电力物联网设备持续高效批量可信认证  被引量：2

作　　者：赵保华 王志皓[1,2] 陈连栋 任春卉[1,2] 余发江 徐庆 ZHAO Baohua;WANG Zhihao;CHEN Liandong;REN Chunhui;YU Fajiang;XU Qing(Global Energy Interconnection Research Institute Co.,Ltd.,Beijing 102209,China;Artificial Intelligence on Electric Power System State Grid Corporation Joint Laboratory(GEIRI),Beijing 102209,China;School of Computer Science,Beijing University of Technology,Beijing 100124,China;State Grid Hebei Information&Telecommunication Branch,Shijiazhuang 050021,Hebei,China;School of Cyber Science and Engineering,Wuhan University,Wuhan 430072,Hubei,China)

机构地区：[1]全球能源互联网研究院有限公司,北京102209 [2]电力系统人工智能(联研院)国家电网公司联合实验室,北京102209 [3]北京工业大学计算机学院,北京100124 [4]国网河北省电力有限公司信息通信分公司,河北石家庄050021 [5]武汉大学国家网络安全学院,湖北武汉430072

出　　处：《武汉大学学报（理学版）》2022年第1期102-112,共11页Journal of Wuhan University:Natural Science Edition

基　　金：国家电网有限公司总部科技项目(5700-202013190A-0-0-00)。

摘　　要：随着电力物联网的设备种类越来越多,运行环境也越来越复杂,为确保设备的安全可信运行,本文考虑到电力物联网云边端协同的架构,提出了一种设备持续高效批量可信认证机制。该机制采用一棵非平衡哈希树存储设备度量信息,用一个多链和哈希表结构快速寻找树达到存储上限时的待替换节点。该机制存储了设备的多版本度量信息,可以对设备进行持续性的可信度量认证,在认证时采用了一种高效的稀疏哈希树多值认证方法,实现了设备度量信息的批量认证。本文实现了系统原型。实验结果表明,多值认证在认证所需信息的生成和验证占用空间大小方面比单值认证更优。The operating environment is more and more complex with the increasing types of equipment in the power Internet of Things.This paper proposes a continuous and efficient batch trusted authentication mechanism for equipment to ensure the safe and reliable operation of equipment,considering the cloud side cooperation architecture of power Internet of Things.The mechanism uses an unbalanced hash tree to store the device measurement information,and uses a multi chain and a hash table to quickly find the node to be replaced when the tree reaches the upper limit of storage.The mechanism stores the multi version measurement information of the device,which can continuously authenticate the device with trusted measurement.An efficient multi value proof method based on sparse hash tree is used to realize the batch authentication of the device measurement information.This paper implements the system prototype.The experiments show that the multi value authentication is better than the single value authentication in the generation,verification and space occupation of the information needed for authentication.

关 键 词：电力物联网 可信计算 远程认证 批量认证 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]