基于代理重加密的物联网云节点授权可信更新机制

PRE-TUAN:Proxy Re-Encryption Based Trusted Update Scheme of Authorization for Nodes on IoT Cloud

物联网云平台通过物联网节点采集和使用数据,基于云平台进行数据的运算和存储,提升了物联网处理数据的能力和数据共享的范围,也丰富了云端数据的内容,推动了互联网与人类世界的渗透和融合,同样也带来了全新的安全问题,由于物联网节点的特点与局限性,导致节点极其容易受到攻击,因此,如何实现物联网云平台中被劫持节点数据访问授权的可信更新至关重要.为此,提出了一种基于代理重加密的物联网云节点授权可信更新机制(PRE based trusted update scheme of authorization for nodes on IoT cloud platform,PRE-TUAN).首先,定义系统模型,包含可信的物联网数据服务器、授权管理服务器和半可信的云端重加密代理服务器;其次,描述系统流程和算法;最后对PRE-TUAN进行安全性分析和证明.PRE-TUAN以代理重加密为基础,将充分发挥云的运算能力,同时确保物联网数据分享的安全与可靠.

In the Internet of things（IoT）cloud platform,the data is collected and used by the nodes of IoT,and the processing and storage of data is based on the cloud platform.The platform has increased the data processing and sharing abilities of IoT,meanwhile,it also has enriched the resource in cloud and improved integration of the Internet and human world.All of this offers advantage as well as new problems of information security.As the characteristic and limitation of the nodes of IoT,they are particularly vulnerable,thus it is a crucial and urgent issue that how to realize the trusted update of authorization for the hijacked nodes.In order to solve this problem,we propose a PRE based trusted update scheme of authorization for nodes on IoT cloud platform（PRE-TUAN）.At first,we define the system model including the trusted IoT data server and permission management server,and the semi-trusted proxy re-encryption server in cloud.Secondly,describe the system processing and algorithms.Finally,analyze and prove the security of PRE-TUAN.PRE-TUAN is based on the proxy re-encryption（PRE）,which will reach the full potential of cloud computing,and ensure the security and reliability of the data in IoT cloud.