摘要
物联网安全是物联网发展的最主要挑战之一。物联网中大量的资源受限节点存储空间不足、计算能力较差、通信链路不稳定,无法采用互联网标准的安全协议保障通信的端到端安全,成为物联网的薄弱环节。结合物联网的特性和发展趋势,文章提出了一种基于边缘计算的物联网安全架构,并在此架构的基础上提出了基于代理数据报传输层安全的端到端安全方案。分析和实验表明该方案可以让物联网中资源受限设备能采用互联网标准的安全协议进行端到端安全通信,且具有较好的规模性、可扩展性和实际的可行性。
Security problem is one of the main challenges of IoT. Many constrained devices of IoT are operating under low power, and with limited computational and network resources, and cannot use standard security protocols to protect end-to-end security, they become the weakness of IoT. An IoT security architecture based on edge computing and a proxy-based Datagram Transport Layer Security end-to-end security scheme based on the architecture were proposed. Analysis and experiment show that the scheme can enable the constrained devices to communicate with any remote devices using the Internet standard security protocol in a security way. At the same time, the scheme is scalable, feasible and practical.
出处
《信息网络安全》
CSCD
2017年第10期13-21,共9页
Netinfo Security
基金
国家自然科学基金[61373170]
