【摘要】：物聯(lián)網(wǎng)應用大多都涉及用戶的隱私數(shù)據(jù)傳輸,所以保護物聯(lián)網(wǎng)應用安全成為物聯(lián)網(wǎng)發(fā)展中的首要問題。而且目前的許多物聯(lián)網(wǎng)應用是處于移動環(huán)境中的,傳統(tǒng)的借助安全網(wǎng)關保證數(shù)據(jù)傳輸安全性的方法就不太適用,所以文章以物聯(lián)網(wǎng)端到端安全為切入點,研究輕量化端到端安全機制。文章首先基于現(xiàn)存的物聯(lián)網(wǎng)標準協(xié)議和DTLS(Datagram Transport Layer Security)安全協(xié)議提出了物聯(lián)網(wǎng)環(huán)境下的端到端安全機制。該安全機制可以實現(xiàn)數(shù)據(jù)傳輸?shù)臋C密性、完整性和可靠性保護,也可以在客戶端和服務器之間進行雙向認證。文章在傳感節(jié)點平臺上實現(xiàn)該安全機制,并進行了驗證,結果表明基于DTLS的端到端安全機制確實具有低開銷和高互操作性。針對物聯(lián)網(wǎng)中的傳感節(jié)點一般均為資源限制型、部署較龐大的DTLS安全協(xié)議略顯低效的問題,文章在比較了現(xiàn)有的幾種壓縮方法后,選用了6LoWPAN報頭壓縮法對DTLS的報頭和握手消息進行壓縮,并給出了在資源受限型節(jié)點上實現(xiàn)輕量化DTLS的方法。文章最后在傳感節(jié)點平臺上實現(xiàn)輕量化的端到端安全機制,并進行驗證。結果表明輕量化的安全機制可以有效縮小數(shù)據(jù)包長度,內存占用和能源消耗等均大幅減少,可以適應傳感節(jié)點資源限制的特點。
[Abstract]:The Internet of things applications mostly involve the user's privacy data transmission, so protecting the security of Internet of things application becomes the most important problem in the development of the Internet of things. And many of the Internet of things applications are in the mobile environment, the traditional way to ensure the security of data transmission by means of security gateway is not very suitable, so this paper takes the end-to-end security of the Internet of things as the breakthrough point. The end-to-end security mechanism of lightweight is studied. Based on the existing standard protocol of Internet of things and DTLS (Datagram Transport Layer Security) security protocol, the end-to-end security mechanism in the Internet of things environment is proposed in this paper. The security mechanism can protect the confidentiality, integrity and reliability of data transmission, and can be authenticated between client and server. The security mechanism is implemented on the sensor node platform and verified. The results show that the end-to-end security mechanism based on DTLS does have low overhead and high interoperability. In order to solve the problem that sensor nodes in the Internet of things are generally resource-constrained and slightly inefficient in deploying large DTLS security protocols, this paper compares several existing compression methods. The 6LoWPAN header compression method is used to compress the header and handshake message of DTLS, and the method of implementing lightweight DTLS on resource-constrained nodes is given. Finally, the light end-to-end security mechanism is implemented on the sensor node platform and verified. The results show that the lightweight security mechanism can effectively reduce the packet length, memory consumption and energy consumption, and can adapt to the characteristics of sensor node resource constraints.
【學位授予單位】：南京郵電大學
【學位級別】：碩士
【學位授予年份】：2017
【分類號】：TN929.5;TP391.44

【參考文獻】

相關期刊論文 前3條

1 趙敏;江凌云;李占軍;;基于DTLS的物聯(lián)網(wǎng)端到端安全機制研究[J];南京郵電大學學報(自然科學版);2016年05期

2 任偉;;物聯(lián)網(wǎng)安全架構與技術路線研究[J];信息網(wǎng)絡安全;2012年05期

3 詹靜;張煥國;;可信平臺模塊自動化測試研究[J];計算機研究與發(fā)展;2009年11期

相關博士學位論文 前1條

1 張俊松;物聯(lián)網(wǎng)環(huán)境下的安全與隱私保護關鍵問題研究[D];北京郵電大學;2014年

，

本文編號：2426201