| Authentication technology is an important element of Io T security research.As the number of Io T terminals grows rapidly and the application ecology becomes increasingly rich,the traditional centralized authentication model can hardly meet the needs of Io T applications in terms of cross-domain authentication and dense access.This paper combines specific application problems,conducts research on authentication technologies for cross-domain access and dense access of Io T applications,proposes a decentralized authentication method for Io T,verifies the feasibility and effectiveness of key technologies,and applies the paper's research results to practical engineering projects.The main contributions of the thesis include the following.An Identity-Based Cryptograph(IBC)decentralized cross-domain authentication method is proposed,which decomposes cross-domain access control into two phases: authentication and access authorization.In the authentication phase,the Io T endpoint identity is used instead of the digital certificate issued by a third party,and decentralized authentication is implemented.This method solves the problem of maintaining multiple digital certificates by Io T terminals for different application domains.In the access authorization phase,a cross-domain joint authorization method based on a threshold cryptographic algorithm is proposed.With this approach,authentication servers of different application domains can jointly compute authorization signatures and independently verify them.The authorization process does not rely on trusted third parties.The method implements the authorization process through a smart contract and uses a blockchain to store the authorization results to ensure the authenticity of the authorization results.A decentralized authentication method for intensive access of mass terminals is proposed.A system structure combining main chain and side chain is proposed.Application domain blockchain and alliance blockchain are deployed in application domain and between application domains respectively.Each application domain blockchain can independently run the authentication process in the application domain.The index of authentication information of storage devices in alliance blockchain.When cross domain authentication is needed,the authenticity and validity of authentication information is proved by Simple Payment Verification(SPV).Compared with the existing authentication schemes of Internet of things,this scheme can significantly shorten the authentication time,reduce the communication cost and storage space.A prototype system based on two open-source projects,Hyperledger Fabric and YHRADIUS,was designed and implemented,and the performance of the core mechanism was evaluated.The experimental results show that the decentralized authentication method proposed in this paper has good processing performance and low computational overhead,and is suitable for solving the cross-domain authentication of Io T and the authentication of massive device access.Meanwhile,Hyperledger Caliper,a blockchain benchmarking tool,was used to verify the throughput and latency variation of the system under different conditions,and to analyze the impact of client request rate,number of clients,block size and other factors on the system performance.The research results of this paper have good theoretical value and practical significance for the healthy development of the Internet of Things(Io T),and provide important support for the construction of a more complete Io T identity authentication scheme. |
PDF Full Text Request