| The space-ground integrated information network is a highly heterogeneous net-work,which takes the space network as an extension of the terrestrial network and consists of satellite networks and terrestrial networks.It can overcome the problem of limited coverage of terrestrial transmission networks and provide mobile users with high-speed,high-capacity,global continuous communication and data transmission ser-vices,thus it has a great significance in the fields of civil applications,national security,and disaster warning,etc.Therefore,in order to prevent illegal users from accessing the space-ground integrated information network to obtain network services or damage the system,it is an urgent issue for space-ground integrated information network to design the access authentication and key agreement mechanism for the space-ground integrated information network.Meanwhile,it is of great significance to design an efficient and secure handover authentication mechanism to ensure the continuity of the communica-tion process and the confidentiality of subsequent communication in the network with highly dynamic topology changes.However,the highly complicated communication environments not only make it unfeasible to implement the traditional access authenti-cation algorithms,but also bring challenges in the design of access authentication and key agreement scheme.In recent years,several access authentication schemes have been proposed for space-ground integrated information network.In these existing schemes,authentica-tion is implemented between mobile users and the ground facility,however,the satellite only simply forwards the authentication signaling,rather than participating in the prac-tical authentication session.This centralized authentication method may bring negative impacts on the security or performance,and result in unacceptable access delay.Se-curity issues in handover have not been taken seriously in the existing researches,and the schemes have been proposed is unsuitable for the real scenario.Therefore,to pro-mote the development of space-ground integrated information network,this dissertation makes the following contributions:(1)To solve the problem of user access delay and single point bottleneck in the tra-ditional access authentication system,this dissertation proposes a new authenti-cation system model,in which satellites are given the ability to authenticate users to avoid the online involvement of the network control center when authenticat?ing users.Our proposed authentication scheme can protect user privacy by issu-ing multiple sets of authentication information tuples to users.Furthermore,the support of batch verification in our scheme can significantly enhance handover efficiency when a group of users switch to another satellite.(2)We propose a low latency authentication against satellite compromising for space-ground integrated information network.We use proxy signatures to ensure that only the secure and authorized satellites can obtain permissions from the ground station to authenticate users.The ground station can change the monitoring gran-ularity by setting the validity period of the warrant.Therefore,benefiting from the proxy signature technology,our proposed scheme can reduce the risk of satellite hijacking attacks.Moreover,we use the authentication system model mentioned above to reduce the long authentication implementation delay.(3)To deal with the security issue during frequent handover in space-ground inte-grated information network,this dissertation designs an universal and lightweight handover authentication protocol based on the group key by utilizing the charac-teristic of trajectory predictability.In the proposed scheme,the current satellite can transfer users,security context to the next satellite in advance,thereby achiev-ing seamless handover.Meanwhile,our scheme implements secure handover au-thentication by means of the group key shared between satellites in the same trust domain. |
PDF Full Text Request