摘要
在公共无线局域网的访问控制中,用户隐私保护和用户可问责性是一对相互冲突的目标。针对该问题,提出了一种基于比特币区块链和Intel SGX的匿名且可问责用户管理与访问控制方案。在不修改已有的比特币协议的前提下,实现了对公共无线局域网访问凭证的安全管理,而无须依赖可信第三方;采用基于Intel SGX的混合技术,通过较小的开销提供了用户可控的访问凭证匿名性保护;设计的区块链验证路径规则在保持用户隐私的同时实现了对恶意用户的问责。理论分析和实验结果验证了该方案的安全性和可行性。
In designing an access control scheme for public wireless LAN(WLAN),user privacy protection and user accountability are two conflict goals.A novel user management and access control scheme was proposed to solve this problem by utilizing the bitcoin blockchain and Intel SGX.It utilized unmodified bitcoin blockchain to manage the ownership of access credentials for users without relying on any trusted third party.It adopted Intel SGX-based mixing technology to enhance anonymity of users’access credentials.It designed verification path rule to resolve the conflicts between the privacy-preserving and accountability objectives.The effectiveness and feasibility of the proposed scheme are also demonstrated by security analysis and performance evaluation.
作者
牛玉坤
魏凌波
张驰
张霞
Gustavo Vejarano
NIU Yukun;WEI Lingbo;ZHANG Chi;ZHANG Xia;Gustavo Vejarano(School of Information Science and Technology,University of Science and Technology of China,Hefei 230026,China;School of Computer Science and Technology,Wuhan University of Technology,Wuhan 430047,China;Department of Electrical Engineering and Computer Science,Loyola Marymount University,Los Angeles 90045,USA)
出处
《网络与信息安全学报》
2020年第2期56-66,共11页
Chinese Journal of Network and Information Security
基金
国家自然科学基金资助项目(No.61702474)
国家重点研发计划基金资助项目(No.2018YFB0804201)。
