计算机科学 ›› 2024, Vol. 51 ›› Issue (5): 1-11.doi: 10.11896/jsjkx.231000104
李盼盼1,2, 吴昊1,3, 刘佳佳1,2, 段莉4, 卢云龙1,3
LI Panpan1,2, WU Hao1,3, LIU Jiajia1,2, DUAN Li4, LU Yunlong1,3
摘要: 数字技术正在重塑各行各业,这是行业发展的必经之路。5G等数字服务技术在为铁路等行业赋能的同时,也带来了一些安全风险。安全是一切服务的先决条件。为促进5G数字服务在智能铁路的创新应用,首先从基站空口、通信、数据、系统、终端和公专网融合应用几个角度,系统梳理了智能铁路5G通信网络面临的安全风险与挑战。然后针对大带宽、高可靠、低时延的新业务场景及网络切片、边缘计算等新技术和大规模异构新型终端以及面向铁路的智能新应用,全面分析了智能铁路5G服务的安全新需求,总结了密码算法、空口安全、隐私、统一认证及漫游等方面的5G安全增强新特性。在此基础上,给出智能铁路5G通信网络在安全认证、物理层安全、终端安全、切片安全、边缘计算安全方面需关注的重点。针对5G专网部署方式,给出基础设施、通信安全、安全管理数据安全、内生安全防御体系方面的建议。
中图分类号:
[1]AI B,MA G Y,ZHONG Z D.5G technology and applications insmart high-speed rail[J].ZTE Communications,2019,25(6):42-54. [2]WANG T J.Railway 5G key technology analysis and development route[J].China Railway,2020(11):9-11. [3]Security architecture and procedures for 5G system:3GPP TS 33 501[S].ETSI,2019. [4]QIANG Q,WU G,HUANG K Z.5G security technology research and standard progress[J].Scientia Sinica Informationis,2021(51):347-366. [5]Future Mobile Communications Forum.Summary Review of the 2020 World 5G Conference [EB/OL].https://w5gc.com/upload/file/20230616168690208865.pdf. [6]YD/T 3628-2019 “5G Mobile Communication Network Security Technical Requirements”[S].Beijing:Ministry of Industry and Information Technology of the People's Republic of China,2019. [7]China Academy of Information and Communications Technology &IMT-2020(5G) Promotion Group.5G Security Report [R].Beijing:2020. [8]5G Network Security Standardization White Paper [S].Beijing:National Information Security Standardization Technical Committee,2021. [9]BASIN D,DREIER J,HIRSCHI L,et al.A formal analysis of 5G authentication[C]//The 2018 ACM SIGSAC Conference on Computer and Communications Security.2018:1383-1396. [10]HU X X,LIU C X,PENG Y B,et al.Security Research on 5G Authentication and Authentication Protocol[J].Radio Communications Technology,2020,46(4):405-411. [11]ARKKO J,NORRMAN K,NÄSLUND M,et al.A USIM compatible 5G AKA protocol with perfect forward secrecy[C]//2015 IEEE Trustcom/BigDataSE/ISPA.2015:1205-1209. [12]LI X H,LIU F W,QI M P,et al.Security analysis of 5G-DHAKA protocol based on PKI[J].Cyberspace Security,2020,10(11):1-5. [13]DUAN X Y,WANG X B.Authentication handover and privacy protection in 5G hetnets using software-defined networking[J].IEEE Communications Magazine,2015,53(4):28-35. [14]FANG H,WANG X B,TONASIN S.Machine learning for intelligent authentication in 5G and beyond wireless networks[J].IEEE Wireless Communications,2019,26(5):55-61. [15]GOEL S,NEGI R.Guaranteeing secrecy using artificial noise[J].IEEE Transactions on Wireless Communications,2008,7(6):2180-2189. [16]GOEL S,AGGARWAL V,YENER A,et al.Modeling Location Uncertainty for Eavesdroppers:A Secrecy Graph Approach[C]//2010 IEEE International Symposium on Information Theory.2010:2627-2631. [17]LIU W,LI M,TIAN X,et al.Transmit filter and artificial noise design for secure MIMO-OFDM systems[J].arXiv:1704.08007,2017. [18]KHISTI A,WORNELL G W.Secure transmission with multipleantennas:Part II:The MIMOME wiretap channel[J].IEEE Transactions on Information Theory,2010,56(11):5515-5532. [19]ZHU F C,GAO F F,YAO M L,et al.Joint information and jamming beamforming for physical layer security with full duplex base station[J].IEEE Transactionson Signal Processing,2014,62(24):6391-6401. [20]DONG Y,EL SHAFIE A,HOSSAIN M J,et al.Secure beamforming in full-duplex SWIPT systems with loopback self-interference cancellation[C]//2018 IEEE International Conference on Communications(ICC).2018:1-6. [21]HERSHEY J E,HASSAN A A,YARLAGADDA R.Unconven-tional cryptographic keying variable management[J].IEEE Transactions on Communications,1995,43(1):3-6. [22]HASSAN A A,STARK W E,HERSHEY J E,et al.Cryptographic key agreement for mobile radio[J].Digital Signal Processing,1996,6(4):207-212. [23]ZHANG J,HE B,DUONG T Q,et al.On the key generation from correlated wireless channels[J].IEEE Communications Letters,2017,21(4):961-964. [24]ZHAN F,YAO N,GAO Z,et al.Efficient key generation leveraging wireless channel reciprocity for MANETs[J].Journal of Network and Computer Applications,2018,103:18-28. [25]HUO F,GONG G.XOR encryption versus phase encryption,an in-depth analysis[J].IEEE Transactions on Electromagnetic Compatibility,2015,57(4):903-911. [26]REILLY D,KANTER G S.Noise-enhanced encryption forphysical layer security in an OFDM radio[C]//2009 IEEE Radio and Wireless Symposium.IEEE,2009:344-347. [27]MA R,DAI L,WANG Z,et al.Secure communication in TDS-OFDM system using constellation rotation andnoise insertion[J].IEEE Transactions on Consumer Electronics,2010,56(3):1328-1332. [28]OU Y,XIE J,LING J.An improved network terminal security evaluation index system[C]//2014 International Conference on Management of e-Commerce and e-Government.IEEE,2014:65-69. [29]WEI F,ZHANG M.A risk assessment scheme of intellignet terminal based on attack tree[C]//2016 4th International Confe-rence on Cloud Computing and Intelligence Systems(CCIS).IEEE,2016:67-71. [30]QIN N L,LI B,YAO X P.Research on security protection technology of smart mobile terminals based on national secret algorithm[C]//The 12th Academic Conference of the Electric Po-wer Communications Professional Committee of the Chinese So-ciety of Electrical Engineering.Chinese Society for Electrical Engineering,2019:386-390. [31]LI X,ZHI Y,LIU Y,et al.New terminal security protectiontechnology based on level protection[J].Electronics World,2020(18):24-25. [32]SCOTT-HAYWARD S,O'CALLAGHAN G,SEZER S.SDN security:A survey[C]//2013 IEEE SDN For Future Networks and Services(SDN4FNS).IEEE,2013:1-7. [33]LAL S,TALEB T,DUTTA A.NFV:Security threats and best practices[J].IEEE Communications Magazine,2017,55(8):211-217. [34]MAO Y L,CHEN L,YOU S L,et al.5G network slicing security isolation mechanism and application[J].Mobile Communications,2019,43(10):31-37. [35]NIU B,YOU W,TANG H,et al.5G network slice security trust degree calculation model[C]//2017 3rd IEEE International Conference on Computer and Communications(ICCC).IEEE,2017:1150-1157. [36]THANTHARATE A,PAROPKARI R,WALUNJ V,et al.Secure5G:a deep learning framework towards a secure network slicing in 5G and beyond[C]//2020 10th Annual Computing and Communication Workshop and Conference(CCWC).IEEE,2020:0852-0857. [37]LI P,XU C,XU H,et al.Research on data privacy protection algorithm with homomorphism mechanism based on redundant slice technology in wireless sensor networks[J].China Communications,2019,16(5):158-170. [38]YIN C,XI J,SUN R,et al.Location privacy protection based on differential privacy strategy for big data in industrial internet of things[J].IEEE Transactions on Industrial Informatics,2017,14(8):3628-3636. [39]ZHENG J,AN X,ZOU C,et al.A cloaking-based approach to protect location privacy in location-based services[C]//Procee-dings of the 33rd Chinese Control Conference.IEEE,2014:5459-5464. [40]SUGUNA M,ANUSIA R,SHALINIE S M,et al.Secure identity management in mobile cloud computing[C]//2017 International Conference on Nextgen Electronic Technologies:Silicon to Software ICNETS2.IEEE,2017:42-45. [41]LI H,WANG L.Online orchestration of cooperative defenseagainst ddos attacks for 5G MEC[C]//2018 IEEE Wireless Communications and Networking Conference(WCNC).IEEE,2018:1-6. [42]HUI H W,ZHOU C C,XING S,et al.A new resource allocationmechanism for security of mobile edge computing system[J].IEEE Access,2019,7:116886-116899. [43]WANG Q,HU H,HU R Q.Secure and Energy-Efficient Off-loading and Resource Allocation in aNOMA-Based MEC Network[C]//2020 IEEE/ACM Symposium on Edge Computing(SEC).IEEE,2020:420-424. [44]SUN Q,TIAN L,FENF C,et al.Research status of private network security based on 5G[J].Journal of Command and Control,2021(4):299-309. [45]China Mobile Communications Group Co.,Ltd.China Mobile5G Industry Private Network Technical White Paper [R].Beijing,2020. [46]China United Network Communications Group Co.,Ltd.China Unicom 5G Industry Private Network White Paper [R].Beijing,2020. [47]JI X S,HUANG K Z,JIN L,et al.5G security technology research review[J].Mobile Communications,2019,43(1):34-39. [48]ZHANG W J.Research on technical solutions of railway communication network security management center[J].China Safety Science Journal,2019,29(S2):88-92. [49]TANG K.New security features and countermeasures for vertical industries based on 5G[J].ZTE Communications,2019,25(4):54-59. [50]LI H Y,ZHAO J,LIU B Q,et al.Research on the technical route of high-speed railway infrastructure inspection and monitoring system[J].China Railway,2021(1):98-104. [51]SONG X D,XU Y,NING Y,et al.Design and application of big data analysis platform for railway safety management[J].China Railway,2019(8):50-56. [52]WU W,MA X N,LIU Y J,et al,Research on security strategies of railway data service platform[J].China Railway,2019(8):63-68. [53]WU J X.Principles of cyberspace mimicry defense:generalizedrobust control and endogenous security[M].Beijing:Science Press,2018. [54]YUN T Y,LUO J,PENG B,et al.Dynamic defense methods for endogenously secure industrial control networks[C]//2018 Chinese Automation Congress(CAC).IEEE,2018:635-639. [55]HU A Q,FANG L T,LI T.Research on endogenous securitydefense system based on bionic mechanism[J].Chinese Journal of Network and Information Security,2021,7(1):11-19. [56]ZHOU Z,KUANG X H,SUN L M,et al.Endogenous security defense against deductive attack:when artificial intelligence meets active defense for online service[J].IEEE Communications Magazine,2020,58(6):58-64. [57]JIANG W Y,LIU B Y,WANG C.Endogenous security network architecture[J].Telecommunication Science,2019,35(9):20-28. [58]GUO S Y,QI W Y,DAI M L,et al.Endogenous trusted net-work architecture for intelligent sharing[J].Journal on Communications,2020,41(11):86. [59]SUN Y,YANG S,GONG G J,et al.Research on endogenous security of distribution Internet of Things based on trusted computing and blockchain[J].Huadian Technology,2020,42(8):61-67. |
|