物联网网络层信息安全体系结构与关键技术研究

Network layer of Internet of Things , composed by a variety of private networks,Internet, wired and wireless communications networks and so on, it is the nerve center Internet of Things that information security is essential to the development. This project uses the level and classification mixture model research to establish network layer information security structure. We design lightweight AES level cover encryption algorithm which is based on using block encrypt advantage and correcting encryption key for the using of random number. Construct the network layer cross-realm authentication mechanism which is adapt for the Internet of things networking by using gateway mode, identity authentication algorithm and the nature of elliptic curve on the bilinear pairings. Through the distributed access control model, we research control access to strategy by using the user one hop node which is constituted a temporary gateway, and then around the mobile user. We design the intelligent against detection and prevention mechanism by using the neural network algorithm to attack detection and learn the self-study, prevent the same attack. Meanwhile, we combine international and national standardization of rules, and study the standardized methods, with which to standardize the information security of the network layer of Internet of Things. Using a combination of assessment model and simulation experiments, we can constantly correct mechanisms and algorithms .What's more, there will be a breakthrough in key technologies and problems of designing models of network layer information security, which can provide a theoretical basis and a supporting platform for the development of the Internet of Things.

由各种私有网络、互联网、有线和无线通信网等构成的物联网网络层，作为物联网的神经中枢，其信息安全关系到物联网的未来。本项目拟利用层次和分类混合模型研究并建立物联网网络层信息安全体系结构。利用分组加密优势，采用随机数对加密密钥修正，研究设计轻量级AES等级遮盖加密算法。以网关模式，融入身份的认证算法，利用椭圆曲线上双线性对的性质，构建适应物联网网络层的跨网跨域认证机制。通过分布式的访问控制模式，采用由用户单跳节点构成临时网关，围绕移动用户，研究控制访问策略。运用神经网络算法进行攻击检测，通过自学习，预防同样攻击，设计智能化攻击检测和防御机制。与此同时，遵循国际和国内标准化相关规则，研究物联网网络层信息安全方法，对其进行标准化。利用评估模型和仿真实验相结合的方法，不断更正相关机制和算法，突破物联网网络层信息安全模型设计的关键技术，为物联网的发展提供理论基础和支撑平台。

由各种私有网络、互联网、有线和无线通信网等构成的物联网网络层，作为物联网的神经中枢，其信息安全关系到物联网的未来。本项目利用层次与分类混合模型和物联网安全通信协议研究，设计了物联网性能评估与预测方法，构建了物联网网络层信息安全体系结构。利用分组加密优势，采用随机数对加密密钥修正，研究设计轻量级AES等级遮盖加密算法的数据加密机制。同时采用基于身份加密公钥密码方式设计了适合移动设备的跨域安全认证的单点登录方式，构建适应物联网网络层的跨网跨域认证机制。通过分布式的访问控制模式，采用由用户单跳节点构成临时网关，围绕移动用户，设计了基于信任的访问控制模型和算法。运用神经网络算法进行攻击检测，通过自学习，预防同样攻击，设计智能化攻击检测和防御机制。与此同时，遵循国际和国内标准化相关规则，研究物联网网络层信息安全方法，对其进行标准化。利用评估模型和仿真实验相结合的方法，不断更正相关机制和算法，通过建成的物联网仿真实验平台，进行了基于物联网环境下网络层可见光的安全传输应用实验，验证了这些机制和算法的有效性和先进性，突破了物联网网络层信息安全模型设计的关键技术，为物联网的发展提供理论基础和支撑平台。