generated, a first slice authentication ciphertext set used for encrypting each slice request feature element in the slice request feature vector set.
And a slice authentication request message generating module 43, configured to generate a slice authentication request message according to the random data set and the first slice authentication ciphertext set, and forward the slice authentication request message to the core network element management module through the base station.
A slice authentication response message receiving module 44, configured to receive a slice authentication response message forwarded by the core network element management module through the base station, where the slice authentication response message is loaded with a second slice authentication ciphertext set used to encrypt each slice provision scheme in the slice provision feature vector set, and each element in the second slice authentication ciphertext set is obtained by calculating a first encryption parameter, a second encryption parameter, and a third encryption parameter.
And the euclidean distance calculating module 45 is configured to calculate respective euclidean distances between the slice request feature vector set and each slice supply scheme in the slice supply feature vector set according to the first encryption parameter, the second encryption parameter, the third encryption parameter, and the random key.
And a slice provisioning scheme matching module 46, configured to determine a minimum distance from the euclidean distances as a slice provisioning scheme for matching the slice request feature vector set, and forward the slice provisioning scheme to the core network element management module through the base station.
In one embodiment, the first slice authentication ciphertext computation module 42 computes the first slice authentication ciphertext for encrypting each slice request feature element in the slice request feature vector set based on the randomly generated random data set and the random key, and is computed by equation (1) above.
In one embodiment, the euclidean distance calculating module 45 calculates each euclidean distance between each slice supply scheme in the slice request feature vector set and each slice supply scheme in the slice supply feature vector set according to the first encryption parameter, the second encryption parameter, the third encryption parameter, and the random key, and calculates the euclidean distance by using the above formula (2).
The embodiment of the present invention further provides an edge-computing-based matching apparatus for slice authentication messages of a power 5G network, which is used for a core network element management module, and as shown in fig. 5, the apparatus includes the following modules:
a slice authentication request message receiving module 51, configured to receive a slice authentication request message forwarded by a user terminal through a base station, where the slice authentication request message is loaded with a first slice authentication ciphertext set used to encrypt each slice request feature element in a slice request feature vector set, and a random data set randomly generated by the user terminal.
A slice supply feature vector determining module 52, configured to determine a slice supply feature vector set used for supplying the slice request feature vector set by parsing the first slice authentication ciphertext set and the random data set, where the slice supply feature vector set includes multiple slice supply schemes, and each slice supply scheme is composed of multiple slice supply feature elements.
And an encryption parameter calculation module 53, configured to calculate a first encryption parameter, a second encryption parameter, and a third encryption parameter according to the first slice authentication ciphertext set, the random data set, and each slice supply feature element.
And a second slice authentication ciphertext set determination module 54, configured to determine, according to the first encryption parameter, the second encryption parameter, and the third encryption parameter, a second slice authentication ciphertext set used to encrypt each slice provision scheme in the slice provision feature vector.
And a slice authentication response message generating module 55, configured to generate a slice authentication response message according to the second slice authentication ciphertext set, and forward the slice authentication response message to the user terminal through the base station.
In one embodiment, the encryption parameter calculation module 53 calculates the first encryption parameter, the second encryption parameter, and the third encryption parameter based on the first slice authentication ciphertext set, the random data set, and the respective slice supply feature elements, and calculates by the above equation (3).
In one embodiment, the second slice authentication ciphertext set determination module 54 determines the second slice authentication ciphertext set for each slice provision scheme in the encrypted slice provision feature vector based on the first encryption parameter, the second encryption parameter, and the third encryption parameter, and calculates by equation (4) above.
Example 4
An embodiment of the present invention further provides a computer device, as shown in fig. 6, the computer device may include a processor 61 and a memory 62, where the processor 61 and the memory 62 may be connected by a bus or in another manner, and fig. 6 illustrates an example of a connection by a bus.
The processor 61 may be a Central Processing Unit (CPU). The Processor 61 may also be other general purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field Programmable Gate Arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, or combinations thereof.
The memory 62, which is a non-transitory computer readable storage medium, may be used to store non-transitory software programs, non-transitory computer executable programs, and modules. The processor 61 executes various functional applications and data processing of the processor by running non-transitory software programs, instructions and modules stored in the memory 62, that is, implements the edge calculation-based power 5G network slice authentication message matching method in the above-described embodiment. The memory 62 may include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application program required for at least one function; the storage data area may store data created by the processor 61, and the like. Further, the memory 62 may include high speed random access memory, and may also include non-transitory memory, such as at least one magnetic disk storage device, flash memory device, or other non-transitory solid state storage device. In some embodiments, the memory 62 may optionally include memory located remotely from the processor 61, and these remote memories may be connected to the processor 61 via a network. Examples of such networks include, but are not limited to, the power grid, the internet, intranets, local area networks, mobile communication networks, and combinations thereof.
The one or more modules are stored in the memory 62 and when executed by the processor 61 perform the edge-computing-based power 5G network slice authentication message matching method in the embodiment shown in the drawings.
The details of the computer device can be understood by referring to the corresponding related descriptions and effects in the embodiments shown in the drawings, and are not described herein again.
It will be understood by those skilled in the art that all or part of the processes of the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium, and when executed, can include the processes of the embodiments of the methods described above. The storage medium may be a magnetic Disk, an optical Disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a Flash Memory (Flash Memory), a Hard Disk (Hard Disk Drive, abbreviated as HDD), a Solid State Drive (SSD), or the like; the storage medium may also comprise a combination of memories of the kind described above.
It should be understood that the above examples are only for clarity of illustration and are not intended to limit the embodiments. Other variations and modifications will be apparent to persons skilled in the art in light of the above description. And are neither required nor exhaustive of all embodiments. And obvious variations or modifications therefrom are within the scope of the invention.

Claims (10)

1. A power 5G network slice authentication message matching method based on edge calculation is used for a user terminal, and is characterized by comprising the following steps:
determining a slice request feature vector set according to service requirements and network characteristics, wherein the slice request feature vector set comprises a plurality of slice request feature elements;
calculating a first slice authentication ciphertext set used for encrypting each slice request characteristic element in the slice request characteristic vector set according to a random data set and a random key which are randomly generated;
generating a slice authentication request message according to the random data set and the first slice authentication ciphertext set, and forwarding the slice authentication request message to a core network element management module through a base station;
receiving a slice authentication response message forwarded by the core network element management module through the base station, wherein the slice authentication response message is loaded with a second slice authentication ciphertext set used for encrypting each slice supply scheme in the slice supply characteristic vector set, and each element in the second slice authentication ciphertext set is obtained by calculating a first encryption parameter, a second encryption parameter and a third encryption parameter;
calculating Euclidean distances between the slice request feature vector set and each slice supply scheme in the slice supply feature vector set according to the first encryption parameter, the second encryption parameter, the third encryption parameter and the random key;
and determining the minimum distance from the Euclidean distances as a slice supply scheme matched with the slice request feature vector set, and forwarding the slice supply scheme to the core network element management module through the base station.
2. The electric power 5G network slice authentication message matching method based on edge computing of claim 1, wherein a first slice authentication ciphertext set for encrypting each slice request feature element in the slice request feature vector set is computed according to a randomly generated random data set and a random key, and is computed by the following formula:
FUE′={x′j=xj+rcj,1≤j≤t};
wherein, FUE' authenticating the first slice with a ciphertext set, xjFor the jth slice request feature element in the set of slice request feature vectors, for the random key, cjIs the j-th digital element, x 'in the random data set'jAnd t is the number of elements of the first slice authentication ciphertext set or the slice request feature vector set.
3. The edge-computation-based power 5G network slice authentication message matching method according to claim 1, wherein respective euclidean distances between the slice request feature vector set and the respective slice supply schemes in the slice supply feature vector set are computed from the first encryption parameter, the second encryption parameter, the third encryption parameter, and the random key by:
Figure FDA0003521851630000021
E2=Ml1-rMl2,E3=E1-2E2+Ml3
Figure FDA0003521851630000022
wherein E is1In order to calculate the parameters for the first aid,xjrequesting the jth slice feature element in the feature vector set for a slice, E2Second secondary calculation parameter, E3For the third auxiliary calculation of the parameter, Ml1For the first encryption parameter, Ml2For the second encryption parameter, Ml3R is the random key, d is the third encryption parameterlA Euclidean distance of an l-th element between the slice request feature vector set and each slice supply scheme in the slice supply feature vector set is requested for the slice.
4. A power 5G network slice authentication message matching method based on edge calculation is used for a core network element management module, and is characterized by comprising the following steps:
receiving a slice authentication request message forwarded by a user terminal through a base station, wherein the slice authentication request message is loaded with a first slice authentication ciphertext set used for encrypting each slice request characteristic element in the slice request characteristic vector set and a random data set randomly generated by the user terminal;
determining a slice supply feature vector set for supplying the slice request feature vector set by parsing the first slice authentication ciphertext set and the random data set, the slice supply feature vector set including a plurality of slice supply schemes, each slice supply scheme being composed of a plurality of slice supply feature elements;
calculating a first encryption parameter, a second encryption parameter and a third encryption parameter according to the first slice authentication ciphertext set, the random data set and the feature element supplied by each slice;
determining a second slice authentication ciphertext set for encrypting each slice supply scheme in the slice supply feature vector according to the first encryption parameter, the second encryption parameter and the third encryption parameter;
and generating a slice authentication response message according to the second slice authentication ciphertext set, and forwarding the slice authentication response message to the user terminal through the base station.
5. The edge-computing-based power 5G network slice authentication message matching method according to claim 4, wherein a first encryption parameter, a second encryption parameter and a third encryption parameter are computed from the first slice authentication secret set, the random data set and each slice supply feature element, by the following formulas:
Figure FDA0003521851630000031
wherein M isl1For the first encryption parameter, Ml2For the second encryption parameter, Ml3Is the third encryption parameter, x'jAuthenticating the ciphertext element, y, for the jth slicejSupply characteristic elements for the jth slice in the slice supply scheme, cjIs the jth digital element in the random data set.
6. The edge-computing-based power 5G network slice authentication message matching method according to claim 4, wherein a second slice authentication secret set used for encrypting each slice provisioning scheme in the slice provisioning feature vector is determined according to the first encryption parameter, the second encryption parameter and the third encryption parameter, and is calculated by the following formula:
M={Ml,1≤l≤n},Ml=(Ml1,Ml2,Ml3);
wherein M is the second slice authentication ciphertext set, MlFor the ciphertext parameter element, Ml1For the first encryption parameter, Ml2For the second encryption parameter, Ml3Is the third encryption parameter.
7. An electric power 5G network slice authentication message matching device based on edge calculation is used for a user terminal, and is characterized by comprising the following modules:
the system comprises a slicing request feature vector determining module, a slicing request feature vector determining module and a slicing request feature vector processing module, wherein the slicing request feature vector determining module is used for determining a slicing request feature vector set according to service requirements and network characteristics, and the slicing request feature vector set comprises a plurality of slicing request feature elements;
the first slice authentication ciphertext calculation module is used for calculating a first slice authentication ciphertext set used for encrypting each slice request characteristic element in the slice request characteristic vector set according to a random data set and a random key which are randomly generated;
a slice authentication request message generation module, configured to generate a slice authentication request message according to the random data set and the first slice authentication ciphertext set, and forward the slice authentication request message to a core network element management module through a base station;
a slice authentication response message receiving module, configured to receive a slice authentication response message forwarded by the core network element management module through the base station, where the slice authentication response message is loaded with a second slice authentication ciphertext set used to encrypt each slice provision scheme in a slice provision feature vector set, and each element in the second slice authentication ciphertext set is obtained by calculating a first encryption parameter, a second encryption parameter, and a third encryption parameter;
the Euclidean distance calculation module is used for calculating various Euclidean distances between the slice request feature vector set and each slice supply scheme in the slice supply feature vector set according to the first encryption parameter, the second encryption parameter, the third encryption parameter and the random key;
and the slice supply scheme matching module is used for determining the minimum distance from the Euclidean distances as a slice supply scheme matched with the slice request feature vector set, and forwarding the slice supply scheme to the core network element management module through the base station.
8. An electric power 5G network slice authentication message matching device based on edge calculation is used for a core network element management module, and is characterized by comprising the following modules:
a slice authentication request message receiving module, configured to receive a slice authentication request message forwarded by a user terminal through a base station, where the slice authentication request message is loaded with a first slice authentication ciphertext set used to encrypt each slice request feature element in the slice request feature vector set, and a random data set randomly generated by the user terminal;
a slice supply feature vector determination module, configured to determine a slice supply feature vector set used for supplying the slice request feature vector set by parsing the first slice authentication ciphertext set and the random data set, where the slice supply feature vector set includes a plurality of slice supply schemes, and each slice supply scheme is composed of a plurality of slice supply feature elements;
the encryption parameter calculation module is used for calculating a first encryption parameter, a second encryption parameter and a third encryption parameter according to the first slice authentication ciphertext set, the random data set and the feature element supply of each slice;
a second slice authentication ciphertext set determining module, configured to determine, according to the first encryption parameter, the second encryption parameter, and the third encryption parameter, a second slice authentication ciphertext set used for encrypting each slice provision scheme in the slice provision feature vector;
and the slice authentication response message generating module is used for generating a slice authentication response message according to the second slice authentication ciphertext set and forwarding the slice authentication response message to the user terminal through the base station.
9. A computer-readable storage medium storing computer instructions for causing a computer to execute the edge computing-based power 5G network slice authentication message matching method according to any one of claims 1 to 6.
10. A computer device, comprising: a memory and a processor, the memory and the processor are communicatively connected with each other, the memory stores computer instructions, and the processor executes the computer instructions to execute the power 5G network slice authentication message matching method based on edge computing according to any one of claims 1 to 6.
CN202210179452.5A 2022-02-25 2022-02-25 Electric power 5G network slice authentication message matching method and device based on edge calculation Active CN114745151B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210179452.5A CN114745151B (en) 2022-02-25 2022-02-25 Electric power 5G network slice authentication message matching method and device based on edge calculation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210179452.5A CN114745151B (en) 2022-02-25 2022-02-25 Electric power 5G network slice authentication message matching method and device based on edge calculation

Publications (2)

Publication Number Publication Date
CN114745151A true CN114745151A (en) 2022-07-12
CN114745151B CN114745151B (en) 2023-07-18

Family

ID=82274571

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210179452.5A Active CN114745151B (en) 2022-02-25 2022-02-25 Electric power 5G network slice authentication message matching method and device based on edge calculation

Country Status (1)

Country Link
CN (1) CN114745151B (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110087239A (en) * 2019-05-20 2019-08-02 北京航空航天大学 Based on the anonymous access authentication and cryptographic key negotiation method and device in 5G network
CN110800332A (en) * 2017-06-29 2020-02-14 华为国际有限公司 Network slice distribution method, equipment and system
CN112737813A (en) * 2020-12-11 2021-04-30 广东电力通信科技有限公司 Power business management method and system based on 5G network slice
WO2022038292A1 (en) * 2020-08-21 2022-02-24 Koninklijke Philips N.V. Privacy of relay selection in cellular sliced networks

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN110800332A (en) * 2017-06-29 2020-02-14 华为国际有限公司 Network slice distribution method, equipment and system
CN110087239A (en) * 2019-05-20 2019-08-02 北京航空航天大学 Based on the anonymous access authentication and cryptographic key negotiation method and device in 5G network
WO2022038292A1 (en) * 2020-08-21 2022-02-24 Koninklijke Philips N.V. Privacy of relay selection in cellular sliced networks
CN112737813A (en) * 2020-12-11 2021-04-30 广东电力通信科技有限公司 Power business management method and system based on 5G network slice

Also Published As

Publication number Publication date
CN114745151B (en) 2023-07-18

Similar Documents

Publication Publication Date Title
CN108111301B (en) Method and system for realizing SSH protocol based on post-quantum key exchange
Roman et al. Pairing-based authentication protocol for V2G networks in smart grid
Cao et al. GBAAM: group‐based access authentication for MTC in LTE networks
Zhang et al. Privacy-preserving profile matching for proximity-based mobile social networking
Lee et al. A new delegation-based authentication protocol for use in portable communication systems
CN109756877B (en) Quantum-resistant rapid authentication and data transmission method for massive NB-IoT (NB-IoT) equipment
CN110933033B (en) Cross-domain access control method for multiple Internet of things domains in smart city environment
CN105577357A (en) Intelligent household data privacy protection method based on full homomorphic encryption
US10505722B2 (en) Shared secret communication system with use of cloaking elements
CN103414559B (en) A kind of identity identifying method of based on class IBE system under cloud computing environment
CN112910861A (en) Group authentication and segmented authentication-based authentication method for terminal equipment of power internet of things
CN101183942A (en) Client credential based secure session authentication method and apparatus
CN113572765B (en) Lightweight identity authentication key negotiation method for resource-limited terminal
CN105577377A (en) Identity-based authentication method and identity-based authentication system with secret key negotiation
CN115883053A (en) Model training method and device based on federated machine learning
CN114286416A (en) Communication control method and device, electronic device and storage medium
Yu et al. Quantum-resistance authentication and data transmission scheme for NB-IoT in 3GPP 5G networks
CN101820626B (en) Wireless MESH network ID based partially blind signature method without credible PKG (Private Key Generator)
Sikarwar et al. LABVS: Lightweight authentication and batch verification scheme for universal internet of vehicles (UIoV)
CN106571913A (en) Two-party authentication key negotiation method for power wireless private network
US20200366474A1 (en) Private key generation method and device
CN115242412B (en) Certificateless aggregation signature method and electronic equipment
CN114745151A (en) Edge calculation-based power 5G network slice authentication message matching method and device
EP3190856A2 (en) Communications method, device, and system
CN114172742B (en) Hierarchical authentication method for electric power Internet of things terminal equipment based on node map and edge authentication

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant