计算机科学 ›› 2020, Vol. 47 ›› Issue (11): 10-18.doi: 10.11896/jsjkx.200500003

所属专题: 智能移动身份认证

• 智能移动身份认证 • 上一篇    下一篇

面向边缘计算环境的密码技术研究综述

程庆丰1,2, 李钰汀1,2, 李兴华3, 姜奇3   

  1. 1 战略支援部队信息工程大学网络空间安全学院 郑州 450001
    2 数学工程与先进计算国家重点实验室 郑州 450001
    3 西安电子科技大学网络与信息安全学院 西安 710071
  • 收稿日期:2020-05-06 修回日期:2020-08-12 出版日期:2020-11-15 发布日期:2020-11-05
  • 通讯作者: 李钰汀(1006150850@qq.com)
  • 作者简介:qingfengc2008@sina.com
  • 基金资助:
    国家自然科学基金(61872449,U1708262,U1736203,61672413)

Research on Application of Cryptography Technology for Edge Computing Environment

CHENG Qing-feng1,2, LI Yu-ting1,2, LI Xing-hua3, JIANG Qi3   

  1. 1 School of Cybersapce Security,Strategic Support Force Information Engineering University,Zhengzhou 450001,China
    2 State Key Laboratory of Mathematical Engineering and Advanced Computing,Zhengzhou 450001,China
    3 School of Cyber Engineering,Xidian University,Xi'an 710071,China
  • Received:2020-05-06 Revised:2020-08-12 Online:2020-11-15 Published:2020-11-05
  • About author:CHENG Qing-feng,born in 1979,Ph.D,associate professor,Ph.D supervisor.His main research interests include cryptography and information security.
    LI Yu-ting,born in 1996,postgraduate.Her main research interests include cryptography and edge computing.
  • Supported by:
    This work was supported by the National Natural Science Foundation of China (61872449,U1708262,U1736203,61672413).

摘要: 边缘设备数量的急剧增加导致数据量的爆炸式增长,以云计算模型为代表的集中式数据处理模型因其存储特点与传输带宽的限制已经无法满足数据处理的实时性和高效性需求。在此背景下,边缘计算模型开始进入公众视野。由于设备轻量化、架构异构性等新特点,边缘计算在发展过程中面临着安全方面的巨大挑战。密码技术作为保护信息安全的关键手段,对应对边缘计算安全挑战有重要意义。传统的较为成熟和完备的密码技术方案,需要针对边缘计算的特点做出相应调整以适应新架构的需求。文中从边缘计算架构面临的安全挑战入手,重点分析了可应用于数据安全领域和应用安全领域的密码技术,通过与已有的研究方案进行比较,展示了不同密码技术在边缘计算安全保护中的优势,为面向边缘计算的密码技术应用提供了新的思路。

关键词: 安全防护, 边缘计算, 密码技术, 密钥协商, 身份认证

Abstract: The sharp increase in the number of edge devices has led to an explosive growth in the amount of data.The centralized data processing model,represented by cloud computing model,has been unable to meet the real-time and high-efficiency requirements of data processing due to its storage characteristics and transmission bandwidth limitations.As the amount of data grows,the importance of edge computing is recognized.Edge computing faces huge security challenges in the development process due to the new features of the edge computing model such as lightweight equipment and heterogeneous architecture.As an important means of protecting information security,cryptography is of great significance for dealing with the security challenges of edge computing.Traditional mature and complete cryptography technologies require corresponding adjustments to the characteristics of edge computing,in order to meet the needs of the new architecture.This paper starts with the security challenges that edge computing model faces,analyzes the corresponding cryptographic technical solutions in the data security field and the application security field,and compares existing research schemes to show the advantages of different technologies in edge computing security protection,which provides new ideas for the application of cryptographic technologies for edge computing.

Key words: Cryptography technologies, Edge computing, Identity authentication, Key agreement, Security protection

中图分类号: 

  • TP309.2
[1] CULLER D E.The Once and Future Internet of Everything[EB/OL].http://sites.nation- alacademies.org/cs/groups/cstbsite/documents/webpage/cstb_160416.pdf.
[2] SHI W,SUN H,CAO J.Edge Computing :An Emerging Computing Model for the Internet of Everything era[J].Journal of Computer Research and Development,2017,54(5):907-924.
[3] SHI W,CAO J,ZHANG Q,et al.Edge Computing:Vision and Challenges[J].IEEE Internet of Things Journal,2016,3(5):637-646.
[4] SATYANARAYANAN M.The Emergence of Edge Computing[J].Computer,2017,50(1):30-39.
[5] VARGHESE B,WANG N,BARBHUIYA S,et al.Challengesand Opportunities in Edge Computing[C]//2016 IEEE International Conference on Smart Cloud (SmartCloud).IEEE Computer Society,2016:20-26.
[6] ALMAJALI S,SALAMEH H B,AYYASH M,et al.A Framework for Efficient and Secured Mobility of IoT Devices in Mobile Edge Computing[C]//The 3rd International Conference on Fog and Mobile Edge Computing (FMEC).2018.
[7] TSAI J L,LO N W.A Privacy-aware Authentication Scheme for Distributed Mobile Cloud Computing Services[J].IEEE Systems Journal,2015,9(3):805-815.
[8] JIANG Q,MA J,WEI F.On the Security of a Privacy-aware Authentication Scheme for Distributed Mobile Cloud Computing Services[J].IEEE Systems Journal,2018,12(2):2039-2042.
[9] IRSHAD A,SHER M,AHMAD H F,et al.An Improved Multi-server Authentication Scheme for Distributed Mobile Cloud Computing Ser-vices[J].KSII Transactions on Internet and Information Systems,2016,10(12):6092-6115.
[10] XIONG L,PENG D,PENG T,et al.An Enhanced Privacy Aware Authentication Scheme for Distributed Mobile Cloud Computing Services[J].KSII Transactions on Internet and Information Systems,2017,11(12):6169-6187.
[11] LI J,ZHANG W,DABRA V,et al.AEP-PPA:An Anonymous,Efficient and Provably-secure Privacy Preserving Authentication Protocol for Mobile Services in Smart Cities[J].Journal of Network and Computer Applications,2019,134:52-61.
[12] YANG J H,CHANG C C.An ID-based Remote Mutual Au-thentication with Key Agreement Scheme for Mobile Devices on Elliptic Curve Cryptosystem[J].Computer Security,2009,28(3):138-143.
[13] YOON E J,YOO K Y.Robust ID-based Remote Mutual Au-thentication with Key Agreement Scheme for Mobile Devices on ECC[C]//IEEE International Conference on IEEE Cse.IEEE Computer Society,2009,2:633-640.
[14] KAUR K,GARG S,KADDOUM G,et al.A Lightweight andPrivacy-preserving Authen-tication Protocol for Mobile Edge Computing[C]//IEEE Global Communications Conference (GLOBE-COM' 19).IEEE Computer Society,2019:1-6.
[15] ZENG Y,GUANG H,LI G.Performance Improvement of Wireless Handover Authen-tication Protocol[J].Application Research of Computers,2018,35(3):901-904.
[16] CUI J,WEI L,ZHANG J,et al.An Efficient Message Authentication Scheme Based on Edge Computing for Vehicular Ad Hoc Networks[J].IEEE Transactions on Intelligent Transportation Systems,2019,20(5):1621-1632.
[17] DAS A K,WAZID M,KUMAR N,et al.Design of Secure and Lightweight Authen-tication Protocol for Wearable Devices Envi-ronment[J].IEEE Journal of Biomedical and Health Informatics,2018,22(4):1310-1322.
[18] JIANG Q,QIAN Y,MA J,et al.User Centric Three-factor Authentication Protocol for Cloud-assisted Wearable Devices[J].Interna-tional Journal of Communication Systems,2019,32(6):e3900.
[19] KONG Z,XUE J,WANG Y,et al.Identity Authentication Under Internet of Everything Based on Edge Computing[C]//6th IEEE International Conference on Cloud Computing and Intelligence Systems (CCIS 2019).IEEE Computer Society,2020,1149:72-85.
[20] LIU X P,LIAO Z B,WEI Z G.Lightweight Key Management Scheme for Internet of Things[J].Journal of International Security Research,2018,4(9):819-824.
[21] JIA X Y,HE D,KUAMR N,et al.A Provably Secure and Efficient Identity-Based Anonymous Authentication Scheme for Mobile Edge Computing[J].IEEE Systems Journal,2019,14(1):560-571.
[22] LI Y,CHENG Q,LIU X.A Secure Anony-mous Identity-Based Scheme in New Authen-tication Architecture for Mobile Edge Computing[J/OL].IEEE Systems Journal,2020.http://doi.org/10.1109/JSYST.2020.2979006.
[23] WU D,ZHOU C.Fault-tolerant and Scalable Key Management for Smart Grid[J].IEEE Transactions Smart Grid,2011,2(2):375-381.
[24] XIA J,WANG Y.Secure Key Distribution for the Smart Grid[J].IEEE Transactions Smart Grid,2012,3(3):1437-1443.
[25] YAN L,CHANG Y,ZHANG S.A Lightweight Authentication and Key Agreement Scheme for Smart Grid[J].International Journal of Distributed Sensor Networks,2017,13(2):1-7.
[26] WU F,XU L,LI X,et al.A Lightweight and Provably Secure Key Agreement System for a Smart Grid With Elliptic Curve Cryptography[J].IEEE Systems Journal,2019,13(3):2830-2838.
[27] MAHMOOD K,LI X,CHAUDHRY S A,et al.Paring BasedAnonymous and Secure Key Agreement Protocol for Smart Grid Edge Computing Infrastructure[J].Future Generation Computer Systems,2018,88:491-500.
[28] JIA X,HE D,KUAMR N,et al.Authenticated Key Agreement Scheme for Fog-driven IoT Healthcare System[J].Wireless Networks,2019,25(8):4737-4750.
[29] LIU C,TSAI W J,CHANG T Y,et al.Ephemeral-secret-leakage Secure ID-based Three-party Authenticated Key Agreement Protocol for Mobile Distributed Computing Environments[J].Symmetry,2018,10(4):84.
[30] LEE T F,HWANG T.Three-party Authenticated Key Agreements for Optimal Communication[J].PLoS ONE,2017,12(3):e0174473.
[31] ZHOU L,VARADHARAJAN V,HITCHENS M.Crypto-graphic Role-based Access Control for Secure Cloud Data Storage Systems[C]//10th International Conference on IEEE Security and Cryptography (SECRYPT).IEEE Computer Society,2013,10(11):2381-2395.
[32] CHEN F,XIANG T,YANG Y,et al.Secure Cloud StorageMeets with Secure Network Coding[C] // IEEE INFOCOM.IEEE Computer Society,2014:673-681.
[33] HE D,ZEADALLY S,WU L.Certificateless Public Auditing Scheme for Cloud-assisted Wireless Body Area Networks[J].IEEE Systems Journal,2015,12(1):64-73.
[34] SHEN J,ZHOU T,HE D,et al.Block Design-based Key Agreement for Group Data Sharing in Cloud Computing[J].IEEE Transactions on Dependable and Secure Computing,2019,16(6):996-1010.
[35] SHAMIR A.Identity-based Cryptosystems and SignatureSchemes[C]//Advances in Cryptology-Crypto'84.Springer-Verlag,1984,196:47-53.
[36] KIM J,CAMTEPE S,SUSILO W,et al.Identity-Based Broadcast Encryption with Outsourced Partial Decryption for Hybrid Security Models in Edge Computing[C]//2019 AsiaCCS.2019:55-66.
[37] RIVEST R L,ADLEMAN L,DERTOUZOS M L.On DataBanks and Privacy Homo-morphisms[M]//Foundations of Secure Computation.New York:Academic Press,1978:169-179.
[38] KAMARA S,PAPAMANTHOU C,ROEDER T.DynamicSearchable Symmetric Encryption[C] // The 19th ACM Conference on Computer and Communications Security.2012:965-976.
[39] HE L,MA J,MO R,et al.Designated Verifier Proxy Blind Signature Scheme for Unmanned Aerial Vehicle Network Based on Mobile Edge Computing[J].Security and Communication Networks,2019,8583130:1-12.
[40] OGBANUFE O,KIM D J.Comparing Fingerprint-based Bio-metrics Authentication Versus Traditional Authentication Methods for E-payment[J].Decision Support Systems,2018,106:1-14.
[41] BLANTON M,GASTI P.Secure and Efficient Protocols for Iris and Fingerprint Identification[C]//European Symposium on Research In Computer Security.2011:190-209.
[42] HSIEH C T,HAN C C,LEE C H,et al.Person Authentication Using Nearest Feature Line Embedding Transformation and Biased Discriminant Analysis[C]//International Carnahan Conference on Security Technology.2017:1-5.
[43] MA Y,WU L,GU X,et al.A Secure Face Verification Scheme Based on Homomorphic Encryption and Deep Neural Networks[J].IEEE Access,2017,5:16532-16538.
[44] WANG X,XUE H,LIU X,et al.A Privacy-preserving EdgeComputation-Based Face Verification System for User Authentication[J].IEEE Access,2019,7:14186-14197.
[45] CHI J,OWUSU E,YIN X,et al.Privacy Partition:A Privacy-preserving Framework for Deep Neural Networks in Edge Networks[C]//IEEE/ACM Symposium on Edge Computing (SEC).2018:378-380.
[46] TRAMANANDA R,YOUNIS A,WANG B J,et al.Vigilia:Securing Smart Home Edge Computing[C]//IEEE/ACM Symposium on Edge Computing (SEC).2018:74-89.
[47] WANG F,WEN H,CHEN S,et al.Privacy Data ProtectionMethod for Mobile Intelligent Terminal Based on Edge Computing[J].Cyberspace Security,2018,9(2):47-50.
[48] XIAO L,WAN X,DAI C,et al.Security in Mobile Edge Caching with Reinforcement Learning[J].IEEE Wireless Communications,2018,25(3):116-122.
[49] YANG R,YU F R,SI P,et al.Integrated Blockchain and Edge Computing Systems:A Survey,Some Research Issues and Challenges [J].IEEE Communications Surveys & Tutorials,2019,21(2):1508-1532.
[50] SHARMA K,SINGH S,JEONG Y S,et al.Distblocknet:A Distributed Blockchains-based Secure SDN Architecture for IoT Networks[J].IEEE Communications Maga zine,2017,55(9):78-85.
[51] XU X,ZENG Z,YANG S,et al.A Novel Blockchain Framework for Industrial IoT Edge Computing[J].Sensors,2020,20(7):2061.
[52] LIU X,WU J,CHEN L,et al.Efficient Auction Mechanism for Edge Computing resource Allocation in Mobile Blockchain[C]//IEEE 21st International Conference on High Performance Computing and Communications;IEEE 17th International Conference on Smart City;IEEE 5th International Conference on Data Science and Systems (HPCC/SmartCity/DSS).2019:1-10.
[53] XIA C,CHEN H,LIU X,et al.ETRA:Efficient Three-Stage Resource Allocation for Mobile Blockchain in Edge Computing[C]//IEEE 24th International Conference on Parallel and Distributed Systems (ICP-ADS).2018:701-705.
[54] HUANG Y,ZHANG J,DUAN J,et al.Resource Allocation and Consensus on Edge Blockchain in Pervasive Edge Computing Environments[C]//IEEE 39th International Conference on Distributed Computing Systems (ICDCS).2019:1476-1486.
[55] XIONG Z,ZHANG Y,NIYATO D,et al.When Mobile Blockchain Meets Edge Computing[J].IEEE Communications Magazine,2018,56(8):33-39.
[56] Chinese Mobile 5G Innovation Center.White Papers for Blockchain and Edge Computing[R].Innovation Research Report of Chinese Mobile 5G Innovation Center,2020.
[57] Ericsson Inc.Ceo to Shareholders:50 Billion Connections 2020[EB/OL].http://www.ericsson.com/thecom-pany/press/releas- es/2010/04/1403231.
[1] 孙慧婷, 范艳芳, 马孟晓, 陈若愚, 蔡英.
VEC中基于动态定价的车辆协同计算卸载方案
Dynamic Pricing-based Vehicle Collaborative Computation Offloading Scheme in VEC
计算机科学, 2022, 49(9): 242-248. https://doi.org/10.11896/jsjkx.210700166
[2] 蹇奇芮, 陈泽茂, 武晓康.
面向无人机通信的认证和密钥协商协议
Authentication and Key Agreement Protocol for UAV Communication
计算机科学, 2022, 49(8): 306-313. https://doi.org/10.11896/jsjkx.220200098
[3] 于滨, 李学华, 潘春雨, 李娜.
基于深度强化学习的边云协同资源分配算法
Edge-Cloud Collaborative Resource Allocation Algorithm Based on Deep Reinforcement Learning
计算机科学, 2022, 49(7): 248-253. https://doi.org/10.11896/jsjkx.210400219
[4] 李梦菲, 毛莺池, 屠子健, 王瑄, 徐淑芳.
基于深度确定性策略梯度的服务器可靠性任务卸载策略
Server-reliability Task Offloading Strategy Based on Deep Deterministic Policy Gradient
计算机科学, 2022, 49(7): 271-279. https://doi.org/10.11896/jsjkx.210600040
[5] 方韬, 杨旸, 陈佳馨.
D2D辅助移动边缘计算下的卸载策略优化
Optimization of Offloading Decisions in D2D-assisted MEC Networks
计算机科学, 2022, 49(6A): 601-605. https://doi.org/10.11896/jsjkx.210200114
[6] 刘漳辉, 郑鸿强, 张建山, 陈哲毅.
多无人机使能移动边缘计算系统中的计算卸载与部署优化
Computation Offloading and Deployment Optimization in Multi-UAV-Enabled Mobile Edge Computing Systems
计算机科学, 2022, 49(6A): 619-627. https://doi.org/10.11896/jsjkx.210600165
[7] 袁昊男, 王瑞锦, 郑博文, 吴邦彦.
基于Fabric的电子病历跨链可信共享系统设计与实现
Design and Implementation of Cross-chain Trusted EMR Sharing System Based on Fabric
计算机科学, 2022, 49(6A): 490-495. https://doi.org/10.11896/jsjkx.210500063
[8] 谢万城, 李斌, 代玥玥.
空中智能反射面辅助边缘计算中基于PPO的任务卸载方案
PPO Based Task Offloading Scheme in Aerial Reconfigurable Intelligent Surface-assisted Edge Computing
计算机科学, 2022, 49(6): 3-11. https://doi.org/10.11896/jsjkx.220100249
[9] 周天清, 岳亚莉.
超密集物联网络中多任务多步计算卸载算法研究
Multi-Task and Multi-Step Computation Offloading in Ultra-dense IoT Networks
计算机科学, 2022, 49(6): 12-18. https://doi.org/10.11896/jsjkx.211200147
[10] 梁珍珍, 徐明.
基于海洋水声信道的密钥协商方案
Key Agreement Scheme Based on Ocean Acoustic Channel
计算机科学, 2022, 49(6): 356-362. https://doi.org/10.11896/jsjkx.210400097
[11] 孙轩, 王焕骁.
政务大数据安全防护能力建设:基于技术和管理视角的探讨
Capability Building for Government Big Data Safety Protection:Discussions from Technologicaland Management Perspectives
计算机科学, 2022, 49(4): 67-73. https://doi.org/10.11896/jsjkx.211000010
[12] 彭冬阳, 王睿, 胡谷雨, 祖家琛, 王田丰.
视频缓存策略中QoE和能量效率的公平联合优化
Fair Joint Optimization of QoE and Energy Efficiency in Caching Strategy for Videos
计算机科学, 2022, 49(4): 312-320. https://doi.org/10.11896/jsjkx.210800027
[13] 宋涛, 李秀华, 李辉, 文俊浩, 熊庆宇, 陈杰.
大数据时代下车联网安全加密认证技术研究综述
Overview of Research on Security Encryption Authentication Technology of IoV in Big Data Era
计算机科学, 2022, 49(4): 340-353. https://doi.org/10.11896/jsjkx.210400112
[14] 张海波, 张益峰, 刘开健.
基于NOMA-MEC的车联网任务卸载、迁移与缓存策略
Task Offloading,Migration and Caching Strategy in Internet of Vehicles Based on NOMA-MEC
计算机科学, 2022, 49(2): 304-311. https://doi.org/10.11896/jsjkx.210100157
[15] 林潮伟, 林兵, 陈星.
边缘环境下基于模糊理论的科学工作流调度研究
Study on Scientific Workflow Scheduling Based on Fuzzy Theory Under Edge Environment
计算机科学, 2022, 49(2): 312-320. https://doi.org/10.11896/jsjkx.201000102
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
No Suggested Reading articles found!