CN115665749B - Safe and trusted access method and system for mass industrial equipment - Google Patents

Safe and trusted access method and system for mass industrial equipment Download PDF

Info

Publication number
CN115665749B
CN115665749B CN202211700084.0A CN202211700084A CN115665749B CN 115665749 B CN115665749 B CN 115665749B CN 202211700084 A CN202211700084 A CN 202211700084A CN 115665749 B CN115665749 B CN 115665749B
Authority
CN
China
Prior art keywords
data
equipment
node
cloud server
identifier
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202211700084.0A
Other languages
Chinese (zh)
Other versions
CN115665749A (en
Inventor
李俊
孔同
林晨
郝志强
王冲华
韦彦
周昊
樊佩茹
余果
李耀兵
江浩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Industrial Control Systems Cyber Emergency Response Team
Original Assignee
China Industrial Control Systems Cyber Emergency Response Team
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Industrial Control Systems Cyber Emergency Response Team filed Critical China Industrial Control Systems Cyber Emergency Response Team
Priority to CN202211700084.0A priority Critical patent/CN115665749B/en
Publication of CN115665749A publication Critical patent/CN115665749A/en
Application granted granted Critical
Publication of CN115665749B publication Critical patent/CN115665749B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Landscapes

  • Storage Device Security (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention relates to a safe and credible access method and system for mass industrial equipment. The invention relates to a 5G-based edge block chain technology, which is characterized in that an equipment node is subjected to identity authentication based on a management domain identifier and a terminal identifier, after the identity authentication of the equipment node is passed, data in the equipment node is segmented according to time, the segmented data is encrypted and then transmitted to a cloud server, then, the data in the equipment node received in the cloud server is subjected to integrity verification by adopting an edge block chain, and after the data in the equipment node received in the cloud server is subjected to integrity verification, the equipment node is accessed into an industrial network, so that the problems of high equipment delay and safety caused by the performance of equipment in the prior art are solved, the access safety of mass data can be improved, and the invention has the characteristic of low management cost.

Description

Safe and trusted access method and system for mass industrial equipment
Technical Field
The invention relates to the technical field of data access processing, in particular to a safe and credible access method and system for mass industrial equipment.
Background
The traditional data protection means adopts a gateway access technology, and in a field bus-based mode, because the application scenes of all devices are different, the communication protocols of the devices are greatly different, and the devices are unsafe to access due to non-uniform standards. Other industrial fiber networks such as Narrow Band Internet of Things (NB-IoT), wi-Fi, bluetooth, etc. have severe limitations in bandwidth, reliability and security as the connectivity requirements develop.
The existing data security protection technical scheme is realized based on an Ethernet + TCP/IP equipment access technology, wherein free communication is divided into two categories: a Transmission Control Protocol (TCP) and a User Datagram Protocol (UDP), which may be used as a TCP client or a TCP server when an ethernet type uses a TCP communication method. Free communication over ethernet is possible. Free-format communication is data transfer in the form of data blocks, limited by the Programmable Logic Controller (PLC) cache, with a maximum amount of 1000 bytes per transmission and reception.
Moreover, the identity authentication and data acquisition of the existing equipment nodes are generally performed by adopting a traditional centralized server mode. However, with the development of information technology, the traditional infrastructure is connected to the Internet through industrial ethernet, and then a wide range of network attacks on the operating industrial devices come along. Traditional centralized equipment identity management inevitably leads to bureaucratic processes, huge management costs, as well as being vulnerable to malicious attacks and to single points of failure and privacy damages. Secondly, scalability is another challenge that needs to be solved by industrial devices, and the traditional centralized data collection and analysis approach is becoming a performance bottleneck of industrial devices. To meet the emerging requirements for industrial device access to support advanced critical infrastructure in the industry, a decentralized approach is inevitably required. Most of the traditional distributed authentication methods follow the scheme of a Policy Decision Point (PDP) and a Policy Enforcement Point (PEP), and the PEP with limited resources is connected to the PDP to perform access control by acquiring an authorization token, but the security of the execution environment of a large number of distributed policy decision points is also difficult to be ensured, so that the problem of single point failure is not fundamentally improved.
Disclosure of Invention
In order to solve the problems in the prior art, the invention provides a safe and credible access method and system for mass industrial equipment.
In order to achieve the purpose, the invention provides the following scheme:
a safe and trusted access method for mass industrial equipment comprises the following steps:
dividing the equipment nodes into different management domains according to the use scenes and the use functions, and generating management domain identifiers; the equipment node is industrial cellular terminal equipment to be accessed; each management domain device node is connected with the industrial cellular network device; each equipment node is configured with a corresponding terminal identifier;
adopting an edge block chain to perform identity authentication on the equipment node based on the management domain identifier and the terminal identifier;
after the identity authentication of the equipment node is passed, segmenting data in the equipment node according to time, encrypting the segmented data and transmitting the encrypted data to a cloud server;
performing integrity verification on the data in the equipment node received in the cloud server by adopting the edge block chain;
when the data in the equipment node received in the cloud server passes integrity verification, accessing the equipment node to an industrial network;
and interrupting the operation when the identity authentication of the equipment node is not passed or the data in the equipment node received in the cloud server is not subjected to integrity verification.
Preferably, the performing, by using the edge block chain, identity authentication on the device node based on the management domain identifier and the terminal identifier specifically includes:
judging whether the management domain identifier exists in the public domain of the edge block chain to obtain a first judgment result;
when the first judgment result indicates that the management domain identifier does not exist in the public domain of the edge block chain, interrupting operation;
when the first judgment result is that the management domain identifier exists in the public domain of the edge block chain, acquiring a terminal identifier of a device node in the management domain corresponding to the management domain identifier, and judging whether the terminal identifier exists in the public domain of the edge block chain, so as to obtain a second judgment result;
when the second judgment result is that the terminal identifier does not exist in the public domain of the edge block chain, interrupting operation;
when the second judgment result is that the terminal identifier exists in the public domain of the border block chain, determining whether a public address corresponding to the terminal identifier in the public domain corresponds to a public address corresponding to the management domain identifier, and obtaining a third judgment result;
when the third judgment result is that the public address corresponding to the terminal identifier does not correspond to the public address corresponding to the management domain identifier, interrupting the operation;
when the third judgment result is that the public address corresponding to the terminal identifier corresponds to the public address corresponding to the management domain identifier, checking whether the terminal identifier, the public address and the management domain identifier are all valid;
interrupting operation when the terminal identifier, the public address, or the administrative domain identifier is invalid;
and when the terminal identifier, the public address and the management domain identifier are all valid, completing the identity authentication of the equipment node.
Preferably, after the identity authentication of the device node is passed, segmenting data in the device node according to time, encrypting the segmented data, and transmitting the encrypted data to the cloud server, specifically including:
determining a life field and a key updating frequency by adopting an equipment node;
determining the maximum number of data segments according to the life field and the key updating frequency;
acquiring a random key, and updating the random key based on a cryptographic hash function to obtain an updated key;
and segmenting the data in the equipment nodes according to time based on the maximum data segment number, encrypting the segmented data by adopting the updated key, and transmitting the encrypted data to the cloud server.
Preferably, the performing integrity verification on the data in the device node received by the cloud server by using the edge block chain specifically includes:
verification formula mac i =T(HMAC(m i ,k i )) λ And formula H (k) i ||i-1)=k i-1 Whether the data in the equipment node received by the cloud server passes integrity verification is judged, if the data in the equipment node received by the cloud server passes integrity verification, and if the data in the equipment node received by the cloud server does not pass integrity verification;
wherein i is the number, i =1, 2., n, T (×) represents the truncation process on the message authentication code, λ is the length of the Hash function output message authentication code, and HMAC (×) is the Hash-based messageDetermination function of authentication code, m i For the ith segment data, k i The key for the ith segmented data, H (. DELTA.) -is the cryptographic hash function, | | is the function symbol, mac i Authentication code for i-th segmented message, k i-1 The key of the i-1 th section data.
Preferably, before identity authentication is performed on the device node based on the management domain identifier and the terminal identifier by using the edge block chain, the method further includes:
and the equipment node registers and applies for an authentication certificate to the public domain of the edge block chain based on the terminal identifier.
Corresponding to the above-mentioned safe and trusted access method for mass industrial equipment, the present invention also provides a safe and trusted access system for mass industrial equipment, which comprises:
the control equipment layer is used for dividing the equipment nodes into different management domains according to the use scenes and the use functions and generating management domain identifiers; the equipment node is industrial cellular terminal equipment to be accessed; each management domain device node is connected with the industrial cellular network device; each device node is configured with a corresponding terminal identifier;
the edge agent layer is connected with the control equipment layer and used for performing identity authentication and data integrity verification on the equipment node;
and the storage application layer is connected with the edge proxy layer and is used for storing the data passing the integrity verification.
Preferably, the edge proxy layer comprises an edge blockchain and a cloud server.
According to the specific embodiment provided by the invention, the invention discloses the following technical effects:
the invention provides a safe and credible access method and a system for mass industrial equipment, which are based on 5G marginal zone block chain technology, carry out identity authentication on equipment nodes based on management domain identifiers and terminal identifiers, segment data in the equipment nodes according to time after the identity authentication of the equipment nodes is passed, encrypt the segmented data and transmit the data to a cloud server; secondly, integrity verification is carried out on data in the equipment nodes received in the cloud server by adopting an edge block chain, and after the data in the equipment nodes received in the cloud server passes the integrity verification, the equipment nodes are accessed into an industrial network, so that the problems of high time delay of the equipment and safety caused by the performance of the equipment in the prior art are solved; moreover, the access security of mass data can be improved, and the method has the characteristic of low management cost.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings needed in the embodiments will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present invention, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
FIG. 1 is a flow chart of a secure and trusted access method for mass industrial devices provided by the present invention;
FIG. 2 is an architecture diagram of identity authentication provided by an embodiment of the present invention;
FIG. 3 is a schematic diagram of data time-slicing transmission according to an embodiment of the present invention;
fig. 4 is an architecture diagram of a secure and trusted access system for mass industrial devices according to the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be obtained by a person skilled in the art without making any creative effort based on the embodiments in the present invention, belong to the protection scope of the present invention.
The invention aims to provide a safe and credible access method and system for mass industrial equipment, which can solve the problems of high equipment delay and safety caused by the performance of the equipment in the prior art, can improve the access safety of mass data and has the characteristic of low management cost.
In order to make the aforementioned objects, features and advantages of the present invention more comprehensible, the present invention is described in detail with reference to the accompanying drawings and the detailed description thereof.
The core network and the access network in the 5G cellular network have different functions, and the support of the whole cellular network on transmission is cooperatively completed. After the cellular network receives the traffic tunneling packet, the data packet is transmitted within the cellular network. Based on that a service data packet is transmitted through a wire of an internal node of a core network and then the data packet is sent to a terminal device through an air interface, as shown in fig. 1, the safe and trusted access method for mass industrial devices, provided by the invention, comprises the following steps:
step 100: the device nodes are divided into different administrative domains according to the use scenes and the use functions, and administrative domain identifiers are generated. The equipment node is an industrial cellular terminal equipment to be accessed. Each administrative domain device node is connected to an industrial cellular network device. Each device node is configured with a corresponding terminal identifier.
The step is mainly completed in an initialization stage, and device nodes in an Industrial Control System (ICS) are divided into different management domains according to a specific scene, and each management domain includes a certain device node subset and a plurality of high-performance edge proxy nodes (i.e., industrial cellular network devices).
The edge proxy node creates a management domain identifier under the assistance of an administrator, specifically, the edge proxy node generates a new certificate by using a private key signature and creates an identifier to distribute the identifier among all edge proxy nodes, and globally deploys the authentication management SC-PDP of the edge proxy node, thereby preventing double registration and identity authority management of the edge proxy node. At the same time, a common domain is created for each edge proxy node for better management of subsequent associated device nodes. And then the edge proxy node is encrypted and sent to an administrator by using an administrator public key, the administrator extracts a certificate and issues the certificate to the device node with restricted resources in the domain, and the system administrator shares the public address of the device node with the edge proxy node to prevent any malicious device from being added. In the initialization stage, the device node subset is mainly divided to determine the area, and the edge proxy node requests the edge block chain to establish the management authority.
Step 101: and carrying out identity authentication on the equipment node based on the management domain identifier and the terminal identifier by adopting the edge block chain. The identity authentication of the communication node is the basis of data integrity, so the identity authentication of the equipment node is very important. In order to better perform identity authentication management on the equipment node, the edge proxy node is utilized to generate authentication credentials for the equipment node in the management domain to provide the equipment node with identity authentication and authorization delegation services, registration information and an authorization log are uniformly recorded in the intelligent contract, and an access control strategy is provided through the intelligent contract to improve the communication security of the equipment node.
In this step, the identity authentication of the device node is mainly implemented based on the edge proxy node and the public domain in the edge block chain, and the specific process is as follows:
step 101-0: generating authentication credentials
After the edge proxy node joins the public domain, the device node in the management domain starts to register and apply for the authentication certificate by using the identifier (namely the terminal identifier) related to the device node: firstly, the equipment node generates a registration token for the equipment node by using a private key, and sends the generated registration token and a certificate distributed by an administrator to the edge proxy node to apply for an identity certificate. If the supplied certificate is legal and the terminal identifier is in the public domain. It is verified whether the public key for the registration token exists. It is verified whether the public address is the same as a public address previously saved by a system administrator. After all confirmations, the edge proxy nodes generate authentication credentials, and the authentication credential mapping is updated to the registration contract after the edge proxy nodes reach consensus. Finally, the edge proxy node provides the newly registered device with a credential named auth _ token. In the future, the device will use the credential auth token for authentication, and the flow is shown in fig. 2.
The authentication certificate generation stage mainly aims at the equipment nodes with limited resources, and is used for the limited equipment nodes to apply for authentication certificates from the edge proxy nodes by utilizing self-related identifiers, and safety is provided for identity authentication of subsequent equipment node data.
Step 101-1: authenticating device node identity
In the device communication phase, the edge proxy node needs to authenticate the identity of the device node managed by the edge proxy node. The edge proxy node applies the equipment node to verify the validity of the data packet, extracts relevant information in the certificate auth _ token by using the public key of the edge proxy node, and then performs verification in a public domain, wherein the specific process is as follows:
step 1: detecting whether the management domain identifier exists in the public domain or not through the intelligent contract, and if the management domain identifier exists in the public domain, implementing the step 2; if the administrative domain identifier does not exist in the public domain, the operation is interrupted.
And 2, step: the terminal identifier it provides is audited by the public domain whether it also exists in the public domain, or whether it is associated with the administrative domain identifier.
And 3, step 3: if the terminal identifier exists in the public domain of the associated administrative domain identifier, further checking whether the public address of the provided device node corresponds to the public address in the public domain, if so, performing step 4, and if not, interrupting the operation.
And 4, step 4: the intelligent contract is used to check whether the given mapping (i.e. device identifier, public address and administrative domain identifier) is valid, if so, the identity of the device node is authenticated, and if not, the operation is interrupted.
The process of identity authentication is automatically executed by the intelligent contract, and the safety and the validity of the authentication process are ensured. The number of times the common domain update is performed can be reduced.
And the equipment node identity authentication phase is used for confirming the identity of the limited equipment node and providing a safe basis for subsequent data interaction.
Step 102: and after the identity authentication of the equipment node is passed, segmenting the data in the equipment node according to time, encrypting the segmented data and transmitting the encrypted data to the cloud server.
In the invention, a commitment scheme is used to delay the disclosure of key information rather than hiding the key by encryption, and meanwhile, a Hash-based message authentication code (HMAC) constructed by a Secure Hash Algorithm (SHA-1) encryption Hash function is cut off, and the length of the Message Authentication Code (MAC) value is cut off to 80bits. Meanwhile, in order to reduce the calculation burden of the nodes, the reverse hash chain table is used for updating the key so as to reduce the operation cost of public key encryption. Briefly, the present invention uses a data integrity protection scheme of a device node to generate a single digital signature for initial key commitment, and by updating the key information field multiple times, a large amount of data can be protected over a relatively long period of time.
The following fields are mainly used in this step:
(1) A sender: and the authentication certificate auth _ token of the equipment node is used for confirming the identity of the sender.
(2) Message authentication code length: for determining the length lambda (2 s) of the intercepted message authentication code<λ< l) S is a determined function of the hash-based message authentication code,lthe length of the message authentication code is output for the Hash function.
(3) Key information: this is the key information used in the selected data integrity mechanism, and the device node may select a hash-based message authentication code (HMAC) or a cipher-based message authentication code (CMAC).
(4) Key update frequency: the update frequency f is used to determine the number of times the key is used, and the key is updated from k after the key is used for a certain time of data units i-1 Is updated to k i And stop using k i-1 To ensure the integrity of the new data unit.
(5) Scheme life: the field is a positive integer n, and is used for determining the maximum number of times for updating the verification key, the maximum number of times for updating the verification key further determines the maximum number of data segments protected by the scheme, and the calculation formula of the maximum number of data segments num is as follows:
num =n×f。
wherein, n is a lifetime field, and f is a key updating frequency.
Of nodes of the apparatusData is mostly a vector with time characteristics, so a time-based key update is used for constructing a data integrity protection scheme, a device node firstly determines a life field n which specifies the number of times a data authentication key can be updated by using the scheme, and selects a random MAC key k n
Then, the key is updated using the inverse hash chain table: k is a radical of n-1 ←(k n ||n-1),...,k 1 ←H(k 2 1), where H (×) is a cryptographic hash function with sufficient output size (e.g., SHA-1).
K calculated as above n-1 The key information field is hidden from the public at the time of creation to prevent an adversary from generating a valid MAC for the dummy data, but later requires a public key to allow others to use it to verify the MAC generated by the sender. Then the node determines the key update frequency f and decides the maximum number of data segments to protect. The frequency f of key update also affects the latency of verifying the integrity of the data, because only after the key update, the previous key is revealed for data integrity verification, and the device node uses the new key to protect the next piece of data. Updating the key information can protect a large amount of data for a relatively long time.
After the data integrity protection scheme is successfully built, the device node may transmit its internal data in time segments using a timer with a configurable time interval. Device node usage k 1 As the key for the first segment data authentication, and the key k for the first segment data authentication 1 Calculated truncated value mac 1 Appended to the original data (data m) 1 ) And then sent to the edge blockchain network, while transmitting the encrypted data of the segments in another channel, as shown in fig. 3. The device node will then pass the key from k if necessary i-1 Is updated to k i (1<i<n). Wherein, data m 1 ,data m 2 ,...,data m n Representing the original data in different channels.
Step 103: and carrying out integrity verification on the data in the equipment nodes received in the cloud server by adopting the edge block chain. Although digital signatures can protect the integrity of communication data, the device node computation and power resources in most control systems are limited and cannot withstand high frequency computation-intensive asymmetric encryption operations, especially in high frequency acquisition devices and metering devices that rely on battery power. Therefore, the invention customizes the data integrity protection scheme of the equipment node and ensures the backward safety of the acquired data by using the non-falsification characteristic of the block chain. In the data integrity protection scheme, the device nodes and communication data characteristics in the ICS are considered, and the truncated HMAC is used to construct a commitment scheme to perform integrity protection on the message.
Data generated by the device nodes in a period of time is sent to the cloud server for storage, and the edge proxy nodes are responsible for managing and verifying the integrity of the data. When the cloud server receives and stores the data segment m i Its integrity cannot be verified immediately. The edge proxy node can only be used when the equipment node is at t i+1 Time period and provided protection key k i Then, the data section m can be verified i Whether complete, at t i+1 And the time edge proxy node verifies whether the formula (1) and the formula (2) are established or not, and if both are established, the verified data segment is complete.
mac i =T(HMAC(m i ,k i )) λ (1)
H(k i ||i-1)=k i-1 (2)
Wherein, i is the number, i =1, 2.,. N, and the function T (×) is the truncation processing of the message authentication code, even if the HMAC truncation processing reduces the intensity of the message authentication, the security risk of the truncated HMAC is still relatively low, and λ =80bits after truncation, and the HMAC collision resistance intensity is λ/2=40bits, which can meet the actual requirement of the node device data integrity. The frequency of rekeying f can be selected based on data real-time requirements, and can be reduced for data with less real-time requirements to save on constrained device computing resources, such as an AI module with prediction function that is only interested in the complete historical data generated by the system. For a data application party with higher real-time performance, the key updating frequency can be increased to reduce the verification waiting time.
Step 104: and when the data in the equipment node received in the cloud server passes the integrity verification, accessing the equipment node to the industrial network.
Step 105: and when the identity authentication of the equipment node fails or the data in the equipment node received in the cloud server fails the integrity verification, interrupting the operation.
Corresponding to the above-mentioned method for secure and trusted access of mass industrial devices, the present invention further provides a system for secure and trusted access of mass industrial devices, as shown in fig. 4, the system includes:
and a control device layer 400 for dividing the device nodes into different administrative domains according to the usage scenario and the usage function, and generating an administrative domain identifier. The equipment node is an industrial cellular terminal equipment to be accessed. Each administrative domain device node is connected to an industrial cellular network device. Each device node is configured with a corresponding terminal identifier.
The edge proxy layer 401 includes an edge block chain and a cloud server, and is connected to the control device layer, and configured to perform identity authentication and data integrity verification on the device node. Specifically, the edge proxy layer 401 includes an edge node network that enables a block chain, and the edge proxy node is composed of high-performance nodes such as an industrial computer, a data analysis server, and an edge server. They are set as Agent edge proxy nodes, each Agent edge proxy node managing restricted device nodes to form edge block chains, each edge block chain serving only a subset of device nodes. The edge proxy nodes communicate with each other to synchronize the related information of the authentication, authorization association and integrity protection scheme so as to realize the resource access request of the transaction and the verification of the integrity of the system data. The specific implementation process can refer to the specific implementation steps of the secure and trusted access method for the mass industrial equipment.
And a storage application layer 402 connected to the edge proxy layer 401 for storing the data passing the integrity verification. The data providers may cooperate to store data generated by the device nodes in transit and assist the edge proxy layer 401 in data analysis. The massive industrial devices are not completely trusted and may be subject to a change node generated data situation, and when such a situation occurs, the verification information of the blockchain in the edge proxy layer 401 may help the end user to detect the modification.
In addition, the security authentication part in the framework shown in fig. 4 is designed from two major aspects of equipment node identity authentication and equipment node data integrity authentication. The equipment node identity authentication process comprises a system initialization stage, an authentication certificate generation stage and an equipment node identity authentication stage. In the system initialization stage, the device node subset is mainly divided to determine the management area, and the edge proxy node requests the block chain to establish management authority. The authentication voucher generation phase mainly aims at the nodes with limited resources and is used for applying the authentication voucher to the edge high-performance nodes by the limited nodes through the self-related identifiers. And the identity authentication stage is used for confirming the identity of the equipment node and providing a safe basis for subsequent data interaction. The equipment node data identity authentication mainly comprises the design of a data integrity protection scheme, the uploading of the scheme and the verification of data integrity. The Digital Signature Algorithm mainly adopts Elliptic Curve Digital Signature Algorithm (ECDSA).
The invention introduces new security measures and agent schemes on the framework of traditional PDP (dynamic behavior-Metric Programs), specifically provides a trusted execution environment for distributed PDPs (plasma display panels) through a block chain, provides authorization services for limited industrial control equipment PEPs (Passive Power controllers) through edge PDPs, and the system structure can disperse the identity management authority of each management domain. The method not only improves the expansibility of ICS, but also reduces the resource requirement of PEP and the response delay of the whole system. Meanwhile, in order to overcome the limitations of the nodes in the aspects of strong calculation, energy, isomerism and the like, a node data integrity protection scheme is customized. In general, the effort required to reconcile the large amount of data and blockchains associated with access is concentrated on several edge PDPs organized into edge federation chain networks, while edge blockchains are organized and managed using a global federation chain. For ease of understanding, the PEP nodes of the present invention are described as device nodes and the PDP nodes are described as edge proxy nodes.
Compared with the prior art, the invention also has the following advantages:
1. the invention adopts the 5G cellular network to ensure the continuity of data transmission and prevent the loss of data packets at the equipment terminal acquisition, and the cellular network supports the system level and the reliability of link guarantee transmission.
2. The invention uses a data integrity scheme, namely a relevant truncation mode, in the node data identity authentication, and can realize the effect of achieving the equipment access safety on the data integrity and the safety.
The embodiments in the present description are described in a progressive manner, each embodiment focuses on differences from other embodiments, and the same and similar parts among the embodiments are referred to each other. For the system disclosed by the embodiment, the description is relatively simple because the system corresponds to the method disclosed by the embodiment, and the relevant points can be referred to the method part for description.
The principles and embodiments of the present invention have been described herein using specific examples, which are provided only to help understand the method and the core concept of the present invention; meanwhile, for a person skilled in the art, according to the idea of the present invention, the specific embodiments and the application range may be changed. In view of the above, the present disclosure should not be construed as limiting the invention.

Claims (6)

1. A safe and trusted access method for mass industrial equipment is characterized by comprising the following steps:
dividing the equipment nodes into different management domains according to the use scenes and the use functions, and generating management domain identifiers; the equipment node is industrial cellular terminal equipment to be accessed; each management domain device node is connected with the industrial cellular network device; each equipment node is configured with a corresponding terminal identifier;
adopting an edge block chain to perform identity authentication on the equipment node based on the management domain identifier and the terminal identifier;
after the identity authentication of the equipment node is passed, segmenting data in the equipment node according to time, encrypting the segmented data and transmitting the encrypted data to a cloud server;
performing integrity verification on the data in the equipment node received in the cloud server by adopting the edge block chain;
when the data in the equipment node received in the cloud server passes integrity verification, accessing the equipment node to an industrial network;
interrupting operation when the identity authentication of the equipment node fails or data in the equipment node received in the cloud server fails integrity verification;
the performing integrity verification on the data in the device node received in the cloud server by using the edge block chain specifically includes:
verifying a formula mac i =T(HMAC(m i ,k i )) λ And formula H (k) i ||i-1)=k i-1 Whether the data in the equipment node received by the cloud server passes integrity verification is judged, if the data in the equipment node received by the cloud server passes integrity verification, and if the data in the equipment node received by the cloud server does not pass integrity verification;
wherein i is a number, i =1, 2., n, T (×) represents an intercept process of the message authentication code, λ is a length of the message authentication code output by the Hash function, HMAC (×) is a determination function of the Hash-based message authentication code, m is a number i For the i-th segmented data, k i For the key of the ith segmented data, H (#) is a cryptographic hash function, | | is a function symbol, mac i Authentication code for i-th segmented message, k i-1 The key of the i-1 th section data.
2. The method according to claim 1, wherein the performing, by using the edge block chain, the identity authentication on the device node based on the management domain identifier and the terminal identifier specifically includes:
judging whether the management domain identifier exists in the public domain of the edge block chain to obtain a first judgment result;
when the first judgment result indicates that the management domain identifier does not exist in the public domain of the edge block chain, interrupting operation;
when the first judgment result indicates that the management domain identifier exists in the public domain of the edge block chain, acquiring a terminal identifier of a device node in the management domain corresponding to the management domain identifier, and judging whether the terminal identifier exists in the public domain of the edge block chain, so as to obtain a second judgment result;
when the second judgment result is that the terminal identifier does not exist in the public domain of the edge block chain, interrupting operation;
when the second judgment result is that the terminal identifier exists in the public domain of the edge block chain, determining whether a public address corresponding to the terminal identifier in the public domain corresponds to a public address corresponding to the management domain identifier, and obtaining a third judgment result;
when the third judgment result is that the public address corresponding to the terminal identifier does not correspond to the public address corresponding to the management domain identifier, interrupting operation;
when the third judgment result is that the public address corresponding to the terminal identifier corresponds to the public address corresponding to the management domain identifier, checking whether the terminal identifier, the public address and the management domain identifier are all valid;
interrupting operation when the terminal identifier, the public address, or the administrative domain identifier is invalid;
and when the terminal identifier, the public address and the management domain identifier are all valid, completing the identity authentication of the equipment node.
3. The secure and trusted access method for mass industrial devices according to claim 1, wherein after the identity authentication of the device node is passed, segmenting data in the device node according to time, encrypting the segmented data, and transmitting the encrypted data to the cloud server, specifically comprising:
determining a life field and a key updating frequency by adopting an equipment node;
determining the maximum number of data segments according to the life field and the key updating frequency;
acquiring a random key, and updating the random key based on an encryption hash function to obtain an updated key;
and segmenting the data in the equipment nodes according to time based on the maximum data segment number, encrypting the segmented data by adopting the updated key, and transmitting the encrypted data to a cloud server.
4. The secure and trusted access method for the mass industrial devices according to claim 1, further comprising, before performing the identity authentication on the device node based on the management domain identifier and the terminal identifier by using an edge block chain:
and the equipment node registers and applies for an authentication certificate to the public domain of the edge block chain based on the terminal identifier.
5. A secure and trusted access system for mass industrial devices, comprising:
the control equipment layer is used for dividing the equipment nodes into different management domains according to the use scenes and the use functions and generating management domain identifiers; the equipment node is industrial cellular terminal equipment to be accessed; each management domain device node is connected with the industrial cellular network device; each equipment node is configured with a corresponding terminal identifier;
the edge agent layer is connected with the control equipment layer and used for carrying out identity authentication and data integrity verification on the equipment nodes;
the storage application layer is connected with the edge proxy layer and used for storing the data passing the integrity verification;
adopting the edge block chain to carry out integrity verification on the data in the equipment node received in the cloud server, specifically comprising:
verification formula mac i =T(HMAC(m i ,k i )) λ And formula H (k) i ||i-1)=k i-1 Whether the integrity verification is established or not, if so, the data in the equipment node received in the cloud server passes the integrity verification, and if not, the data in the equipment node received in the cloud server does not pass the integrity verification;
where i is a number, i =1, 2.., n, T (×) represents a truncation process of the message authentication code, λ is a length of the Hash function output message authentication code, HMAC (×) is a determination function of the Hash-based message authentication code, and m is a number i For the i-th segmented data, k i For the key of the ith segmented data, H (#) is a cryptographic hash function, | | is a function symbol, mac i Authentication code for i-th segmented message, k i-1 Is the key of the i-1 th segment data.
6. The mass industrial device secure trusted access system of claim 5, wherein the edge proxy layer comprises an edge blockchain and a cloud server.
CN202211700084.0A 2022-12-29 2022-12-29 Safe and trusted access method and system for mass industrial equipment Active CN115665749B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202211700084.0A CN115665749B (en) 2022-12-29 2022-12-29 Safe and trusted access method and system for mass industrial equipment

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202211700084.0A CN115665749B (en) 2022-12-29 2022-12-29 Safe and trusted access method and system for mass industrial equipment

Publications (2)

Publication Number Publication Date
CN115665749A CN115665749A (en) 2023-01-31
CN115665749B true CN115665749B (en) 2023-03-17

Family

ID=85022245

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202211700084.0A Active CN115665749B (en) 2022-12-29 2022-12-29 Safe and trusted access method and system for mass industrial equipment

Country Status (1)

Country Link
CN (1) CN115665749B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112351019A (en) * 2020-10-29 2021-02-09 北京邮电大学 Identity authentication system and method
CN113676334A (en) * 2021-10-21 2021-11-19 北京博华信智科技股份有限公司 Block chain-based distributed edge equipment identity authentication system and method
WO2021245599A1 (en) * 2020-06-03 2021-12-09 IOT.nxt BV System and method for authenticating a device on a network
CN114629720A (en) * 2022-04-12 2022-06-14 浙江工业大学 Industrial Internet cross-domain authentication method based on block chain and Handle identification
CN115379581A (en) * 2022-08-17 2022-11-22 中国电力科学研究院有限公司 Method, system, equipment and storage medium for unloading edge cloud server traffic
CN115514474A (en) * 2022-08-30 2022-12-23 西北工业大学 Industrial equipment trusted access method based on cloud-edge-end cooperation

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2021245599A1 (en) * 2020-06-03 2021-12-09 IOT.nxt BV System and method for authenticating a device on a network
CN112351019A (en) * 2020-10-29 2021-02-09 北京邮电大学 Identity authentication system and method
CN113676334A (en) * 2021-10-21 2021-11-19 北京博华信智科技股份有限公司 Block chain-based distributed edge equipment identity authentication system and method
CN114629720A (en) * 2022-04-12 2022-06-14 浙江工业大学 Industrial Internet cross-domain authentication method based on block chain and Handle identification
CN115379581A (en) * 2022-08-17 2022-11-22 中国电力科学研究院有限公司 Method, system, equipment and storage medium for unloading edge cloud server traffic
CN115514474A (en) * 2022-08-30 2022-12-23 西北工业大学 Industrial equipment trusted access method based on cloud-edge-end cooperation

Also Published As

Publication number Publication date
CN115665749A (en) 2023-01-31

Similar Documents

Publication Publication Date Title
Ma et al. An efficient decentralized key management mechanism for VANET with blockchain
WO2020133655A1 (en) Lightweight authentication method supporting anonymous access of heterogeneous terminal in edge computing scenario
Khashan et al. Efficient hybrid centralized and blockchain-based authentication architecture for heterogeneous IoT systems
CN109756877B (en) Quantum-resistant rapid authentication and data transmission method for massive NB-IoT (NB-IoT) equipment
Sani et al. Xyreum: A high-performance and scalable blockchain for iiot security and privacy
CN114867014B (en) Internet of vehicles access control method, system, medium, equipment and terminal
CN111447283A (en) Method for realizing information security of power distribution station room system
Rizzardi et al. Analysis on functionalities and security features of Internet of Things related protocols
Dinu et al. DHCP server authentication using digital certificates
Li et al. Enhancing the trust of internet routing with lightweight route attestation
CN114189380A (en) Zero-trust-based distributed authentication system and authorization method for Internet of things equipment
Boubakri et al. Access control in 5G communication networks using simple PKI certificates
Zagrouba et al. Authenblue: a new authentication protocol for the industrial Internet of Things
Tao et al. B-DSPA: A Blockchain-Based Dynamically Scalable Privacy-Preserving Authentication Scheme in Vehicular Ad Hoc Networks
CN114091009A (en) Method for establishing secure link by using distributed identity
WO2021093811A1 (en) Network access method and related device
CN106856605B (en) Wireless network anonymous switching authentication method based on false identity
Halgamuge Latency estimation of blockchain-based distributed access control for cyber infrastructure in the iot environment
Kumar et al. NextGenV2V: Authenticated V2V communication for next generation vehicular network using (2, n)-threshold scheme
CN115665749B (en) Safe and trusted access method and system for mass industrial equipment
Wang et al. A secure solution of V2G communication based on trusted computing
Huang et al. Security provision for vehicular fog computing
Park et al. Security bootstrapping for securing data plane and control plane in named data networking
Kumar et al. Secure and efficient cache-based authentication scheme for vehicular ad-hoc networks
Latah et al. DPSec: A blockchain-based data plane authentication protocol for SDNs

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant