微信服务号

微信订阅号

2025年4月26日 23:12 星期六
首页 > 过刊浏览>2019年第30卷第6期 >1614-1631. DOI:10.13328/j.cnki.jos.005739
PDF HTML阅读 XML下载 导出引用 引用提醒
基于联盟链的物联网动态数据溯源机制
作者:
作者简介:

乔蕊(1983-),女,河南周口人,副教授,CCF学生会员,主要研究领域为信息安全;曹琰(1983-),男,博士,讲师,CCF专业会员,主要研究领域为信息安全;王清贤(1960-),男,教授,博士生导师,CCF高级会员,主要研究领域为信息安全.

通讯作者:

乔蕊,E-mail:18033023@qq.com

基金项目:

国家重点研发计划(2016YFB0800203);河南省高校科技创新团队支持计划(17IRTSTHN009)


Traceability Mechanism of Dynamic Data in Internet of Things Based on Consortium Blockchain
Author:
Fund Project:

National Key R&D Project of China (2016YFB0800203); Program for Innovative Research Team (in Science and Technology) in University of Henan Province (17IRTSTHN009)

  • 摘要
    • | |
  • 访问统计
    • |
  • 参考文献 [59]
    • |
  • 相似文献 [20]
    • | | |
  • 文章评论
    摘要:

    物联网动态数据安全保护的重点是拒绝非授权用户的篡改,实现对物联网动态数据操作的过程留痕和追踪溯源.为解决大量物联网设备产生的动态数据安全存储与共享问题,建立了物联网动态数据存储安全问题的数学模型,提出了用于实现操作实体多维授权与动态数据存储的双联盟链结构,设计了基于验证节点列表的共识算法,给出了一种基于联盟链的动态数据溯源机制优化方案.进行了分析及实验,物联网操作实体个数小于106,操作实体授权特征值位数取64时,攻击者篡改授权的概率几乎为0,验证了所提方案具有较强的抵抗双重输出攻击、重放攻击及隐藏攻击的能力,能够有效杜绝攻击者对物联网动态数据的篡改、伪造等非授权访问操作,具有较好的应用价值.

    Abstract:

    The focus of dynamic data security protection of IoT (Internet of things) is to reject tampering of unauthorized users, meanwhile, to realize the process in evidence and track tracing of the dynamic data operation of IoT. In order to solve the problems such as secure storage and sharing of dynamic data generated by a large number of IoT devices, firstly, a mathematical model for the security of dynamic data storage was established, as well as dual consortium chain structure is proposed to realize multidimensional authorization and dynamic data storage of operational entities. Then, a consensus algorithm based on VNL (verification nodes list) was proposed. After that, an optimization scheme of dynamic data traceability mechanism based on consortium block chain was put forward. Finally, through open experiments and performance analysis, it shows that when the eigenvalue of the operation entity authorization is 64 and the number of IoT operation entities is less than 106, the succeed probability of the attacker is almost 0. Meanwhile the proposed scheme can effectively avoid potential attacks on dynamic data, such as double output attacks, replay attacks and hidden attacks and so on. Thus it can effectively prevent the attackers from unauthorized manipulation of the IoT, such as tampering or counterfeiting under approved accession mode. The scheme has good application value while ensuring the dynamic data storage security.

    参考文献
    [1] Zhu LH, Gao F, Shen M, Li YD, Zheng BK, Mao HL, Wu Z. Survey on privacy preserving techniques for blockchain technology. Journal of Computer Research and Development, 2017,54(10):2170-2186(in Chinese with English abstract).[doi:10.7544/issn1000-1239.2017.20170471]
    [2] Jongkuk L, Udatta SP, William Q. Supply chain efficiency and security:Coordination for collaborative investment in technology. European Journal of Operational Research, 2011,210(3):568-578.[doi:10.1016/j.ejor.2010.10.015]
    [3] Ning HS, Xu QY. Research on Global Internet of things' developments and it's construction in China. Acta Electronica Sinica, 2010,2(11):2590-2599(in Chinese with English abstract).
    [4] Faheem U, Edwards M, Ramdhany R, Babar MA, Rashid A. Data exfiltration:A review of external attack vectors and countermeasures. Journal of Network and Computer Applications, 2018,101(1):18-54.[doi:10.1016/j.jnca.2017.10.016]
    [5] Wagner J, Rasin A, Glavic B, Heart K, Furst J, Bressan L, Grier J. Carving database storage to detect and trace security breaches. Digital Investigation, 2017,22(8):127-136.[doi:10.1016/j.diin.2017.06.006]
    [6] Khanduja V. Database watermarking, a technological protective measure:Perspective, security analysis and future directions. Journal of Information Security and Applications, 2017,37(12):38-49.[doi:10.1016/j.jisa.2017.10.001]
    [7] Trivedi D, Zavarsky P, Butakov S. Enhancing relational database security by metadata segregation. Procedia Computer Science, 2016,94(1):453-458.[doi:10.1016/j.procs.2016.08.070]
    [8] Wassim EH, Ghassen BB, Hazem H, Haidar S, Ralph A. Security by construction in Web applications development via database annotations. Computers & Security, 2016,59(3):151-165.[doi:10.1016/j.cose.2015.12.004]
    [9] Feng DG, Zhang M, Zhang Y, Xu Z. Study on cloud computing security. Ruan Jian Xue Bao/Journal of Software, 2011,22(1):71-83(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/3958.htm[doi:10.3724/SP.J.1001.2011.03958]
    [10] Wei LF, Zhu HJ, Cao ZF, Dong XL, Jia WW, Chen YL, Vasilakos AV. Security and privacy for storage and computation in cloud computing. Information Sciences, 2014,258(3):371-386.[doi:10.1016/j.ins.2013.04.028]
    [11] Zhang YQ, Zhou W, Peng AN. Survey of Internet of things security. Journal of Computer Research and Development, 2017,54(10):2130-2143(in Chinese with English abstract).[doi:10.7544/issn1000-1239.2017.20170470]
    [12] Nissim N, Yahalom R, Elovici Y. USB-based attacks. Computers & Security, 2017,70(9):675-688.[doi:10.1016/j.cose.2017.08.002]
    [13] Yashashree D, Manasi N, Sumedha V, Nikita Z. Database security using intrusion detection system. Int'l Journal of Scientific & Engineering Research, 2017,8(2):30-35.
    [14] Yang BH, Chen C. Block Chain Principle, Design and Application. Beijing:China Machine Press, 2017.5-19(in Chinese).
    [15] Huh S, Cho S, Kim S. Managing IoT devices using blockchain platform. In:Proc. of the 19th Int'l Conf. on Advanced Communication Technology (ICACT). IEEE, 2017.464-467.[doi:10.23919/ICACT.2017.7890132]
    [16] Zhang YQ, Wang XF, Liu XF, Liu L. Survey on cloud computing security. Ruan Jian Xue Bao/Journal of Software, 2016,27(6):1328-1348(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5004.htm[doi:10.13328/j.cnki.jos.005004]
    [17] Yang GY, Yu J, Shen WT, Su QQ, Fu ZJ, Hao R. Enabling public auditing for shared data in cloud storage supporting identity privacy and traceability. Journal of Systems and Software, 2016,113(3):130-139.[doi:10.1016/j.jss.2015.11.044]
    [18] Helpnetsecurity. Top 12 cloud computing threats in 2016. https://www.helpnetsecurity.com/2016/03/01/top-12-cloud-computing-threats-in-2016/
    [19] Alfian G, Rhee J, Ahn H, Lee J, Farooq U, Fazalljaz M, Syaekhoni MA. Integration of RFID, wireless sensor networks, and data mining in an e-pedigree food traceability system. Journal of Food Engineering, 2017,212(11):65-75.[doi:10.1016/j.jfoodeng.2017.05.008]
    [20] Gandino F, Montrucchio B, Rebaudengo M. A security protocol for RFID traceability. Int'l Journal of Communication Systems, 2016,30(6):1-14.[doi:10.1002/dac.3109]
    [21] Choi S, Kim H, Lee S, Lee K, Lee H. A fully integrated CMOS security-enhanced passive RFID tag. ETRI Journal, 2014,36(1):141-150.[doi:10.4218/etrij.14.0112.0674]
    [22] Liu TT. Research on key technologies of data security towards cloud computing[Ph.D. Thesis]. Zhengzhou:PLA Information Engineering University, 2013(in Chinese with English abstract).
    [23] He M, Chen GH, Liang WH, Lai HG, Ling C. Cloud data storage security and privacy protection policies under IoT environment. Computer Science, 2012,39(5):62-65,90(in Chinese with English abstract).[doi:10.3969/j.issn.1002-137X.2012.05.013]
    [24] Li WW, You WX, Wang XP. Survey of cyber security research in power system. Power System Protection and Control, 2011, 39(10):140-147(in Chinese with English abstract).[doi:10.1080/17415993.2010.547197]
    [25] Eyal I, Gencer AE, Sirer EG, Renesse RV. Bitcoin-NG:A scalable blockchain protocol. In:Proc. of the 13th USENIX Symp. on Networked Systems Design and Implementation. Berkeley:USENIX Association, 2016.45-59.
    [26] Sompolinsky Y, Zohar A. Secure high-rate transaction processing in bitcoin. In:Proc. of the Int'l Conf. on Financial Cryptography and Data Security. Berlin:Springer-Verlag, 2015.507-527.[doi:10.1007/978-3-662-47854-7_32]
    [27] Lewenberg Y, Sompolinsky Y, Zohar A. Inclusive block chain protocols. In:Proc. of the Int'l Conf. on Financial Cryptography and Data Security. Berlin:Springer-Verlag, 2015.528-547.[doi:10.1007/978-3-662-47854-7_33]
    [28] Hardjono T, Smith N. Cloud-based commissioning of constrained devices using permissioned blockchains. In:Proc. of the ACM Int'l Workshop on IoT Privacy, Trust, and Security. New York:ACM Press, 2016.29-36.[doi:10.1145/2899007.2899012]
    [29] Liu AD, Du XH, Wang N, Li SZ. Research progress of blockchain technology and its application in information security. Ruan Jian Xue Bao/Journal of Software, 2018,29(6):2092-2115(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/5589. htm[doi:10.13328/j.cnki.jos.005589]
    [30] Iansiti M, Lakhani KR. The truth about blockchain. Harvard Business Review, 2017,95(1):118-127.
    [31] Yuan Y, Wang FY. Blockchain:The state of the art and future trends. Acta Automatica Sinica, 2016,42(4):481-494(in Chinese with English abstract).[doi:10.16383/j.aas.2016.c160158]
    [32] Nakamoto S. Bitcoin:A peer-to-peer electronic cash system. In:Proc. of the Consulted. 2008. https://bitcoin.org/bitcoin.pdf
    [33] McWaters R, Galaski R, Bruno G, Chatterjee S. The future of financial infrastructure:An ambitious look at how blockchain can reshape financial services. In:Proc. of the World Economic Forum. 2016.8.
    [34] Fan J, Yi LT, Shu JW. Research on the technologies of Byzantine system. Ruan Jian Xue Bao/Journal of Software, 2013,24(6):1346-1360(in Chinese with English abstract). http://www.jos.org.cn/1000-9825/4395.htm[doi:10.3724/SP.J.1001.2013.04395]
    [35] Pass R, Seeman L, Shelat A. Analysis of the blockchain protocol in asynchronous networks. In:Proc. of the Advances in Cryptology-EUROCRYPT. Berlin:Springer-Verlag, 2017.643-673.[doi:10.1007/978-3-319-56614-6_22]
    [36] Garay JA, Kiayias A, Leonardos N. The bitcoin backbone protocol:Analysis and applications. In:Proc. of the Advances in Cryptology-EUROCRYPT (2). Berlin:Springer-Verlag, 2015.281-310.[doi:10.1007/978-3-662-46803-6_10]
    [37] Nakasumi M. Information sharing for supply chain management based on block chain technology. In:Proc. of the 2017 IEEE 19th Conf. on Business Informatics (CBI). IEEE Computer Society, 2017.140-149.[doi:10.1109/CBI.2017.56]
    [38] Pinzón C, Rocha C. Double-spend attack models with time advantage for bitcoin. Electronic Notes in Theoretical Computer Science, 2016,329(9):79-103.[doi:10.1016/j.entcs.2016.12.006]
    [39] Sikorski JJ, Haughton J, Kraft M. Blockchain technology in the chemical industry:Machine-to-machine electricity market. Applied Energy, 2017,195(2):234-246.[doi:10.1016/j.apenergy.2017.03.039]
    [40] Wood G. Ethereum:A secure decentralised generalised transaction ledger. Ethereum Project Yellow Paper, 2014,150(1):1-32.
    [41] R3CEV. R3.2017. http://www.r3cev.com/
    [42] Hyperledger. Hyperledger. 2016. https://www.hyperledger.org/
    [43] Gramoli V. From blockchain consensus back to Byzantine consensus. Future Generation Computer Systems, 2017,9(1):1-20.[doi:10.1016/j.future.2017.09.023]
    [44] Reid F, Harrigan M. An analysis of anonymity in the bitcoin system. In:Proc. of the Security and Privacy in Social Networks. New York:Springer-Verlag, 2013.197-223.[doi:10.1007/978-1-4614-4139-7_10]
    [45] Qiao R, Dong S, Wei Q, Wang QX. Research on security mechanism of dynamic data storage based on block chain technology. Computer Science, 2018,45(2):55-60(in Chinese with English abstract).[doi:10.11896/j.issn.1002-137X.2018.02.010]
    附中文参考文献:
    [1] 祝烈煌,高峰,沈蒙,李艳东,郑宝昆,毛洪亮,吴震.区块链隐私保护研究综述.计算机研究与发展,2017,54(10):2170-2186.[doi:10.7544/issn1000-1239.2017.20170471]
    [3] 宁焕生,徐群玉.全球物联网发展及中国物联网建设若干思考.电子学报,2010,2(11):2590-2599.
    [9] 冯登国,张敏,张妍,徐震.云计算安全研究.软件学报,2011,22(1):71-83. http://www.jos.org.cn/1000-9825/3958.htm[doi:10.3724/SP.J.1001.2011.03958]
    [11] 张玉清,周威,彭安妮.物联网安全综述.计算机研究与发展,2017,54(10):2130-2143.[doi:10.7544/issn1000-1239.2017.20170470]
    [14] 杨保华,陈昌.区块链原理、设计与应用.北京:机械工业出版社,2017.
    [16] 张玉清,王晓菲,刘雪峰,刘玲.云计算环境安全综述.软件学报,2016,27(6):1328-1348. http://www.jos.org.cn/1000-9825/5004.htm[doi:10.13328/j.cnki.jos.005004]
    [22] 刘婷婷.面向云计算的数据安全保护关键技术研究[博士学位论文].郑州:解放军信息工程大学,2013.
    [23] 何明,陈国华,梁文辉,赖海光,凌晨.物联网环境下云数据存储安全及隐私保护策略研究.计算机科学,2012,39(5):62-65,90.[doi:10.3969/j.issn.1002-137X.2012.05.013]
    [24] 李文武,游文霞,王先培.电力系统网络安全研究综述.电力系统保护与控制,2011,39(10):140-147.[doi:10.1080/17415993.2010.547197]
    [29] 刘敖迪,杜学绘,王娜,李少卓.区块链技术及其在信息安全领域的研究进展.软件学报,2018,29(6):2092-2115. http://www.jos.org.cn/1000-9825/5589.htm[doi:10.13328/j.cnki.jos.005589]
    [31] 袁勇,王飞跃.区块链技术发展现状与展望.自动化学报,2016,42(04):481-494.[doi:10.16383/j.aas.2016.c160158]
    [34] 范捷,易乐天,舒继武.拜占庭系统技术研究综述.软件学报,2013,24(6):1346-1360. http://www.jos.org.cn/1000-9825/4395.htm[doi:10.3724/SP.J.1001.2013.04395]
    [45] 乔蕊,董仕,魏强,王清贤.基于区块链技术的动态数据存储安全机制研究.计算机科学,2018,45(2):55-60.[doi:10.11896/j.issn. 1002-137X.2018.02.010]
    引证文献
    网友评论
    网友评论
    分享到微博
    发 布
引用本文

乔蕊,曹琰,王清贤.基于联盟链的物联网动态数据溯源机制.软件学报,2019,30(6):1614-1631

复制
分享
文章指标
  • 点击次数:4040
  • 下载次数: 8674
  • HTML阅读次数: 3978
  • 引用次数: 0
历史
  • 收稿日期:2018-06-25
  • 最后修改日期:2018-10-12
  • 在线发布日期: 2019-03-28
文章二维码
友情链接:中国科学院软件研究所中国计算机学会中国科学院国家自然科学基金委员会CCF数字图书馆Int'l J of Softw Info计算机系统应用
您是第19877027位访问者
版权所有:中国科学院软件研究所 京ICP备05046678号-3
地址:北京市海淀区中关村南四街4号,邮政编码:100190
电话:010-62562563 传真:010-62562533 Email:jos@iscas.ac.cn
技术支持:北京勤云科技发展有限公司

京公网安备 11040202500063号