| Space-ground integration network structures with double plane of heaven and earth,which is based on ground network and expanding with space-based network.And it consists of space-based network,air-based network and ground-based network which has important value in military and civil applications.So it is necessary to research access authentication technology for the security of space-ground integration network.But the access authentication technology of traditional network is difficult to meet the need of space-ground integration network with characteristics of heterogeneous dynamics,intermittent connectivity,high exposure,large scale and limited resources.In consideration of unified access authentication technology for space-ground integration network,this paper deeply researches the access authentication architecture and decision method,single user and multi user concurrent unified access authentication and anonymous authentication,the main works are as follows:1.A unified access authentication architecture and decision method for software defined space-ground integration network is proposed.According to the complex structure of the spaceground integration network with the characteristics of heterogeneous dynamics,diversified nodes,inconsistency of resource capacity and the difficulty of resource management,a unified access authentication architecture based on software definition is proposed.The architecture achieves flexibility and definiability of authentication methods through the separation of control layer and equipment layer,and it realizes the results of unified management of access authentication and resource optimization control.Based on the proposed architecture,in view of the hardware and software indexes,7 dimensional attributes influencing access point decision and its computing method are proposed.An access point decision algorithm is designed combining the AHP(Analytic Hierarchy Process)and TOPSIS(Technique for Order Preference by Similarity to an Ideal Solution)to select the optimal access node.And the algorithm improves the success rate and efficiency of access.Finally,the effectiveness of the algorithm is verified by the experimental simulation.2.A secure and efficient unified authentication scheme based on certificateless aggregation signature algorithm is proposed.According to the requirements of access authentication mechanism in terms of computational overhead,communication overhead and safety for spaceground integration network with the characteristics of resource-constrained and intermittent connectivity,one new certificateless aggregate signature algorithm with constant bilinear pairings is proposed which overcomes the problem of real-time online certificate,complex certificate pressure and key escrow.Compared with the similar algorithms,the proposed algorithm's communication and computational overhead is lower,and the algorithm is proved secure based on the computational Diffie-Hellman problem under the random oracle model.Then according to the demand for single user access and multi user concurrent access,a unified authentication scheme for single user access and large-scale multi-user concurrent access is designed based on proposed certificateless aggregate signature algorithm.It not only realizes efficient and secure access of single node,but also realizes fast batch access and networking communication of cluster nodes.The analysis results show that the scheme improves the efficiency of authentication and guarantees the safety.3.An anonymous and controllable authentication scheme for space-ground integration network identity protection is proposed.In view of the demand on important user security privacy protection of the space-ground integration network's high exposure and special strategic position,a certificateless one-off public key anonymous signature algorithm is presented.It achieves anonymity using the pseudonym mechanism,gets rid of the connection between the user and the public key through one-off public key,realizes anti-forgery using public key and signature verification and tracks malicious users by interacting with the Key Generate Center.Then an anonymous authentication scheme for important nodes in space-ground integration network is proposed according to the designed algorithm,which realizes mutual authentication and key agreement through two information interaction.Also,the scheme achieves efficient refresh authentication and key update by establishing re-authentication list.Formal analysis shows that the scheme achieves many security attributes such as full-anonymity,traceability and session key escrowless,and it realizes traceable access authentication requirements for identity protection in the space-ground integration network.The efficiency and security of this scheme are verified by comparison.4.A unified access authentication simulation system for space-ground integration network based on OPNET is designed and implemented.In view of the unified access authentication demand of single user,multi user concurrent and anonymous authentication for space-ground integration network,the space-ground integration network unified access authentication simulation system is realized through establishment of the network domain,the node domain and the process domain simulation model using the three layer modeling mechanism of OPNET.It validates the feasibility and efficiency of the proposed access authentication scheme in the three aspects of the authentication success rate,the authentication delay and the authentication overhead. |
PDF Full Text Request