Research On Security Key Technologies Of User-centric Ultra-dense Networks

In order to cope with the challenges of the tremendous growth of network traffic and user access rate,5G and beyond 5G will build a new user-centric wireless access system compared with the traditional cellular network.Professor Chen-Shanzhi team of China Academy of Telecommunications Technology(CATT)proposed a User-centric Ultra-Dense Networks(UUDN).UUDN dynamically organizes multiple access points around user to form an Access Points Group(APG),which "follows"and serves the user senselessly.Under the new architecture,UUDN faces many new security challenges,such as data transmission security between access points,APG security organization and isolation,user access security and authentication efficiency,and so on.Solving these problems is of great significance for ensuring UUDN security and enriching 5G security system.This paper systematically analyses the key security problems and designs a security architecture adapted to UUDN architecture by integrating APG features.Aiming at the problem of data security transmission between network entities,a lightweight data security transmission algorithm based on the implicit certificate is proposed.Aiming at the problem of secure generation of reliable APG,a trusted APG chain generation algorithm based on block chaining technology is proposed.Aiming at the problem of user access security and authentication efficiency,a new method for user access security and fast authentication based on trust transfer technology is presented.Furthermore,the performance and practicability of the algorithms are verified by simulation.The main research contents are summarized as follows.1)Faced with the security threat of illegal AP to data transmission when APG members cooperate and considering the large number of APs and low power application requirements,we propose a secure data transmission algorithm based on the implicit certificate.The algorithm uses the temporary session key generated by the reconfigurable public-private key pair based on the lightweight implicit certificates to realize the encryption protection of the transmitted data.The simulation results show that the algorithm has fast speed,less key space consumption and stability.This algorithm has a good value for data transmission protection among the many network entities in the case of limited resources.2)Faced with the security issues that some untrusted APs affect the organization of APG from a large number of the peer-to-peer and independent APs,we propose a trusted APG chain generation algorithm APG-PBFT based on block chaining technology.The algorithm incorporates the voting label betting mechanism and improves the efficiency of consensus computing based on PBFT(Practical Byzantine Fault Tolerance)algorithm.It can reliably generate the APG chains if the number of untrusted APs is less than 1/3 of the total number of APs.The simulation results show that the performance of consensus computing and the efficiency of generating chains are improved,and the evaluation score for the algorithm is increased which compared with PBFT algorithm.3)Faced with the problem of user access security and authentication efficiency under dense APs,we propose a new user access security and fast authentication method based on trust trans fer technology.In order to solve the security threat that counterfeit or illegal APs may hijack users,the identity authenticity of both sides in communications is guaranteed by dual mutual authentication method in network layer and access layer.In order to solve the problem of frequent authentication caused by user's moving among multiple APs,we use signature technology and trust transfer algorithm to deliver the authentication results quickly in the APG and achieve efficient verifiable authentication.The simulation results show that,while guaranteeing user access security,the authentication efficiency has been significantly improved,and the notwork access efficiency and user experience have been improved.