信息网络安全 ›› 2022, Vol. 22 ›› Issue (1): 37-45.doi: 10.3969/j.issn.1671-1122.2022.01.005

• 技术研究 • 上一篇    下一篇

基于变色龙认证树的云边端协同流式数据完整性验证模型

李桐1,2, 任帅2, 王刚2, 孟庆宇3()   

  1. 1.东北大学计算机科学与工程学院,沈阳 110169
    2.国网辽宁省电力有限公司电力科学研究院,沈阳 110003
    3.东北大学软件学院,沈阳 110169
  • 收稿日期:2021-06-23 出版日期:2022-01-10 发布日期:2022-02-16
  • 通讯作者: 孟庆宇 E-mail:1531280129@qq.com
  • 作者简介:李桐(1990—),男,辽宁,工程师,博士研究生,主要研究方向为电力系统网络安全|任帅(1989—),男,辽宁,工程师,硕士,主要研究方向为信息安全|王刚(1978—),男,黑龙江,高级工程师,硕士,主要研究方向为网络安全|孟庆宇(1995—),男,辽宁,硕士研究生,主要研究方向为网络与信息安全
  • 基金资助:
    工信部工业企业网络安全综合防护平台项目-物联网终端虚拟化与安全验证技术研究(TC200H01V)

Cloud-edge-device Collaborative Integrity Verification Scheme Based on Chameleon Authentication Tree for Streaming Data

LI Tong1,2, REN Shuai2, WANG Gang2, MENG Qingyu3()   

  1. 1. School of Computer Science and Engineering, Northeastern University, Shenyang 110169, China
    2. State Grid Liaoning Electric Power Research Institute, Shenyang 110003, China
    3. Software College, Northeastern University, Shenyang 110169, China
  • Received:2021-06-23 Online:2022-01-10 Published:2022-02-16
  • Contact: MENG Qingyu E-mail:1531280129@qq.com

摘要:

物联网环境中的终端设备会产生大量的流式数据,如环境感知数据、工业控制数据、人体健康数据等,这些数据全部上传到云服务器会造成巨大的网络负担,云边协同的计算方式能够极大地缓解网络带宽以及云服务器的计算压力,加快数据的处理,提升服务响应能力。但是,云边协同计算同样面临着数据被窃取、篡改等问题。这些承载着重要信息的流式数据一旦遭到窃取或篡改,很可能造成严重的损失。为此,文章基于流式数据完整性验证重要方法——变色龙认证树,构建了一个支持数据机密性的云边端协同流式数据完整性验证模型(Cloud-edge-device Collaborative Integrity Verification Scheme for Streaming Data,CCIVS-SD),该模型包括5种实体:终端设备、边缘节点、云服务器、数据使用者和可信任第三方。文章给出模型的实体构成、形式化定义以及通信协议,并对模型进行分析,结果表明该模型能够完成流式数据插入、查询和完整性验证,并且能够保护数据的机密性。

关键词: 物联网, 边缘计算, 流式数据, 完整性, 变色龙认证树

Abstract:

Devices in the Internet of things produce a lot of streaming data, such as environment perception data, industrial control, human health data, etc., all these data uploaded to the cloud server will cause a huge burden on network, and the cloud-edge collaborative calculation mode can greatly alleviate the pressure of the network bandwidth and the cloud computing, and expedite the processing of data, improve the service response ability. However, cloud-edge collaborative computing is also faced with problems such as data theft and tampering. Obviously, once these streaming data carrying important information are tampered with, it is likely to cause serious losses. Based on the chameleon authentication tree (CAT), this paper constructed a cloud-edge-device collaborative integrity verification model for streaming data (CCIVS-SD) that supports data confidentiality protection. The scheme includes five entities: devices, edge nodes, cloud servers, data users and trusted third parties, which can complete appending, query, and integrity verification of the streaming data, and can also protect data privacy.

Key words: internet of things, edge computing, streaming data, integrity, chameleon authentication tree

中图分类号: