物联网网络层信息安全体系结构与关键技术研究

项目名称： 物联网网络层信息安全体系结构与关键技术研究

项目编号： No.61262075

项目类型： 地区科学基金项目

立项/批准年度： 2013

项目学科： 自动化技术、计算机技术

项目作者： 程小辉

作者单位： 桂林理工大学

项目金额： 43万元

中文摘要： 由各种私有网络、互联网、有线和无线通信网等构成的物联网网络层，作为物联网的神经中枢，其信息安全关系到物联网的未来。本项目拟利用层次和分类混合模型研究并建立物联网网络层信息安全体系结构。利用分组加密优势，采用随机数对加密密钥修正，研究设计轻量级AES等级遮盖加密算法。以网关模式，融入身份的认证算法，利用椭圆曲线上双线性对的性质，构建适应物联网网络层的跨网跨域认证机制。通过分布式的访问控制模式，采用由用户单跳节点构成临时网关，围绕移动用户，研究控制访问策略。运用神经网络算法进行攻击检测，通过自学习，预防同样攻击，设计智能化攻击检测和防御机制。与此同时，遵循国际和国内标准化相关规则，研究物联网网络层信息安全方法，对其进行标准化。利用评估模型和仿真实验相结合的方法，不断更正相关机制和算法，突破物联网网络层信息安全模型设计的关键技术，为物联网的发展提供理论基础和支撑平台。

中文关键词： 物联网；网络层；安全体系结构；认证访问策略；攻击检测

英文摘要： Network layer of Internet of Things , composed by a variety of private networks,Internet, wired and wireless communications networks and so on, it is the nerve center Internet of Things that information security is essential to the development. This project uses the level and classification mixture model research to establish network layer information security structure. We design lightweight AES level cover encryption algorithm which is based on using block encrypt advantage and correcting encryption key for the using of random number. Construct the network layer cross-realm authentication mechanism which is adapt for the Internet of things networking by using gateway mode, identity authentication algorithm and the nature of elliptic curve on the bilinear pairings. Through the distributed access control model, we research control access to strategy by using the user one hop node which is constituted a temporary gateway, and then around the mobile user. We design the intelligent against detection and prevention mechanism by using the neural network algorithm to attack detection and learn the self-study, prevent the same attack. Meanwhile, we combine international and national standardization of rules, and study the standardized methods, with which to standardize the information security of the network layer of I

英文关键词： Internet of Things；Network layer；Security structure；Authentication and access policies；Attack Detection