Trusted access authentication protocol for mobile nodes in Internet of things

doi:10.11772/j.issn.1001-9081.2016.11.3108

Journal of Computer Applications ›› 2016, Vol. 36 ›› Issue (11): 3108-3112.DOI: 10.11772/j.issn.1001-9081.2016.11.3108

Previous Articles Next Articles

Trusted access authentication protocol for mobile nodes in Internet of things

ZHANG Xin^1,2, YANG Xiaoyuan^1,2,3, ZHU Shuaishuai^1,2, YANG Haibing^1,3

1. Department of Electronic Technology, Engineering College of Chinese People's Armed Police Force, Xi'an Shaanxi 710086, China;
2. Key Laboratory of Network & Information Security under People's Armed Police, Engineering College of Chinese People's Armed Police Force, Xi'an Shaanxi 710086, China;
3. Institute of Information Security, Engineering College of Chinese People's Armed Police Force, Xi'an Shaanxi 710086, China

Received:2016-05-12 Revised:2016-06-15 Online:2016-11-10 Published:2016-11-12
Supported by:
This work is partially supported by the National Natural Science Foundation of China (61402530,61272492,61572521), the Basic Research Foundation of Engineering College of PAP (WJY201520).

物联网环境下移动节点可信接入认证协议

张鑫^1,2, 杨晓元^1,2,3, 朱率率^1,2, 杨海滨^1,3

1. 武警工程大学电子技术系, 西安 710086;
2. 武警工程大学网络与信息安全武警部队重点实验室, 西安 710086;
3. 武警工程大学信息安全研究所, 西安 710086

通讯作者: 张鑫
作者简介:张鑫(1991-),男,安徽合肥人,硕士研究生,主要研究方向:信息安全、可信计算;杨晓元(1959-),男,湖南湘潭人,教授,硕士,主要研究方向:信息安全、密码学;朱率率(1985-),男,山东淄博人,讲师,主要研究方向:信息安全、可信计算、密码学;杨海滨(1982-),男,河北林榆人,讲师,硕士,主要研究方向:信息安全、密码学。
基金资助:
国家自然科学基金资助项目（61402530，61272492，61572521）；武警工程大学基础研究基金资助项目（WJY201520）。

Abstract

Abstract: In view of the problem that mobile nodes lack trusted verification in Wireless Sensor Network (WSN), a mobile node access authentication protocol was proposed in Internet of Things (IoT). Mutual authentication and key agreement between the sensor nodes and mobile sink nodes were realized, when they wre authenticated. At the same time, the trustness of mobile node platform was authenticated by sensor nodes. The authentication scheme was based on trusted computing technology without using base station and its concrete steps were described in detail. Pseudonyms and the corresponding public/private keys were used in authentication to achieve the protection of the user privacy. The proposed scheme was provably secure in the CK (Canetti-Krawczyk) security model. Compared to similar mobile node schemes, the protocol is more suitable for fast authentication in IoT, with less computation and communication overhead.

Key words: Internet of Things (IoT), trusted authentication, mobile node, Canetti-Krawczyk (CK) security model

摘要： 无线传感器网络（WSN）中的移动节点缺乏可信性验证，提出一种物联网（IoT）环境下移动节点可信接入认证协议。传感器网络中移动汇聚节点（Sink节点）同传感器节点在进行认证时，传感器节点和移动节点之间完成相互身份验证和密钥协商。传感器节点同时完成对移动节点的平台可信性验证。认证机制基于可信计算技术，给出了接入认证的具体步骤，整个过程中无需基站的参与。在认证时利用移动节点的预存的假名和对应公私钥实现移动节点的匿名性，并在CK（Canetti-Krawczyk）模型下给出了安全证明。在计算开销方面与同类移动节点认证接入方案相比，该协议快速认证的特点更适合物联网环境。

关键词: 物联网, 可信认证, 移动节点, CK安全模型

CLC Number:

TP309.7

ZHANG Xin, YANG Xiaoyuan, ZHU Shuaishuai, YANG Haibing. Trusted access authentication protocol for mobile nodes in Internet of things[J]. Journal of Computer Applications, 2016, 36(11): 3108-3112.

张鑫, 杨晓元, 朱率率, 杨海滨. 物联网环境下移动节点可信接入认证协议[J]. 计算机应用, 2016, 36(11): 3108-3112.

References

[1] YUN Y S, XIA Y, BEHDANI B, et al. Distributed algorithm for lifetime maximization in a delay-tolerant wireless sensor network with a mobile Sink[J]. IEEE Transactions on Mobile Computing, 2013, 12(10):1920-1930.
[2] BEHDANI B, SMITH J C, XIA Y. The lifetime maximization problem in wireless sensor networks with a mobile sink:mixed-integer programming formulations and algorithms[J]. LIE Transactions, 2013, 45(10):1094-1113.
[3] Trust Computing Group. TPM main part 1:design principles specification, version 1.2 revision 62[S]. Geneva:International Organization for Standardization (IOS), 2009.
[4] YANG Y, FONOAGE M I, CARDEI M. Improving network lifetime with mobile wireless sensor networks[J]. Computer Communications, 2010, 33(4):409-419.
[5] VUPPUTURI S, RACHURI K K, MURTHY C S R. Using mobile data collectors to improve network lifetime of wireless sensor networks with reliability constraints[J]. Journal of Parallel & Distributed Computing, 2010, 70(7):767-778.
[6] ZHANG J, LI X, MA J, et al. Secure and efficient authentication scheme for mobile sink in WSNs based on bilinear pairings[J]. International Journal of Distributed Sensor Networks, 2014, 2014(1):84-88.
[7] 王良民, 姜顺荣, 郭渊博. 物联网中移动Sensor节点漫游的组合安全认证协议[J]. 中国科学信息科学, 2012, 42(7):815-830.(WANG L M, JIANG S R, GUO Y B. Composable-secure authentication protocol for mobile sensors roaming in the Internet of things[J]. Science China Information Sciences, 2012, 42(7):815-830.)
[8] 周彦伟, 杨波. 物联网移动节点直接匿名漫游认证协议[J]. 软件学报, 2015, 26(9):2436-2450. (ZHOU Y W, YANG B. Provable secure authentication protocol with direct anonymity for mobile nodes roaming service in Internet of things[J]. Journal of Software, 2015,26(9):2436-2450.)
[9] DAS M L. Two-factor user authentication in wireless sensor networks[J]. IEEE Transactions on Wireless Communications, 2009, 8(3):1086-1090.
[10] CHEN T H, SHIH W K. A robust mutual authentication protocol for wireless sensor networks[J]. ETRI Journal, 2010, 32(5):704-712.
[11] 杨力,马建峰,朱建明.可信的匿名无线认证协议[J].通信学报, 2009, 30(9):29-35. (YANG L, MA J F, ZHU J M. Trusted and anonymous authentication scheme for wireless networks[J]. Journal on Communications, 2009, 30(9):29-35.)
[12] 周彦伟,杨波,张文政.可证安全的移动互联网可信匿名漫游协议[J].计算机学报,2015, 38(4):733-748. (ZHOU Y W, YANG B, ZHANG W Z. Provable secure trusted and anonymous roaming protocol for mobile Internet[J]. Chinese Journal of Computers, 2015, 38(4):733-748.)
[13] RAYA M, HUBAUX J P. Securing vehicular Ad Hoc networks[C]//Proceedings of the 2nd International Conference on Pervasive Computing and Applications. Amsterdam:IOS Press, 2007:424-429.
[14] CANETTI R, KRAWCZYK H. Analysis of key-exchange protocols and their use for building secure channels[C]//Proceedings of the 2001 International Conference on the Theory and Application of Cryptographic Techniques:Advances in Cryptology. London:Springer-Verlag, 2001:453-474.
[15] TIN Y S T, VASANTA H, BOYD C, et al. Protocols with security proofs for mobile applications[C]//Proceedings of the 9th Australasian Conference on Information Security and Privacy. Berlin:Springer, 2004:358-369.
[16] 侯惠芳,季新生,刘光强.异构无线网络中基于标识的匿名认证协议[J].通信学报,2011, 32(5):153-161. (HOU H F, JI X S, LIU G Q. Identity-based anonymity authentication protocol in the heterogeneous wireless network[J]. Journal on Communications, 2011, 32(5):153-161.)
[17] 侯惠芳,刘光强,季新生,等.基于公钥的可证明安全的异构无线网络认证方案[J]. 电子与信息学报, 2009, 31(10):2385-2391.(HOU H F, LIU G Q, JI X S. Provable security authentication scheme based on public key for heterogeneous wireless network[J]. Journal of Electronics & Information Technology, 2009, 31(10):2385-2391.)

Trusted access authentication protocol for mobile nodes in Internet of things

物联网环境下移动节点可信接入认证协议

PDF

Knowledge

Abstract

Cite this article

share this article

References

Related Articles 15

Recommended Articles

Metrics

[1]	TIAN Zhihong, ZHAO Jindong. Overview of blockchain consensus mechanism for internet of things [J]. Journal of Computer Applications, 2021, 41(4): 917-929.
[2]	BAO Yulong, ZHU Xueyang, ZHANG Wenhui, SUN Pengfei, ZHAO Yingqi. Formal verification of smart contract for access control in IoT applications [J]. Journal of Computer Applications, 2021, 41(4): 930-938.
[3]	ZHANG Lingzhe, HUANG Xiangdong, QIAO Jialin, GOU Wangminhao, WANG Jianmin. Two-stage file compaction framework by log-structured merge-tree for time series data [J]. Journal of Computer Applications, 2021, 41(3): 618-622.
[4]	LI Xiuyan, LIU Mingxi, SHI Wenbo, DONG Guofang. Efficient dynamic data audit scheme for resource-constrained users [J]. Journal of Computer Applications, 2021, 41(2): 422-432.
[5]	CHENG Xiaohui, NIU Tong, WANG Yanjun. Wireless sensor network intrusion detection system based on sequence model [J]. Journal of Computer Applications, 2020, 40(6): 1680-1684.
[6]	SHI Jinshan, LI Ru, SONG Tingting. Blockchain-based access control framework for Internet of things [J]. Journal of Computer Applications, 2020, 40(4): 931-941.
[7]	WANG Shuman, LI Aiping, DUAN Liguo, FU Jia, CHEN Yongle. Service discovery method for Internet of Things based on Biterm topic model [J]. Journal of Computer Applications, 2020, 40(2): 459-464.
[8]	WANG Zhiheng, XU Yanyan. Design and implementation of fingerprint authentication terminal APP in mobile cloud environment based on TrustZone [J]. Journal of Computer Applications, 2020, 40(11): 3255-3260.
[9]	ZHOU Zhen, YUAN Zhengdao. Efficient communication receiver design for Internet of things environment [J]. Journal of Computer Applications, 2020, 40(1): 202-206.
[10]	XIE Lixia, WEI Ruixin. Dynamic trust evaluation method for IoT nodes [J]. Journal of Computer Applications, 2019, 39(9): 2597-2603.
[11]	PAN Jianguo, LI Hao. Intrusion detection approach for IoT based on practical Byzantine fault tolerance [J]. Journal of Computer Applications, 2019, 39(6): 1742-1746.
[12]	GE Lin, JI Xinsheng, JIANG Tao, JIANG Yiming. Security mechanism for Internet of things information sharing based on blockchain technology [J]. Journal of Computer Applications, 2019, 39(2): 458-463.
[13]	DU Junxiong, CHEN Wei, LI Xueyan. Contextual authentication method based on device fingerprint of Internet of Things [J]. Journal of Computer Applications, 2019, 39(2): 464-469.
[14]	GUO Rongzuo, FENG Chaosheng, QIN Zhiguang. Modeling and analysis of fault tolerant service composition for intelligent logistics systems of Internet of Things [J]. Journal of Computer Applications, 2019, 39(2): 589-597.
[15]	WEN Jinyi, TANG Lun, CHEN Qianbin. Secondary user bandwidth and power allocation in imperfect channel for Internet of things sensor networks [J]. Journal of Computer Applications, 2018, 38(8): 2330-2336.