Research on Time Bounded Attribute-Based Authentication and Group Key Distribution Protocols for Iots

瀏覽統計 Email 通知 RSS Feed

簡歷

基本資料

Project title

Code/計畫編號

MOST107-2221-E019-017

Translated Name/計畫中文名

具時效性和屬性選擇的物聯網認證機制及群體會議金鑰分配系統之研究

Project Coordinator/計畫主持人

Han-Yu Lin

Funding Organization/主管機關

National Science and Technology Council

Department/Unit

Department of Computer Science and Engineering

Website

https://www.grb.gov.tw/search/planDetail?id=12676034

Year

2018

Start date/計畫起

01-08-2018

Expected Completion/計畫迄

31-07-2019

Bugetid/研究經費

617千元

ResearchField/研究領域

資訊科學--軟體

隨著無線通訊技術的發展與穿戴式裝置的普及，物聯網的概念將原本以人和電腦為主體的網際網路更進一步的延伸到各種的感測裝置上。結合物聯網應用的智慧科技發展將會是未來的潮流，同時也會是資訊流通交換的一種新型態。然而，物聯網應用的安全性仍存在多項的疑慮，包含前端用戶的識別、共享金鑰的建立、匿名存取、私鑰洩漏等。尤其資料傳輸過程中未經過加密保護及綁定單一身份認證存取，將會造成使用者隱私及敏感性資料洩漏。顯而易見地，一旦用戶端遭到假冒或裝置的私鑰遭到破解，攻擊者便能取得所有相關服務的存取權限，進而危害到整個系統的安全性。因此，本研究計畫擬結合可選擇屬性之認證策略與具時效性之公鑰系統中可更新密鑰的優點來解決上述的安全問題。具體而言，本計劃即致力於具時效性和屬性選擇的物聯網認證機制與群體會議金鑰分配系統之研究。三個主要的計畫目的分別為(1).提出具時效性和屬性選擇的物聯網認證機制；(2).提出具時效性之物聯網群體會議金鑰分配系統；(3).整合所提之具時效性和屬性選擇的物聯網認證機制與群體會議金鑰分配系統，期望能強化目前物聯網應用中的使用者隱私與群體通訊安全，並解決實務系統上常碰到的密鑰洩漏問題。 With the development of wireless techniques and the prevalence of wearable devices, the concept of IOT further extends the Internet in which people and computers are major subjects to all kinds of sensor devices. The development of smart technology combined with IOT applications is not only the trend of future, but also a new form for exchanging information. However, the security of IOT applications still has lots of potential concerns including the identification of front-end users, the generation of shared session keys, anonymous access and key-compromise, etc. Especially, data transmission without encrypted protection and authenticated access via a single identity will compromise user privacy and sensitive information. Obviously, once a user is being impersonated or a device private key is being compromised, the attacker can obtain all the corresponding services and further endanger the security of whole system. Therefore, this research project will integrate attribute-based authentication policy and the advantage of updatable private keys of time bounded public key systems to solve the above security problems. Concretely speaking, this project is devoted to research on time bounded attribute-based authentication and group key distribution protocols for IOTs. Three project purposes are to (1). Propose a time bounded attribute-based authentication mechanism for IOTs; (2). Propose a time bounded group key distribution system for IOTs; (3). Integrate the techniques of proposed time bounded attribute-based authentication mechanism and group key distribution system. We hope to strengthen the current security for user privacy and group communication in IOT applications. Meanwhile, the problem of key-compromise in practical systems can also be solved.

Keyword(s)

物聯網
具時效性之公鑰系統
屬性認證
群體會議金鑰分配
群體通訊
Internet of things
time bounded public key system
attribute-based authentication
group key distribution
group communication

DSpace CRIS

Research on Time Bounded Attribute-Based Authentication and Group Key Distribution Protocols for Iots

基本資料

Description