基于区块链的民航网络安全威胁情报共享方案  被引量：3

作　　者：吴越 亚军 孙现玲 周景贤[2,3] 吕宗平 WU Yue;YA Jun;SUN Xianling;ZHOU Jingxian;LYU Zongping(Network Information Office ofNorth China Air Traffic Management Bureau,CAAC,Beijing 100621,China;Information Security Evaluation Center,CAUC,Tianjin 300300,China;College of Computer Science and Technology,CAUC,Tianjin 300300,China;Xingtai Science and Technology Museum,Xingtai 054000,Hebei,China)

机构地区：[1]中国民用航空华北地区空中交通管理局网信办,北京100621 [2]中国民航大学信息安全测评中心,天津300300 [3]中国民航大学计算机科学与技术学院,天津300300 [4]邢台市科学技术馆,河北邢台054000

出　　处：《中国民航大学学报》2023年第4期16-22,共7页Journal of Civil Aviation University of China

基　　金：民航安全能力建设资金项目(PESA2019074,PESA2021009);中央高校基本科研业务费专项(3122018C036)。

摘　　要：为有效应对供应链、勒索病毒等新型网络威胁,构建民航网络安全主动防御体系,本文结合区块链和加密技术提出一种民航网络安全威胁情报(CTI,cybersecurity threat intelligence)共享方案。该方案以民航网络安全主管部门为情报管理中心,通过智能合约实现链上民航企事业单位的身份认证和情报交易,使用代理重加密方式处理信息来保证情报安全共享;同时为保证威胁情报存储安全,链下采用民航情报存储文件系统(IPFS,interplanetary file system)来存储加密威胁情报数据,链上只存储文件的哈希值。仿真实验与安全性分析结果表明,该方案能以较低的开销实现民航各单位间情报共享,并比现有方案具备更高的隐私保护强度。In order to effectively respond to new network threats such as supply chain and ransomware virus,as well as build an active defense system for civil aviation network security,this paper proposes a cybersecurity threat intelligence(CTI)sharing scheme of civil aviation based on blockchain and encryption technology.This scheme takes the competent department of civil aviation network security as the intelligence management center,and achieves identity authentication and intelligence transactions of civil aviation enterprises and institutions on the chain through smart contract.And proxy re-encryption is applied to process information to ensure the safe sharing of intelligence.Meanwhile,to ensure the security of threat intelligence storage,the interplanetary file system(IPFS)is used to store the encrypted threat intelligence data off chain,and only the hash value of the file is stored on the chain.Simulation experiments and security analysis results show that the proposed scheme can achieve intelligence sharing among various civil aviation units with lower costs,and has higher privacy protection intensity than existing schemes.

关 键 词：网络安全 威胁情报共享 区块链 智能合约 代理重加密 隐私保护 

分 类 号：TP309[自动化与计算机技术—计算机系统结构]