| As the fog computing has become an attractive solution for distributed applications of the Internet of Things,it can provide low-latency,high-mobility and geographically distributed services that are different from the cloud.While fog computing offers many benefits,it also faces various security and privacy issues.Fog computing is an extension of cloud computing,which extends the storage,network and computing facilities of cloud computing to the edge of the network and relies on the computing capacity of distributed nodes to reduce the total pressure of the data center.In fog computing,privacy protection is more challenging because,compared with remote cloud servers in the core network,fog nodes adjacent to terminal nodes may collect sensitive data about identity and utility usage,while the destruction of insecure edge nodes may be the entry point for intruders to enter the network.Once inside the network,intruders can mine and steal the private data exchanged between entities by users,and communication between fog architectures can also lead to privacy leakage.In order to solve this problem,we designed a key management mode and user authentication scheme based on fog calculation,and implemented lightweight authentication by using one-way hash function and bitwise xor operation in the key management part.Although previous studies on the network model with the method of hierarchy,but on the key management scheme is conducted by the credible institutions registered and released key,used on our way by improving made in entity registered registered and levels,has realized the reliable agency collaboration,cloud server,the server,make registration process load balancing and solved the problem of the single point of failure.In the proposed scheme,mutual authentication between three types of entities is realized: 1)between cloud server and fog server;2)Between fog server and terminal equipment;3)Between the terminal equipment and the user.Compared with the existing research,our scheme performs better in terms of computing overhead and communication overhead.At the same time,the security performance of the scheme is analyzed,and the results show that compared with the security features,our scheme can resist various malicious attacks such as anonymity,untraceability,internal attack,replay attack and offline guess attack,providing high security and additional functional features.The availability of the scheme is proved by simulation experiments. |
PDF Full Text Request