物联网中基于受控对象的分布式访问控制
Distributed Access Control Scheme Based on Controlled Object in the Internet of Things
-
摘要: 提出了一种基于受控对象的分布式访问控制方法,将访问主体的访问权限直接与节点的资源对象相关联,由节点管理用户的权限,简化权限的管理。将对称密码体制与非对称密码体制应用于分布式访问控制中,根据设备对象的能力分别采用不同的加密策略,在保证控制强度的同时减小节点计算能耗。性能分析表明,该方案能够在节点低开销的基础上对用户进行有效的接入控制和权限限制,简化用户的权限管理,并有效减少用户DOS攻击和重放攻击对网络的威胁。Abstract: In this paper, we propose a distributed access control scheme based on controlled object, in which we make all of the nodes manage the user's right to simplify the right management, and adopt different encryption policy according to the ability of the device object to realize high level of control and low consumption of calculation. The analysis shows that proposed scheme can effectively control the user's access based on node's low cost, and mitigate DOS attack and reply attack of users.