面向车队的安全且具备隐私保护的移动性管理框架

doi:10.3969/j.issn.1671-1122.2018.07.005

摘要/Abstract

摘要：

针对异构车载网络中支持安全高效的移动性管理的问题,以及支持新兴的面向车队环境所面临的性能方面的挑战,文章基于OpenFlow（OF）协议的软件定义网络（SDN）概念,提出了一种新的基于SDN的车联-蜂窝集成网络架构,同时引入一个统一的安全无缝IP通信框架。文章试图解决两个主要挑战：1）在考虑车辆的社会属性时,如何以隐私保护方式安全和灵活地建立群组;2）如何控制切换信令开销（主要由基于群组的切换认证和IPsec建立引入）,并且当大量群组成员需要安全地访问因特网时,可以减少切换延迟。性能评估表明,文章所提出的方案在平均信令开销和切换延迟方面优于其他方案。

关键词: 软件定义网络, 群组, 隐私保护, 切换认证, 移动性管理

Abstract:

To address the problem of supporting secure and efficient mobility management in heterogeneous vehicular networking, as well as performance challenges in supporting emerging for vehicle platoon environments. In this paper, a new SDN-enabled VANET-Cellular integrated network architecture is proposed by following the SDN concept, which is based on the OpenFlow (OF) protocol. And we introduce a unified secure and seamless IP communications framework. We try to address two major challenges: 1) how to securely and flexibly set up the platoon in a privacy preserving way when considering the vehicles’ social attributes, and 2) how to control the handover signalling overhead (mainly introduced by group based handover authentication and IPsec establishment), and reduce handover latency when a large number of platoon members need to securely access the Internet. The performance evaluations demonstrate that the proposed proposal outperforms other schemes in terms of average signaling cost and handover latency.

Key words: SDN, group, privacy preserving, handover authentication, mobility management

中图分类号:

TP309

赖成喆, 王文娟. 面向车队的安全且具备隐私保护的移动性管理框架[J]. 信息网络安全, 2018, 18(7): 36-46.

Chengzhe LAI, Wenjuan WANG. Secure Mobility Management Framework with Privacy Preservation for Vehicle Platoon[J]. Netinfo Security, 2018, 18(7): 36-46.

图/表 7

表1

图1

图2

图3

表2

图4

图5

参考文献 33

[1]	LU N, CHENG N, ZHANG N, et al.Connected Vehicles: Solutions and Challenges[J].Internet of Things Journal IEEE, 2014, 1(4):289-299.
[2]	SU Z, HUI Y, YANG Q.The Next Generation Vehicular Networks: A Content-Centric Framework[J].IEEE Wireless Communications, 2017, 24(1):60-66.
[3]	LUAN T H,LU R,SHEN X, et al.Social on the Road: Enabling Secure and Efficient Social Networking on Highways[J].IEEE Wireless Communications, 2015, 22(1):44-51.
[4]	LAI C,ZHANG K,CHENG N,et al.SIRC: A Secure Incentive Scheme for Reliable Cooperative Downloading in Highway VANETs[J].IEEE Transactions on Intelligent Transportation Systems, 2017,18(99):1-16.
[5]	FU Z,WU X,GUAN C, et al.Toward Efficient Multi-Keyword Fuzzy Search Over Encrypted Outsourced Data With Accuracy Improvement[J].IEEE Transactions on Information Forensics & Security, 2016, 11(12):2706-2716.
[6]	LUAN T H, LING X, SHEN X.MAC in Motion: Impact of Mobility on the MAC of Drive-Thru Internet[J].IEEE Transactions on Mobile Computing, 2011, 11(2):305-319.
[7]	SHANG Jin, XIE Jun, JIANG Dongyi, et al.Research on Abnormal Behavior Analysis of Modern Networking Security Architecture. Netinfo Security, 2015, 15(9): 15-19.
	尚进,谢军,蒋东毅,等.现代网络安全架构异常行为分析模型研究[J].信息网络安全,2015,15(9):15-19.
[8]	PERKINS C E, JOHNSON D B. Mobility Support in IPv6[EB/OL]. ,2011-7-15.
[9]	TSAO S L,LIN C C.Design and Evaluation of UMTS-WLAN Interworking Strategies[EB/OL].,2017-10-15.
[10]	CHEN J C, CHEN W M, LIN H W. Design and Analysis of GPRS-WLAN Mobility Gateway (GWMG)[EB/OL].,2017-10-15.
[11]	PHIRI F A, MURTHY M B R. WLAN-GPRS Tight Coupling Based Interworking Architecture with Vertical Handoff Support[J].Wireless Personal Communications, 2007, 40(2):137-144.
[12]	WU I W, CHEN W S, Liao H E, et al.A seamless handoff approach of Mobile IP protocol for mobile wireless data networks[J]. IEEE Transactions on Consumer Electronics, 2002, 48(2):335-344.
[13]	YUAN Chao, ZHANG Hao, Gulliver Thomas Aaron.ASEP Performance Analysis of Vehicle-to-Vehicle Communication System over N-Rayleigh Fading Channels in IoV[J].Netinfo Security, 2016,16(3): 40-46.
	袁超,张浩,GULLIVER T A.车联网中协作车—车通信系统在N-Rayleigh信道下ASEP性能分析[J].信息网络安全,2016,16(3):40-46.
[14]	BADCHE N,TANDJAOUI D.A Seamless Handoff Protocol for Hierarchical Mobile IPv4[C]//IEEE. International Workshop on Mobile and Wireless Communications Network, September 9-11, 2002, Stockholm, Sweden. New York: IEEE, 2002:651-655.
[15]	ZUO Qingyun, ZHANG Haisu.Analysis and Research on Network Security for OpenFlow-based SDN[J].Netinfo Security, 2015, 15(2): 26-32.
	左青云,张海粟. 基于OpenFlow的SDN网络安全分析与研究[J]. 信息网络安全,2015,15(2):26-32.
[16]	KIM M S, LEE S K.Enhanced Network Mobility Management for Vehicular Networks[J].IEEE Transactions on Intelligent Transportation Systems, 2016, 17(5):1329-1340.
[17]	FERNANDEZ J, BERNAL F, et al.Securing Vehicular IPv6 Communications[J].IEEE Transactions on Dependable and Secure Computing, 2016, 13(1):46-58.
[18]	VINEL A, LAN L, LYAMIN N.Vehicle-to-Vehicle Communication in C-ACC/Platooning Scenarios[J].IEEE Communications Magazine, 2015, 53(8):192-197.
[19]	COOPER C, FRANKLIN D, ROS M, et al.A Comparative Survey of VANET Clustering Techniques[J].IEEE Communications Surveys & Tutorials, 2017, 19(1):657-681.
[20]	LU R,LIN X,SHEN X.SPOC: A Secure and Privacy-Preserving Opportunistic Computing Framework for Mobile-Healthcare Emergency[J].IEEE Transactions on Parallel and Distributed Systems, 2013, 24(3):614-624.
[21]	LAI Chengzhe, ZHENG Dong.Research on 3GPP Authentication and Key Agreement Protocols[J].Netinfo Security, 2016, 16(8): 24-31.
	赖成喆,郑东.3GPP认证和密钥协商协议综述[J].信息网络安全,2016,16(8):24-31.
[22]	KIM Y, PERRIG A,TSUDIK G.Simple and Fault-tolerant Key Agreement for Dynamic Collaborative Groups[C]//ACM. ACM Conference on Computer and Communications Security. November 1-4, 2000, Athens, Greece. New York: ACM, 2000:235-244.
[23]	LAI C,LU R,ZHENG D.SPGS: A Secure and Privacy-Preserving Group Setup Framework for Platoon-based Vehicular Cyber-Physical Systems[M]. New York:Scurity and Communication Networks,2016.
[24]	LI J, KIM K, ZHANG F, et al.Aggregate Proxy Signature and Verifiably Encrypted Proxy Signature[C]//Springer-Verlag. International Conference on Provable Security. November 1-2, 2007, Wollonggong, Australia. Berlin, Germany: Springer-Verlag, 2007:208-217.
[25]	LO S C, LEE G, CHEN W T, et al.Architecture for Mobility and QoS Support in all-IP Wireless Networks[J]. IEEE Journal on Selected Areas in Communications, 2004, 22(4):691-705.
[26]	KONG K S, LEE W, HAN Y H, et al.Mobility Management for all-IP Mobile Networks: Mobile IPv6 vs. Proxy Mobile IPv6[J]. IEEE Wireless Communications, 2008, 15(2):36-45.
[27]	STEPHANE A, AGHVAMI A H.Fast Handover Schemes for Future Wireless IP Networks: A Proposal and Analysis[C]//IEEE. Vehicular Technology Conference, May 6-9, 2001, Rhodes, Greece. New York: IEEE, 2001:2046-2050.
[28]	LAI C, LI H, LU R, et al.SE-AKA: A Secure and Efficient Group Authentication and Key Agreement Protocol for LTE Networks[J].Computer Networks, 2013, 57(17):3492-3510.
[29]	LAI C, LI H, LU R, et al.SEGR: A Secure and Efficient Group Roaming Scheme for Machine to Machine Communications between 3GPP and WiMAX Networks[C]//IEEE. IEEE International Conference on Communications, June 10-14, 2014, Sydney, NSW, Australia. New York: IEEE, 2014:1011-1016.
[30]	LAI C, LU R, ZHENG D. Achieving Secure and Seamless IP Communications for Group-Oriented Software Defined Vehicular Networks[EB/OL]., 2017-10-15.
[31]	FAIGL Z,LINDSKOG S,BRUNSTROM A.Performance Evaluation of IKEv2 Authentication Methods in Next Generation Wireless Networks[J].Security and Communication Networks, 2010, 3(1):83-98.
[32]	FATHI H, PRASASD R,CHAKRABORTY S.Mobility Management for VoIP in 3G Systems: Evaluation of Low-Latency Handoff Schemes[J].IEEE Wireless Communications, 2005, 12(2):96-104.
[33]	LAI C,LU R,ZHENG D, et al.GLARM: Group-based Lightweight Authentication Scheme for Resource-Constrained Machine to Machine Communications[J].Computer Networks,2016,99:66-81.