摘要:物联网安全问题影响并制约着物联网的应用前景,成为物联网领域备受关注的研究热点之一。ONS负责将EPC编码定位到物理地址上某一点的物品信息,其安全机制得到越来越多学者的研究。介绍了ONS功能、解析流程;分析了其主要的安全隐患;分别从身份认证技术、数字签名技术和安全传输技术归纳和总结了目前已有的研究成果。最后探讨了目前研究中存在的问题,并展望了需要进一步研究的方向。
汪胡青,孙知信.ONS安全机制研究[J]. 计算机科学, 2016, 43(1): 1-7. https://doi.org/10.11896/j.issn.1002-137X.2016.01.001
WANG Hu-qing and SUN Zhi-xin.Research on ONS Security[J]. Computer Science, 2016, 43(1): 1-7. https://doi.org/10.11896/j.issn.1002-137X.2016.01.001
| [1] Presser M,Barnaghi P M,Eurich M,et al.The SENSEI project:Integrating the physical world with the digital world of the network of the future[J].Global Communications Newsletter,2009,7(4):1-4 [2] Sarma S,Brock D L,Ashton K.The networked physical world[M]∥Proposals for engineering the next generation of computing,commerce & automatic-identification.MIT Auto-ID Center,White Paper:MIT-AUTOD-WH-001,2010 [3] Koshizuka N,Sakamura K.Ubiquitous ID:Standards for ubiquitous computing and the Internet of Things[J].IEEE Pervasive Computing,2010,9(4):98-101 [4] Zorzi M,Gluhak A,Lange S,et al.From Today’s INTRAnet of Things to a Future INTERnet of Things:A wireless and mobility related view[J].IEEE Wireless Communications,2010,17(6):44-51 [5] Ning Huan-sheng,Xu Qun-yu.Research on Global Internet of Things’ Developments and it’s Construction in China[J].Acta Electronica Sinica,2010,38(11):2591-2599(in Chinese) 宁焕生,徐群玉.全球物联网发展及中国物联网建设若干思考[J].电子学报,2010,38(11):2591-2599 [6] Atzori L,Iera A,Morabito G.The Internet of Things:A survey[J].Computer Networks,2010,54(15):2787-2805 [7] Shen Su-bin,Fan Qu-li,Zong Ping,et al.Study on the architecture and associated technologies for Internet of Things[J].Journal of Nanjing University of Posts and Telecommunications(Natural Science),2009,9(6):1-11(in Chinese) 沈苏彬,范曲立,宗平,等.物联网的体系结构与相关技术研究[J].南京邮电大学学报(自然科学版),2009,29(6):1-11 [8] Sun M,Liu Y A,Liu K M.Security problem analysis and security Mechanism research of the Internet of Things[J].Secrecy Science and Technology,2011,11:61-66 [9] Medaglia C M,Serbanati A.An overview of privacy and security issues in the Internet of Things[C]∥Proceedings of the 20th Tyrrhenian Workshop on Digital Communications.Sardinia,Italy,2010:389-394 [10] Yang Guang,Geng Gui-ning,et al.Security threats and measures for the Internet of Things[J].Journal of Tsinghua University(Science and Technology),2011,1(10):1335-1340(in Chinese) 杨光,耿贵宁,等.物联网安全威胁与措施[J].清华大学学报(自然科学版),2011,51(10):1335-1340 [11] Sun Zhi-xin,Luo Bing-qing,et al.Security Model of Internet of Things Based on Hierarchy[J].Computer Engineering,2011,7(10):1-7(in Chinese) 孙知信,骆冰清,等.一种基于等级划分的物联网安全模型[J].计算机工程,2011,7(10):1-7 [12] Zhang Bao-quan,Zou Zong-feng,Liu Ming-zheng.Evaluation on Security System of Internet of Things Based on Fuzzy-AHP Method[C]∥2011 International Conference E-Business and E-Government (ICEE).2011:1-5 [13] Yang Geng,Xu Jian,et al.Security Characteristic and Technology in the Internet of Things[J].Journal of Nanjing University of Posts and Telecommunication(Natural Science),2010,0(4):20-29(in Chinese) 杨庚,许建,等.物联网安全特征与关键技术[J].南京邮电大学学报(自然科学版),2010,0(4):20-29 [14] Kang Yong-shin,Lee Yong-han.Development of generic RFID traceability services[J].Computers in Industry,2013,4:609-623 [15] Ning H,Wang Z.Future Internet of Things architecture:Like mankind neural system or social organization framework?[J].IEEE Communications Letters,2011,15(4):461-463 [16] Wu M,Lu T,Ling F,et al.Research on the architecture of Internet of Things[C]∥Proceedings of the 3rd International Conference on Advanced Computer Theory and Engineering(ICACTE).Chengdu,China,2010:484-487 [17] Armen F,Barthel H,Burstein L,et al.The EPCglobal Architecture Framework[M].EPCglobal,Standard Specification:Final Version 1.3,2009 [18] Guinard D,Mueller M,Pasquier-Rocha J.Giving RFID a REST:Building a Web-enabled EPCIS[C]∥Proceedings of the 2nd Internet of Things Conference (IOT).Tokyo,Japan,2010:1-8 [19] Kang Y,Son K,Lee Y H,et al.A model-based performance study of the EPCglobal network[J].IE Interfaces,2011,24(2):139-150 [20] Fabian B,Gunther O.Security challenges of the epcglobal network[J].Communications of the ACM,2009,2(7):121-125 [21] Kong Ning,Li Xiao-dong,et al.A Model Supporting Any Pro-duct Code Standard for the Resource Addressing in the Internet of Things[C]∥First International Conference on Intelligent Networks and Intelligent Systems.2008:233-238 [22] Yang L,Han J,Qi Y,et al.Season:Shelving interference and joint identification in large-scale RFID systems[C]∥Procee-dings of the 30th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’11).Shanghai,China,2011:3092-3100 [23] Xie Lei,Yin Ya-feng,Chen Xi,et al.RFID Data Management:Algorithms,Protocols and Performance Evaluation[J].Chinese Journal of Computers,2013,6(3):457-470(in Chinese) 谢磊,殷亚凤,陈曦,等.RFID数据管理:算法、协议与性能评测[J].计算机学报,2013,6(3):457-470 [24] Evdokimov S,Fabian B,Kunz S,et al.Comparison of discovery service architectures for the Internet of Things[C]∥Procee-dings of the IEEE International Conference on Sensor Network,Ubiquitous,and Trustworthy Computing(SUTC).Newport Beach,CA,USA,2010:237-244 [25] Muller J,Oberst J,Wehrmeyer S,et al.An aggregating discovery service for the EPCglobal network[C]∥Proceedings of the 43rd Hawaii International Conference on System Sciences (HICSS 2010).Koloa,Hawaii,US,2010:1-9 [26] Karakostas B.A DNS Architecture for the Internet of Things:A Case Study in Transport Logistics[C]∥The 4th International Conference on Ambient Systems,Networks and Technologies(ANT 2013).Procedia Computer Science,2013:594-601 [27] Li Fu-juan.Analysis of ONS Architecture and Security in EPC Internet of Things[J].Netinfo Security,2010(12):6-9(in Chinese) 李馥娟.EPC物联网中的ONS架构及安全分析[J].物联网安全研究,2010(12):6-9 [28] Zhang Li-juan,Wu Zhen-qiang.A Controllable Trusted and AnonymousQuery Mechanism of Internet of Things[J].Coumputer Technology and Development,2013,23(6):122-125(in Chinese) 张丽娟,吴振强.一种可控可信匿名的物联网查询机制[J].计算机技术与发展,2013,23(6):122-125 [29] Claude F,Elias B-H,Mourad D.Fingerprinting internet DNSamplification DDoS Activities[C]∥2014 6th International Conference on New Technologies,Mobility and Security(NTMS 2014).Dubai,United arab emirates,2014:6814019 [30] Li Wei-min,Cao Xiao-guang,Liu Fang,et al.Improving DNScache to alleviate the impact of DNS DDoS attack[J].Journal of Networks,2011,6(2):279-286 [31] Dhananjay P,Sherman A T,Nikhil J,et al.Spread identity:Anew dynamic address remapping mechanism for anonymity and DDoS defense[J].Journal of Computer Security,2013,1(2):233-281 [32] Wang Yao,Hu Ming-zeng,Li Bin,et al.Servey on domain name system security[J].Journal on Communication,2007,8(9):91-103(in Chinese) 王垚,胡铭曾,李斌,等.域名系统安全研究综述[J].通信学报,2007,8(9):91-103 [33] Mockapetris P V.Domain Names:Concepts and Facilities.http://www.ietf.ogr/rfc/rfc1035.txt.2015 [34] Mockapetris P V.Domain Names:Implementation and Specification.http://www.ietf.ogr/rfc/rfc1035.txt.2015 [35] Jung J,Sit E,Balakrishnan H,et al.DNS performance and effectiveness of caching[J].IEEE/ACM Transactions on Networking,2002,0(5):589-603 [36] Wijingaards W C,Overeinder B J.Securing DNS:ExtendingDNS servers with a DNSSEC validator[J].Security & Privacy,2009,7(5):36-43 [37] Ariyapperuma S,Mitchell P C J.Security vulnerabilities in DNS and DNSSEC[C]∥Proceedings of the Second International Conference on Avaliability,Reliability and Security.2007:335-342 [38] Dempsky M.DNSCurve:Link-Level Security for the DomainName System[Z].Internet-Draft draft-dempsky-dnscurve-11,IETF Secretariat,2010 [39] Wander M,Weis T.Measuring occurrence of DNSSec validation[C]∥Proceedings of the 14th International Conference on Passive and Active Measurement.Hong Kong,China,2013:125-134 [40] Wang Yong,Yun Xiao-chun,Yao Yao,et al.Traffic Measurement Based DNSSEC Analysis[C]∥Proceedings of the 2012 IEEE 12th International Conference on Computer and Information Technology.2012:62-69 [41] Lian W,Rescorla E,Shacham H,et al.Measuring the practical impact of DNSSEC deployment[C]∥Proceedings of the 22nd USENIX conference on Security.Washington,D C,2013:573-588 [42] Guo Wei-feng,Li Jing-feng,Zhang Lai-shun.New Provably Secure ONS Enquiry Scheme in EPC Network[J].Journal of Chinese Computer Systems,2013,34(7):1620-1624(in Chinese) 郭卫锋,李景峰,张来顺.EPC网络中一种可证明安全的ONS查询方案小型[J].微型计算机系统,2013,4(7):1620-1624 [43] Schapranow M,Zeier A,Leupold F,et al.Securing EPCglobalobject name service-privacy enhancements for anti-counterfeiting[C]∥2011 Second International Conference on Intelligent System,Modeling and Simulation.2011:332-337 [44] Weber R H.Internet of things-new security and privacy challenges[J].Computer Law &Security Review,2010,6(1):23-30 [45] Fabian B.Implementing secure p2p-ons[C]∥Proceedings ofIEEE International Conference on Communications(ICC’09).2009:1-5 [46] Li Zhan-bo,Zhang Zhe.New ONS resolution mechanism based on DHT-P2P [J].Computer Engineering and Applicaions,2013,9(3):91-95(in Chinese) 李占波,张哲.基于DHT-P2P新型的ONS解析机制[J].计算机工程与应用,2013,9(3):91-95 [47] Luo Wei-min,Xiong Jiang,et al.Object Naming Service Model Based on Two-layer P2P Strucutre in Internet of Things[J].Computer Engineering,2012,38(12):79-85(in Chinese) 罗卫敏,熊江,等.物联网中基于两层P2P结构的ONS模型[J].计算机工程,2012,8(12):79-85 [48] Rosenkranz D,Dreyer M,Schmitz P,et al.Comparison of dnssec and dnscurve securing the object name service (ons) of the epc architecture framework[C]∥Proceedings of the European Workshop on Smart Objects:Systems,Technologies and Applications(RFID Sys Tech’10).2010:1-6 [49] OU Ruo-feng,Wen Chao,et al.One design of solving the problem of the Internet of Things safety and efficiency based on the elliptic curve encryption algorithm[J].Microcomputer Applications,2011,7(3):14-17(in Chinese) 欧若风,文超,等.一种基于椭圆曲线加密算法解决物联网网络安全和效率问题的设计[J].微型电脑应用,2011,7(3):14-17 [50] Zhou Yan-wei,Wu Zhen-qiang.TA-ONS—New enquiry system of Internet of Things[J].Journal of Computer Application,2010,0(8):2202-2206(in Chinese) 周彦伟,吴振强.TA-ONS—新型的物联网查询机制[J].计算机应用,2010,0(8):2202-2206 [51] Ren Wei,Ma Liang,Ren Yi.APP:An ultralightweight scheme to authenticate ONS and protect EPC privacy without cryptography in EPCgloabl networks[J].International Journal of Distribute Sensor Networks,2013(7) [52] Han H,Sheng B,Tan C C,et al.Counting RFID tags efficiently and anonymously[C]∥Proceedings of the 29th Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM’10).San Diego,USA,2010:1028-1036 [53] Wu Ding-ming,Chao Dong,Tang Shao-jie,et al.Fast and Fine-grained Counting and Identification via Constructive Interference in WSNs[C]∥Proceedings of the 13th International Symposium on Information Processing in Sensor Networks.Berlin,2014:191-202 [54] Li Yang.Research of Object Name Service and its Security[D].Hefei:Hefei University of Technology,2012(in Chinese)李杨.物联网ONS解析技术及其安全研究[D].合肥:合肥工业大学,2012 [55] Wu Zhen-qiang,Zhou Yan-wei,Ma Jian-feng.A Security Transmission Model for Internet of Things[J].Chinese Journal of Computers,2011,4(8):1351-1364(in Chinese) 吴振强,周彦伟,马建峰.物联网安全传输模型[J].计算机学报,2011,34(8):1351-1364 [56] Li Zhong-wen,Xie Yi,et al.A security query protocol of ONS in EPC system[C]∥2012 International Conference on Anti-Counterfeiting,Security and Identification(ASID 2012).2012 |
| No related articles found! |
| ||
首页