An Edge-Cloud Collaborative Cross-Domain Identity-Based Authentication Protocol with Privacy Protection

SUN Haipeng; TAN Yu’an; LI Congwu; LEI Lei; ZHANG Qikun; HU Jingjing

doi:10.1049/cje.2021.00.269

Volume 31 Issue 4

Jul. 2022

Turn off MathJax

Article Contents

Article Navigation > Chinese Journal of Electronics > 2022 > 31(4): 721-731

SUN Haipeng, TAN Yu’an, LI Congwu, et al., “An Edge-Cloud Collaborative Cross-Domain Identity-Based Authentication Protocol with Privacy Protection,” Chinese Journal of Electronics, vol. 31, no. 4, pp. 721-731, 2022, doi: 10.1049/cje.2021.00.269

Citation:

SUN Haipeng, TAN Yu’an, LI Congwu, et al., “An Edge-Cloud Collaborative Cross-Domain Identity-Based Authentication Protocol with Privacy Protection,” Chinese Journal of Electronics, vol. 31, no. 4, pp. 721-731, 2022, doi: 10.1049/cje.2021.00.269

Citation:

PDF( 3389 KB)

An Edge-Cloud Collaborative Cross-Domain Identity-Based Authentication Protocol with Privacy Protection

doi: 10.1049/cje.2021.00.269

SUN Haipeng^1
,,
TAN Yu’an¹,
LI Congwu^{2, 3},
LEI Lei^{2, 3},
ZHANG Qikun⁴,
HU Jingjing^1
,

1.
School of Computer Science and Technology, Beijing Institute of Technology, Beijing 100081, China
2.
The 30th Research Institute of China Electronics Technology Group Corporation, Beijing 100088, China
3.
China Electronic Science Research Institute of CETC, Beijing 100041, China
4.
School of Computer and Communication Engineering, Zhengzhou University of Light Industry, Zhengzhou 450002, China

Funds: This work was supported by the National Key Research and Development Program of China (2020YFB1712101), the National Natural Science Foundation of China (61772070, 61772477, 61971380 ), the Key Technologies R&D Program of Henan Province (212102210089, 212102210171, 212102210075), and the Collaborative Innovation Special Plan Project of Zhengzhou (2021ZDPY0206).

More Information

Author Bio:
received the M.S. degree in Beijing University of Posts and Telecommunications in 2009. Now he is a Ph.D. candidate in School of Computer Science and Technology, Beijing Institute of Technology. His main research interest include wireless communications, blockchain, access control, and cloud storage. (Email: sunhaipeng@bit.edu.cn)

(corresponding author) received the Ph.D. degree in computer science from Beijing Institute of Technology, Beijing, China. She is currently an Associate Professor in the School of Computer at Beijing Institute of Technology. Her research interests are in the areas of service computing, web intelligence, and information security. (Email: hujingjing@bit.edu.cn)
Received Date: 2021-08-01
Accepted Date: 2021-09-28

Available Online: 2021-11-03

Publish Date: 2022-07-05

Abstract

Abstract

Edge-cloud collaborative application scenario is more complex, it involves collaborative operations among different security domains, frequently accessing and exiting application system of mobile terminals. A cross-domain identity authentication protocol based on privacy protection is proposed. The main advantages of the protocol are as follows. 1) Self-certified key generation algorithm: the public/private key pair of the mobile terminal is generated by the terminal members themselves. It avoids security risks caused by third-party key distribution and key escrow; 2) Cross-domain identity authentication: the alliance keys are calculated among edge servers through blockchain technology. Cross-domain identity authentication is realized through the signature authentication of the alliance domain. The cross-domain authentication process is simple and efficient; 3) Revocability of identity authentication: When the mobile terminal has logged off or exited the system, the legal identity of the terminal in the system will also become invalid immediately, so as to ensure the forward and backward security of accessing system resources. Under the hardness assumption of discrete logarithm problem and computational Diffie-Hellman problem, the security of the protocol is proven, and the efficiency of the protocol is verified.
- Identity authentication,
- Privacy protection,
- Edge-cloud collaborative,
- Revocability identity

FullText(HTML)

References(26)

References

[1]	Y. Lv, W. Liu, and Z. Wang, “Heterogeneous cross-domain identity authentication scheme based on proxy resignature in cloud environment,” Mathematical Problems in Engineering, vol.2020, article no.2078032, 2020. doi: 10.1155/2020/2078032
[2]	H. Wang and Y. Jiang, “A novel blockchain identity authentication scheme implemented in fog computing,” Wireless Commun. Mobile Comput., vol.2020, no.4, pp.1–7, 2020. doi: 10.1155/2020/8849363
[3]	X. Xiang, M. Wang, and W. Fan, “A permissioned blockchain-based identity management and user authentication scheme for e-health systems,” IEEE Access, vol.8, pp.171771–171783, 2020. doi: 10.1109/ACCESS.2020.3022429
[4]	X. Jia, N. Hu, S. Su, et al., “IRBA: An identity-based cross-domain authentication scheme for the internet of things,” Electronics, vol.9, no.4, article no.e634, 2020. doi: 10.3390/electronics9040634
[5]	Y. Ye and X. Zhang, “Research on anonymous identity authentication technology in fabric,” Chinese Journal of Network and Information Security, vol.7, no.3, pp.134–140, 2021. (in Chinese) doi: 10.11959/j.issn.2096-109x.2021036
[6]	M. A. Al-shareeda, M. Anbar, S. Manickam, et al., “An efficient identity-based conditional privacy-preserving authentication scheme for secure communication in a vehicular ad hoc network,” Symmetry-Basel, vol.12, no.10, article no.1687, 2020. doi: 10.3390/sym12101687
[7]	Y. Li, Q. Cheng, X. Liu, et al., “A secure anonymous identity-based scheme in new authentication architecture for mobile edge computing,” IEEE Systems Journal, vol.15, no.1, pp.935–946, 2020.
[8]	J. Huang, M. Shu, B. Hsu, et al., “Service architecture of IoT terminal connection based on blockchain identity authentication system,” Computer Communications, vol.160, pp.411–422, 2020. doi: 10.1016/j.comcom.2020.06.027
[9]	J. Xu, K. Xue, H. Tian, et al., “An identity management and authentication scheme based on redactable blockchain for mobile networks,” IEEE Transactions on Vehicular Technology, vol.69, no.6, pp.6688–6698, 2020. doi: 10.1109/TVT.2020.2986041
[10]	L. Song, G. Sun, H. Yu, et al., “FBIA: A fog-based identity authentication scheme for privacy preservation in internet of vehicles,” IEEE Transactions on Vehicular Technology, vol.69, no.5, pp.5403–5415, 2020. doi: 10.1109/TVT.2020.2977829
[11]	Q. Liu, B. Gong, and Z. Ning, “Research on CLPKC-IDPKC cross-domain identity authentication for IoT environment,” Computer Communications, vol.157, pp.410–416, 2020. doi: 10.1016/j.comcom.2020.04.043
[12]	Z. Cui, F. Xue, S.Zhang, et al., “A hybrid blockchain-based identity authentication scheme for multi-WSN,” IEEE Transactions on Services Computing, vol.13, no.2, pp.241–251, 2020. doi: 10.1109/TSC.2020.2964537
[13]	X. Jia, D. He, N. Kumar, et al., “A provably secure and efficient identity-based anonymous authentication scheme for mobile edge computing,” IEEE Systems Journal, vol.14, no.1, pp.560–571, 2019.
[14]	M. Han, Z. Yin, P. Cheng, et al., “Zero-knowledge identity authentication for internet of vehicles: Improvement and application,” PloS One, vol.15, no.9, article no.e0239043, 2020. doi: 10.1371/journal.pone.0239043
[15]	X. Qi, M. Li, and Y. Du, “Lightweight identity authentication protocol based on dynamic ID in multi-server environment,” Journal of Beijing University of Aeronautics and Astronautics, vol.47, no.12, pp.2632–2640, 2021. (in Chinese)
[16]	J. Li and H. Chai, “IoT authentication solution based on FIDO technology,” Journal of Information Security Research, vol.7, no.4, pp.358–366, 2021.
[17]	Y. Tu, J. Gan, Y. Hu, et al., “Decentralized identity authentication and key management scheme based on blockchain,” Cyberspace Security, vol.10, no.6, pp.33–39, 2019.
[18]	Y. Hei, J. Liu, and Y. Guan, “A blockchain-based authentication scheme for identity information sharing,” Journal of Cryptologic Research, vol.7, no.5, pp.605–615, 2020.
[19]	Q. Zhang, L. Zhu, R. Wang, et al., “ Group key agreement protocol among terminals of the intelligent information system for mobile edge computing,” International Journal of Intelligent Systems, in press, DOI: 10.1002/int.22544, 2021.
[20]	Y. Li, P. Tao, S. Deng, et al., “DeFFusion: CNN-based continuous authentication using deep feature fusion,” ACM Transactions on Sensor Networks, vol.18, no.2, pp.1–20, 2022. doi: 10.1145/3485060
[21]	Y. Liu, S. Lv, M. Xie, et al., “Dynamic anonymous identity authentication (DAIA) scheme for VANET,” International Journal of Communication Systems, vol.32, no.5, article no.e3892, 2019. doi: 10.1002/dac.3892
[22]	J. Long and X. SU, “Anonymous chaotic-based identity authentication protocol in IoT,” International Journal of Embedded Systems, vol.14, no.2, pp.194–200, 2021. doi: 10.1504/IJES.2021.113813
[23]	Q. Zhang, L. Zhu, Y. Li, et al., “A group key agreement protocol for intelligent internet of things system,” International Journal of Intelligent Systems, vol.37, no.1, pp.699–722, 2022. doi: 10.1002/int.22644
[24]	L. Wu, J. Wang, K. R. Choo, et al., “An efficient provably-secure identity-based authentication scheme using bilinear pairings for ad hoc network,” Journal of Information Security and Applications, vol.37, pp.112–121, 2017. doi: 10.1016/j.jisa.2017.10.003
[25]	D. Liu, D. Li, X. Liu, et al., “Research on a cross-domain authentication scheme based on consortium blockchain in V2G networks of smart grid”, 2018 2nd IEEE Conference on Energy Internet and Energy System Integration (EI2), Beijing, China, pp.1–5, 2018.
[26]	Q. Zhang, Y. Gan, R. Wang, et al., “Inter-cluster asymmetric group key agreement,” Journal of Computer Research and Development, vol.55, no.12, pp.2651–2663, 2018. (in Chinese) doi: 10.7544/issn1000-1239.2018.20170651