计算机科学

计算机科学 ›› 2024, Vol. 51 ›› Issue (5): 1-11.doi: 10.11896/jsjkx.231000104

• 学科前沿 • 上一篇    下一篇

智能铁路5G安全技术与策略综述

李盼盼1,2, 吴昊1,3, 刘佳佳1,2, 段莉4, 卢云龙1,3   

  1. 1 北京交通大学先进轨道交通自主运行全国重点实验室 北京 100044
    2 北京交通大学电子信息工程学院 北京 100044
    3 北京交通大学智慧高铁系统前沿科学中心 北京 100044
    4 北京交通大学计算机与信息技术学院 北京 100044
  • 收稿日期:2023-10-17 修回日期:2024-03-07 出版日期:2024-05-15 发布日期:2024-05-08
  • 通讯作者: 吴昊(hwu@bjtu.edu.cn)
  • 作者简介:(19111023@bjtu.edu.cn)
  • 基金资助:
    中国国家铁路集团有限公司科技研究开发计划(K2022G018)

Overview of Security Technologies and Strategies for Intelligent Railway 5G

LI Panpan1,2, WU Hao1,3, LIU Jiajia1,2, DUAN Li4, LU Yunlong1,3   

  1. 1 State Key Laboratory of Advanced Rail Autonomous Operation,Beijing Jiaotong University,Beijing 100044,China
    2 School of Electronics and Information Engineering,Beijing Jiaotong University,Beijing 100044,China
    3 Frontiers Science Center for Smart High-speed Railway System,Beijing Jiaotong University,Beijing 100044,China
    4 School of Computer and Information Technology,Beijing Jiaotong University,Beijing 100044,China
  • Received:2023-10-17 Revised:2024-03-07 Online:2024-05-15 Published:2024-05-08
  • About author:LI Panpan,born in 1997,Ph.D.Her main research interests include mmwave high-speed railway wireless communication and so on.
    WU Hao,born in 1973,Ph.D,professor,Ph.D supervisor.Her main research interests include broadband mobile communication system and private mobile communication.
  • Supported by:
    Science and Technology Research and Development Plan of China Railway Co., Ltd.(K2022G018).

PDF (PC)

151

摘要: 数字技术正在重塑各行各业,这是行业发展的必经之路。5G等数字服务技术在为铁路等行业赋能的同时,也带来了一些安全风险。安全是一切服务的先决条件。为促进5G数字服务在智能铁路的创新应用,首先从基站空口、通信、数据、系统、终端和公专网融合应用几个角度,系统梳理了智能铁路5G通信网络面临的安全风险与挑战。然后针对大带宽、高可靠、低时延的新业务场景及网络切片、边缘计算等新技术和大规模异构新型终端以及面向铁路的智能新应用,全面分析了智能铁路5G服务的安全新需求,总结了密码算法、空口安全、隐私、统一认证及漫游等方面的5G安全增强新特性。在此基础上,给出智能铁路5G通信网络在安全认证、物理层安全、终端安全、切片安全、边缘计算安全方面需关注的重点。针对5G专网部署方式,给出基础设施、通信安全、安全管理数据安全、内生安全防御体系方面的建议。

关键词: 智能铁路, 第5代移动通信系统(5G), 内生安全, 策略综述, 数字服务

Abstract: Digital technology is reshaping all walks of life,which is the only way for the development of the industry.While digital servitization technologies such as 5G empower industries such as railways,they also bring some security risks.Security is a prerequisite for all services.In order to promote the innovative applications of 5G in intelligent railway,this paper first systematically reviews the security risks and challenges faced by intelligent railway 5G from the perspectives of terminal,air interface,communication,data,system,and public-private network integration.In view of new service scenarios,we analyze the new technologies,new terminals and new applications for railways,and the new requirements of 5G security for smart railways.The new features of 5G security enhancement in aspects of password algorithm,air interface security,privacy,unified authentication,and roaming are also summarized.On this basis,the key points of smart railway 5G security are given,including certification,physical layer security,terminal security,slice security and edge computing security.For 5G private network deployment,recommendations are also given in terms of infrastructure,communication security,data security,and endogenous security defense system.

Key words: Intelligent railway, The 5th generation mobile communication technology, Endogenous security, Overview of strategies, Digital servitization

中图分类号: 

  • TN915
[1]AI B,MA G Y,ZHONG Z D.5G technology and applications insmart high-speed rail[J].ZTE Communications,2019,25(6):42-54.
[2]WANG T J.Railway 5G key technology analysis and development route[J].China Railway,2020(11):9-11.
[3]Security architecture and procedures for 5G system:3GPP TS 33 501[S].ETSI,2019.
[4]QIANG Q,WU G,HUANG K Z.5G security technology research and standard progress[J].Scientia Sinica Informationis,2021(51):347-366.
[5]Future Mobile Communications Forum.Summary Review of the 2020 World 5G Conference [EB/OL].https://w5gc.com/upload/file/20230616168690208865.pdf.
[6]YD/T 3628-2019 “5G Mobile Communication Network Security Technical Requirements”[S].Beijing:Ministry of Industry and Information Technology of the People's Republic of China,2019.
[7]China Academy of Information and Communications Technology &IMT-2020(5G) Promotion Group.5G Security Report [R].Beijing:2020.
[8]5G Network Security Standardization White Paper [S].Beijing:National Information Security Standardization Technical Committee,2021.
[9]BASIN D,DREIER J,HIRSCHI L,et al.A formal analysis of 5G authentication[C]//The 2018 ACM SIGSAC Conference on Computer and Communications Security.2018:1383-1396.
[10]HU X X,LIU C X,PENG Y B,et al.Security Research on 5G Authentication and Authentication Protocol[J].Radio Communications Technology,2020,46(4):405-411.
[11]ARKKO J,NORRMAN K,NÄSLUND M,et al.A USIM compatible 5G AKA protocol with perfect forward secrecy[C]//2015 IEEE Trustcom/BigDataSE/ISPA.2015:1205-1209.
[12]LI X H,LIU F W,QI M P,et al.Security analysis of 5G-DHAKA protocol based on PKI[J].Cyberspace Security,2020,10(11):1-5.
[13]DUAN X Y,WANG X B.Authentication handover and privacy protection in 5G hetnets using software-defined networking[J].IEEE Communications Magazine,2015,53(4):28-35.
[14]FANG H,WANG X B,TONASIN S.Machine learning for intelligent authentication in 5G and beyond wireless networks[J].IEEE Wireless Communications,2019,26(5):55-61.
[15]GOEL S,NEGI R.Guaranteeing secrecy using artificial noise[J].IEEE Transactions on Wireless Communications,2008,7(6):2180-2189.
[16]GOEL S,AGGARWAL V,YENER A,et al.Modeling Location Uncertainty for Eavesdroppers:A Secrecy Graph Approach[C]//2010 IEEE International Symposium on Information Theory.2010:2627-2631.
[17]LIU W,LI M,TIAN X,et al.Transmit filter and artificial noise design for secure MIMO-OFDM systems[J].arXiv:1704.08007,2017.
[18]KHISTI A,WORNELL G W.Secure transmission with multipleantennas:Part II:The MIMOME wiretap channel[J].IEEE Transactions on Information Theory,2010,56(11):5515-5532.
[19]ZHU F C,GAO F F,YAO M L,et al.Joint information and jamming beamforming for physical layer security with full duplex base station[J].IEEE Transactionson Signal Processing,2014,62(24):6391-6401.
[20]DONG Y,EL SHAFIE A,HOSSAIN M J,et al.Secure beamforming in full-duplex SWIPT systems with loopback self-interference cancellation[C]//2018 IEEE International Conference on Communications(ICC).2018:1-6.
[21]HERSHEY J E,HASSAN A A,YARLAGADDA R.Unconven-tional cryptographic keying variable management[J].IEEE Transactions on Communications,1995,43(1):3-6.
[22]HASSAN A A,STARK W E,HERSHEY J E,et al.Cryptographic key agreement for mobile radio[J].Digital Signal Processing,1996,6(4):207-212.
[23]ZHANG J,HE B,DUONG T Q,et al.On the key generation from correlated wireless channels[J].IEEE Communications Letters,2017,21(4):961-964.
[24]ZHAN F,YAO N,GAO Z,et al.Efficient key generation leveraging wireless channel reciprocity for MANETs[J].Journal of Network and Computer Applications,2018,103:18-28.
[25]HUO F,GONG G.XOR encryption versus phase encryption,an in-depth analysis[J].IEEE Transactions on Electromagnetic Compatibility,2015,57(4):903-911.
[26]REILLY D,KANTER G S.Noise-enhanced encryption forphysical layer security in an OFDM radio[C]//2009 IEEE Radio and Wireless Symposium.IEEE,2009:344-347.
[27]MA R,DAI L,WANG Z,et al.Secure communication in TDS-OFDM system using constellation rotation andnoise insertion[J].IEEE Transactions on Consumer Electronics,2010,56(3):1328-1332.
[28]OU Y,XIE J,LING J.An improved network terminal security evaluation index system[C]//2014 International Conference on Management of e-Commerce and e-Government.IEEE,2014:65-69.
[29]WEI F,ZHANG M.A risk assessment scheme of intellignet terminal based on attack tree[C]//2016 4th International Confe-rence on Cloud Computing and Intelligence Systems(CCIS).IEEE,2016:67-71.
[30]QIN N L,LI B,YAO X P.Research on security protection technology of smart mobile terminals based on national secret algorithm[C]//The 12th Academic Conference of the Electric Po-wer Communications Professional Committee of the Chinese So-ciety of Electrical Engineering.Chinese Society for Electrical Engineering,2019:386-390.
[31]LI X,ZHI Y,LIU Y,et al.New terminal security protectiontechnology based on level protection[J].Electronics World,2020(18):24-25.
[32]SCOTT-HAYWARD S,O'CALLAGHAN G,SEZER S.SDN security:A survey[C]//2013 IEEE SDN For Future Networks and Services(SDN4FNS).IEEE,2013:1-7.
[33]LAL S,TALEB T,DUTTA A.NFV:Security threats and best practices[J].IEEE Communications Magazine,2017,55(8):211-217.
[34]MAO Y L,CHEN L,YOU S L,et al.5G network slicing security isolation mechanism and application[J].Mobile Communications,2019,43(10):31-37.
[35]NIU B,YOU W,TANG H,et al.5G network slice security trust degree calculation model[C]//2017 3rd IEEE International Conference on Computer and Communications(ICCC).IEEE,2017:1150-1157.
[36]THANTHARATE A,PAROPKARI R,WALUNJ V,et al.Secure5G:a deep learning framework towards a secure network slicing in 5G and beyond[C]//2020 10th Annual Computing and Communication Workshop and Conference(CCWC).IEEE,2020:0852-0857.
[37]LI P,XU C,XU H,et al.Research on data privacy protection algorithm with homomorphism mechanism based on redundant slice technology in wireless sensor networks[J].China Communications,2019,16(5):158-170.
[38]YIN C,XI J,SUN R,et al.Location privacy protection based on differential privacy strategy for big data in industrial internet of things[J].IEEE Transactions on Industrial Informatics,2017,14(8):3628-3636.
[39]ZHENG J,AN X,ZOU C,et al.A cloaking-based approach to protect location privacy in location-based services[C]//Procee-dings of the 33rd Chinese Control Conference.IEEE,2014:5459-5464.
[40]SUGUNA M,ANUSIA R,SHALINIE S M,et al.Secure identity management in mobile cloud computing[C]//2017 International Conference on Nextgen Electronic Technologies:Silicon to Software ICNETS2.IEEE,2017:42-45.
[41]LI H,WANG L.Online orchestration of cooperative defenseagainst ddos attacks for 5G MEC[C]//2018 IEEE Wireless Communications and Networking Conference(WCNC).IEEE,2018:1-6.
[42]HUI H W,ZHOU C C,XING S,et al.A new resource allocationmechanism for security of mobile edge computing system[J].IEEE Access,2019,7:116886-116899.
[43]WANG Q,HU H,HU R Q.Secure and Energy-Efficient Off-loading and Resource Allocation in aNOMA-Based MEC Network[C]//2020 IEEE/ACM Symposium on Edge Computing(SEC).IEEE,2020:420-424.
[44]SUN Q,TIAN L,FENF C,et al.Research status of private network security based on 5G[J].Journal of Command and Control,2021(4):299-309.
[45]China Mobile Communications Group Co.,Ltd.China Mobile5G Industry Private Network Technical White Paper [R].Beijing,2020.
[46]China United Network Communications Group Co.,Ltd.China Unicom 5G Industry Private Network White Paper [R].Beijing,2020.
[47]JI X S,HUANG K Z,JIN L,et al.5G security technology research review[J].Mobile Communications,2019,43(1):34-39.
[48]ZHANG W J.Research on technical solutions of railway communication network security management center[J].China Safety Science Journal,2019,29(S2):88-92.
[49]TANG K.New security features and countermeasures for vertical industries based on 5G[J].ZTE Communications,2019,25(4):54-59.
[50]LI H Y,ZHAO J,LIU B Q,et al.Research on the technical route of high-speed railway infrastructure inspection and monitoring system[J].China Railway,2021(1):98-104.
[51]SONG X D,XU Y,NING Y,et al.Design and application of big data analysis platform for railway safety management[J].China Railway,2019(8):50-56.
[52]WU W,MA X N,LIU Y J,et al,Research on security strategies of railway data service platform[J].China Railway,2019(8):63-68.
[53]WU J X.Principles of cyberspace mimicry defense:generalizedrobust control and endogenous security[M].Beijing:Science Press,2018.
[54]YUN T Y,LUO J,PENG B,et al.Dynamic defense methods for endogenously secure industrial control networks[C]//2018 Chinese Automation Congress(CAC).IEEE,2018:635-639.
[55]HU A Q,FANG L T,LI T.Research on endogenous securitydefense system based on bionic mechanism[J].Chinese Journal of Network and Information Security,2021,7(1):11-19.
[56]ZHOU Z,KUANG X H,SUN L M,et al.Endogenous security defense against deductive attack:when artificial intelligence meets active defense for online service[J].IEEE Communications Magazine,2020,58(6):58-64.
[57]JIANG W Y,LIU B Y,WANG C.Endogenous security network architecture[J].Telecommunication Science,2019,35(9):20-28.
[58]GUO S Y,QI W Y,DAI M L,et al.Endogenous trusted net-work architecture for intelligent sharing[J].Journal on Communications,2020,41(11):86.
[59]SUN Y,YANG S,GONG G J,et al.Research on endogenous security of distribution Internet of Things based on trusted computing and blockchain[J].Huadian Technology,2020,42(8):61-67.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
渝ICP备16013121号-4
地址:重庆市渝北区洪湖西路18号    邮编:401121  
电话:023-63500828(编辑部) 023-67039612(会议/专题) 023-67039623(财务/发票)
E-mail:jsjkx12@163.com
本系统由北京玛格泰克科技发展有限公司设计开发