CN117880807A - Mobile edge computing method, device, equipment, storage medium and product - Google Patents
Mobile edge computing method, device, equipment, storage medium and product Download PDFInfo
- Publication number
- CN117880807A CN117880807A CN202410228545.1A CN202410228545A CN117880807A CN 117880807 A CN117880807 A CN 117880807A CN 202410228545 A CN202410228545 A CN 202410228545A CN 117880807 A CN117880807 A CN 117880807A
- Authority
- CN
- China
- Prior art keywords
- edge computing
- mobile
- vehicle
- mobile edge
- registration request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000004364 calculation method Methods 0.000 title claims abstract description 61
- 230000006854 communication Effects 0.000 claims abstract description 60
- 238000004891 communication Methods 0.000 claims abstract description 58
- 238000000034 method Methods 0.000 claims abstract description 38
- 238000004590 computer program Methods 0.000 claims abstract description 8
- 238000012795 verification Methods 0.000 claims description 33
- 230000003993 interaction Effects 0.000 claims description 8
- 238000004422 calculation algorithm Methods 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 11
- 230000008569 process Effects 0.000 description 11
- 230000000694 effects Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 2
- 206010063385 Intellectualisation Diseases 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 238000005265 energy consumption Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004750 isotope dilution mass spectroscopy Methods 0.000 description 1
- 238000010295 mobile communication Methods 0.000 description 1
- 230000006855 networking Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Abstract
The application discloses a mobile edge computing method, a mobile edge computing device, mobile edge computing equipment, a storage medium and a computer program product, and belongs to the technical field of data security. The method comprises the steps that a vehicle registration request message sent by a mobile edge computing server is received, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server; generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can encrypt communication according to the first session key and the mobile edge computing server, namely, generating the first session key for encrypting communication through the vehicle registration request message and the first message abstract corresponding to the vehicle registration request message, thereby avoiding the security risk still existing in the current mobile edge computing environment.
Description
Technical Field
The present invention relates to the field of data security technologies, and in particular, to a mobile edge computing method, apparatus, device, storage medium, and computer program product.
Background
The edge calculation provides calculation and storage resources at the network edge, has the characteristics of lower delay, lower energy consumption, bandwidth saving, strong privacy, more intellectualization and the like, and in practical application, because the number and the distribution positions of the devices involved in the edge calculation are more, the edge calculation also faces a plurality of potential safety hazards.
In the related art, in order to ensure the security of data in an edge computing environment, it is proposed to use an access control method in a mobile edge computing infrastructure, for example, a predefined part of user roles may access an edge computing server, or a part of edge computing servers with specific attributes may access a registry, so as to ensure the security of data in an edge computing environment.
However, since the access control method proposed in the related art is generally a coarse-grained access control method in the mobile edge computing infrastructure, a communication channel between the registry and the mobile user and a communication channel between the edge computing server and the registry are generally secure, but a wireless communication channel used in the edge computing environment is generally open, internal attacks may occur, and thus, security risks still exist in the current mobile edge computing environment.
Disclosure of Invention
The present application is directed to a mobile edge computing method, apparatus, device, storage medium, and computer program product, and aims to solve the technical problem of security risk still existing in the current mobile edge computing environment.
To achieve the above object, the present application provides a mobile edge computing system, including a registry, a mobile edge computing server, and a mobile vehicle, where the registry, the mobile edge computing server, and the mobile vehicle are communicatively connected to each other:
the registration center is configured to receive a vehicle registration request message sent by the mobile edge computing server, generate a first session key according to the vehicle registration request message and a first message digest corresponding to the vehicle registration request message, and send the first session key to the mobile vehicle;
the mobile edge computing server is used for receiving a vehicle registration request message sent by the mobile vehicle and sending the vehicle registration request message to the registration center;
the mobile vehicle is configured to send the vehicle registration request message to the mobile edge computing server, receive a first session key sent by the registry, and perform communication interaction with the mobile edge computing server according to the first session key.
In order to achieve the above object, the present application provides a mobile edge computing method applied to a registry in the mobile edge computing system, where the mobile edge computing system further includes a mobile edge computing server and a mobile vehicle, and the registry, the mobile edge computing server and the mobile vehicle are communicatively connected, and the mobile edge computing method includes the following steps:
receiving a vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server;
and generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can carry out encrypted communication according to the first session key and the mobile edge computing server.
Optionally, acquiring a first exchange key corresponding to the mobile vehicle;
analyzing and calculating the vehicle registration request message to obtain a first message abstract;
and generating a first session key according to the first message digest, the first exchange key and the identification information of the mobile edge computing server.
Before the step of generating the first session key according to the vehicle registration request message and the first message digest corresponding to the vehicle registration request message, the method further includes:
acquiring a second exchange key corresponding to the mobile edge computing server, and acquiring a server registration request message of the mobile edge computing server;
analyzing and calculating the server registration request message to obtain a second message abstract;
and generating a second session key according to the second message digest, the second exchange key and the identification information of the mobile edge computing server.
Optionally, determining identity information of the mobile vehicle according to the vehicle registration request message;
the identity information is used as a first temporary secret key on a preset elliptic curve, and a random tree is selected from the preset elliptic curve to be used as a second temporary secret key;
determining the first message digest according to the first temporary key, the second temporary key and the vehicle registration request message;
calculating to obtain a point calculation result according to the first temporary secret key, the second temporary secret key and the base point on the preset elliptic curve;
And generating a first session key according to the first message digest, the first exchange key, the point calculation result and the identification information of the mobile edge calculation server.
Optionally, calculating a first exchange key with the mobile vehicle and calculating a second exchange key with the mobile edge computing server based on a preset Diffie-Hellman key exchange algorithm;
transmitting the first exchange key to the mobile edge computing server for the mobile edge computing server to encrypt communication between the first exchange key and the registry according to the first exchange key;
and sending the second exchange key to the mobile vehicle so that the mobile vehicle can encrypt communication with the registration center according to the second exchange key.
Optionally, when receiving the encrypted information sent by the mobile vehicle or the mobile edge computing server, receiving verification information which is not sent by the mobile edge computing server, wherein the encrypted information is obtained by encrypting a first session key or a second session key;
and carrying out security verification on the verification information, and feeding back to the mobile vehicle or the mobile edge computing server according to a security verification result so as to carry out identity verification on the registry according to the received feedback content by the mobile vehicle or the mobile edge computing server.
In addition, to achieve the above object, the present application further provides a mobile edge computing device, including:
the receiving module is used for receiving the vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server;
and the generation module is used for generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can carry out encrypted communication according to the first session key and the mobile edge computing server.
In addition, to achieve the above object, the present application further provides a mobile edge computing device, including: a memory, a processor, and a mobile edge computing program stored on the memory and executable on the processor, the mobile edge computing program configured to implement the steps of the mobile edge computing method as described above.
In addition, to achieve the above object, the present application further provides a computer-readable storage medium having stored thereon a moving edge computing program which, when executed by a processor, implements the steps of the moving edge computing method as described above.
Furthermore, to achieve the above object, the present invention provides a computer program product comprising a mobile edge calculation program which, when executed by a processor, implements the steps of the mobile edge calculation method as described above.
The method comprises the steps that a vehicle registration request message sent by a mobile edge computing server is received, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server; generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can encrypt communication according to the first session key and the mobile edge computing server, namely, generating the first session key for encrypting communication through the vehicle registration request message and the first message abstract corresponding to the vehicle registration request message, thereby avoiding the security risk still existing in the current mobile edge computing environment.
Drawings
FIG. 1 is a diagram of a corresponding physical architecture of a mobile edge computing system according to the present application;
FIG. 2 is a schematic diagram of a corresponding virtual architecture of a mobile edge computing system according to the present application;
FIG. 3 is a flowchart of a first embodiment of a mobile edge computing method according to the present application;
fig. 4 is a schematic diagram of a network device registration flow in an embodiment of the present application;
FIG. 5 is a flowchart of a second embodiment of a mobile edge computing method according to the present application;
fig. 6 is a schematic diagram of an authentication flow based on a session key in an embodiment of the present application;
FIG. 7 is a block diagram illustrating an embodiment of a mobile edge computing device of the present application;
fig. 8 is a schematic device structure diagram of a hardware running environment according to an embodiment of the present application.
The realization, functional characteristics and advantages of the present application will be further described with reference to the embodiments, referring to the attached drawings.
Detailed Description
It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the present application.
Referring to fig. 1 and fig. 2, fig. 1 is a schematic diagram of a corresponding physical architecture of a mobile edge computing system according to the present application, and fig. 2 is a schematic diagram of a corresponding virtual architecture of the mobile edge computing system according to the present application.
The mobile edge computing system comprises a registry, a mobile edge computing server and a mobile vehicle, wherein the registry, the mobile edge computing server and the mobile vehicle are in communication connection with each other:
The registration center is configured to receive a vehicle registration request message sent by the mobile edge computing server, generate a first session key according to the vehicle registration request message and a first message digest corresponding to the vehicle registration request message, and send the first session key to the mobile vehicle;
the mobile edge computing server is used for receiving a vehicle registration request message sent by the mobile vehicle and sending the vehicle registration request message to the registration center;
the mobile vehicle is configured to send the vehicle registration request message to the mobile edge computing server, receive a first session key sent by the registry, and perform communication interaction with the mobile edge computing server according to the first session key.
As can be seen from fig. 2, in the mobile edge computing server internal architecture, the mobile vehicle may send a request to the SDN controller in VM1 through flow 1. After the SDN controller in VM1 receives the request, it is forwarded directly to the VNF inspector by the SDN controller in VM1 using flow 2, where the VNF inspector is configured to inspect whether the mobile edge computing server has sufficient resources to compute the task. The VNF inspector sends feedback back to the SDN controller in VM1 using flow 3 according to the calculation result. Thereafter, it is decided by the SDN controller in VM1 to compute the received request from the moving vehicle in the local mobile edge computation server using flow 4, or if flow 7 is used to compute the task elsewhere. It should be noted that if the task performs a local calculation in VM3, the result will be sent back to the SDN controller using flow 5.
Second, during movement of the mobile vehicle, the VNF sender in VM4 may send a given task to the cloud server using stream 11, or may also send a task to the next mobile edge computing server using stream 9 in the direction of movement of the mobile vehicle sending the request. The results of the cloud server calculations are sent back to the SDN controller using flows 12 and 8. Alternatively, the mobile edge computing server may be a server of a mobile vehicle, in which case the mobile edge computing server may receive requests for the mobile vehicle from a previous mobile edge computing server via stream 10. In this case, the VNF receiver sends the received request to the SDN controller using flow 8 and the process is restarted at flow 2. Finally, when the SDN controller receives the processing result, it forwards it to the requesting mobile vehicle using flow 6.
The above is a schematic diagram of the architecture of the mobile edge computing server in the vehicle-mounted ad hoc network environment and the internal architecture. Hereinafter, detailed implementation steps of the present embodiment will be described in detail in conjunction with the above. It should be noted that, the data security protection method described below in this embodiment is executed in the mobile edge computing server shown in fig. 2.
As can be seen from fig. 1 and 2 described above, in the mobile edge computing server internal architecture, the mobile vehicle can send a request to a SDN (Software Defined Networking) controller in a VM (Virtual Machine) 1 through a flow 1. After the SDN controller in VM1 receives the request, it is forwarded directly to the VNF (Virtualised Network Function, virtualized network function module) checker by the SDN controller in VM1 using flow 2, where the VNF checker is configured to check if the mobile edge computing server has sufficient resources to compute the task. The VNF inspector sends feedback back to the SDN controller in VM1 using flow 3 according to the calculation result. Thereafter, it is decided by the SDN controller in VM1 to compute the received request from the moving vehicle in the local mobile edge computation server using flow 4, or if flow 7 is used to compute the task elsewhere. It should be noted that if the task performs a local calculation in VM3, the result will be sent back to the SDN controller using flow 5.
Second, during movement of the mobile vehicle, the VNF sender in VM4 may send a given task to the cloud server using stream 11, or may also send a task to the next mobile edge computing server using stream 9 in the direction of movement of the mobile vehicle sending the request. The results of the cloud server calculations are sent back to the SDN controller using flows 12 and 8. Alternatively, the mobile edge computing server may be a server of a mobile vehicle, in which case the mobile edge computing server may receive requests for the mobile vehicle from a previous mobile edge computing server via stream 10. In this case, the VNF receiver sends the received request to the SDN controller using flow 8 and the process is restarted at flow 2. Finally, when the SDN controller receives the processing result, it forwards it to the requesting mobile vehicle using flow 6.
The above is a schematic diagram of the architecture of the mobile edge computing server in the vehicle-mounted ad hoc network environment and the internal architecture. Hereinafter, detailed implementation steps of the present embodiment will be described in detail in conjunction with the above.
It should be noted that, the data security protection method described below in this embodiment is applied to the mobile edge computing server shown in fig. 2, and the registry is used as a data summarizing and distributing point, and the registry is used as an execution subject to describe the following embodiment.
Referring to fig. 3, fig. 3 is a flowchart illustrating a first embodiment of a mobile edge computing method according to the present application.
In a first embodiment, the moving edge computing method includes the steps of:
s10, receiving a vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server;
it will be appreciated that prior to communication between the mobile vehicle, the mobile edge computing server and the registry, a communication relationship between the mobile edge computing server and the registry needs to be established, i.e., the mobile edge computing server and the mobile vehicle are registered with the registry, respectively.
In the system, the vehicle sends a corresponding vehicle registration request message to a mobile edge computing server, and forwards the message to a registration center through the mobile edge computing server.
It is understood that the moving vehicle refers to a moving vehicle, for example, a traveling vehicle, and needs to calculate the situation parameters of the current vehicle, and the moving vehicle needs to borrow the computing power of the moving edge computing server.
Wherein in the system, corresponding information can be transferred between a plurality of mobile edge computing servers.
S20, generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can carry out encrypted communication with the mobile edge computing server according to the first session key.
It is understood that the first message digest refers to a message content digest corresponding to the vehicle registration request message, for example, the vehicle identification information added when the vehicle applies for registration.
In this embodiment, according to the vehicle registration request message and the first message digest corresponding to the message, a corresponding first session key is generated, so as to ensure that the privacy effect actually corresponding to the first session key is better, after the corresponding first session key is obtained, the registry may forward the first session key to the mobile vehicle through the mobile edge computing server, so as to ensure that the mobile vehicle may access the corresponding mobile edge computing server through the first session key.
In this embodiment, the step of generating a first session key according to the vehicle registration request message and a first message digest corresponding to the vehicle registration request message includes: acquiring a first exchange key corresponding to the mobile vehicle; analyzing and calculating the vehicle registration request message to obtain a first message abstract; and generating a first session key according to the first message digest, the first exchange key and the identification information of the mobile edge computing server.
In addition, in this embodiment, before the step of generating the first session key according to the vehicle registration request message and the first message digest corresponding to the vehicle registration request message, the method further includes: acquiring a second exchange key corresponding to the mobile edge computing server, and acquiring a server registration request message of the mobile edge computing server; analyzing and calculating the server registration request message to obtain a second message abstract; and generating a second session key according to the second message digest, the second exchange key and the identification information of the mobile edge computing server.
It can be understood that, when registering, the mobile vehicle and the mobile edge computing server initiate corresponding messages when applying for registration to the registration center, specifically, the mobile vehicle will send a vehicle registration application message, and the mobile edge computing server will send a server registration request message.
The vehicle registration application message and the server registration request message are respectively corresponding to vehicle identification information and server identification information, so that the vehicle registration application message and the server registration request message can extract corresponding first message abstract (corresponding to the vehicle registration application message) and second message abstract (corresponding to the server registration request message), and corresponding first session secret key/second session secret key can be generated according to the corresponding first message abstract/second message abstract and first exchange secret key/second exchange secret key.
The first session key and the second session key are keys for communication corresponding to the mobile vehicle and the mobile edge computing server.
In summary, the purpose of the registration phase is to use the public key loaded by phase 1 to allow AV and MS to communicate securely in the network. As shown in fig. 4, registration is performed in two steps: firstly, a mobile edge computing server registers first; next, the mobile vehicle performs registration.
As shown in fig. 4, in the present embodiment, the mobile edge computing server registration procedure is as follows:
once deployed, the mobile edge computing server sends a registration request { MS, nms } to the registry, wherein MS represents the identification information of the mobile edge computing server; nms is the first random number generated by the mobile edge computing server for authentication.
After receiving the registration request, the registration center decrypts the registration request by using a switching key K (RC, MS) between the registration center and the mobile edge computing server, and then generates a session key SEK (MS, RC); wherein the session key is used to enable communication between the registry and the mobile edge computing server.
When all mobile edge computing servers have completed registration, the registry will generate a list of session keys that each mobile edge computing server can use to communicate with other mobile edge computing servers and share keys with each MS mobile edge computing server.
As shown in fig. 4, in the present embodiment, the mobile vehicle registration process is as follows:
at the time of mobile vehicle registration, a target mobile vehicle desiring to join the on-vehicle ad hoc network transmits a vehicle registration request message { AV, NAV } encrypted by the exchange key K (AV, RC) to a mobile edge calculation server covering the area where it is located; wherein AV represents identification information of the moving vehicle. The NAV represents a third random number generated by the mobile vehicle for authentication.
Then, after the mobile edge computing server receives the message, it forwards it to the registry because it cannot decrypt the message.
After the registration center receives, the received vehicle registration request is decrypted using a first exchange key K (RC, AV) between the registration center and the mobile vehicle, and a session key SEK (AV, MS) for the mobile edge computing server and the mobile vehicle is generated, the session key being used to enable communication between the mobile edge computing server and the mobile vehicle.
In this embodiment, the step of generating the first session key according to the first message digest, the first exchange key, and the identification information of the mobile edge computing server includes: determining identity information of the mobile vehicle according to the vehicle registration request message; the identity information is used as a first temporary secret key on a preset elliptic curve, and a random tree is selected from the preset elliptic curve to be used as a second temporary secret key; determining the first message digest according to the first temporary key, the second temporary key and the vehicle registration request message; calculating to obtain a point calculation result according to the first temporary secret key, the second temporary secret key and the base point on the preset elliptic curve; and generating a first session key according to the first message digest, the first exchange key, the point calculation result and the identification information of the mobile edge calculation server.
In this embodiment, the manner of generating the session key includes:
(1) Nms is taken as a first temporary key of the first temporary key on a preset elliptic curve; then from a preset ellipseSelecting a second random number N on the circular curve Tms As a second temporary key;
(2) Calculating a message digest of the registration request { MS, nms } from the first temporary key and the second temporary key; wherein the message digest M of the registration request { MS, nms } is expressed as:
M=h 1 (N ms ||N Tms );
(3) Then, according to the first temporary key, the second temporary key and the base point G of the preset elliptic curve, performing point calculation according to the following calculation mode:
P=h 1 (N ms ||N Tms )*G;
wherein P is the point calculation result; g is a preset elliptic curve base point;
(4) Based on the message digest, the point calculation result, the identification information of the mobile edge calculation server, and the exchange key between the mobile edge calculation server and the registry, a session key SEK (MS, RC) is generated in the following calculation manner.
Wherein SEK (MS, RC) =m+ms.p×k (RC, MS);
(5) A return message { MS, RC, nms, TSes, SEK (MS, RC) } is generated based on the session key and sent back to the mobile edge computation server with K (RC, MS). Where TSes represents a preset validity delay that may constrain the time of use of the session key.
(6) After receiving the message returned by the registration center, the mobile edge computing server decrypts the message returned by the mobile edge computing server by using K (MS, RC), and then, after obtaining the decrypted message, firstly checking whether the message returned by the registration center contains the random number which is the same as the first random number used by the mobile edge computing server for identity verification. If so, the received session key is saved.
The registry then shares the session key with the mobile edge computing server and the mobile vehicle.
When SEK (AV, MS) is shared, RC sends a message { AV, TSes, SEK (AV, MS) }, which is encrypted with session key SEK (MS, RC). Wherein the message contains AV in order to allow the mobile edge computing server to know that the session key is the key that it will share with the mobile vehicle.
Here, the session key SEK (MS, RC) is used to encrypt the message, and the exchange key K (RC, MS) is not used to encrypt the message, so as to avoid a repetition process delay.
On the other hand, the registry encrypts the message { AV, TSes, SEK (AV, MS) } using the exchange key K (RC, AV) and sends it to the mobile vehicle through the mobile edge computation server (only forwards the message without decryption).
After receiving the message { AV, TSes, SEK (AV, MS) }, the mobile vehicle first decrypts the message { AV, TSes, SEK (AV, MS) } using K (AV, RC), and then checks whether there is the same random number as the third random number NAV based on the decryption result. If so, the SEK (AV, MS) is saved as a session key until TSes are reached.
The process of registration of a mobile vehicle in a practical application is described in detail below in connection with the internal architecture of the mobile edge computing server shown in fig. 2. In fig. 2, a registration request from a mobile vehicle to a mobile edge computing server is intercepted by the SDN controller 1 and forwarded directly to the registry by the VNF sender using flow 7 and flow 11. Inside the registry, the SDN controller is responsible for decrypting received messages, generating session keys for communications between the mobile edge computing server and the mobile vehicle, encrypting messages for mobile edge computing server and mobile vehicle registration requests, and returning the encrypted messages via flow 12.
Upon receiving the encrypted information from the registry, the VNF receiver forwards it to the SDN controller using flow 8, after which it is determined from the difference of the messages whether to forward it to the mobile vehicle requesting registration or to save the session key. Specifically, if the encryption information is { AV, MS, RC, NAV, TSes, SEK (AV, MS) K (RC, AV) }, it is forwarded to the mobile vehicle requesting registration; if { MS, RC, nms, TSes, SEK (MS, RC) K (MS, RC) or { AV, TSes, SEK (AV, MS) SEK (MS, RC) }, the session key is stored.
In this embodiment, before the step of obtaining the first exchange key corresponding to the mobile edge computing server and obtaining the second exchange key corresponding to the mobile vehicle, the method further includes: calculating a first exchange key between the mobile vehicle and the mobile edge computing server based on a preset Diffie-Hellman key exchange algorithm; transmitting the first exchange key to the mobile edge computing server for the mobile edge computing server to encrypt communication between the first exchange key and the registry according to the first exchange key; and sending the second exchange key to the mobile vehicle so that the mobile vehicle can encrypt communication with the registration center according to the second exchange key.
It can be understood that in the mobile edge computing system, three-terminal interaction involving the mobile vehicle, the mobile edge computing server and the registry needs to ensure the security of the interaction during the interaction of the three, so that in this embodiment, an exchange key (shared key) used by the three-terminal interaction during communication is set, so as to ensure that before the three interactions, the exchange key is used to encrypt corresponding information, and ensure that one end that receives the encrypted information can decrypt the information, and obtain the information content.
Wherein the exchange keys include a first exchange key between the registry and the mobile vehicle, a second exchange key between the registry and the mobile edge computing server, and a third exchange key between the mobile vehicle and the mobile edge computing server.
The preset Diffie-Hellman key exchange algorithm specifically enables two parties of communication to exchange keys safely in an unsafe channel for encrypting subsequent communication messages.
In this embodiment, the public keys of the mobile edge computing server and the mobile vehicle are loaded in the registry, and the public keys of the registry may be preloaded into each of the mobile edge computing server and the mobile vehicle prior to deployment of the mobile edge computing server and the mobile vehicle into the network.
Each network device N (including the mobile edge computing server and the mobile vehicle) then computes a Diffie-Hellman key exchange between itself and the registry using equation (1) below. The registry uses the calculation means (2) to calculate keys exchanged between itself and other network devices.
K 1 (N,RC)=sk(N)×pk(RC);
Wherein K is 1 (N, RC) represents the exchange key between the network device and the registry. sk (N) represents the private key of the network device and pk (RC) represents the public key of the registry.
K 2 (RC,N)=sk(RC)×pk(N);
Wherein K is 2 (RC, N) represents the exchange key between the registry and the network device. sk (RC) represents the private key of the registry and pk (N) represents the public key of the network device.
The embodiment receives a vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server; generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can encrypt communication according to the first session key and the mobile edge computing server, namely, generating the first session key for encrypting communication through the vehicle registration request message and the first message abstract corresponding to the vehicle registration request message, thereby avoiding the security risk still existing in the current mobile edge computing environment.
As shown in fig. 5, a second embodiment of the mobile edge computing method according to the present application is provided based on the first embodiment, where in this embodiment, the method further includes:
s30, receiving verification information which is not sent by the mobile edge computing server when receiving encryption information sent by the mobile vehicle or the mobile edge computing server, wherein the encryption information is obtained by encrypting a first session key or a second session key;
S40, carrying out security verification on the verification information, and feeding back to the mobile vehicle or the mobile edge computing server according to the security verification result so that the mobile vehicle or the mobile edge computing server can carry out identity verification on the registry according to the received feedback content.
When the network device (including the mobile edge computing server and the mobile vehicle) needs to communicate with each other, this stage may be performed by the network device to achieve the effect of security verification, specifically, taking the security verification as an example for authentication, which is specifically described as follows:
in this embodiment, four scenarios can be distinguished during authentication: a communication scenario between a mobile edge computing server-registry, a communication scenario between a mobile edge computing server-mobile vehicle, a communication scenario between a mobile vehicle-mobile vehicle, and a communication scenario between a mobile edge computing server-mobile edge computing server.
Wherein, for the communication scenario between the mobile edge computing server and the registration center, the communication scenario between the mobile edge computing server and the mobile vehicle, and the communication scenario between the mobile edge computing server and the mobile edge computing server, authentication can be performed by using a pre-generated session key (including a first session key corresponding to the mobile vehicle and a second session key corresponding to the mobile edge computing server). The specific mode is as follows:
(1) When a message encrypted by a session key arrives at a mobile edge computing server, mobile vehicle, or registry, the mobile edge computing server, mobile vehicle, or registry will decrypt the message using the corresponding session key prior to processing.
For convenience of explanation, the authentication method according to the present embodiment will be described in detail below with reference to a communication scenario between the mobile edge computing server and the registry as an example.
(2) The mobile edge computing server randomly selects a random integer Nms1 from a preset elliptic curve as a first temporary key, and computes a first public parameter according to the first temporary key:
J 1 nms1×g; wherein J1 represents a first common parameter;
(3) Recording a current time stamp, and sending a message { MS, J1, P, t } to a registration center according to the current time stamp and a temporary key of a public parameter, wherein t represents the current time stamp; MS represents the identity information of a mobile edge computing server; p represents the point calculation result, and the specific calculation mode refers to the relevant content of the registration process of the mobile edge calculation server.
(4) After receiving the message sent by the mobile edge computing server, the registry firstly checks whether the message time stamp is within a preset time range threshold value, if so, the message is not discarded; if not, selecting a random number Nms2 from the elliptic curve, and calculating a second public parameter according to the random number as a second temporary key: j (J) 2 Nms2×g; wherein J2 represents a second common parameter;
(5) The registry calculates a first verification value Q1 according to the first public parameter, the message digest M at the time of registration of the mobile edge computing server, and the like, and sends a message { ID registry, J2, P, Q1} to the mobile edge computing server as follows.
R 1 =(Nms 2 +M)*J 2 +P+(h1(M));
Wherein q1=h1 (R1, ID registry);
(6) After the mobile edge server receives the message { MS, J2, P, Q1}, the first verification value Q2 may be calculated as follows:
R 2 =(Nms 1 +M)*J 1 +P+(h2(M));
wherein q2=h2 (R2, ID registry);
(7) The mobile edge computing server sends a message { IDMS, J1, P, Q2} to the registry, which can then determine whether authentication is passed by determining if Q1 and Q2 are equal. Specifically, if they are equal, the verification is considered to be passed, and if they are not equal, the verification is not passed.
Specifically, for mobile-to-mobile communication (assuming that mobile 1 needs to send a message to mobile 2), authentication may be achieved by the following steps, with particular reference to fig. 6:
(1) The mobile vehicle 1 transmits an SEK (AV 1, MS) -encrypted (AV 2, NAV) request to establish a session key with the mobile vehicle 2 to the mobile edge calculation server. Wherein SEK (AV 1, MS) represents a session key of the mobile vehicle 1 and a mobile edge calculation server in the vicinity thereof; AV1 represents identification information of the moving vehicle 1; AV2 represents identification information of the mobile vehicle 2; NAV represents a random number generated by the mobile vehicle 1 for identity;
(2) When the mobile edge computing server receives a request message sent by the mobile vehicle 1 requesting establishment of a session key with the mobile vehicle 2 and verifies the request message, it may generate a session key SEK (AV 1, AV 2) and share { NAV, TSes, SEK (AV 1, AV 2) SEK (MS, AV 1) } and { AV1, AV2, TSes, SEK (AV 1, AV 2) SEK (MS, AV 2) } with the mobile vehicle 1 and the mobile vehicle 2, respectively.
(3) At this time, since both the mobile vehicle 1 and the mobile vehicle 2 know their session keys SEK (AV 1, AV 2) and their corresponding validity delays TSes, the mobile vehicle 1 can transmit its message to the mobile vehicle 2. Wherein the message is a message encrypted by a session key SEK (AV 1, AV 2).
In addition, in this embodiment, in order to avoid internal attacks such as node tampering, node destruction, selective forwarding, etc., thereby causing security risks in the communication process, in this embodiment, the session key established between network devices may also be revoked. The revocation phase may be accomplished automatically by the mobile vehicle and the mobile edge computing server. Specifically, the present scheme will revoke the session key if two cases occur:
(1) Passive revocation: since in this solution the registration center generates a session key for the mobile vehicle and the mobile edge computing server to communicate with, there is a validity delay, the session key will automatically be deactivated after a given delay. In special cases, if the network device still needs to communicate within the vehicle ad hoc network, the registration process needs to be restarted from stage 1, at which point the mobile vehicle or mobile edge computing server will send a second registration request.
(2) Active revocation: any network entity (including a mobile vehicle, a mobile edge computing server, or a registry) may initiate session key revocation upon receipt of a message impersonating an authenticated network device.
For example, assume that a mobile edge computing server receives a message from a mobile vehicle that is encrypted by a valid session key, and that the session key is not used for mobile vehicle forwarding. Then in this case the mobile edge computing server treats the mobile vehicle as a previously damaged mobile vehicle and the mobile vehicle is using the damaged session key. The mobile edge computing server then notifies the registry, which in turn notifies all other mobile edge computing servers in the vehicle ad hoc network that the compromised session key was revoked. When the other mobile edge computing server receives the message, it will delete the given session key in the session key list, i.e. the mobile vehicle previously authorized to use the given session key subsequently needs to be re-authenticated before it can communicate in the vehicle ad hoc network.
In this embodiment, when receiving encrypted information sent by the mobile vehicle or the mobile edge computing server, authentication information sent by the mobile edge computing server is received, where the encrypted information is information obtained by encrypting a first session key or a second session key; and carrying out security verification on the verification information, feeding back the verification information to the mobile vehicle or the mobile edge computing server according to the security verification result, so that the mobile vehicle or the mobile edge computing server can carry out identity verification on the registry according to the received feedback content, namely, by setting a corresponding security verification link, ensuring whether the identity of the opposite party is normal or not in the communication process between the registry and the mobile vehicle/mobile edge computing server, and ensuring the security of internal communication.
In addition, an embodiment of the present application further provides a mobile edge computing device, referring to fig. 7, where the mobile edge computing device includes:
a receiving module 10, configured to receive a vehicle registration request message sent by the mobile edge computing server, where the mobile vehicle sends the vehicle registration request message to the mobile edge computing server;
the generating module 20 is configured to generate a first session key according to the vehicle registration request message and a first message digest corresponding to the vehicle registration request message, and send the first session key to the mobile vehicle, so that the mobile vehicle can encrypt communication between the mobile vehicle and the mobile edge computing server according to the first session key.
The embodiment receives a vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server; generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can encrypt communication according to the first session key and the mobile edge computing server, namely, generating the first session key for encrypting communication through the vehicle registration request message and the first message abstract corresponding to the vehicle registration request message, thereby avoiding the security risk still existing in the current mobile edge computing environment.
It should be noted that each module in the above apparatus may be used to implement each step in the above method, and achieve a corresponding technical effect, which is not described herein again.
Referring to fig. 8, fig. 8 is a schematic structural diagram of a device of a hardware running environment according to an embodiment of the present application.
As shown in fig. 8, the apparatus may include: a processor 1001, such as a CPU, a communication bus 1002, a user interface 1003, a network interface 1004, and a memory 1005. Wherein the communication bus 1002 is used to enable connected communication between these components. The user interface 1003 may include a Display, an input unit such as a Keyboard (Keyboard), and the optional user interface 1003 may further include a standard wired interface, a wireless interface. The network interface 1004 may optionally include a standard wired interface, a wireless interface (e.g., WI-FI interface). The memory 1005 may be a high-speed RAM memory or a stable memory (non-volatile memory), such as a disk memory. The memory 1005 may also optionally be a storage device separate from the processor 1001 described above.
It will be appreciated by those skilled in the art that the structure shown in fig. 8 is not limiting of the apparatus and may include more or fewer components than shown, or certain components may be combined, or a different arrangement of components.
As shown in fig. 8, an operating system, a network communication module, a user interface module, and a mobile edge computing program may be included in a memory 1005, which is a type of computer storage medium.
In the device shown in fig. 8, the network interface 1004 is mainly used for data communication with an external network; the user interface 1003 is mainly used for receiving an input instruction of a user; the apparatus calls a mobile edge calculation program stored in the memory 1005 by the processor 1001, and performs the following operations:
receiving a vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server;
and generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can carry out encrypted communication according to the first session key and the mobile edge computing server.
Further, the processor 1001 may call a mobile edge calculation program stored in the memory 1005, and further perform the following operations:
Acquiring a first exchange key corresponding to the mobile vehicle;
analyzing and calculating the vehicle registration request message to obtain a first message abstract;
and generating a first session key according to the first message digest, the first exchange key and the identification information of the mobile edge computing server.
Before the step of generating the first session key according to the vehicle registration request message and the first message digest corresponding to the vehicle registration request message, the method further includes:
acquiring a second exchange key corresponding to the mobile edge computing server, and acquiring a server registration request message of the mobile edge computing server;
analyzing and calculating the server registration request message to obtain a second message abstract;
and generating a second session key according to the second message digest, the second exchange key and the identification information of the mobile edge computing server.
Further, the processor 1001 may call a mobile edge calculation program stored in the memory 1005, and further perform the following operations:
determining identity information of the mobile vehicle according to the vehicle registration request message;
the identity information is used as a first temporary secret key on a preset elliptic curve, and a random tree is selected from the preset elliptic curve to be used as a second temporary secret key;
Determining the first message digest according to the first temporary key, the second temporary key and the vehicle registration request message;
calculating to obtain a point calculation result according to the first temporary secret key, the second temporary secret key and the base point on the preset elliptic curve;
and generating a first session key according to the first message digest, the first exchange key, the point calculation result and the identification information of the mobile edge calculation server.
Further, the processor 1001 may call a mobile edge calculation program stored in the memory 1005, and further perform the following operations:
calculating a first exchange key between the mobile vehicle and the mobile edge computing server based on a preset Diffie-Hellman key exchange algorithm;
transmitting the first exchange key to the mobile edge computing server for the mobile edge computing server to encrypt communication between the first exchange key and the registry according to the first exchange key;
and sending the second exchange key to the mobile vehicle so that the mobile vehicle can encrypt communication with the registration center according to the second exchange key.
Further, the processor 1001 may call a mobile edge calculation program stored in the memory 1005, and further perform the following operations:
receiving verification information which is not sent by the mobile edge computing server when receiving encryption information sent by the mobile vehicle or the mobile edge computing server, wherein the encryption information is information obtained by encrypting a first session key or a second session key;
and carrying out security verification on the verification information, and feeding back to the mobile vehicle or the mobile edge computing server according to a security verification result so as to carry out identity verification on the registry according to the received feedback content by the mobile vehicle or the mobile edge computing server.
The embodiment receives a vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server; generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can encrypt communication according to the first session key and the mobile edge computing server, namely, generating the first session key for encrypting communication through the vehicle registration request message and the first message abstract corresponding to the vehicle registration request message, thereby avoiding the security risk still existing in the current mobile edge computing environment.
In addition, the embodiment of the application also provides a computer readable storage medium, wherein the computer readable storage medium stores a mobile edge computing program, and the mobile edge computing program realizes the following operations when being executed by a processor:
receiving a vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server;
and generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can carry out encrypted communication according to the first session key and the mobile edge computing server.
The embodiment receives a vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server; generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can encrypt communication according to the first session key and the mobile edge computing server, namely, generating the first session key for encrypting communication through the vehicle registration request message and the first message abstract corresponding to the vehicle registration request message, thereby avoiding the security risk still existing in the current mobile edge computing environment.
It should be noted that, when the computer readable storage medium is executed by the processor, each step in the method may be further implemented, and meanwhile, the corresponding technical effects are achieved, which is not described herein.
Furthermore, an embodiment of the present invention also proposes a computer program product comprising a mobile edge calculation program which, when executed by a processor, implements the steps of the mobile edge calculation method as described above.
The specific implementation manner of the computer program product of the present invention is basically the same as that of each embodiment of the above-mentioned moving edge computing method, and will not be repeated here.
It should be noted that, in this document, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or system that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or system. Without further limitation, an element defined by the phrase "comprising one … …" does not exclude the presence of other like elements in a process, method, article, or system that comprises the element.
The foregoing embodiment numbers of the present application are merely for describing, and do not represent advantages or disadvantages of the embodiments.
From the above description of the embodiments, it will be clear to those skilled in the art that the above-described embodiment method may be implemented by means of software plus a necessary general hardware platform, but of course may also be implemented by means of hardware, but in many cases the former is a preferred embodiment. Based on such understanding, the technical solution of the present application may be embodied essentially or in a part contributing to the prior art in the form of a software product stored in a storage medium (such as ROM/RAM, magnetic disk, optical disk) as described above, including several instructions for causing a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) to perform the method described in the embodiments of the present application.
The foregoing description is only of the preferred embodiments of the present application, and is not intended to limit the scope of the claims, and all equivalent structures or equivalent processes using the descriptions and drawings of the present application, or direct or indirect application in other related technical fields are included in the scope of the claims of the present application.
Claims (10)
1. A mobile edge computing system comprising a registry, a mobile edge computing server, and a mobile vehicle, the registry, the mobile edge computing server, and the mobile vehicle communicatively coupled to each other:
the registration center is configured to receive a vehicle registration request message sent by the mobile edge computing server, generate a first session key according to the vehicle registration request message and a first message digest corresponding to the vehicle registration request message, and send the first session key to the mobile vehicle;
the mobile edge computing server is used for receiving a vehicle registration request message sent by the mobile vehicle and sending the vehicle registration request message to the registration center;
the mobile vehicle is configured to send the vehicle registration request message to the mobile edge computing server, receive a first session key sent by the registry, and perform communication interaction with the mobile edge computing server according to the first session key.
2. A mobile edge computing method, characterized by being applied to a registry in the mobile edge computing system, the mobile edge computing system further comprising a mobile edge computing server and a mobile vehicle, the registry, the mobile edge computing server and the mobile vehicle being communicatively connected, the mobile edge computing method comprising the steps of:
Receiving a vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server;
and generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can carry out encrypted communication according to the first session key and the mobile edge computing server.
3. The mobile edge computing method of claim 2, wherein the step of generating a first session key from the vehicle registration request message and a first message digest corresponding to the vehicle registration request message comprises:
acquiring a first exchange key corresponding to the mobile vehicle;
analyzing and calculating the vehicle registration request message to obtain a first message abstract;
and generating a first session key according to the first message digest, the first exchange key and the identification information of the mobile edge computing server.
Before the step of generating the first session key according to the vehicle registration request message and the first message digest corresponding to the vehicle registration request message, the method further includes:
Acquiring a second exchange key corresponding to the mobile edge computing server, and acquiring a server registration request message of the mobile edge computing server;
analyzing and calculating the server registration request message to obtain a second message abstract;
and generating a second session key according to the second message digest, the second exchange key and the identification information of the mobile edge computing server.
4. The mobile edge computing method of claim 3, wherein the step of generating a first session key based on the first message digest, the first exchange key, and identification information of the mobile edge computing server comprises:
determining identity information of the mobile vehicle according to the vehicle registration request message;
the identity information is used as a first temporary secret key on a preset elliptic curve, and a random tree is selected from the preset elliptic curve to be used as a second temporary secret key;
determining the first message digest according to the first temporary key, the second temporary key and the vehicle registration request message;
calculating to obtain a point calculation result according to the first temporary secret key, the second temporary secret key and the base point on the preset elliptic curve;
And generating a first session key according to the first message digest, the first exchange key, the point calculation result and the identification information of the mobile edge calculation server.
5. The mobile edge computing method of claim 3, wherein prior to the step of obtaining the first exchange key corresponding to the mobile edge computing server and obtaining the second exchange key corresponding to the mobile vehicle, the method further comprises:
calculating a first exchange key between the mobile vehicle and the mobile edge computing server based on a preset Diffie-Hellman key exchange algorithm;
transmitting the first exchange key to the mobile edge computing server for the mobile edge computing server to encrypt communication between the first exchange key and the registry according to the first exchange key;
and sending the second exchange key to the mobile vehicle so that the mobile vehicle can encrypt communication with the registration center according to the second exchange key.
6. The mobile edge computing method of claim 2, wherein after the steps of generating a first session key from the vehicle registration request message and a first message digest corresponding to the vehicle registration request message and transmitting the first session key to the mobile vehicle, the method further comprises:
Receiving verification information which is not sent by the mobile edge computing server when receiving encryption information sent by the mobile vehicle or the mobile edge computing server, wherein the encryption information is information obtained by encrypting a first session key or a second session key;
and carrying out security verification on the verification information, and feeding back to the mobile vehicle or the mobile edge computing server according to a security verification result so as to carry out identity verification on the registry according to the received feedback content by the mobile vehicle or the mobile edge computing server.
7. A mobile edge computing device, the mobile edge computing device comprising:
the receiving module is used for receiving the vehicle registration request message sent by the mobile edge computing server, wherein the mobile vehicle sends the vehicle registration request message to the mobile edge computing server;
and the generation module is used for generating a first session key according to the vehicle registration request message and a first message abstract corresponding to the vehicle registration request message, and sending the first session key to the mobile vehicle so that the mobile vehicle can carry out encrypted communication according to the first session key and the mobile edge computing server.
8. A mobile edge computing device, the mobile edge computing device comprising: a memory, a processor and a mobile edge calculation program stored on the memory and executable on the processor, the mobile edge calculation program being configured to implement the steps of the mobile edge calculation method of any one of claims 2 to 6.
9. A storage medium, wherein a program for realizing the moving edge calculating method is stored on the storage medium, and the program for realizing the moving edge calculating method is executed by a processor to realize the steps of the moving edge calculating method according to any one of claims 2 to 6.
10. A computer program product, characterized in that the computer program product comprises a mobile edge calculation program which, when executed by a processor, implements the steps of the mobile edge calculation method according to any of claims 2 to 6.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410228545.1A CN117880807A (en) | 2024-02-28 | 2024-02-28 | Mobile edge computing method, device, equipment, storage medium and product |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202410228545.1A CN117880807A (en) | 2024-02-28 | 2024-02-28 | Mobile edge computing method, device, equipment, storage medium and product |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN117880807A true CN117880807A (en) | 2024-04-12 |
Family
ID=90597141
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202410228545.1A Pending CN117880807A (en) | 2024-02-28 | 2024-02-28 | Mobile edge computing method, device, equipment, storage medium and product |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117880807A (en) |
-
2024
- 2024-02-28 CN CN202410228545.1A patent/CN117880807A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hsu et al. | Reconfigurable security: Edge-computing-based framework for IoT | |
| CN110971415B (en) | Space-ground integrated space information network anonymous access authentication method and system | |
| CN110036597B (en) | Method and system for secure distribution of private keys for use by untrusted code | |
| CN111355745B (en) | Cross-domain identity authentication method based on edge computing network architecture | |
| US20200195445A1 (en) | Registration method and apparatus based on service-based architecture | |
| CN107800539B (en) | Authentication method, authentication device and authentication system | |
| Wang et al. | UAKA-D2D: Universal authentication and key agreement protocol in D2D communications | |
| Kumar et al. | SEBAP: a secure and efficient biometric‐assisted authentication protocol using ECC for vehicular cloud computing | |
| JP5469238B2 (en) | Wireless communication apparatus and authentication processing method | |
| Wang et al. | SDN-based handover authentication scheme for mobile edge computing in cyber-physical systems | |
| WO2019041802A1 (en) | Discovery method and apparatus based on service-oriented architecture | |
| CN106788989B (en) | Method and equipment for establishing secure encrypted channel | |
| Echeverría et al. | Establishing trusted identities in disconnected edge environments | |
| CN110769420B (en) | Network access method, device, terminal, base station and readable storage medium | |
| CN112351037B (en) | Information processing method and device for secure communication | |
| CN110493272B (en) | Communication method and communication system using multiple keys | |
| Liu et al. | A secure and efficient authentication protocol for satellite-terrestrial networks | |
| CN113556227A (en) | Network connection management method and device, computer readable medium and electronic equipment | |
| CN112769568B (en) | Security authentication communication system and method in fog computing environment and Internet of things equipment | |
| CN108353279A (en) | A kind of authentication method and Verification System | |
| CN112566119A (en) | Terminal authentication method and device, computer equipment and storage medium | |
| Singh et al. | Dynamic group based efficient access authentication and key agreement protocol for MTC in LTE-A networks | |
| JP2000115161A (en) | Method for protecting mobile object anonymity | |
| CN116056080A (en) | Satellite switching authentication method for low-orbit satellite network | |
| CN112118568B (en) | Method and equipment for authenticating equipment identity |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination |