面向CCMANET网络可证明安全命名与名字路由机制关键技术研究

项目名称： 面向CCMANET网络可证明安全命名与名字路由机制关键技术研究

项目编号： No.61461027

项目类型： 地区科学基金项目

立项/批准年度： 2015

项目学科： 无线电电子学、电信技术

项目作者： 郭显

作者单位： 兰州理工大学

项目金额： 46万元

中文摘要： 以内容为中心网络模型是最具竞争力的未来互联体系结构模型，本项目探讨内容中心移动自组织网络CCMANET的可证明安全命名和名字路由机制设计、评价的相关理论、技术和方法：首先，结合理论分析和实验验证手段，建立针对命名及名字路由机制的安全威胁样本；其次，借鉴Dolev-Yao威胁模型和安全多方计算理论思想，从安全威胁样本抽象出安全威胁模型，进而探讨命名和名字路由机制可证明安全评价方法；第三，总结并提炼扁平化和层次化命名机制最适合CCMANET的特点，研究安全评价框架下混合结构可证明安全命名机制设计方法；第四，在可证明安全评价框架下，以提出的命名机制为基础，融合Bloom过滤器和名字路由方法，研究可证明安全名字路由方案及效率评价模型设计方法。最后，设计仿真实验平台，验证命名和名字路由方案的正确性和可信性，为CCMANET部署提供理论支持和技术支撑，为进一步探讨未来互联网体系结构提供基础理论和方案。

中文关键词： 网络安全；安全路由；安全协议；未来互联网体系结构；可证明安全

英文摘要： The content-centric communication model is one of the most competitive models for future Internet architecture. This project proposes to explore and investigate the theory, technologies and methods for provable security naming and name-based routing scheme of content-centric mobile ad hoc networks (CCMANETs). First, a group of attack samples will be created for naming and name-based routing schemes, based on a theoretical analysis and an experimental verification. Second, with the created attack samples, a security attack model will be built by taking into account the Dolev-Yao attack model and secure multi-party computation theory. Based on which, a provable security evaluation framework will be constructed for naming and name-based routing scheme. Third, after extracting the common properties from platt and hierachical naming which are most suitable for CCMANETs, a design method will be discussed for provable security hybrid naming scheme in the security evaluation framework above. Fourth, with the proposed naming scheme, a provable security name-based routing and the related efficiency analysis method will be proposed by integrating the Bloom filter and naming routing method into, in the constructed security evaluation framework. Finally, an experimental validation platform will be developed for verifying the correctness and creditability of the proposed naming and name based routing schemes. The validation platform is expected to provide theoretical and technical supports for deploying real CCMANET systems, and theoretical and methodical foundations for further exploring future Internet architecture.

英文关键词： Network Security;Secure Routing;Secure protocls;Future Internet Architecture;Provable Security