本文關鍵詞： 物聯(lián)網 OAuth2.0 唯一授權 插入式鑒權　出處：《華南理工大學》2014年碩士論文　論文類型：學位論文

【摘要】：當前，物聯(lián)網技術在能源、醫(yī)療、安保、交通、智能家居等各個領域發(fā)揮著重大作用，為人類提供了方便、快捷、可靠的生活方式。物聯(lián)網開放平臺的出現(xiàn)解決了傳統(tǒng)物聯(lián)網封閉、高開發(fā)門檻的特點，將用戶納入到物聯(lián)網的構建中，提高用戶參與度。但，當前物聯(lián)網開放平臺的認證授權機制存在著過度授權等方面的缺陷，而物聯(lián)設備具有較高的安全性需求，因此在開放平臺中良好的認證授權機制是保護用戶私密設備信息的重要環(huán)節(jié)。針對這一事實，本文針對物聯(lián)網開放平臺的認證授權機制的特殊需求進行研究，設計并實現(xiàn)了一種符合物聯(lián)網開放平臺特性的認證授權機制，從而達到用戶授權的可控，保護用戶信息安全的目的。 首先，本文對當前物聯(lián)網開放平臺的認證授權機制進行了調研，其中包括當前物聯(lián)網開放平臺的現(xiàn)狀、當前開放平臺主流的認證授權模型，從而分析出物聯(lián)網開放平臺認證授權機制的特殊需求。 其次，，針對物聯(lián)網開放平臺中認證授權機制的需求，基于OAuth2.0開放授權協(xié)議設計并實現(xiàn)了以終端設備+客戶端為授權客體的唯一授權機制，并在此基礎上實現(xiàn)可配置授權管理模式，供用戶實現(xiàn)個性化的授權管理回收機制。 再則，為了實現(xiàn)對既有數(shù)據平臺的開放化改造，設計實現(xiàn)了插入式鑒權服務，該服務具有平臺無關性，不具有代碼侵入性，能夠以較小的代價實現(xiàn)對既有數(shù)據平臺的改造，同時保證鑒權的安全可靠，最終實現(xiàn)可拔插式的鑒權服務。 最后，使用本文設計實現(xiàn)的認證授權框架，針對華南理工大學節(jié)能云平臺進行開放化改造，并對改造后的數(shù)據平臺進行測試，驗證了認證授權框架的安全性和可靠性，并且能夠方便快捷的實現(xiàn)平臺的開放化改造，保證用戶的授權安全性及可控性。
[Abstract]:At present, Internet of things technology plays an important role in energy, medical, security, transportation, smart home and other fields, providing convenience and speed for human beings. Reliable way of life. The emergence of the Internet of things open platform to solve the traditional Internet of things closed, high barriers to development characteristics, the integration of users into the construction of the Internet of things, increased user participation. At present, the authentication and authorization mechanism of the open platform of the Internet of things has some defects, such as excessive authorization, etc. Therefore, a good authentication and authorization mechanism in open platform is an important link to protect users' private equipment information. In view of this fact, this paper studies the special requirements of authentication and authorization mechanism of open platform of the Internet of things. This paper designs and implements a authentication and authorization mechanism that conforms to the characteristics of the open platform of the Internet of things, so that the user authorization can be controlled and the user information security can be protected. First of all, this paper investigates the authentication authorization mechanism of the current open platform of the Internet of things, including the current status of the open platform of the Internet of things, the current mainstream authentication authorization model of the open platform of the Internet of things. The special requirement of authentication and authorization mechanism of open platform of Internet of things is analyzed. Secondly, according to the requirement of authentication and authorization mechanism in the open platform of the Internet of things, a unique authorization mechanism based on OAuth2.0 open authorization protocol is designed and implemented, which takes the terminal equipment client as the authorization object. On this basis, the configurable authorization management mode is realized, and the individual authorization management recovery mechanism is realized for users. Furthermore, in order to realize the open transformation of the existing data platform, the plug-in authentication service is designed and implemented. The service is platform-independent and not code intrusive, and it can realize the transformation of the existing data platform at a lower cost. At the same time, to ensure the safety and reliability of authentication, and finally to achieve a pluggable authentication service. Finally, the authentication authorization framework designed in this paper is used to open up and transform the energy-saving cloud platform of South China University of Science and Technology, and the data platform after the transformation is tested to verify the security and reliability of the authentication authorization framework. And the platform can be easily and quickly open to the transformation, to ensure the user's authorization security and controllability.
【學位授予單位】：華南理工大學
【學位級別】：碩士
【學位授予年份】：2014
【分類號】：TP391.44;TN929.5

【參考文獻】

相關期刊論文 前4條

1 孫其博;劉杰;黎

本文編號：1512834