| The technology of digital twin edge networks(DITEN)has been widely applied in the industrial production field.While it improves system efficiency,it also poses increasing security risks and challenges.One prominent issue is the synchronized security between entities and their digital twins.To ensure real-time consistency of digital twins,continuous differential comparison and state synchronization are necessary.Information leakage and tampering during the synchronization process can result in significant losses.Therefore,the security synchronization mechanism of digital twins holds great research value and broad application prospects.Due to the interactive bidirectionality,correspondence,and persistence in the synchronization process of digital twins,the deployment and application of existing security mechanisms are limited by factors such as computational complexity,security,and cost.This thesis proposes a security synchronization mechanism designed specifically for the synchronization scenario of digital twins.It addresses two key technical issues in the synchronization process: secure encoding and identity authentication,ensuring secure synchronization between entities and their digital twins over wireless channels.To meet the requirements of secure encoding,a digital twin secure encoding scheme based on shared context is designed.By utilizing the randomness of the shared context during the synchronization process,secure encoding of the synchronization information is achieved.Various shared information is continuously utilized to update and maintain the context,and key generation negotiation is periodically conducted using the randomness in the context.The generated keys are used for encryption of the synchronization information.Maximum entropy transformation and hash tree comparison algorithms are introduced to resist potential exposure threats to shared information in the context and ensure the consistency of shared information.In performance tests,this scheme achieves a high minimum entropy of keys by fusing the randomness in the shared context.The pass rate of the generated ciphertext in the NIST randomness test exceeds 97%,and the Pearson correlation coefficient between plaintext and ciphertext is within ±0.004.This indicates strong randomness in the keys and ciphertext,and no significant statistical correlation between plaintext and ciphertext,ensuring that eavesdroppers cannot obtain sensitive data during synchronization.To meet the requirements of identity authentication,a digital twin identity authentication scheme based on channel state specificity is designed.By utilizing the specificity carried by the channel state information(CSI)during the synchronization process,continuous identity authentication between entities and their digital twins is achieved.In the synchronization process,the CSI corresponding to the synchronization information is extracted.Through the analysis of specificity extraction and adaptive clustering algorithms,the impact of incidental random factors is mitigated,and clustering results of channel feature points are obtained.Identity authentication is continuously performed based on authentication policies.The CSI used for identity authentication has characteristics that are difficult to tamper with and forge,enhancing security assurance.In performance tests,based on simulations of forged access in multiple time periods,multiple points,multiple directions,and multiple channels,the scheme achieves an accuracy of 93.77% in identifying legitimate synchronization and forged access.The precision and recall rates for identifying legitimate synchronization reach 90.42% and 94.97% respectively,indicating strong discrimination ability for legitimate synchronization and forged access in the synchronization process,ensuring continuous trustworthiness of identities between entities and their digital twins. |
PDF Full Text Request