| In recent years,with the rapid development of big data,cloud computing,internet communication and other technologies,the Internet of Things(Io T)has been widely used in various fields,such as smart transportation,smart home,smart medical.Io T has brought great convenience to people's lives.However,it also brings us many security and privacy leakage problems.People's privacy information may be leaked when he requests data,transmits data,stores data and shares data in Io T applications,which reduces users' acceptance and credibility for Io T applications.Hence,it is a great challenge to protect people's privacy data from being disclosed.Besides,Io T which has been applied in various fields and different application scenarios that have different characteristics.For example,smart transportation requires high real-time communication,smart medical system requires traceability storage.Therefore,different types of Io T applications often have different Io T security and privacy issues.This dissertation discusses the security and privacy leakage issues in the process of data request,transmission,storage and sharing in Io T applications firstly.Then,this thesis also analyzes four types of security problems of Io T,and proposes data recoverable storage and secure sharing,data reliable collection and energy-saving secure transmission,anonymous data acquisition and high real-time data sharing,data traceability storage and contract sharing etc.Finally,Io T security and privacy protection theories are established.The main contributations are listed as follows:(1)Aiming at the problems of fragile equipment,difficult power supply,and unreliable data collection in the Io T,a reliable data collection and low-power safe transmission method is proposed.To reduce sensor energy consumption and prolong the lifetime of node,this thesis presents two data compression methods(including lossy compression and lossless compression)to reduce data transmission and energy consumption.Moreover,due to the vulnerability of nodes,this thesis also proposes a corresponding Io T framework and data collection pattern which has considered both high real-time and low real-time application scenarios.The framework can not only realize the trusted data collecting,but also can resistant single point of failure,and detect and dispose of failure node by employing consensus algorithm and blacklisting mechanism.In addition,elliptic curve encryption and digital signature are employed to ensure integrity,confidentiality,and reliability during data transmission.Finally,security analysis proves that this scheme can resist a variety of typical attacks,and the feasibility and effectiveness of the scheme are also verified by relevant experimental results.(2)In response to issues such as data loss,privacy data leakage,and malicious users attempting to exceed their authority in the Io T,this dissertation proposes a privacypreserving,recoverable and revocable edge data storage and sharing scheme.In this scheme,the data owner encrypts the shared data to achieve fine-grained access control by employing Ciphertext Policy-Attribute-Based Encryption(CP-ABE).Rabin encryption algorithm is also employed to encrypt the ciphertext before uploading,which can support the semi-trusted third party.Meanwhile,Secret Sharing Scheme(SSS)is introduced to realize recovery of the storing data.Then,the simplified access control tree and attribute revocation list are constructed to achieve quickly attribute revocation.It can prevent malicious users from occupying communication bandwidth by continuously downloading the data.Especially,for the situation that a single edge server is hijacked,this thesis also proposes a corresponding efficient detection mechanism based on binary search algorithm and designs key updating policy to promise the subsequent security of the whole system.Finally,the feasibility and effectiveness of this scheme are verified by correlation analysis and experiments.(3)Aiming at problems such as easy leakage of identity privacy and high communication delay in the Io T,an anonymous data acquisition and high real-time sharing scheme is proposed.Firstly,an efficient anonymous authentication mechanism is designed to assist users to request services without revealing personal privacy information.Secondly,considering that users may deliberately post false news for their own interests,voting mechanism,evaluation mechanisms based on multi-factor weight and evaluation mechanism based on single factor weight are proposed to evaluate the reliability of the information.Moreover,a corresponding reward and punishment mechanism is also proposed to encourage users to share truthful information.Considering high real-time communication requirements of VSNs,for requesting services from edge stations,the lightweight encryption algorithm is employed to ensure confidentiality of data.And in real-time communication between users,xor operation is employed to ensure confidentiality of broadcasting message just for reducing the communication time delay.Finally,the relevant security analysis proves that this scheme can resist various attacks,and the relevant experiments show the feasibility and effectiveness.It is low computation consumption for client-side especially.(4)In view of the problems that large amount of data storage in the Io T is easy to be tampered with and multi-party data sharing is easy to lead to privacy leakage,a data traceability storage and contract sharing system is proposed.Firstly,an anonymous authentication algorithm is designed,that supports batch authentication to ensure that users' private information is not leaked during authentication.Secondly,an unlinkable and traceable pseudonym mechanism is designed to realize the anonymous and secure storage of data,so that the server cannot obtain the user's personal privacy information based on the stored data.Furthermore,the blockchain technology is used to store the hash value of the data,the original data is stored on the local server,and the hash value of the data is stored on the blockchain,so as to prevent the data from being tampered with.In addition,for batch data sharing between different institutions,smart contracts are used to realize trusted data transactions,and reward mechanisms are designed to encourage users to share their data with other institutions.Finally,relevant security analysis proves that the solution not only supports tamper-proof modification,traceability and unlinkable storage of data,but also supports non-repudiation and privacy protection of multi-party data sharing.And the feasibility and effectiveness of the safety mechanism are verified through related experiments. |
PDF Full Text Request