基于雾计算的工业互联网安全数据访问方法

计算机与现代化 ›› 2022, Vol. 0 ›› Issue (12): 118-122.

• 信息安全 • 上一篇

基于雾计算的工业互联网安全数据访问方法

(1.陕西师范大学信息化建设与管理处,陕西西安710119;2.工业和信息化部电子第五研究所,广东广州510000)

出版日期:2023-01-04 发布日期:2023-01-04
作者简介:李静元(1986—),男,陕西西安人,工程师,硕士,研究方向:网络信息安全,大数据分析,E-mail: huxianfangyuan@foxmail.com; 张珂(1982—),男,陕西潼关人,工程师,本科,研究方向:区块链,网络安全,E-mail: zhangke@snnu.edu.cn。
基金资助:
西安市“人工智能”产业创新链推进工程项目(20RGZN0025); 国家重点研发计划项目(2018YFB1802403)

Secure Data Access Method of Industrial Internet Based on Fog Computing

(1.Information Construction and Management Division, Shaanxi Normal University, Xi’an 710119, China;
2. The Fifth Electronic Research Institute of the Ministry of Industry and Information Technology, Guangzhou 510000, China)

Online:2023-01-04 Published:2023-01-04

摘要/Abstract

摘要： 针对工业互联网应用场景中的低时延、低功耗和安全性要求，提出一种雾计算架构的工业互联网数据安全访问方法，基于属性集生成对应的非对称密钥对进行加密消息并存储在云端服务器，由雾节点层来完成密文的部分加解密任务，消除对云服务层的信任依赖和降低设备层的计算开销负担。雾节点层和云服务层对密文数据来说是半信任状态，它们无法根据密文获取任何原始消息，只有授权的设备使用私钥才能完成完全解密获取原始消息，实现工业互联网中端到端的高效安全数据访问方式。通过性能分析验证，提出的方法相比其他方案计算开销和响应延迟更低，安全隐私性更可靠。

关键词: industrial Internet, fog calculation, access control, privacy protection; , attribute-based encryption

Abstract: Aiming at the requirements of low delay, low power consumption and security in the industrial Internet application scenario, a secure access method of industrial Internet data based on fog computing architecture is proposed. The corresponding asymmetric key pair is generated based on the attribute set to encrypt the message and stored in the cloud server. Part of the encryption and decryption tasks of the ciphertext are completed by the fog node layer, which eliminates trust dependency in the cloud service layer and reduces the computing overhead burden of the device layer. The fog node layer and cloud service layer are semi trusted to the ciphertext data. They cannot obtain any original message according to the ciphertext. Only the authorized device can complete the complete decryption and obtain the original message by using the private key, so as to realize the end-to-end efficient and secure data access in the industrial Internet. The performance analysis shows that the proposed method has lower computational overhead and response delay and more reliable security and privacy than other schemes.

Key words: 工业互联网, 雾计算, 访问控制, 隐私保护, 属性基加密

李静元, 张珂, 杨东裕. 基于雾计算的工业互联网安全数据访问方法[J]. 计算机与现代化, 2022, 0(12): 118-122.

LI Jing-yuan, ZHANG Ke, YANG Dong-yu. Secure Data Access Method of Industrial Internet Based on Fog Computing[J]. Computer and Modernization, 2022, 0(12): 118-122.

参考文献

［1］王时龙,王彦凯,杨波,等. 基于层次化数字孪生的工业互联网制造新范式——雾制造［J］. 计算机集成制造系统, 2019,25(12):3070-3080.
［2］ BETHENCOURT J, SAHAI A, WATERS B. Ciphertext-policy attribute-based encryption［C］// 2007 IEEE Symposium on Security and Privacy (SP′07). 2007:321-334.
［3］ ESFAHANI A, MANTAS G, MATISCHEK R, et al. Alightweight authentication mechanism for M2M communications in industrial IoT environment［J］. IEEE Internet of Things Journal, 2019,6(1):288-296.
［4］ LIN C, HE D, HUANG X, et al.BSeIn: A blockchain-based secure mutual authentication with fine-grained access control system for industry 4.0［J］. Journal of Network and Computer Applications, 2018,116:42-52.
［5］ PAREEK G, PURUSHOTHAMA B R. Proxy re-encryption for fine-grained access control: Its applicability, security under stronger notions and performance［J］. Journal of Information Security and Applications, 2020,54. DOI:10.1016/j.jisa.2020.102543.
［6］ DE S J, RUJ S. Efficient decentralized attribute based access control for mobile clouds［J］. IEEE Transactions on Cloud Computing, 2020,8(1):124-137.
［7］ ZUO C, SHAO J, WEI G, et al. CCA-secure ABE with outsourced decryption for fog computing［J］. Future Generation Computer Systems, 2018,78:730-738.
［8］张尚韬. 一种基于椭圆曲线自双线性映射的多秘密共享方案［J］. 海南师范大学学报(自然科学版), 2016,29(1):36-39.
［9］ TIAN H, NAN F, CHANG C, et al. Privacy-preserving public auditing for secure data storage in fog-to-cloud computing［J］. Journal of Network and Computer Applications, 2019,127:59-69.
［10］CHENG R, WU K H, SU Y L, et al. An efficient ECC-based CP-ABE scheme for power IoT［J］. Processes, 2021,9(7):1176-1176.
［11］ZHOU C X, ZHAO Z Q, ZHOU W, et al. Certificateless key-insulated generalized signcryption scheme without bilinear pairings［J］. Security and Communication Networks, 2017,20(2): DOI: 10.1155/2017/8405879.
［12］ZHOU S, CHEN G, HUANG G, et al. Research on multi-authority CP-ABE access control model in multicloud［J］. China Communications, 2020,17(8):220-233.
［13］DENG H, WU Q, QIN B, et al. Ciphertext-policy hierarchical attribute-based encryption with short ciphertexts［J］. Information Sciences, 2014,275:370-384.
［14］Stanford University. PBC (Pairing-Based Cryptography) library ［EB/OL］. ［2021-09-15］. https://crypto.stanford.edu/pbc/.
［15］KUMAR V. A bilinear pairing based secure data aggregation scheme for WSNs［C］// 2019 15th International Wireless Communications & Mobile Computing Conference (IWCMC). 2019:102-107.
［16］ZHANG P, CHEN Z H, JOSEPH K L, et al. An efficient access control scheme with outsourcing capability and attribute update for fog computing［J］. Future Generation Computer Systems, 2018,78:753-762.
［17］Shamus Software Ltd. MIRACL Library［EB/OL］. ［2021-08-29］. https://github.com/miracl/MIRACL.
［18］ZHOU C X. An improved lightweight certificateless generalized signcryption scheme for mobile-health system［J］. International Journal of Distributed Sensor Networks, 2019. DOI: 10.1177/1550147718824465.
［19］张露露,光笑黎,刘继增. 车载自组网中基于属性的可搜索加密和属性更新［J］. 计算机系统应用, 2021,30(2):117-124.
［20］ZHU H, YUAN Y, CHEN Y, et al. A secure and efficient data integrity verification scheme for cloud-IoT based on short signature［J］. IEEE Access, 2019,7:90036-90044.
［21］刘欣,李向东,耿立校,等. 工业互联网环境下的工业大数据采集与应用［J］. 物联网技术, 2021,11(8):62-65.
［22］SHEN W, HU T, ZHANG C, et al. Secure sharing of big digital twin data for smart manufacturing based on blockchain［J］. Journal of Manufacturing Systems, 2021,61:338-350.
［23］QI X, MEI G, CUOMO S, et al. A network-based method with privacy-preserving for identifying influential providers in large healthcare service systems［J］. Future Generation Computer Systems, 2020,109:293-305.
［24］WANG P, LUO M. A digital twin-based big data virtual and real fusion learning reference framework supported by industrial internet towards smart manufacturing［J］. Journal of Manufacturing Systems, 2021,58:16-32.
［25］LI J, HU S, ZHANG Y, et al. A decentralized multi-authority ciphertext-policy attribute-based encryption with mediated obfuscation［J］. Soft Computing,2020,24(3):1869-1882.
［26］SUN Y, LIU Q, CHEN X, et al. An adaptive authenticated data structure with privacy-preserving for big data stream in cloud［J］. IEEE Transactions on Information Forensics and Security, 2020,15:3295-3310.
［27］LI S, ZHANG Y, XU C, et al. Cryptoanalysis of anauthenticated data structure scheme with public privacy-preserving auditing［J］. IEEE Transactions on Information Forensics and Security, 2021,16:2564-2565.

基于雾计算的工业互联网安全数据访问方法

Secure Data Access Method of Industrial Internet Based on Fog Computing

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

参考文献

相关文章 0

编辑推荐

Metrics

本文评价