《计算机应用》唯一官方网站

• •    下一篇

基于SGX的车联网路况监测安全数据处理框架

冯睿琪1,2王雷蕾1,2林翔1,2熊金波1,2   

  1. 1.福建师范大学 计算机与网络空间安全学院,福州 2.福建师范大学 福建省网络安全与密码技术重点实验室,福州
  • 收稿日期:2022-05-20 修回日期:2022-06-14 发布日期:2022-06-30 出版日期:2022-06-30
  • 通讯作者: 熊金波
  • 作者简介:冯睿琪(1999—),女,内蒙古包头人,硕士研究生,CCF会员,主要研究方向:安全深度学习,隐私保护技术;王雷蕾(1999—),女,湖南湘潭人,硕士研究生,CCF会员,主要研究方向:安全深度学习;林翔(1996—),男,福建福州人,硕士研究生,CCF会员,主要研究方向:安全深度学习;熊金波(1981—),男,湖南益阳人,教授,博士,CCF高级会员,主要研究方向:安全深度学习、移动群智感知、隐私保护技术。
  • 基金资助:
    国家自然科学基金资助项目(61872088)

SGX-based secure data processing framework for traffic monitoring of Internet of Vehicle

FENG Ruiqi1,2, WANG Leilei1,2, LIN Xiang1,2, XIONG Jinbo1,2   

  1. 1.College of Computer and Cyber Security, Fujian Normal University 2.Fujian Provincial Key Laboratory of Network Security and Cryptology, Fujian Normal University
  • Received:2022-05-20 Revised:2022-06-14 Online:2022-06-30 Published:2022-06-30
  • Contact: XIONG Jinbo
  • About author:FENG Ruiqi, born in 1999, M.S. candidate. Her research interests include secure deep learning, privacy protection technology. WANG Leilei, born in 1999, M.S. candidate. Her research interests include secure deep learning. LIN Xiang, born in 1996, M.S. candidate. His research interests include secure deep learning. XIONG Jinbo, born in 1981, Ph D., professor. His research interests include secure deep learning, mobile crowdsensing, privacy protection technology.
  • Supported by:
    National Natural Science Foundation of China (61872088)

摘要: 车联网路况监测需对用户隐私数据进行传输、存储与分析等处理,因而保障隐私数据安全尤为重要,但传统的安全解决方案难以同时保障实时计算与数据安全。针对上述问题,设计初始化协议与定期报告协议等一系列安全协议,构建基于软件防护扩展(SGX)技术的车联网路况监测安全数据处理框架(SDPF)。SDPF利用可信硬件在路侧单元内实现隐私数据的明文计算,通过安全协议和回合加密方案保证框架的高效运行与隐私保护。安全性分析表明,SDPF可抵御窃听、篡改、重放、假冒、回滚等攻击;实验结果表明,SDPF的各项计算操作均为毫秒级,单车辆的所有数据处理开销低于1 ms。与基于雾计算的PFCF和基于同态加密的PPVF相比,SDPF安全设计更加全面,单词会话消息长度减少90%以上,计算时间减少33%以上。

关键词: 车联网, 软件防护扩展, 路况监测, 路侧单元, 数据安全

Abstract: Internet of Vehicle (IoV) traffic monitoring requires the transmission, storage, and analysis of private user data, making the security of private data particularly crucial. Traditional security solutions are often hard to guarantee real-time computing and data security at the same time. To address above issues, a serial of security protocols, including two initialization protocols and periodic reporting protocol, were designed to build an SGX-based secure data processing framework for IoV traffic monitoring (SDPF). The SDPF utilizes trusted hardware to enable the plaintext computation of private data in road side unit, and ensures efficient operation and privacy protection of the framework through security protocols and hybrid encryption scheme. Security analysis shows that SDPF is resistant to eavesdropping, tampering, replay, impersonation, rollback, and other attacks. Ample experiment results that all computational operations of SDPF are millisecond level, specifically, all data processing overhead of a single vehicle is less than 1 millisecond. Compared with PFCF (Privacy-preserving Fog Computing Framework for vehicular crowdsensing networks) based on fog computing, PPVF (Privacy-preserving Protocol for Vehicle Feedback in cloud-assisted VANET) based on Homomorphic encryption, the security design of SDPF is more comprehensive, the message length of a single session is reduced by more than 90%, and the computation costs are reduced by more than 33%.

Key words: Internet of Vehicle (IoV), Software Guard Extensions (SGX), traffic monitoring, road side unit, data security

中图分类号: