网络与信息安全学报 (Aug 2023)
Lightweight terminal cross-domain authentication protocol in edge computing environment
Abstract
Edge computing has gained widespread usage in intelligent applications due to its benefits, including low latency, high bandwidth, and cost-effectiveness.However, it also faces many security challenges due to its distributed, real-time, multi-source and heterogeneous data characteristics.Identity authentication serves as the initial step for terminal to access to the network and acts as the first line of defense for edge computing.To address the security issues in the edge computing environment, a terminal cross-domain authentication protocol suitable for the edge computing environment was proposed based on the "cloud-edge-end" three-level network authentication architecture.Access authentication was implemented between terminals and local edge nodes based on the SM9 algorithm, and session keys were negotiated.The secret key was combined with symmetric encryption technology and hash function to achieve cross-domain authentication for the terminal.The pseudonym mechanism was used in the authentication process to protect the privacy of end users.The terminal only needs to register once, and it can roam randomly between different security domains.BAN logic was used to prove the correctness of the protocol and analyze its security.The results show that this protocol is capable of resisting common attacks in IoT scenarios, and it features characteristics such as single sign-on and user anonymity.The performance of the cross-domain authentication protocol was evaluated based on computational and communication costs, and compared with existing schemes.The experimental results show that this protocol outperforms other schemes in terms of computational and communication costs, making it suitable for resource-constrained terminal devices.Overall, the proposed protocol offers lightweight and secure identity authentication within edge computing environments.
