{"title":"基于CPK和零信任的增强移动物联网安全防护方法","authors":"Zi-Xiao Jia, Wei Wu, Zhe Jia, Xiaopeng Yang, Qiang Wang, Hao Li","doi":"10.1109/ICCT56141.2022.10073095","DOIUrl":null,"url":null,"abstract":"The security protection of mobile Internet of Things (IoT) is becoming increasingly important. In the traditional Single Package Authorization (SPA) protocol, the authenticity of the terminal cannot be proved. This paper propose a Combined Public Key (CPK) and zero-trust based architecture to protect mobile IoT from identity forgery attacks. Specifically, we adopt an enhanced SPA protocol based on CPK, where the CPK matrix merges of multi-dimensional information about users, devices, events and time. In this way, every event is encrypted. Besides, through adopting CPK, the deficiency of subject authenticity proof in SPA can be compensated. Experiments verify the efficiency and validity of the proposed CPK-based SPA authentication method in comparison with the state-of-the-art SPA protocol.","PeriodicalId":294057,"journal":{"name":"2022 IEEE 22nd International Conference on Communication Technology (ICCT)","volume":"12 1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2022-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Enhanced Mobile IoT Security Protection Method Based on CPK and Zero Trust\",\"authors\":\"Zi-Xiao Jia, Wei Wu, Zhe Jia, Xiaopeng Yang, Qiang Wang, Hao Li\",\"doi\":\"10.1109/ICCT56141.2022.10073095\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The security protection of mobile Internet of Things (IoT) is becoming increasingly important. In the traditional Single Package Authorization (SPA) protocol, the authenticity of the terminal cannot be proved. This paper propose a Combined Public Key (CPK) and zero-trust based architecture to protect mobile IoT from identity forgery attacks. Specifically, we adopt an enhanced SPA protocol based on CPK, where the CPK matrix merges of multi-dimensional information about users, devices, events and time. In this way, every event is encrypted. Besides, through adopting CPK, the deficiency of subject authenticity proof in SPA can be compensated. Experiments verify the efficiency and validity of the proposed CPK-based SPA authentication method in comparison with the state-of-the-art SPA protocol.\",\"PeriodicalId\":294057,\"journal\":{\"name\":\"2022 IEEE 22nd International Conference on Communication Technology (ICCT)\",\"volume\":\"12 1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-11-11\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2022 IEEE 22nd International Conference on Communication Technology (ICCT)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCT56141.2022.10073095\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2022 IEEE 22nd International Conference on Communication Technology (ICCT)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCT56141.2022.10073095","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Enhanced Mobile IoT Security Protection Method Based on CPK and Zero Trust
The security protection of mobile Internet of Things (IoT) is becoming increasingly important. In the traditional Single Package Authorization (SPA) protocol, the authenticity of the terminal cannot be proved. This paper propose a Combined Public Key (CPK) and zero-trust based architecture to protect mobile IoT from identity forgery attacks. Specifically, we adopt an enhanced SPA protocol based on CPK, where the CPK matrix merges of multi-dimensional information about users, devices, events and time. In this way, every event is encrypted. Besides, through adopting CPK, the deficiency of subject authenticity proof in SPA can be compensated. Experiments verify the efficiency and validity of the proposed CPK-based SPA authentication method in comparison with the state-of-the-art SPA protocol.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
