| The rapid development of the Internet of Things has realized the transformation from the traditional cloud-end network architecture to cloud-edge-end.In cloud service applications,authentication for terminal devices and access control for cloud data have always been research hotspots in academia.The smart medical system is a typical application example of cloud servers.The wireless body area network is the most basic part of the smart medical system.The sensor node monitors the patient’s vital sign data and transmits it to the edge server from the terminal device.The edge server analyzes and processes the data and uploads the data to the cloud for storage,and patients and medical staff can access the cloud data from anywhere via the Internet.In the wireless body area network,due to the mobility of terminal devices and deployment in an unsafe open environment,there is a risk of being easily captured and disguised by adversaries;For data stored in the cloud,there is a risk of unauthorized access by unauthorized institutions or individuals.Therefore,designing a lightweight security authentication protocol and realizing data sharing of cloud data security are challenges faced by researchers.Aiming at the two security risks faced in the above cloud service applications,the research done in this paper is as follows:(1)An identity authentication and key agreement protocol based on blockchain technology is proposed.This protocol uses identity authentication technology to ensure the legitimacy of the terminal device identity.Obtain the session key through the key agreement protocol for subsequent data transmission and access.Further,by building edge servers in multiple management areas into a blockchain network,cross-regional authentication of terminal devices is realized.The paper first evaluates the proposed protocol through BAN logic proof,informal security analysis and random language model,and proves that the protocol can meet the security requirements of the system;Then use the Pro Verif simulation tool to simulate the proposed protocol.The experimental results show that no attack sequence is generated,that is,the proposed protocol is secure.Finally,the performance of the proposed protocol is compared with other protocols,and the results show that the protocol proposed in this paper has advantages in terms of computational overhead and communication overhead.(2)Aiming at the problem that cloud data may be accessed and used by illegal users,an access control scheme based on blockchain technology is proposed.The scheme uses digital signatures to ensure the integrity of access requests and the immutability of visitor identities,and converts access policies into smart contract codes that are stored on the blockchain.The data requester sends an access request to the blockchain,and if the access policy conditions in the smart contract are met,the data requester is granted access rights.This method of monitoring the user’s access process through the blockchain and recording it in the block not only increases the transparency of data access,but also ensures the centerlessness and traceability of the entire access authorization process,so as to achieve the purpose of data security sharing.Finally,through the analysis of the correctness and security of the scheme,it is shown that the scheme can realize the access control of sensitive data stored in the cloud center. |
