Please wait a minute...
浙江大学学报(工学版)  2021, Vol. 55 Issue (5): 957-965    DOI: 10.3785/j.issn.1008-973X.2021.05.016
计算机与控制工程     
基于区块链的车联网数据安全共享方案
刘雪娇1(),殷一丹1,陈蔚1,夏莹杰2,*(),许佳丽1,韩立东1
1. 杭州师范大学 信息科学与工程学院,浙江 杭州 311121
2. 浙江大学 计算机科学与技术学院,浙江 杭州 310027
Secure data sharing scheme in Internet of Vehicles based on blockchain
Xue-jiao LIU1(),Yi-dan YIN1,Wei CHEN1,Ying-jie XIA2,*(),Jia-li XU1,Li-dong HAN1
1. School of Information Science and Engineering, Hangzhou Normal University, Hangzhou 311121, China
2. College of Computer Science and Technology, Zhejiang University, Hangzhou 310027, China
 全文: PDF(1276 KB)   HTML
摘要:

针对传统车联网(IoV)数据易被篡改、访问控制不够灵活的问题,提出基于区块链和带权密文策略属性基加密的车联网数据安全共享方案. 该方案由路侧单元共同维护区块的生成、验证和存储,实现分布式数据存储,保证数据不可篡改;基于属性对链上数据进行访问控制,保证只有授权的访问者才能访问数据内容;针对车联网场景下多实体、多角色的数据共享需求,通过挖掘车联网数据访问角色间属性权限的关联关系,构造基于多属性的层级访问策略制定方法,简化访问控制策略的复杂度. 实验分析表明,该方案能够实现对车联网数据的安全存储与灵活访问控制,所构建的层级访问策略制定方法能够有效降低车辆的计算和传输开销,满足车联网场景下多实体、多角色的访问需求.

关键词: 区块链属性基加密(ABE)车联网(IoV)访问控制数据共享    
Abstract:

The data is easy to be tampered and the access control of data is not flexible in the Internet of Vehicles (IoV). A secure data sharing scheme based on blockchain and ciphertext-policy weighted attribute-based encryption was proposed aming at the above problem. In this scheme, roadside units jointly maintain the generation, verification and storage blocks to achieve distributed storage of data, which ensures the data from being tampered. Attribute-based access control ensures that only authorized entities can access the content of data on the blockchian. A hierarchical access policy formulation method based on multi-attribute was proposed to reduce the complexity of access control policy aiming at the data sharing requirements among the multiple entities and roles in the IoV, by mining the association of attributes in the roles for data access. Experimental results show that the proposed scheme can realize the secure storage and flexible access control of the data in the IoV, and the hierarchical access policy formulation method can effectively reduce the calculation and transmission overhead of vehicles, and meet the access requirements of multiple entities and roles in the IoV.

Key words: blockchain    attribute-based encryption (ABE)    Internet of Vehicles (IoV)    access control    data sharing
收稿日期: 2020-07-06 出版日期: 2021-06-10
CLC:  TP 399  
基金资助: 浙江省自然科学基金资助项目(LY19F020021);国家自然科学基金资助项目(61873232);国家自然科学基金青年科学基金资助项目(61702153);2020年浙江省大学生科技创新活动计划(新苗人才计划)资助项目(2020R427062);公安部重点实验室(基于大数据架构的公安信息化应用)资助项目(2020DSJSYS005)
通讯作者: 夏莹杰     E-mail: liuxuejiao0406@163.com;xiayingjie@zju.edu.cn
作者简介: 刘雪娇(1984—),女,副教授,从事车联网安全研究. orcid.org/0000-0003-1821-2864. E-mail: liuxuejiao0406@163.com
服务  
把本文推荐给朋友
加入引用管理器
E-mail Alert
作者相关文章  
刘雪娇
殷一丹
陈蔚
夏莹杰
许佳丽
韩立东

引用本文:

刘雪娇,殷一丹,陈蔚,夏莹杰,许佳丽,韩立东. 基于区块链的车联网数据安全共享方案[J]. 浙江大学学报(工学版), 2021, 55(5): 957-965.

Xue-jiao LIU,Yi-dan YIN,Wei CHEN,Ying-jie XIA,Jia-li XU,Li-dong HAN. Secure data sharing scheme in Internet of Vehicles based on blockchain. Journal of ZheJiang University (Engineering Science), 2021, 55(5): 957-965.

链接本文:

http://www.zjujournals.com/eng/CN/10.3785/j.issn.1008-973X.2021.05.016        http://www.zjujournals.com/eng/CN/Y2021/V55/I5/957

图 1  数据安全共享模型
图 2  数据存储与访问流程
图 3  访问控制策略
图 4  区块链的共识过程
参考文献 数据共享过程 存储方式 存储位置 数据机密性 访问控制
Oham等[9] 车辆-其他车辆-实体 分布式,不可篡改 各车辆 分区,预先划分域
Singh等[7] 车辆-其他车辆-实体 分布式,不可篡改 各车辆
Kanumalli等[26] 信息中心-RSU-车辆 集中式,单点故障 信息中心 AES+IBE 基于身份,预先确定身份,一对一
Pan等[27] 信息中心-RSU-车辆 集中式,单点故障 信息中心 AES+CP-ABE 基于属性,细粒度,一对多
本研究方案 车辆-RSU-实体 分布式,不可篡改 各RSU AES+CP-ABE 基于属性,细粒度,一对多
表 1  与其他车联网数据共享模型的比较
图 5  数据共享场景模拟地图
参数 数值
车速 60 km/h
RSU内车辆密度 [10,50]
DSRC通信范围 0~500 m
数据传输速率 250 kb/s
OBU配置 1.5 GHz,4 core CPU
RSU配置 1.8 GHz,4 core CPU,237 G hard disk
表 2  数据共享场景模拟仿真参数
图 6  车辆的加密效率
图 7  车辆-RSU的密文传输大小
图 8  恶意节点的信任值
图 9  RSU的共识时间
1 HARTENSTEIN H, LABERTEAUX L P A tutorial survey on vehicular ad hoc networks[J]. IEEE Communications Magazine, 2008, 46 (6): 164- 171
doi: 10.1109/MCOM.2008.4539481
2 LUO G, ZHOU H, CHENG N, et al Software defined cooperative data sharing in edge computing assisted 5G-VANET[J]. IEEE Transactions on Mobile Computing, 2021, 20 (3): 1212- 1229
doi: 10.1109/TMC.2019.2953163
3 KARAGIANNIS G, ALTINTAS O, EKICI E, et al Vehicular networking: a survey and tutorial on requirements, architectures, challenges, standards and solutions[J]. IEEE Communications Surveys and Tutorials, 2011, 13 (4): 584- 616
doi: 10.1109/SURV.2011.061411.00019
4 CEBE M, ERGIN E, AKKAYA K, et al Block4forensic: an integrated lightweight blockchain framework for forensics applications of connected vehicles[J]. IEEE Communications Magazine, 2018, 56 (10): 50- 57
doi: 10.1109/MCOM.2018.1800137
5 UGWU M C, OKPALA I U, OHAM C I, et al A tiered blockchain framework for vehicular forensics[J]. International Journal of Network Security and Its Applications (IJNSA), 2018, 10 (5): 25- 33
doi: 10.5121/ijnsa.2018.10503
6 LISHCHUK R. Auto tracking company leaks hundreds of thousands of records online [EB/OL]. (2017-9-21). https://mackeeper.com/blog/post/auto-tracking-company-leaks-hundreds-of-thousands-of-records-online/.
7 SINGH M, KIM S. Blockchain based intelligent vehicle data sharing framework [EB/OL].[2020-07-01]. https://arxiv.org/abs/1708.09721.
8 FAN K, PAN Q, ZHANG K, et al A secure and verifiable data sharing scheme based on blockchain in vehicular social networks[J]. IEEE Transactions on Vehicular Technology, 2020, 69 (6): 5826- 5835
doi: 10.1109/TVT.2020.2968094
9 OHAM C, JURDAK R, KANHERE S S, et al. B-fica: blockchain based framework for auto-insurance claim and adjudication[C]// 2018 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData). Halifax: IEEE, 2018: 1171-1180.
10 LEWKO A, OKAMOTO T, SAHAI A, et al. Fully secure functional encryption: attribute-based encryption and (hierarchical) innerproduct encryption[C]// annual International Conference on the Theory and Applications of Cryptographic Techniques. Berlin: Springer, 2010: 62-91.
11 LI L, LIU J, CHENG L, et al Creditcoin: a privacy-preserving blockchain-based incentive announcement network for communications of smart vehicles[J]. IEEE Transactions on Intelligent Transportation Systems, 2018, 19 (7): 2204- 2220
doi: 10.1109/TITS.2017.2777990
12 YUAN Y, WANG F Y. Towards blockchain-based intelligent transportation systems[C]// 2016 IEEE 19th International Conference on Intelligent Transportation Systems (ITSC). Rio de Janeiro: IEEE, 2016: 2663-2668.
13 KHAN M A, SALAH K IoT security: review, blockchain solutions, and open challenges[J]. Future Generation Computer Systems, 2018, 82: 395- 411
doi: 10.1016/j.future.2017.11.022
14 YUE X, WANG H, JIN D, et al Healthcare data gateways: found healthcare intelligence on blockchain with novel privacy risk control[J]. Journal of Medical Systems, 2016, 40 (10): 218
doi: 10.1007/s10916-016-0574-6
15 YANG Z, YANG K, LEI L, et al Blockchain-based decentralized trust management in vehicular networks[J]. IEEE Internet of Things Journal, 2018, 6 (2): 1495- 1505
16 AO L, OGAH C, ASUQUO P, et al A secure key management scheme for heterogeneous secure vehicular communication systems[J]. ZTE Communications, 2019, 14 (S0): 21- 31
17 LI M, ZHU L, LIN X Efficient and privacy-preserving carpooling using blockchain-assisted vehicular fog computing[J]. IEEE Internet of Things Journal, 2018, 6 (3): 4573- 4584
18 闫玺玺, 孟慧 支持直接撤销的密文策略属性基加密方案[J]. 通信学报, 2016, 37 (5): 44- 50
YAN Xi-xi, MENG Hui Ciphertext policy attribute-based encryption scheme[J]. Journal of Communications, 2016, 37 (5): 44- 50
doi: 10.11959/j.issn.1000-436x.2016091
19 SAHAI A, SEYALIOGLU H, WATERS B. Dynamic credentials and ciphertext delegation for attribute-based encryption[C]// Annual Cryptology Conference. Berlin: Springer, 2012, 7417: 199-217.
20 仲红, 崔杰, 朱文龙, 等 高效且可验证的多授权机构属性基加密方案[J]. 软件学报, 2018, 29 (7): 2006- 2017
ZHONG Hong, CUI Jie, ZHU Wen-long, et al Efficient and verifiable muti-authority attribute based encryption scheme[J]. Journal of Software, 2018, 29 (7): 2006- 2017
21 LIU X, XIA Y, CHEN W, et al SEMD: secure and efficient message dissemination with policy enforcement in VANET[J]. Journal of Computer and System Sciences, 2016, 82 (8): 1316- 1328
doi: 10.1016/j.jcss.2016.05.006
22 WANG S, LIANG K, LIU J K, et al Attribute-based data sharing scheme revisited in cloud computing[J]. IEEE Transactions on Information Forensics and Security, 2016, 11 (8): 1661- 1673
doi: 10.1109/TIFS.2016.2549004
23 张凯, 马建峰, 张俊伟, 等 在线/离线的可追责属性加密方案[J]. 计算机研究与发展, 2018, 55 (1): 216- 224
ZHANG Kai, MA Jian-feng, ZHANG Jun-wei, et al Online/offline traceable attribute-based encryption[J]. Journal of Computer Research and Development, 2018, 55 (1): 216- 224
doi: 10.7544/issn1000-1239.2018.20160799
24 QAZI F, KHAN F H Enhancing the security of vehicle to road side unit (RSU) communication with key generation and advanced encryption procedure in vehicular ad-hoc network (VANET)[J]. Indian Journal of Science and Technology, 2017, 10: 36
25 陈蔚, 刘雪娇, 夏莹杰 基于层次分析法的车联网多因素信誉评价模型[J]. 浙江大学学报: 工学版, 2020, 54 (4): 722- 731
CHEN Wei, LIU Xue-jiao, XIA Ying-jie Multi-factor reputation evaluation model based on analytic hierarchy process in VANETs[J]. Journal of Zhejiang University: Engineering Science, 2020, 54 (4): 722- 731
26 KANUMALLI S S, CH A, MURTY P S R C Secure V2V communication in IOV using IBE and PKI based hybrid approach[J]. International Journal of Advanced Computer Science and Applications(IJACSA), 2020, 11 (1): 466- 472
27 PAN J, CUI J, WEI L, et al Secure data sharing scheme for VANETs based on edge computing[J]. EURASIP Journal on Wireless Communications and Networking, 2019, (1): 1- 11
doi: 10.1186/s13638-018-1318-8
28 裴金漪. 基于SUMO和双流体模型的城市交通信号系统模拟[D]. 兰州: 兰州交通大学, 2015.
PEI Jin-yi. Urban traffic signal system simulation based on SUMO and two-fluimodel[D]. Lanzhou: Lanzhou Jiaotong University, 2015.
[1] 毋文超,任志宇,杜学绘. 基于日志的富语义ABAC策略挖掘[J]. 浙江大学学报(工学版), 2020, 54(11): 2149-2157.
[2] 盛念祖, 李芳, 李晓风, 赵赫, 周桐. 基于区块链智能合约的物联网数据资产化方法[J]. 浙江大学学报(工学版), 2018, 52(11): 2150-2158.
[3] 刘敖迪, 王娜, 刘明聪. 基于策略属性协商的云间组合服务访问控制机制[J]. 浙江大学学报(工学版), 2017, 51(12): 2332-2340.
[4] 张帅,孙建伶,徐斌,黄超,KAVS Aleksander J.. 基于RBAC的跨多企业服务组合访问控制模型[J]. J4, 2012, 46(11): 2035-2043.
[5] 董芳 仇佩亮. 无线传感器网络角度随机路由协议[J]. , 2009, 43(4): 621-625.
[6] 江颉, 张杰, 陈德人. 基于推理的上下文感知RBAC模型设计和实现[J]. J4, 2009, 43(09): 1609-1614.
[7] 马晨华 陆国栋 裘炅. 面向工作流系统的柔性策略访问控制模型[J]. J4, 2008, 42(12): 2112-2120.
[8] 吴迪 朱淼良 陈溪源 林建. 分布式环境下基于RBAC互操作的安全检测[J]. J4, 2007, 41(9): 1552-1556.
[9] 胡天磊 杨小虎 董金祥. 数据库安全代理的基于角色访问控制模型[J]. J4, 2005, 39(3): 342-347.
[10] 郑小林 雷宇 陈德人. 面向网络化制造系统的用户访问控制研究[J]. J4, 2005, 39(11): 1735-1739.
[11] 黄益民 杨子江 平玲娣 潘雪增. 安全管理系统中基于角色访问控制的实施方法[J]. J4, 2004, 38(4): 408-413.