احراز هویت و حفظ حریم خصوصی کامپیوترهای تین کلاینت
ترجمه نشده

احراز هویت و حفظ حریم خصوصی کامپیوترهای تین کلاینت

عنوان فارسی مقاله: PTAS: طرح احراز هویت و حفظ حریم خصوصی کامپیوترهای تین کلاینت در PKI مبتنی بر بلاک چین
عنوان انگلیسی مقاله: PTAS: Privacy-preserving Thin-client Authentication Scheme in blockchain-based PKI
مجله/کنفرانس: سیستم های کامپیوتری نسل آینده-Future Generation Computer Systems
رشته های تحصیلی مرتبط: مهندسی کامپیوتر
گرایش های تحصیلی مرتبط: امنیت اطلاعات، هوش مصنوعی
کلمات کلیدی فارسی: زیرساخت کلیدی عمومی، بلاک چین، اینترنت اشیا، حفظ حریم خصوصی
کلمات کلیدی انگلیسی: Public Key Infrastructure, Blockchain, Internet of Things, Privacy-preserving
نوع نگارش مقاله: مقاله پژوهشی (Research Article)
شناسه دیجیتال (DOI): https://doi.org/10.1016/j.future.2019.01.026
دانشگاه: School of Computer Science and Engineering, University of Electronic Science and Technology of China, China
صفحات مقاله انگلیسی: 40
ناشر: الزویر - Elsevier
نوع ارائه مقاله: ژورنال
نوع مقاله: ISI
سال انتشار مقاله: 2019
ایمپکت فاکتور: 7.007 در سال 2018
شاخص H_index: 93 در سال 2019
شاخص SJR: 0.835 در سال 2018
شناسه ISSN: 0167-739X
شاخص Quartile (چارک): Q1 در سال 2018
فرمت مقاله انگلیسی: PDF
وضعیت ترجمه: ترجمه نشده است
قیمت مقاله انگلیسی: رایگان
آیا این مقاله بیس است: خیر
کد محصول: E12065
فهرست مطالب (انگلیسی)

Abstract

1. Introduction

2. Background: preliminaries

3. PTAS:Privacy-preserving Thin-client Authentication Scheme

4. (m−1)-private PTAS

5. Security analysis:

6. Performance evaluation

7. Related work

8. Conclusion

Acknowledgments

References

بخشی از مقاله (انگلیسی)

Abstract

Recent years have witnessed tremendous academic efforts and industry growth in Internet of Things (IoT). Security issues of IoT have become increasingly prominent. Public Key Infrastructure (PKI) can provide authentication service to IoT devices which is a crucial element to the security of IoT. However, the conventional PKIs are organized as a tree-like centralized structure which has demonstrated serious usability and security shortcomings such as the single point of failure. Blockchain has numerous desirable properties, such as decentralized nature, cryptographic technology and unalterable transaction record, these properties make it a potential tool to build a decentralized blockchain-based PKI. Nevertheless, the latest proposals for blockchain-based PKI didn’t take thin-clients into consideration where thin-clients indicate those users who can’t download the entire blockchain due to the limited storage capacity of their equipment (most IoT devices fall into this category). To settle this problem, we firstly present a Privacy-preserving Thin-client Authentication Scheme (PTAS) employing the idea of private information retrieval (PIR), which enables thin-clients to run normally like full node users and protect their privacy simultaneously. Furthermore, in order to enhance security, we further propose a (m-1)-private PTAS which means thin-client’s information can be protected against a collusion of at most (m-1) full node users. Besides, security analysis and functional comparison are performed to demonstrate high security and comprehensive functionality of our schemes. Finally, extensive experiments are conducted to compare computational overhead and communication overhead of PTAS and (m-1)-private PTAS.

Introduction

Internet of Things (IoT) is an important part of a new generation of information technology. It is widely used in the convergence of networks through intelligent perception, recognition technology, pervasive computing, etc. Therefore, IoT is also called the third information technology revolution after the computer and the Internet. It has shown promising application prospects in many fields such as Internet of Vehicles [1], Vehicle-to-Grid (V2G) [2–۴] and so on. However, IoT devices may suffer numerous malicious attacks. Many devices are vulnerable to hackers and are easy to be infected to form botnets [5] because of lacking security protection. In fact, considerable research efforts have been devoted to security and privacy issues of IoT [6–۹]. Among these, one of the biggest challenges to IoT security is authentication. Current IoT systems rely on centralised cloud servers. Specifically, all devices are identified, authenticated and connected through cloud servers. Apparently, this structure remains flawed: the single point of failure can disrupt the entire network.