摘要
随着物联网的成熟和发展,物联网的应用场景变得越来越大,使用环境更加复杂,这种复杂的应用环境,导致出现了大量的安全问题,这些敏感的安全问题甚至已经“进化”成威胁人身安全的问题.例如在车联网环境中,攻击者对车辆IT系统的攻击,可能导致对车辆的完全控制,从而造成对乘客的生命威胁.在医疗环境中,越来越多的医疗设备,包括植入性医疗器械完全具备了网络接入功能,患者身体产生的数据本身就属于个人隐私范畴,存在信息泄露的巨大风险.在智能家居领域,越来越多的智能电器变成了物联网的一部分,包括传统的冰箱、电视、洗衣机、空调,以及涉及到安防的烟感系统、消防喷淋系统、指纹锁、电子猫眼等,存在大量的设备安全管理、隐私数据安全的问题.作为底层安全基础设施的国产密码算法,研究如何合理地在各个场景应用就成为一项重要的工作.
With the maturity and development of the Internet of things, the application scenarios of the Internet of things have become larger and larger, and the environment is more complex. This complex application environment has led to a large number of security problems, which have even evolved into a threat to personal safety. For example, in the vehicle networking environment, the attack on vehicle IT systems may lead to complete control of vehicles, thus causing a threat to passengers' lives. In the medical environment, more and more medical devices, including implantable medical devices, fully have the function of network access. The data generated by the patient's body belongs to the category of personal privacy, so there is a huge risk of information leakage. In the field of smart home, more and more smart appliances have become part of the Internet of things, including traditional refrigerators, televisions, washing machines, air conditioners, smoke sensing systems related to security, fire sprinkler systems, fingerprint locks, electronic cat's eyes and so on. There are a lot of security management and privacy data security problems. As the underlying security infrastructure of the domestic cryptographic algorithm, how to reasonably apply in various scenarios has become an important task.
作者
李兆森
杨洋
Li Zhaosen;Yang Yang(iTrusChina,Beijing 100083;Ant Financial Services Group,Hangzhou 310001)
出处
《信息安全研究》
2019年第10期924-928,共5页
Journal of Information Security Research
关键词
国产密码算法
身份认证
数据加密
隐私保护
物联网安全
domestic cryptographic algorithms
identity authentication
data encryption
privacy protection
IoT security
