基于物聯(lián)網(wǎng)安全認(rèn)證技術(shù)的研究與實現(xiàn)
發(fā)布時間:2019-01-18 15:01
【摘要】:物聯(lián)網(wǎng)是以互聯(lián)網(wǎng)為基礎(chǔ),延伸到物與物之間的通信,使設(shè)備之間的通信不需要通過人而直接交換信息的技術(shù)。物聯(lián)網(wǎng)的發(fā)展和廣泛應(yīng)用,使人們越來越深刻體會到物聯(lián)網(wǎng)所帶來的便利,但這種不需要人參與的技術(shù)也引入了新的安全隱患。在物聯(lián)網(wǎng)環(huán)境中,不斷增長的終端設(shè)備給無線通信網(wǎng)絡(luò)帶來壓力和考驗。當(dāng)大量設(shè)備同時或在相當(dāng)短的時間內(nèi)接入網(wǎng)絡(luò)時,如果仍采用一對一的認(rèn)證機制,那么不僅會導(dǎo)致網(wǎng)絡(luò)繁忙,而且會占用大量網(wǎng)絡(luò)資源,從而給網(wǎng)絡(luò)承載能力帶來嚴(yán)峻考驗。本文在對物聯(lián)網(wǎng)安全體系架構(gòu)、特點的研究基礎(chǔ)上,實現(xiàn)了一個組認(rèn)證系統(tǒng),主要是解決了大量物聯(lián)網(wǎng)終端設(shè)備同時接入網(wǎng)絡(luò)所帶來的網(wǎng)絡(luò)資源消耗和擁塞,以及實現(xiàn)物聯(lián)網(wǎng)環(huán)境中更安全更高效地進行認(rèn)證。本文基于現(xiàn)有3GPP網(wǎng)絡(luò)中的AKA認(rèn)證方式,設(shè)計并實現(xiàn)對具有組特性的物聯(lián)網(wǎng)終端設(shè)備在接入網(wǎng)絡(luò)前的安全認(rèn)證。整個系統(tǒng)設(shè)計了服務(wù)端子系統(tǒng)和客戶端子系統(tǒng)等2個子系統(tǒng),分別獨立運行并完成各自的主要職責(zé)。系統(tǒng)首先是實現(xiàn)物聯(lián)網(wǎng)網(wǎng)關(guān)與認(rèn)證服務(wù)器之間的雙向認(rèn)證,除了首個組內(nèi)終端通過物聯(lián)網(wǎng)網(wǎng)關(guān)與認(rèn)證服務(wù)器之間進行雙向認(rèn)證,其他組內(nèi)的終端只需要和物聯(lián)網(wǎng)網(wǎng)關(guān)之間進行雙向認(rèn)證即可。通過Eriksson-Penker業(yè)務(wù)擴展模型方法進行需求分析,對基礎(chǔ)框架和各個子系統(tǒng)進行業(yè)務(wù)分析。通過Enterprise Architect工具進行概要設(shè)計,設(shè)計了組認(rèn)證系統(tǒng)總體結(jié)構(gòu)圖,以及各個子系統(tǒng)模塊的系統(tǒng)包圖和系統(tǒng)類圖。本系統(tǒng)的軟件開發(fā)環(huán)境選擇Visual Studio 2010 SP1,通過Socket通信建立通信連接,使用C++.NET實現(xiàn)Auth庫文件(authlibeay32.dll)的調(diào)用訪問和認(rèn)證接口的封裝。通過編寫模擬測試程序,構(gòu)建簡易的測試環(huán)境對Socket通訊、客戶端子系統(tǒng)和服務(wù)端子系統(tǒng)進行測試驗證。本文在深入了解物聯(lián)網(wǎng)系統(tǒng)架構(gòu)、物聯(lián)網(wǎng)安全特征及安全體系架構(gòu)等背景知識的基礎(chǔ)上,全面分析和總結(jié)了現(xiàn)有安全認(rèn)證技術(shù)所存在的問題,提出組認(rèn)證解決方案,并加以設(shè)計實現(xiàn)。本系統(tǒng)基本上實現(xiàn)了大量具有組特性的物聯(lián)網(wǎng)終端設(shè)備同時接入網(wǎng)絡(luò)的安全認(rèn)證,相信在今后物聯(lián)網(wǎng)的安全認(rèn)證技術(shù)的研究和應(yīng)用中也會發(fā)揮作用。
[Abstract]:The Internet of things (IoT) is a technology based on the Internet which extends to the communication between objects so that the communication between devices does not need to be directly exchanged by people. With the development and wide application of the Internet of things, people are more and more aware of the convenience brought about by the Internet of things, but this technology, which does not require the participation of people, has also introduced a new security hazard. In the Internet of things (IoT) environment, the growing terminal equipment brings pressure and test to wireless communication network. When a large number of devices are connected to the network at the same time or in a relatively short time, if we still adopt one-to-one authentication mechanism, it will not only lead to the busy network, but also occupy a lot of network resources, thus bring a severe test to the carrying capacity of the network. Based on the research of the security architecture and characteristics of the Internet of things, this paper implements a group authentication system, which mainly solves the network resource consumption and congestion caused by a large number of terminal devices of the Internet of things connected to the network at the same time. And to achieve more secure and efficient authentication in the Internet of things environment. Based on the AKA authentication in the existing 3GPP network, this paper designs and implements the security authentication of the Internet of things terminal devices with group characteristics before accessing the network. The whole system designed two subsystems, such as server subsystem and client subsystem, which run independently and complete their main responsibilities. The system first realizes the bidirectional authentication between the Internet of things gateway and the authentication server, except for the first group terminal to carry on the bidirectional authentication between the Internet of things gateway and the authentication server. Other groups of terminals only need to be bidirectional authentication between the Internet of things gateway. The requirement analysis is carried out through the Eriksson-Penker service extension model method, and the service analysis of the basic framework and each subsystem is carried out. The overall structure diagram of the group authentication system, the system package diagram and the system class diagram of each subsystem module are designed by the Enterprise Architect tool. The software development environment of this system chooses Visual Studio 2010 SP1, to establish communication connection through Socket communication, and C. Net is used to realize the call access of Auth library file (authlibeay32.dll) and the encapsulation of authentication interface. A simple test environment is built to test and verify Socket communication, client subsystem and service terminal system. Based on the deep understanding of the Internet of things system architecture, the security characteristics of the Internet of things and the security architecture, this paper comprehensively analyzes and summarizes the problems existing in the existing security authentication technology, and puts forward a group authentication solution. And it is designed and realized. This system basically realizes a large number of Internet of things terminal devices with group characteristics to access the network security authentication at the same time, I believe in the future research and application of the Internet of things security authentication technology will also play a role.
【學(xué)位授予單位】:電子科技大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TP391.44;TN929.5
本文編號:2410841
[Abstract]:The Internet of things (IoT) is a technology based on the Internet which extends to the communication between objects so that the communication between devices does not need to be directly exchanged by people. With the development and wide application of the Internet of things, people are more and more aware of the convenience brought about by the Internet of things, but this technology, which does not require the participation of people, has also introduced a new security hazard. In the Internet of things (IoT) environment, the growing terminal equipment brings pressure and test to wireless communication network. When a large number of devices are connected to the network at the same time or in a relatively short time, if we still adopt one-to-one authentication mechanism, it will not only lead to the busy network, but also occupy a lot of network resources, thus bring a severe test to the carrying capacity of the network. Based on the research of the security architecture and characteristics of the Internet of things, this paper implements a group authentication system, which mainly solves the network resource consumption and congestion caused by a large number of terminal devices of the Internet of things connected to the network at the same time. And to achieve more secure and efficient authentication in the Internet of things environment. Based on the AKA authentication in the existing 3GPP network, this paper designs and implements the security authentication of the Internet of things terminal devices with group characteristics before accessing the network. The whole system designed two subsystems, such as server subsystem and client subsystem, which run independently and complete their main responsibilities. The system first realizes the bidirectional authentication between the Internet of things gateway and the authentication server, except for the first group terminal to carry on the bidirectional authentication between the Internet of things gateway and the authentication server. Other groups of terminals only need to be bidirectional authentication between the Internet of things gateway. The requirement analysis is carried out through the Eriksson-Penker service extension model method, and the service analysis of the basic framework and each subsystem is carried out. The overall structure diagram of the group authentication system, the system package diagram and the system class diagram of each subsystem module are designed by the Enterprise Architect tool. The software development environment of this system chooses Visual Studio 2010 SP1, to establish communication connection through Socket communication, and C. Net is used to realize the call access of Auth library file (authlibeay32.dll) and the encapsulation of authentication interface. A simple test environment is built to test and verify Socket communication, client subsystem and service terminal system. Based on the deep understanding of the Internet of things system architecture, the security characteristics of the Internet of things and the security architecture, this paper comprehensively analyzes and summarizes the problems existing in the existing security authentication technology, and puts forward a group authentication solution. And it is designed and realized. This system basically realizes a large number of Internet of things terminal devices with group characteristics to access the network security authentication at the same time, I believe in the future research and application of the Internet of things security authentication technology will also play a role.
【學(xué)位授予單位】:電子科技大學(xué)
【學(xué)位級別】:碩士
【學(xué)位授予年份】:2014
【分類號】:TP391.44;TN929.5
【參考文獻】
相關(guān)期刊論文 前3條
1 臧勁松;;物聯(lián)網(wǎng)安全性能分析[J];計算機安全;2010年06期
2 李文;;物聯(lián)網(wǎng)技術(shù)及其應(yīng)用[J];福建電腦;2010年09期
3 曹青林;;物聯(lián)網(wǎng)研究現(xiàn)狀綜述[J];軟件導(dǎo)刊;2010年05期
,本文編號:2410841
本文鏈接:http://sikaile.net/kejilunwen/wltx/2410841.html
最近更新
教材專著
