摘要
智能家居产品在使用中存在远程控制易被劫持、本地控制易被入侵等诸多安全隐患,引入可信第三方认证技术,建立智能家居产品、用户移动端和厂商产品服务平台即可信云管平台,三者的互信关系是非常必要的.第三方互信建立在成熟的PKI技术基础上,以非对称算法为认证核心技术,确保智能家居产品仅执行得到可信云管平台认证通过后的用户指令.智能家居产品的部署分为整体家居方案和智能单品,在使用上分为本地控制和远程控制,不同的情况都需要可信第三方认证来确保产品使用的安全.为了在加入可信第三方认证机制的同时降低成本,在MQTT协议基础上的协议改造是认证技术快速应用智能家居行业的一种最佳实践.
Smart Home products in the use of remote control is easy to be hijacked〉 local control easily invaded? which causes many other security risks. Making use of trusted third-party authentication technology in the Smart Home products 9 establishing trust relationships of Smart Home products, users mobile devices and services platform that is trusted cloud platform , third- party mutual trust based on mature PKI technology, asymmetric algorithm for the core technology to ensure that Smart home products only execute user instructions which are authenticated by trusted cloud platform . The deployment of Smart Home products is divided into the overall home product and intelligent single product, in the use of local control and remote control, different situations require trusted third-party authentication to ensure product security. In order to reduce the cost while adding a trusted third-party authentication mechanism, the protocol transformation on the basis of the MQTT protocol is also the best practice for the rapid application of the authentication technology to the smart home industry.
作者
袁春旭
汪湘桂
李金国
王振
Yuan Chunxu Wang Xianggui Li Jinguo Wang Zhen(Topsec Netxvork Technology Inc. , Beijing 100085)
出处
《信息安全研究》
2017年第6期528-532,共5页
Journal of Information Security Research
关键词
可信第三方认证
PKI
智能家居
信息安全
电子签名
trusted third-party authentication
public key infrastructure
smart home
information security
electronic signature
