一种面向工业物联网的远程安全指令控制方案

doi:10.19678/j.issn.1000-3428.0067299

摘要/Abstract

摘要：

随着工业领域对智能化要求的不断提高，工业物联网（IIoT）得到了快速发展，其可以有效提高工业生产中的流程效率和决策质量，具有广阔的应用前景。然而，近年来IIoT的安全问题逐渐凸显。针对远程指令控制这一应用场景，设计一种基于SM9标识密码算法的两方协同群签名算法，并结合区块链实现面向IIoT的远程安全指令控制方案，以保障IIoT中远程指令操作的安全性。该方案基于国密SM9标准，群管理员审核指令，并与发起指令签署请求的用户协同完成群签名，群签名在保护签名者身份隐私的同时可以由群管理员在必要时公开签名者身份。通过引入区块链技术，实现IIoT平台的去中心化管理，并通过智能合约获取指令执行历史数据，方便后续审计与追责。此外，方案在签名验证阶段通过批量验证来有效减少计算消耗。安全性及性能分析结果表明：在签名数量超过20条时，该方案通过批量验证的方式可以使得计算量减少50%以上；相较对比方案，所提方案在IIoT环境下安全性和实用性更高。

关键词: SM9标识密码算法, 群签名, 两方协同签名, 工业物联网, 区块链

Abstract:

With the increasing demand for intelligence in the industrial field, the Industrial Internet of Things(IIoT) has developed rapidly. IIoT can effectively improve process efficiency and decision quality in industrial production and has broad application prospects. However, in recent years, the security issues of IIoT are gradually becoming well known. A two party collaborative group signature algorithm is designed based on the SM9 identity-based cryptography for the application scenario of remote instruction control, and it is combined with a blockchain to implement a remote secure instruction control scheme for IIoT to ensure the security of remote instruction operations in IIoT. This scheme is based on the national security SM9 standard. The group administrator reviews instructions and collaborates with the user who initiated the instruction-signing request to complete the group signature. The group signature protects the privacy of the signer's identity while allowing the group administrator to publicly disclose the signer's identity when necessary. By introducing blockchain technology, decentralized management of the IIoT platform can be achieved, and command execution history data can be obtained through smart contracts, facilitating subsequent auditing and accountability. In addition, the scheme effectively reduces computational consumption through batch verification during the signature verification stage. The security and performance analysis results show that when the number of signatures exceeds 20, this scheme can reduce the computational load by more than 50% through batch verification. Compared to the comparison scheme, the proposed scheme has higher security and applicability in the IIoT environment.

Key words: SM9 identity-based cryptography algorithm, group signature, two-party collaborative signature, Industrial Internet of Things(IIoT), blockchain

陈纪成, 包子健, 罗敏, 何德彪. 一种面向工业物联网的远程安全指令控制方案[J]. 计算机工程, 2024, 50(3): 28-35.

Jicheng CHEN, Zijian BAO, Min LUO, Debiao HE. A Security Remote Command Control Scheme for Industrial Internet of Things[J]. Computer Engineering, 2024, 50(3): 28-35.

https://www.ecice06.com/CN/Y2024/V50/I3/28

图/表 5

参考文献 29

1	HUO R, ZENG S Q, WANG Z H, et al. A comprehensive survey on blockchain in industrial Internet of Things: motivations, research progresses, and future challenges. IEEE Communications Surveys & Tutorials, 2022, 24(1): 88- 122.
2	BEHERA T M, MOHAPATRA S K, SAMAL U C, et al. I-SEP: an improved routing protocol for heterogeneous WSN for IoT-based environmental monitoring. IEEE Internet of Things Journal, 2020, 7(1): 710- 717. doi: 10.1109/JIOT.2019.2940988
3	SUMALEE A, HO H W. Smarter and more connected: future intelligent transportation system. IATSS Research, 2018, 42(2): 67- 71. doi: 10.1016/j.iatssr.2018.05.005
4	RISTESKA STOJKOSKA B L, TRIVODALIEV K V. A review of Internet of Things for smart home: challenges and solutions. Journal of Cleaner Production, 2017, 140, 1454- 1464. doi: 10.1016/j.jclepro.2016.10.006
5	MALIK P K, SHARMA R, SINGH R, et al. Industrial Internet of Things and its applications in industry 4.0: state of the art. Computer Communications, 2021, 166, 125- 139. doi: 10.1016/j.comcom.2020.11.016
6	KEENAN M. 从概念到落地, 工业物联网正迅速走向成熟. 中国电子商情·基础电子, 2020,(8): 16- 17. URL
	KEENAN M. From concept to landing, the industrial Internet of Things is rapidly maturing. China Electronic Market, 2020,(8): 16- 17. URL
7	尹子航, 唐磊, 沈绪榜. 中国工业物联网的发展研究与对策. 机械工程与自动化, 2018,(4): 217- 219. doi: 10.3969/j.issn.1672-6413.2018.04.091
	YIN Z H, TANG L, SHEN X B. Research and countermeasures on development of Chinese industrial Internet of Things. Mechanical Engineering & Automation, 2018,(4): 217- 219. doi: 10.3969/j.issn.1672-6413.2018.04.091
8	中商产业研究院. 2019年中国工业物联网市场前景研究报告. 电器工业, 2019,(10): 42- 44. URL
	China Commercial Industry Research Institute. China industrial Internet of Things market outlook research report 2019. China Electrical Equipment Industry, 2019,(10): 42- 44. URL
9	UR REHMAN M H, YAQOOB I, SALAH K, et al. The role of big data analytics in industrial Internet of Things. Future Generation Computer Systems, 2019, 99, 247- 259. doi: 10.1016/j.future.2019.04.020
10	WANG T, LUO H, JIA W J, et al. MTES: an intelligent trust evaluation scheme in sensor-cloud-enabled industrial Internet of Things. IEEE Transactions on Industrial Informatics, 2020, 16(3): 2054- 2062. doi: 10.1109/TII.2019.2930286
11	HUO R, ZENG S Q, WANG Z H, et al. A comprehensive survey on blockchain in industrial Internet of Things: motivations, research progresses, and future challenges. IEEE Communications Surveys & Tutorials, 2022, 24(1): 88- 122.
12	LI X, NIU J W, BHUIYAN M Z A, et al. A robust ECC-based provable secure authentication protocol with privacy preserving for industrial Internet of Things. IEEE Transactions on Industrial Informatics, 2018, 14(8): 3599- 3609. doi: 10.1109/TII.2017.2773666
13	APONTE-LUIS J, GÓMEZ-GALÁN J, GÓMEZ-BRAVO F, et al. An efficient wireless sensor network for industrial monitoring and control. Sensors, 2018, 18(2): 182. doi: 10.3390/s18010182
14	TANGE K, DE DONNO M, FAFOUTIS X, et al. A systematic survey of industrial Internet of Things security: requirements and fog computing opportunities. IEEE Communications Surveys & Tutorials, 2020, 22(4): 2489- 2520.
15	SERROR M, HACK S, HENZE M, et al. Challenges and opportunities in securing the industrial Internet of Things. IEEE Transactions on Industrial Informatics, 2021, 17(5): 2985- 2996. doi: 10.1109/TII.2020.3023507
16	Identity-based cryptographic algorithm SM9: GM/T 0044-2016[S]. 2016-03-28.
17	LIN C, HE D B, KUMAR N, et al. HomeChain: a blockchain-based secure mutual authentication system for smart homes. IEEE Internet of Things Journal, 2020, 7(2): 818- 829. doi: 10.1109/JIOT.2019.2944400
18	LI T, WANG H Q, HE D B, et al. Permissioned blockchain-based anonymous and traceable aggregate signature scheme for industrial Internet of Things. IEEE Internet of Things Journal, 2021, 8(10): 8387- 8398. doi: 10.1109/JIOT.2020.3045451
19	VERMA G K, KUMAR N, GOPE P, et al. SCBS: a short certificate-based signature scheme with efficient aggregation for industrial-Internet-of-Things environment. IEEE Internet of Things Journal, 2021, 8(11): 9305- 9316. doi: 10.1109/JIOT.2021.3055843
20	CHEN B, WANG Z, XIANG T, et al. BCGS: blockchain-assisted privacy-preserving cross-domain authentication for VANETs. Vehicular Communications, 2023, 41, 100602. doi: 10.1016/j.vehcom.2023.100602
21	杨亚涛, 蔡居良, 张筱薇, 等. 基于SM9算法可证明安全的区块链隐私保护方案. 软件学报, 2019, 30(6): 1692- 1704. URL
	YANG Y T, CAI J L, ZHANG X W, et al. Privacy preserving scheme in block chain with provably secure based on SM9 algorithm. Journal of Software, 2019, 30(6): 1692- 1704. URL
22	赖建昌, 黄欣沂, 何德彪, 等. 基于商密SM9的高效标识签密. 密码学报, 2021, 8(2): 314- 329. URL
	LAI J C, HUANG X Y, HE D B, et al. An efficient identity-based signcryption scheme based on SM9. Journal of Cryptologic Reseatch, 2021, 8(2): 314- 329. URL
23	陈倩倩, 秦宝东. 基于SM9的两方协同盲签名方案. 计算机工程, 2023, 49(6): 144-153, 161. URL
	CHEN Q Q, QIN B D. Two-party cooperative blind signature scheme based on SM9. Computer Engineering, 2023, 49(6): 144-153, 161. URL
24	喇元, 赵继光, 张伟. 基于SM9门限签名的电力终端安全认证方案. 电力科学与技术学报, 2022, 37(4): 183-188, 226. URL
	LA Y, ZHAO J G, ZHANG W. Security authentication scheme for power terminals based on the SM9 threshold signature. Journal of Electric Power Science and Technology, 2022, 37(4): 183-188, 226. URL
25	LIU S G, LIU R, RAO S Y. Secure and efficient two-party collaborative SM9 signature scheme suitable for smart home. Journal of King Saud University-Computer and Information Sciences, 2022, 34(7): 4022- 4030.
26	CHAUM D, VAN HEYST E. Group signatures[EB/OL]. [2023-02-05].https://link.springer.com/chapter/10.1007/3-540-46416-6_22.
27	CAMENISCH J, STADLER M. Efficient group signature schemes for large groups[EB/OL]. [2023-02-05].https://link.springer.com/content/pdf/10.1007/BFb0052252.pdf.
28	袁峰, 程朝辉. SM9标识密码算法综述. 信息安全研究, 2016, 2(11): 1008- 1027. URL
	YUAN F, CHENG Z H. Overview on SM9 identity-based cryptographic algorithm. Journal of Information Security Research, 2016, 2(11): 1008- 1027. URL
29	殷明. 基于标识的密码算法SM9研究综述. 信息技术与信息化, 2020,(5): 88- 93. URL
	YIN M. Overview of research on identity-based cryptography algorithm SM9. Information Technology & Informatization, 2020,(5): 88- 93. URL

[1]	王奕丰, 曾诚, 全擎宇, 王娇然, 何鹏. 基于多特征融合的智能合约缺陷检测方法[J]. 计算机工程, 2024, 50(8): 133-141.
[2]	许晋, 贾向东, 韩向花, 张兴元. 非线性能量采集的工业物联网非线性信息年龄分析[J]. 计算机工程, 2024, 50(8): 198-206.
[3]	郑清安, 董建成, 陈亮, 阮英清, 李锦松, 许林彬. 分布式可信数据管理与隐私保护技术研究[J]. 计算机工程, 2024, 50(7): 174-186.
[4]	刘寅昊, 蒋文保, 孙林昆, 王勇攀. 基于路径存储表的Hashgraph共识算法优化与实现[J]. 计算机工程, 2024, 50(6): 166-178.
[5]	旋逸昭, 赵红武, 金瑜. 一种基于双链的区块链共识机制[J]. 计算机工程, 2024, 50(5): 139-148.
[6]	王栋, 王合建, 玄佳兴, 郑尚卓, 陈炳聪. 面向电力调度指令的区块链隐私可追踪存证方案[J]. 计算机工程, 2024, 50(5): 158-166.
[7]	李宝莹, 李志淮, 王成爱, 杨锋. 自适应节点规模的区块链分片可扩展模型[J]. 计算机工程, 2024, 50(3): 137-147.
[8]	刘少杰, 文斌, 王泽旭. 基于联邦学习的多技术融合数据交易方法[J]. 计算机工程, 2024, 50(3): 182-190.
[9]	马超, 宋琛. 计及电力数据安全的智能合约上链方法及防篡改技术研究[J]. 计算机工程, 2024, 50(10): 240-254.
[10]	倪雪莉, 马卓, 王群. 区块链矿池网络及典型攻击方式综述[J]. 计算机工程, 2024, 50(1): 17-29.
[11]	蔡梓越, 谭北海, 余荣, 黄旭民, 王思明. 面向6G物联网设备协同的区块链动态分片[J]. 计算机工程, 2024, 50(1): 50-59.
[12]	崔怀勇, 张绍华, 李超, 戴炳荣. 一种基于Schnorr签名的区块链预言机改进方案[J]. 计算机工程, 2024, 50(1): 166-173.
[13]	刘阳, 张圣杰. 一种基于时间自动机的安全智能合约生成方法[J]. 计算机工程, 2023, 49(9): 137-143, 157.
[14]	王群, 李馥娟, 倪雪莉, 夏玲玲, 梁广俊. 区块链数据形成与隐私威胁[J]. 计算机工程, 2023, 49(8): 1-12.
[15]	陈福安, 柳毅. 基于区块链的V2G无证书环签密隐私保护方案[J]. 计算机工程, 2023, 49(6): 34-41,52.

选择文件类型/文献管理软件名称

选择包含的内容