請用此 Handle URI 來引用此文件:
http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/67237
完整後設資料紀錄
DC 欄位 | 值 | 語言 |
---|---|---|
dc.contributor.advisor | 蕭旭君(Hsu-Chun Hsiao) | |
dc.contributor.author | Yi-Hsuan Kung | en |
dc.contributor.author | 龔逸軒 | zh_TW |
dc.date.accessioned | 2021-06-17T01:24:36Z | - |
dc.date.available | 2019-08-10 | |
dc.date.copyright | 2017-08-10 | |
dc.date.issued | 2017 | |
dc.date.submitted | 2017-08-08 | |
dc.identifier.citation | [1] Breaking down mirai: An iot ddos botnet analysis. https://www.incapsula.com/blog/malware-analysis-mirai-ddos-botnet.html.
[2] D. Balenson, D. McGrew, and A. Sherman. Key management for large dynamic groups: One-way function trees and amortized initialization, 1999. [3] A. Banks and R. Gupta. Mqtt version 3.1. 1. OASIS standard, 2014. [4] I. Damgård, H. Haagh, and C. Orlandi. Access control encryption: Enforcing information flow with cryptography. In Theory of Cryptography Conference, pages 547–576. Springer, 2016. [5] H. Harney and E. Harder. Logical key hierarchy protocol. Technical report, Internet draft, 1999. [6] G. Horng. Cryptanalysis of a key management scheme for secure multicast communications. IEICE Transactions on Communications, 85(5):1050–1051, 2002. [7] Information technology – Telecommunications and information exchange between systems – Near Field Communication – Interface and Protocol (NFCIP-1). Standard, International Organization for Standardization, Mar. 2013. [8] S. Jahid, P. Mittal, and N. Borisov. Easier: Encryption-based access control in social networks with efficient revocation. In Proceedings of the 6th ACM Symposium on Information, Computer and Communications Security, pages 411–415. ACM, 2011. [9] T. H.-J. Kim, L. Bauer, J. Newsome, A. Perrig, and J. Walker. Challenges in access right assignment for secure home networks. In HotSec, 2010. [10] M. Y. Malik. Efficient group key management schemes for multicast dynamic communication systems. arXiv preprint arXiv:1211.3502, 2012. [11] M.-H. Park, Y.-H. Park, H.-Y. Jeong, and S.-W. Seo. Key management for multiple multicast groups in wireless networks. IEEE Transactions on Mobile Computing, 12(9):1712–1723, 2013. [12] B. Purushothama and B. Amberker. Group key management scheme for simultaneous multiple groups with overlapped membership. In Communication Systems and Networks (COMSNETS), 2011 Third International Conference on, pages 1–10. IEEE, 2011. [13] S. Sciancalepore, A. Capossele, G. Piro, G. Boggia, and G. Bianchi. Key management protocol with implicit certificates for iot systems. In Proceedings of the 2015 Workshop on IoT challenges in Mobile and Industrial Systems, pages 37–42. ACM, 2015. [14] C. Soriente, G. Tsudik, and E. Uzun. Secure pairing of interface constrained devices. International Journal of Security and Networks, 4(1-2):17–26, 2009. [15] P. Vijayakumar, S. Bose, and A. Kannan. Chinese remainder theorem based centralised group key management for secure multicast communication. IET information Security, 8(3):179–187, 2014. [16] J. Zhang and V. Varadharajan. Wireless sensor network key management survey and taxonomy. Journal of Network and Computer Applications, 33(2):63–75, 2010. | |
dc.identifier.uri | http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/67237 | - |
dc.description.abstract | 隨著物聯網的發展,為了防止未授權者取得裝置所收集的敏感資
訊,建立存取控制成為重要的課題。實行存取控制時,若裝置與使用 者間能夠建立加解密資料用的共享金鑰、裝置以此金鑰對資料進行加 密並傳輸加密的資料、且擁有存取權的使用者們皆可使用此金鑰進行 解密,則能夠免於依賴一個需要隨時在線上處理認證與存取控制的單 位。然而,現行的團體金鑰管理系統並沒有辦法有效率地處理因物聯 網規模的擴張及現實環境中使用者與裝置之間動態變化的存取關係而 引出的新挑戰。在這篇論文中,我們提出的方法其核心發想源自於觀 察出,現實中擁有類似屬性的裝置―例如功能性類似或擁有相同隱私 層級―通常擁有相似的存取條件限制或由同一群使用者所使用。藉由 裝置分類的技術將所有裝置分類至數量固定的群組中,能夠在維持理 想的安全層級下有效減少系統處理變化時所耗費的資源。此篇論文提 供理論上的數據分析以及展示可行性、利用Alljoyn 框架的概念實作。 | zh_TW |
dc.description.abstract | With the widespread of Internet of Things (IoT) devices that collect sensitive data, access control is more crucial than ever to safeguard such data from unauthorized use. To enforce access control policies without an on-line trusted entity, one promising approach is to maintain a group key shared between the device and its current subscribers, such that the device can encrypt its data and only users with the same group key can access the encrypted data. However, prior group key management schemes fail to efficiently address new challenges introduced by the scale of IoT and the dynamic memberships of both users and devices. This thesis proposes an efficient group key management method to accommodate multiple users as well as devices and to handle frequent membership changes. Inspired by the observation that devices with similar functionalities often have similar access permissions, the core idea of the proposed method is to integrate existing group key management scheme with device grouping techniques to improve efficiency while maintaining a decent security level. The thesis provides both theoretical analysis and a proof-of-concept implementation based on Alljoyn, an open-source IoT communication framework to demonstrate the feasibility of the proposed method. | en |
dc.description.provenance | Made available in DSpace on 2021-06-17T01:24:36Z (GMT). No. of bitstreams: 1 ntu-106-R04922019-1.pdf: 1926633 bytes, checksum: 59da06e3878921406193f24c3c50f968 (MD5) Previous issue date: 2017 | en |
dc.description.tableofcontents | Contents
口試委員會審定書iii 誌謝v Acknowledgements vii 摘要ix Abstract xi 1 Introduction 1 2 Background 5 2.1 Logical Key Hierarchy . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 2.1.1 LKH structure . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.1.2 User join . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 2.1.3 User leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 2.2 Key Management based on Chinese Remainder Theorem . . . . . . . . . 7 3 Problem Definition 11 3.1 System model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 3.2 Attacker model . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12 3.3 Assumption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 3.4 Desired properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13 4 Proposed solution 15 4.1 Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 4.2 Proposed method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 4.2.1 Initialization . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16 4.2.2 On user join group i . . . . . . . . . . . . . . . . . . . . . . . . 20 4.2.3 On user leave . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22 4.2.4 On device join . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 4.2.5 On device leave . . . . . . . . . . . . . . . . . . . . . . . . . . . 25 5 Analysis 27 5.1 Storage overhead . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 5.2 Computation overhead . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 5.2.1 When user leaves subgroup i . . . . . . . . . . . . . . . . . . . . 28 5.2.2 When user joins subgroup i . . . . . . . . . . . . . . . . . . . . . 29 5.2.3 When device joins device group j . . . . . . . . . . . . . . . . . 29 5.2.4 When device leaves . . . . . . . . . . . . . . . . . . . . . . . . . 30 5.3 Communication overhead . . . . . . . . . . . . . . . . . . . . . . . . . . 30 5.4 Comparison with existing methods . . . . . . . . . . . . . . . . . . . . . 31 5.5 ID update method collusion . . . . . . . . . . . . . . . . . . . . . . . . 34 6 Implementation 37 6.1 Alljoyn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 6.2 Near Field Communication . . . . . . . . . . . . . . . . . . . . . . . . . 37 6.3 Implementation detail . . . . . . . . . . . . . . . . . . . . . . . . . . . . 38 7 Related work 41 8 Conclusion and future work 43 Bibliography 45 | |
dc.language.iso | en | |
dc.title | 物聯綱中對動態使用者與裝置的高效金鑰管理 | zh_TW |
dc.title | An Efficient Key Management Scheme for Dynamic Users and Devices in Internet of Things | en |
dc.type | Thesis | |
dc.date.schoolyear | 105-2 | |
dc.description.degree | 碩士 | |
dc.contributor.oralexamcommittee | 鄭欣明(Shin-Ming Cheng),鄭振牟(Chen-Mou Cheng),逄愛君(Ai-Chun Pang),黃俊穎(Chun-Ying Huang) | |
dc.subject.keyword | 物聯網,團體金鑰管理, | zh_TW |
dc.subject.keyword | Internet of Things,Group Key Management, | en |
dc.relation.page | 46 | |
dc.identifier.doi | 10.6342/NTU201702761 | |
dc.rights.note | 有償授權 | |
dc.date.accepted | 2017-08-09 | |
dc.contributor.author-college | 電機資訊學院 | zh_TW |
dc.contributor.author-dept | 資訊工程學研究所 | zh_TW |
顯示於系所單位: | 資訊工程學系 |
文件中的檔案:
檔案 | 大小 | 格式 | |
---|---|---|---|
ntu-106-1.pdf 目前未授權公開取用 | 1.88 MB | Adobe PDF |
系統中的文件,除了特別指名其著作權條款之外,均受到著作權保護,並且保留所有的權利。