Several excellent works have been done on the industrial Internet;however,some problems are still ahead,such as reliable security,heterogeneous compatibility,and system efficiency.Information-Centric Networking(ICN),a...Several excellent works have been done on the industrial Internet;however,some problems are still ahead,such as reliable security,heterogeneous compatibility,and system efficiency.Information-Centric Networking(ICN),an emerging paradigm for the future Internet,is expected to address the challenges of the industrial Internet to some extent.An integrated architecture for industrial network and identity resolution in the industrial Internet is proposed in this paper.A framework is also designed for the ICN-based industrial Network And Named Data Networking(NDN)based factory extranet with Software-Defined Networking(SDN).Moreover,an identity resolution architecture in the industrial Internet is proposed based on ICN paradigms with separate resolution nodes or with merging resolution and routing.展开更多
The risks of the current identity system represented by Domain Name System(DNS)and Object Identifier(OID)are studied.According to the characteristics of the industrial Internet Identity(Ⅲ)system,four open ecosystem p...The risks of the current identity system represented by Domain Name System(DNS)and Object Identifier(OID)are studied.According to the characteristics of the industrial Internet Identity(Ⅲ)system,four open ecosystem planes are divided,and a corresponding risk analysis view is established to analyze risks for various planes.This paper uses Isaiah Berlin’s definition of liberty to more generally express the concept of security as positive rights and negative rights.In the risk analysis view,the target system is modeled from four dimensions:stakeholders,framework,architecture,and capability delivery.At last,three defensive lines are proposed to establish the identity credit system.展开更多
The distinctive form of language emerged from the Internet is gaining more and more attention these days. In fact, different theories and methodologies can support to explain the phenomenon of the Internet language. F...The distinctive form of language emerged from the Internet is gaining more and more attention these days. In fact, different theories and methodologies can support to explain the phenomenon of the Internet language. Furthermore, language and identity in sociolinguistic domain can help study the relationship between the Internet language and its users. Taking a popular online discussion board Tianya.cn as an example, the affirmation of a virtual community's identity can be established through using its distinctive language.展开更多
In recent years,the Industrial Internet and Industry 4.0 came into being.With the development of modern industrial intelligent manufacturing technology,digital twins,Web3 and many other digital entity applications are...In recent years,the Industrial Internet and Industry 4.0 came into being.With the development of modern industrial intelligent manufacturing technology,digital twins,Web3 and many other digital entity applications are also proposed.These applications apply architectures such as distributed learning,resource sharing,and arithmetic trading,which make high demands on identity authentication,asset authentication,resource addressing,and service location.Therefore,an efficient,secure,and trustworthy Industrial Internet identity resolution system is needed.However,most of the traditional identity resolution systems follow DNS architecture or tree structure,which has the risk of a single point of failure and DDoS attack.And they cannot guarantee the security and privacy of digital identity,personal assets,and device information.So we consider a decentralized approach for identity management,identity authentication,and asset verification.In this paper,we propose a distributed trusted active identity resolution system based on the inter-planetary file system(IPFS)and non-fungible token(NFT),which can provide distributed identity resolution services.And we have designed the system architecture,identity service process,load balancing strategy and smart contract service.In addition,we use Jmeter to verify the performance of the system,and the results show that the system has good high concurrent performance and robustness.展开更多
The advent of the Internet era has triggered profound changes in national governance,and the profound complexity and highly uncertain nature of governance have imposed new requirements on political identification in t...The advent of the Internet era has triggered profound changes in national governance,and the profound complexity and highly uncertain nature of governance have imposed new requirements on political identification in the new era.Whether seen environmentally from the point of view of the governance environment or from the point of view of the subjects and structures of governance,the changes brought about by the Internet to national governance have challenged political identity.Therefore,in response to the challenges to political identification posed by changes in Internet governance in the context of the new era,it is necessary to reconstruct new bonds for the political identity of the mass of the people by promoting the modernization of Internet governance on the basis of maintaining a firm grip on domination of cyberspace ideology:implementing integrated governance to achieve developmental identity;strengthening service-oriented governance to build subject identification;and promoting responsive governance to enhance sustainable identity.展开更多
As the power Internet of Things(IoT)enters the security construction stage,the massive use of perception layer devices urgently requires an identity authentication scheme that considers both security and practicality....As the power Internet of Things(IoT)enters the security construction stage,the massive use of perception layer devices urgently requires an identity authentication scheme that considers both security and practicality.The existing public key infrastructure(PKI)-based security authentication scheme is currently difficult to apply in many terminals in IoT.Its key distribution and management costs are high,which hinders the development of power IoT security construction.Combined Public Key(CPK)technology uses a small number of seeds to generate unlimited public keys.It is very suitable for identity authentication in the power Internet of Things.In this paper,we propose a novel identity authentication scheme for power IoT.The scheme combines the physical unclonable function(PUF)with improved CPK technology to achieve mutual identity authentication between power IoT terminals and servers.The proposed scheme does not require third-party authentication and improves the security of identity authentication for power IoT.Moreover,the scheme reduces the resource consumption of power IoT devices.The improved CPK algorithm solves the key collision problem,and the third party only needs to save the private key and the public key matrix.Experimental results show that the amount of storage resources occupied in our scheme is small.The proposed scheme is more suitable for the power IoT.展开更多
Physical objects are getting connected to the Internet at an exceptional rate,making the idea of the Internet of Things(IoT)a reality.The IoT ecosystem is evident everywhere in the form of smart homes,health care syst...Physical objects are getting connected to the Internet at an exceptional rate,making the idea of the Internet of Things(IoT)a reality.The IoT ecosystem is evident everywhere in the form of smart homes,health care systems,wearables,connected vehicles,and industries.This has given rise to risks associated with the privacy and security of systems.Security issues and cyber attacks on IoT devices may potentially hinder the growth of IoT products due to deficiencies in the architecture.To counter these issues,we need to implement privacy and security right from the building blocks of IoT.The IoT architecture has evolved over the years,improving the stack of architecture with new solutions such as scalability,management,interoperability,and extensibility.This emphasizes the need to standardize and organize the IoT reference architecture in federation with privacy and security concerns.In this study,we examine and analyze 12 existing IoT reference architectures to identify their shortcomings on the basis of the requirements addressed in the standards.We propose an architecture,the privacy-federated IoT security reference architecture(PF-IoT-SRA),which interprets all the involved privacy metrics and counters major threats and attacks in the IoT communication environment.It is a step toward the standardization of the domain architecture.We effectively validate our proposed reference architecture using the architecture trade-off analysis method(ATAM),an industry-recognized scenario-based approach.展开更多
Remote authentication is a safe and verifiable mechanism.In the Internet of Things (loT),remote hosts need to verify the legitimacy of identity of terminal devices.However,embedded devices can hardly afford sufficient...Remote authentication is a safe and verifiable mechanism.In the Internet of Things (loT),remote hosts need to verify the legitimacy of identity of terminal devices.However,embedded devices can hardly afford sufficient resources for the necessary trusted hardware components.Software authentication with no hardware guarantee is generally vulnerable to various network attacks.In this paper,we propose a lightweight remote verification protocol.The protocol utilizes the unique response returned by Physical Unclonable Function (PUF) as legitimate identity basis of the terminal devices and uses quadratic residues to encrypt the PUF authentication process to perform a double identity verification scheme.Our scheme is secure against middleman attacks on the attestation response by preventing conspiracy attacks from forgery authentication.展开更多
基金supported in part by National Key Research&Development Project(Grant No.2019YFB1804400)the MIIT of China 2019(Innovative Identification and Resolution System for Industrial Internet of Things).
文摘Several excellent works have been done on the industrial Internet;however,some problems are still ahead,such as reliable security,heterogeneous compatibility,and system efficiency.Information-Centric Networking(ICN),an emerging paradigm for the future Internet,is expected to address the challenges of the industrial Internet to some extent.An integrated architecture for industrial network and identity resolution in the industrial Internet is proposed in this paper.A framework is also designed for the ICN-based industrial Network And Named Data Networking(NDN)based factory extranet with Software-Defined Networking(SDN).Moreover,an identity resolution architecture in the industrial Internet is proposed based on ICN paradigms with separate resolution nodes or with merging resolution and routing.
文摘The risks of the current identity system represented by Domain Name System(DNS)and Object Identifier(OID)are studied.According to the characteristics of the industrial Internet Identity(Ⅲ)system,four open ecosystem planes are divided,and a corresponding risk analysis view is established to analyze risks for various planes.This paper uses Isaiah Berlin’s definition of liberty to more generally express the concept of security as positive rights and negative rights.In the risk analysis view,the target system is modeled from four dimensions:stakeholders,framework,architecture,and capability delivery.At last,three defensive lines are proposed to establish the identity credit system.
文摘The distinctive form of language emerged from the Internet is gaining more and more attention these days. In fact, different theories and methodologies can support to explain the phenomenon of the Internet language. Furthermore, language and identity in sociolinguistic domain can help study the relationship between the Internet language and its users. Taking a popular online discussion board Tianya.cn as an example, the affirmation of a virtual community's identity can be established through using its distinctive language.
基金supported by the National Natural Science Foundation of China(No.92267301).
文摘In recent years,the Industrial Internet and Industry 4.0 came into being.With the development of modern industrial intelligent manufacturing technology,digital twins,Web3 and many other digital entity applications are also proposed.These applications apply architectures such as distributed learning,resource sharing,and arithmetic trading,which make high demands on identity authentication,asset authentication,resource addressing,and service location.Therefore,an efficient,secure,and trustworthy Industrial Internet identity resolution system is needed.However,most of the traditional identity resolution systems follow DNS architecture or tree structure,which has the risk of a single point of failure and DDoS attack.And they cannot guarantee the security and privacy of digital identity,personal assets,and device information.So we consider a decentralized approach for identity management,identity authentication,and asset verification.In this paper,we propose a distributed trusted active identity resolution system based on the inter-planetary file system(IPFS)and non-fungible token(NFT),which can provide distributed identity resolution services.And we have designed the system architecture,identity service process,load balancing strategy and smart contract service.In addition,we use Jmeter to verify the performance of the system,and the results show that the system has good high concurrent performance and robustness.
文摘The advent of the Internet era has triggered profound changes in national governance,and the profound complexity and highly uncertain nature of governance have imposed new requirements on political identification in the new era.Whether seen environmentally from the point of view of the governance environment or from the point of view of the subjects and structures of governance,the changes brought about by the Internet to national governance have challenged political identity.Therefore,in response to the challenges to political identification posed by changes in Internet governance in the context of the new era,it is necessary to reconstruct new bonds for the political identity of the mass of the people by promoting the modernization of Internet governance on the basis of maintaining a firm grip on domination of cyberspace ideology:implementing integrated governance to achieve developmental identity;strengthening service-oriented governance to build subject identification;and promoting responsive governance to enhance sustainable identity.
基金the Science and Technology Project of State Grid Jiangsu Electric Power Co.,Ltd.under Grant No.J2020068.
文摘As the power Internet of Things(IoT)enters the security construction stage,the massive use of perception layer devices urgently requires an identity authentication scheme that considers both security and practicality.The existing public key infrastructure(PKI)-based security authentication scheme is currently difficult to apply in many terminals in IoT.Its key distribution and management costs are high,which hinders the development of power IoT security construction.Combined Public Key(CPK)technology uses a small number of seeds to generate unlimited public keys.It is very suitable for identity authentication in the power Internet of Things.In this paper,we propose a novel identity authentication scheme for power IoT.The scheme combines the physical unclonable function(PUF)with improved CPK technology to achieve mutual identity authentication between power IoT terminals and servers.The proposed scheme does not require third-party authentication and improves the security of identity authentication for power IoT.Moreover,the scheme reduces the resource consumption of power IoT devices.The improved CPK algorithm solves the key collision problem,and the third party only needs to save the private key and the public key matrix.Experimental results show that the amount of storage resources occupied in our scheme is small.The proposed scheme is more suitable for the power IoT.
文摘Physical objects are getting connected to the Internet at an exceptional rate,making the idea of the Internet of Things(IoT)a reality.The IoT ecosystem is evident everywhere in the form of smart homes,health care systems,wearables,connected vehicles,and industries.This has given rise to risks associated with the privacy and security of systems.Security issues and cyber attacks on IoT devices may potentially hinder the growth of IoT products due to deficiencies in the architecture.To counter these issues,we need to implement privacy and security right from the building blocks of IoT.The IoT architecture has evolved over the years,improving the stack of architecture with new solutions such as scalability,management,interoperability,and extensibility.This emphasizes the need to standardize and organize the IoT reference architecture in federation with privacy and security concerns.In this study,we examine and analyze 12 existing IoT reference architectures to identify their shortcomings on the basis of the requirements addressed in the standards.We propose an architecture,the privacy-federated IoT security reference architecture(PF-IoT-SRA),which interprets all the involved privacy metrics and counters major threats and attacks in the IoT communication environment.It is a step toward the standardization of the domain architecture.We effectively validate our proposed reference architecture using the architecture trade-off analysis method(ATAM),an industry-recognized scenario-based approach.
基金supported in part by the National Basic Research Program of China(973 Program)(No.2014CB340600)in part by the Wuhan Frontier Program of Application Foundation(No.2018010401011295)。
文摘Remote authentication is a safe and verifiable mechanism.In the Internet of Things (loT),remote hosts need to verify the legitimacy of identity of terminal devices.However,embedded devices can hardly afford sufficient resources for the necessary trusted hardware components.Software authentication with no hardware guarantee is generally vulnerable to various network attacks.In this paper,we propose a lightweight remote verification protocol.The protocol utilizes the unique response returned by Physical Unclonable Function (PUF) as legitimate identity basis of the terminal devices and uses quadratic residues to encrypt the PUF authentication process to perform a double identity verification scheme.Our scheme is secure against middleman attacks on the attestation response by preventing conspiracy attacks from forgery authentication.
