吉林大学学报(工学版) ›› 2025, Vol. 55 ›› Issue (3): 1050-1060.doi: 10.13229/j.cnki.jdxbgxb.20230618

• 计算机科学与技术 • 上一篇    

移动边缘计算场景中的动态身份认证协议

赵庶旭(),孙治朝,王小龙   

  1. 兰州交通大学 电子与信息工程学院,兰州 730070
  • 收稿日期:2023-06-16 出版日期:2025-03-01 发布日期:2025-05-20
  • 作者简介:赵庶旭(1976-),男,教授,博士.研究方向:人工智能,边缘计算等.E-mail:zhaosx@lzjtu.edu.cn
  • 基金资助:
    甘肃省重点研发计划基金项目(20YF8GA123)

Dynamic authentication protocol for mobile edge computing scenarios

Shu-xu ZHAO(),Zhi-chao SUN,Xiao-long WANG   

  1. School of Electronic and Information Engineering,Lanzhou Jiaotong University,Lanzhou 730070,China
  • Received:2023-06-16 Online:2025-03-01 Published:2025-05-20

RICH HTML

 0   

PDF (PC)

90

摘要:

针对移动边缘计算中移动用户跨域身份认证问题,本文提出了一种由3种安全认证模型构成的动态身份认证框架,该框架提供了安全高效的身份认证。基于该认证框架,设计了基于椭圆曲线加密系统的轻量化身份认证协议——以边缘为中心的安全认证协议。该协议确保了移动用户的匿名性、不可追踪性,以及其与边缘服务器之间的相互认证。安全性分析和性能评估表明:本协议在计算成本和通信成本两方面都具有较大的性能优势,更加适合于移动场景。

关键词: 计算机系统结构, 移动边缘计算, 动态身份认证, 移动边缘服务器, 椭圆曲线加密, 用户匿名性

Abstract:

For the cross-domain authentication problem of mobile users in mobile edge computing, we proposed a dynamic authentication framework consisting of three secure authentication models, which provides security and efficient authentication. Built on the authentication framework, a lightweight authentication protocol based on elliptic curve encryption, an edge-centric security authentication protocol, is designed. The protocol ensures the anonymity and untraceability of mobile users and their mutual authentication with edge servers. Security analysis and performance evaluation show that the proposed protocol has better performance advantages in both computational and communication cost and is more suitable for mobile scenarios.

Key words: computer system architecture, mobile edge computing, dynamic identity authentication, mobile edge server, elliptic curve cryptography, user anonymity

中图分类号: 

  • TP309

表1

符号定义"

符号含义
RC可信的注册中心
UUiUj移动用户
MS,MS-A,MS-B移动边缘服务器
G乘法循环群
PG的生成元
ID u移动用户的身份标识
SID u移动用户的匿名身份
h安全的哈希函数
Ppubs注册中心的公私钥对
Ruru移动用户的公私钥对
Rmsrms移动边缘服务器的公私钥对
Trans_num交易号
KUij用户UiUj 之间的共享密钥
KMS-AB边缘服务器A和B之间的共享密钥

图1

以设备为中心的安全认证模型"

图2

以边缘为中心的安全认证模型"

图3

端到端的安全认证模型"

图4

移动用户注册步骤"

图5

移动边缘服务器注册步骤"

图6

认证阶段"

表2

5种基本操作的运行时间 (ms)"

仿真平台TbpTmTeTaTh
云平台5.2751.970.3390.0120.009
手机25.51711.4911.680.0690.047

表3

计算成本比较 (ms)"

方案移动用户端(U移动边缘服务器端(MS)
文献[19

5Tm+2Ta+Te+

5Th≈59.508

5Tbp+2Tm+2Ta+

2Te+5Th≈15.237

文献[20

Tbp+5Tm+2Ta+

6Te+6Th≈86.752

2Tbp+4Tm+3Ta+

2Te+3Th≈19.171

文献[214Tm+4Th≈46.1523Tm+4Th≈5.946
文献[22

4Tm+3Ta+Te+

5Th≈48.086

Tbp+5Tm+3Ta+

5Th≈15.206

文献[23

6Tm+Ta+Te+

5Th≈70.93

Tbp+4Tm+2Th+

≈13.173

本文3Tm+Th≈34.523Tm+Th≈5.919

图7

不同执行次数下的计算成本对比"

表4

通信成本比较"

方案通信成本数据长度/bit
文献[193|G|+|GT|+|H|+|ID|4 680
文献[204|G|+|GT|+|H|+|ID|5 632
文献[212|G|+2|T|+2|H|2 624
文献[224|G|+2|T|+2|Zq*|+|ID|4 736
文献[233|G|+4|Zq*|+2|T|3 776
本文3|G|+3|G|+|H|+|ID|3 680

图8

通信成本比较"

1 施巍松, 孙辉, 曹杰, 等. 边缘计算: 万物互联时代新型计算模型[J]. 计算机研究与发展, 2017, 54(5): 907-924.
Shi Wei-song, Sun Hui, Cao Jie, et al. Edge computing—an emerging computing model for the internet of everything era [J]. Journal of Computer Research and Development, 2017, 54(5): 907-924.
2 Shi W, Cao J, Zhang Q, et al. Edge computing: vision and challenges[J]. IEEE Internet of Things Journal, 2016, 3(5): 637-646.
3 谢人超, 廉晓飞, 贾庆民, 等. 移动边缘计算卸载技术综述[J]. 通信学报, 2018, 39(11): 138-155.
Xie Ren-chao, Lian Xiao-fei, Jia Qing-min, et al. Survey on computation offloading in mobile edge computing[J]. Journal on Communications, 2018, 39(11): 138-155.
4 Hu Y C, Patel M, Sabella D, et al. Mobile edge computing—a key technology towards 5G[J]. ETSI White Paper, 2015, 11(11): 1-16.
5 Dinh H T, Lee C, Niyato D, et al. A survey of mobile cloud computing: architecture, applications, and approaches[J]. Wireless Communications and Mobile Computing, 2013, 13(18): 1587-1611.
6 Cau E, Corici M, Bellavista P, et al. Efficient exploitation of mobile edge computing for virtualized 5G in EPC architectures[C]∥4th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud), Oxford, UK, 2016: 100-109.
7 Jararweh Y, Doulat A, AlQudah O, et al. The future of mobile cloud computing: integrating cloudlets and mobile edge computing[C]∥23rd International Conference on Telecommunications (ICT), Thessaloniki, Greece, 2016: 1-5.
8 Barbarossa S, Sardellitti S, Di Lorenzo P. Communicating while computing: distributed mobile cloud computing over 5G heterogeneous networks[J]. IEEE Signal Processing Magazine, 2014, 31(6): 45-55.
9 Hassan N, Yau K L A, Wu C. Edge computing in 5G: a review[J]. IEEE Access, 2019, 7: 127276-127289.
10 朱思峰, 赵明阳, 柴争义. 边缘计算场景中基于粒子群优化算法的计算卸载[J]. 吉林大学学报: 工学版, 2022, 52(11): 2698-2705.
Zhu Si-feng, Zhao Ming-yang, Chai Zheng-yi. Computing offloading scheme based on particle swarm optimization algorithm in edge computing scene[J]. Journal of Jilin University (Engineering and Technology Edition), 2022, 52(11): 2698-2705.
11 Wang X L, Dang J W, Zhao S X, et al. Coalition structure generation in edge computing environment with multitasking concurrency[J]. IEEE Internet of Things Journal, 2023, 10(5): 4324-4338.
12 张开元, 桂小林, 任德旺, 等. 移动边缘网络中计算迁移与内容缓存研究综述[J]. 软件学报, 2019, 30(8): 2491-2516.
Zhang Kai-yuan, Gui Xiao-lin, Ren De-wang, et al. Survey on computation offloading and content caching in mobile edge networks[J]. Journal of Software, 2019, 30(8): 2491-2516.
13 Ranaweera P, Jurcut A D, Liyanage M. Survey on multi-access edge computing security and privacy[J]. IEEE Communications Surveys & Tutorials, 2021, 23(2): 1078-1124.
14 Irshad A, Chaudhry S A, Alomari O A, et al. A novel pairing-free lightweight authentication protocol for mobile cloud computing framework[J]. IEEE Systems Journal, 2021, 15(3): 3664-3672.
15 Amanlou S, Hasan M K, Bakar K A A. Lightweight and secure authentication scheme for IoT network based on publish-subscribe fog computing model[J]. Computer Networks, 2021, 199: No.108465.
16 Chatterjee U, Ray S, Khan M K, et al. An ECC-based lightweight remote user authentication and key management scheme for IoT communication in context of fog computing[J]. Computing, 2022, 104(6): 1359-1395.
17 Wang C, Huang R, Shen J, et al. A novel lightweight authentication protocol for emergency vehicle avoidance in VANETs[J]. IEEE Internet of Things Journal, 2021, 8(18): 14248-14257.
18 Rawat G S, Singh K, Arshad N I, et al. A lightweight authentication scheme with privacy preservation for vehicular networks[J]. Computers and Electrical Engineering, 2022, 100: No.108016.
19 Tsai J L, Lo N W. A privacy-aware authentication scheme for distributed mobile cloud computing services[J]. IEEE Systems Journal, 2015, 9(3): 805-815.
20 Irshad A, Sher M, Ahmad H F, et al. An improved multi-server authentication scheme for distributed mobile cloud computing services[J]. KSII Transactions on Internet and Information Systems (TIIS), 2016, 10(12): 5529-5552.
21 Kaur K, Garg S, Kaddoum G, et al. A lightweight and privacy-preserving authentication protocol for mobile edge computing[C]∥IEEE Global Communications Conference (GLOBECOM), Waikoloa, USA, 2019: 1-6.
22 Jia X, He D, Kumar N, et al. A provably secure and efficient identity-based anonymous authentication scheme for mobile edge computing[J]. IEEE Systems Journal, 2020, 14(1): 560-571.
23 Li Y, Cheng Q, Liu X, et al. A secure anonymous identity-based scheme in new authentication architecture for mobile edge computing[J]. IEEE Systems Journal, 2021, 15(1): 935-946.
24 薛建彬, 白子梅. 边缘计算中移动终端安全高效认证协议[J]. 北京邮电大学学报, 2021, 44(1): 110-116.
Xue Jian-bin, Bai Zi-mei. Security and efficient authentication scheme for mobile edge computing[J]. Journal of Beijing University of Posts and Telecommunications, 2021, 44(1): 110-116.
25 余宜诚, 胡亮, 迟令,等. 一种单服务器环境下的匿名认证协议[J]. 吉林大学学报: 工学版, 2021, 51(2): 659-666.
Yu Yi-cheng, Hu Liang, Chi Ling, et al. An anonymous authentication protocol for single⁃server architectures[J]. Journal of Jilin University (Engineering and Technology Edition), 2021, 51(2): 659-666.
26 Mao Y, You C, Zhang J, et al. A survey on mobile edge computing: the communication perspective[J]. IEEE Communications Surveys & Tutorials, 2017, 19(4): 2322-2358.
27 Tran T X, Hajisami A, Pandey P, et al. Collaborative mobile edge computing in 5G networks: new paradigms, scenarios, and challenges[J]. IEEE Communications Magazine, 2017, 55(4): 54-61.
28 Burrows M, Abadi M, Needham R. A logic of authentication[J]. ACM Transactions on Computer Systems (TOCS), 1990, 8(1): 18-36.
[1] 魏晓辉,王晨洋,吴旗,郑新阳,于洪梅,岳恒山. 面向脉动阵列神经网络加速器的软错误近似容错设计[J]. 吉林大学学报(工学版), 2024, 54(6): 1746-1755.
[2] 李丽娜,魏晓辉,郝琳琳,王兴旺,王储. 大规模流数据处理中代价有效的弹性资源分配策略[J]. 吉林大学学报(工学版), 2020, 50(5): 1832-1843.
[3] 吴昊天,郭锐锋,彭阿珍,王品. 一种考虑可靠性的常带宽服务器低功耗调度算法[J]. 吉林大学学报(工学版), 2020, 50(5): 1802-1808.
[4] 于斌斌,胡亮,迟令. 可抵抗内外部攻击的无线传感器网络数字签名方案[J]. 吉林大学学报(工学版), 2019, 49(5): 1676-1681.
[5] 肖堃. 基于Hoare逻辑的密码软件安全性形式化验证方法[J]. 吉林大学学报(工学版), 2019, 49(4): 1301-1306.
[6] 余宜诚, 胡亮, 迟令, 初剑峰. 一种改进的适用于多服务器架构的匿名认证协议[J]. 吉林大学学报(工学版), 2018, 48(5): 1586-1592.
[7] 董坚峰, 张玉峰, 戴志强. 改进的基于狄利克雷混合模型的推荐算法[J]. 吉林大学学报(工学版), 2018, 48(2): 596-604.
[8] 赵博, 秦贵和, 赵永哲, 杨文迪. 基于半陷门单向函数的公钥密码[J]. 吉林大学学报(工学版), 2018, 48(1): 259-267.
[9] 刘磊, 刘利娟, 吴新维, 张鹏. 基于ECPMR的编译器测试方法[J]. 吉林大学学报(工学版), 2017, 47(4): 1262-1267.
[10] 董立岩, 王越群, 贺嘉楠, 孙铭会, 李永丽. 基于时间衰减的协同过滤推荐算法[J]. 吉林大学学报(工学版), 2017, 47(4): 1268-1272.
[11] 于斌斌, 武欣雨, 初剑峰, 胡亮. 基于群密钥协商的无线传感器网络签名协议[J]. 吉林大学学报(工学版), 2017, 47(3): 924-929.
[12] 邓昌义, 郭锐锋, 张忆文, 王鸿亮. 基于平衡因子的动态偶发任务低功耗调度算法[J]. 吉林大学学报(工学版), 2017, 47(2): 591-600.
[13] 郝娉婷, 胡亮, 姜婧妍, 车喜龙. 基于多管理节点的乐观锁协议[J]. 吉林大学学报(工学版), 2017, 47(1): 227-234.
[14] 魏晓辉, 刘智亮, 庄园, 李洪亮, 李翔. 支持大规模流数据在线处理的自适应检查点机制[J]. 吉林大学学报(工学版), 2017, 47(1): 199-207.
[15] 魏晓辉, 李翔, 李洪亮, 李聪, 庄园, 于洪梅. 支持大规模流数据处理的弹性在线MapReduce模型及拓扑协议[J]. 吉林大学学报(工学版), 2016, 46(4): 1222-1231.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
版权所有 © 《吉林大学学报(工学版)》编辑部
地址:长春市人民大街5988号 电话:+86-431-85095297 传真:+86-431-85094074 E-mail: xbgxb@jlu.edu.cn
本系统由北京玛格泰克科技发展有限公司设计开发