本文選題：ZigBee網(wǎng)絡　切入點：安全體系結(jié)構(gòu)　出處：《解放軍信息工程大學》2014年碩士論文　論文類型：學位論文

【摘要】：ZigBee是一種新興的短距離無線網(wǎng)絡技術(shù),目前已廣泛應用于人們生產(chǎn)生活的各個領域。隨著ZigBee技術(shù)的發(fā)展和和應用范圍的不斷擴大,ZigBee網(wǎng)絡的安全已成為產(chǎn)業(yè)界和學術(shù)界日益關注的問題。本文通過深入分析ZigBee安全服務規(guī)范,研究了ZigBee協(xié)議MAC層安全體系、網(wǎng)絡層安全體系和應用層安全體系,找出ZigBee原有規(guī)范中安全體系結(jié)構(gòu)存在的不足,并建立ZigBee安全增強架構(gòu),在此基礎上設計安全的主密鑰預分布方案和鏈接密鑰分布方案。首先,通過深入分析ZigBee協(xié)議MAC層安全體系、網(wǎng)絡層安全體系和應用層安全體系,研究ZigBee安全體系結(jié)構(gòu),針對ZigBee現(xiàn)有安全服務規(guī)范的不足,改進ZigBee協(xié)議棧應用層及安全服務提供者,針對ZigBee網(wǎng)絡設計了安全性增強的體系架構(gòu),為ZigBee密鑰分布方案的設計提供指導思路。其次,依據(jù)ZigBee網(wǎng)絡中的密鑰分布模型,分析了ZigBee網(wǎng)絡條件下原有主密鑰預分布方案的不足,深入研究了基于Blom的密鑰預分布模型,以多密鑰空間的Blom密鑰對預分布模型為基礎,依據(jù)ZigBee網(wǎng)絡拓撲結(jié)構(gòu)的不同,設計了ZigBee網(wǎng)絡主密鑰預分布方案并對方案進行了分析,提高了主密鑰預分布的安全性。最后,針對ZigBee節(jié)點組網(wǎng)時身份認證不強的問題,利用橢圓曲線加法群構(gòu)造了一種基于身份的ZigBee節(jié)點身份認證及鏈接密鑰分布方案。該方案能在完成鏈接密鑰分布的同時有效實現(xiàn)ZigBee節(jié)點雙向身份認證功能,具有較高的安全性和可擴展性。本文基于對ZigBee規(guī)范的深入分析,研究ZigBee網(wǎng)絡條件下的密鑰分布方案,有利于提高ZigBee技術(shù)的安全水平。
[Abstract]:ZigBee is a new short-range wireless network technology. At present, it has been widely used in various fields of people's production and life. With the development of ZigBee technology and the continuous expansion of its application scope, the security of ZigBee network has become an increasingly concerned problem in industry and academic circles. Analysis of ZigBee Security Service Specification, This paper studies the security architecture of MAC layer, network layer and application layer of ZigBee protocol, finds out the shortcomings of the security architecture in the original ZigBee specification, and establishes the security enhancement architecture of ZigBee. On this basis, we design a secure master key predistribution scheme and a link key distribution scheme. Firstly, through in-depth analysis of the ZigBee protocol MAC layer security architecture, network layer security architecture and application layer security architecture, we study the ZigBee security architecture. Aiming at the deficiency of the existing security service specification of ZigBee, the application layer and security service provider of ZigBee protocol stack are improved, and the architecture of security enhancement is designed for ZigBee network, which provides a guiding idea for the design of ZigBee key distribution scheme. According to the key distribution model in ZigBee network, the shortcomings of the original master key predistribution scheme under the condition of ZigBee network are analyzed, and the key predistribution model based on Blom is studied in depth. The model is based on the Blom key pair predistribution model in multi-key space. According to the different topological structure of ZigBee network, the scheme of master key predistribution in ZigBee network is designed and analyzed, which improves the security of master key predistribution. Finally, aiming at the problem that the identity authentication of ZigBee node is not strong, An identity-based ZigBee node identity authentication and link key distribution scheme is constructed by using elliptic curve addition group. This scheme can effectively realize the bidirectional authentication function of ZigBee node while completing the link key distribution. Based on the deep analysis of ZigBee specification, this paper studies the key distribution scheme under the condition of ZigBee network, which is helpful to improve the security level of ZigBee technology.
【學位授予單位】：解放軍信息工程大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TN92

【參考文獻】

相關期刊論文 前7條

1 楊斌;;基于AES的ZigBee標準安全機制分析[J];計算機工程與科學;2010年07期

2 李德仁;龔健雅;邵振峰;;從數(shù)字地球到智慧地球[J];武漢大學學報(信息科學版);2010年02期

3 劉博;戴國駿;申興發(fā);;基于TinyOS的ZigBee協(xié)議MAC層設計與實現(xiàn)[J];杭州電子科技大學學報;2008年05期

4 施汝杰;高佩君;田佳音;閔昊;;ZigBee網(wǎng)絡節(jié)點基帶處理器的設計與實現(xiàn)[J];計算機工程;2008年17期

5 虞志飛;鄔家煒;;ZigBee技術(shù)及其安全性研究[J];計算機技術(shù)與發(fā)展;2008年08期

6 楊庚;王江濤;程宏兵;容淳銘;;基于身份加密的無線傳感器網(wǎng)絡密鑰分配方法[J];電子學報;2007年01期

7 曾志峰;邱慧敏;朱龍海;;無線傳感器網(wǎng)絡中的安全威脅分析及對策[J];計算機應用研究;2007年01期

，

本文編號：1579327