基于分布式群身份认证的传感器网络设计与实现

Design and Implementation of Sensor Networks Based on Distributed Cluster Authentication

在分析了无线传感器网络所面临的安全风险后的基础上,结合传感器网络的实际特点,提出了一种分布式群身份认证防御机制,该机制将网络划分群簇,在正常的传感器网络路由协议中引入群身份认证机制,使路由协议在选择数据传输下一跳时,需预先通过群首节点来验证候选节点群簇隶属身份的真实性。群首节点间认证通信采用基于公钥的分布式自组织的认证机制,以进一步保证这种群身份认证的真实性与可靠性。以常见的女巫攻击为例,介绍了该安全机制的设计过程。对该安全机制的安全性进行了总体性能评估。

This paper analyses the security dangers that the wireless sensor networks faces. According to the practical characteristics of the sensor networks, a ＂distributed cluster authentication defensive system＂ is designed. The system divides the networks into clusters and brings cluster- authentication-system into the normal sensor networks routing protocol so that when the routing protocol chooses data to transmit the next hop, it is necessary to use the head node of the cluster in advance to confirm the authenticity of the candidated node＇s cluster-subordinate-identification. The confirmative communication through cluster head node based on PKI＇s distributed self-organized system to ensure the authenticity and reliability of cluster identification system. It takes the accustomed Sybil attack for example to introduce the design process of the security system. It gives general evaluation to the security of the system.