摘要
针对传统EPC(Electronic Product Code)网络架构中对EPC数据安全性考虑不足以及访问控制具体实现难度较大等问题,提出一种基于PKI的改进的EPC网络模型。模型在传统的EPC网络架构的基础上引入一个经过简化的轻量级的PKI模块,实现通信过程中的身份认证和加密传输等服务。同时改进用户与EPCIS信息服务器的交互流程,引进可信中间服务层(TM-server)实现对通信过程的访问控制,返回给用户的数据经过密钥加密并由TM-server进行转发,以达到EPCIS服务器对用户隔离以及可信传输的目的。最后尝试引进RBAC模型,经分析表明本架构很好地实现了对EPC数据的访问控制,提升了EPC网络的安全性。
Aiming at such problems in traditional EPC network structure as not enough consideration on EPC data security as well as difficulty in access control detailed implementation etc.,the paper presents a PKI-based improved EPC network model.The model,established on traditional EPC network structure,introduces a simplified light-weight PKI module to realize such services in communication process as authentication,encrypted transmission,etc.Meanwhile,the EPCIS interactive process is ameliorated by incorporating the TM-server(Trusted Middle server) to achieve access control during the communication process.The data returned back to users are encrypted with keys and redirected via TM-server in order to attain the objective of segregating users from EPCIS servers for trustful transmission.Finally,the paper attempts to import RBAC model.Analytical results show that the proposed architecture can effectively realize access control of EPC data and promote the security of EPC network.
出处
《计算机应用与软件》
CSCD
北大核心
2012年第6期271-274,共4页
Computer Applications and Software
关键词
物联网
PKI
EPC网络
安全
访问控制
IoT(Internet of Things) PKI EPC network Security Access control
