安全群组通信中的分层密钥管理技术研究
|
摘要
随着数字通信技术、计算机技术和信息技术的迅速发展,群组通信被广泛应用于多种网络业务,以有效实现一对多、多对多的信息交换。为了保障群组通信的安全,通常在群组成员之间使用群组密钥加密通信信息,同时群组成员的动态变化要求对群组密钥进行安全有效的更新。在安全群组通信中,密钥管理机制的优劣直接关系到传输的安全性、稳定性和可靠性,对群组密钥管理机制的研究具有重要意义。本文研究了安全群组通信中的分层密钥管理技术,主要包括以下内容:
1.提出了一种基于Diffe-Hellman算法的分层密钥分配方案,该方案分为系统建立、成员变化、拓扑变化等三个部分,能够支持成员以及分层拓扑结构的动态变化,具有实现简单、易于扩展等特点,可用于解决基于内容的分层访问控制问题。
2.研究了分层访问控制中的密钥层次结构,将该结构归纳为三类,即基于用户的、基于资源的以及混合型密钥结构,同时研究了这些结构之间的相互关系,并将提出的密钥结构与现有的分层密钥分配模型相结合,分析了现有分层密钥分配模型在这些密钥结构中的性能。
3.设计了一种适用于无线传感器网络中节点撤销的分层密钥预分配方案。该方案利用逻辑密钥树,采用一种分层的密钥分配方法实现节点的撤销,具体分为系统建立、对偶密钥协商、成员撤销和成员加入等部分。分析表明,该方案具有较小的存储、通信和计算开销。
4.在通信质量较差的无线网络中,不能保证群组中每个成员都能正确地接收到每次群组密钥更新时的数据包,因此设计了一种无状态的分层密钥预分配方案。该方案以逻辑密钥树的形式对密钥进行组织管理,利用最大子树的共享密钥撤销被捕获的成员节点。最后,分别利用Akl-Taylor算法和基于Diffe-Hellman算法的分层密钥分配方法对本方案进行了改进。
The development of digital communication, computer and information technolo-gies have made group communications widely applied into various kinds of networkservices to achieve effective one-to-many and many-to-many information exchanges.The general method to secure the group communication is encrypting the commu-nication messages by a group key shared among all the group members. The groupkey should be updated securely and effciently during the group member dynamics.In secure group communications, the key management mechanism determines thesecurity, stability and reliability of the communication, and thus, the study of groupkey management mechanism is of significance. The main contributions of this thesisare as follows:
1. A hierarchical key assignment scheme based on Diffe-Hellman algorithm isproposed, which consists of the phases of system initialization and key updating,and supports user dynamics and topology changes. This scheme is ffexible and easyto deploy. It can be used for content access control.
2. The key hierarchies in hierarchical access control systems are studied, andthey are divided into user-based, resource-based and unified key hierarchies. Therelationships among these different kinds of hierarchies are studied. The existinghierarchical key assignment models are combined with these hierarchies, and theireffciency is evaluated.
3. An hierarchical key pre-distribution scheme which aims to revoke the com-promised sensor nodes in wireless sensor networks is proposed. This scheme is basedon a novel application of an a-ary logical key tree, and it consists of the phases of sys-tem initialization, pairwise key establishment, node revocation and addition. Theperformance analysis shows this scheme could provide suffcient secrecy with lowstorage, communication and computational overheads.
4. In wireless networks with poor communication conditions, it cannot beguaranteed that every user could receive all the rekey packages. A logical key treebased and stateless hierarchical key pre-distribution scheme is proposed, which usesthe shared key of a maximum subtree to revoke the promised nodes. At last, theproposed scheme is improved by using Akl-Taylor and Hiffe-Hellman hierarchicalkey assignment algorithms respectively.
1.提出了一种基于Diffe-Hellman算法的分层密钥分配方案,该方案分为系统建立、成员变化、拓扑变化等三个部分,能够支持成员以及分层拓扑结构的动态变化,具有实现简单、易于扩展等特点,可用于解决基于内容的分层访问控制问题。
2.研究了分层访问控制中的密钥层次结构,将该结构归纳为三类,即基于用户的、基于资源的以及混合型密钥结构,同时研究了这些结构之间的相互关系,并将提出的密钥结构与现有的分层密钥分配模型相结合,分析了现有分层密钥分配模型在这些密钥结构中的性能。
3.设计了一种适用于无线传感器网络中节点撤销的分层密钥预分配方案。该方案利用逻辑密钥树,采用一种分层的密钥分配方法实现节点的撤销,具体分为系统建立、对偶密钥协商、成员撤销和成员加入等部分。分析表明,该方案具有较小的存储、通信和计算开销。
4.在通信质量较差的无线网络中,不能保证群组中每个成员都能正确地接收到每次群组密钥更新时的数据包,因此设计了一种无状态的分层密钥预分配方案。该方案以逻辑密钥树的形式对密钥进行组织管理,利用最大子树的共享密钥撤销被捕获的成员节点。最后,分别利用Akl-Taylor算法和基于Diffe-Hellman算法的分层密钥分配方法对本方案进行了改进。
The development of digital communication, computer and information technolo-gies have made group communications widely applied into various kinds of networkservices to achieve effective one-to-many and many-to-many information exchanges.The general method to secure the group communication is encrypting the commu-nication messages by a group key shared among all the group members. The groupkey should be updated securely and effciently during the group member dynamics.In secure group communications, the key management mechanism determines thesecurity, stability and reliability of the communication, and thus, the study of groupkey management mechanism is of significance. The main contributions of this thesisare as follows:
1. A hierarchical key assignment scheme based on Diffe-Hellman algorithm isproposed, which consists of the phases of system initialization and key updating,and supports user dynamics and topology changes. This scheme is ffexible and easyto deploy. It can be used for content access control.
2. The key hierarchies in hierarchical access control systems are studied, andthey are divided into user-based, resource-based and unified key hierarchies. Therelationships among these different kinds of hierarchies are studied. The existinghierarchical key assignment models are combined with these hierarchies, and theireffciency is evaluated.
3. An hierarchical key pre-distribution scheme which aims to revoke the com-promised sensor nodes in wireless sensor networks is proposed. This scheme is basedon a novel application of an a-ary logical key tree, and it consists of the phases of sys-tem initialization, pairwise key establishment, node revocation and addition. Theperformance analysis shows this scheme could provide suffcient secrecy with lowstorage, communication and computational overheads.
4. In wireless networks with poor communication conditions, it cannot beguaranteed that every user could receive all the rekey packages. A logical key treebased and stateless hierarchical key pre-distribution scheme is proposed, which usesthe shared key of a maximum subtree to revoke the promised nodes. At last, theproposed scheme is improved by using Akl-Taylor and Hiffe-Hellman hierarchicalkey assignment algorithms respectively.
引文
[1] Berkovits S. How to broadcast a secret. In Advances in Cryptology - EURO-CRYPT’91, LNCS 547, pages 535–541. Springer-Verlag, 1991.
[2] Fiat A and Naor M. Broadcast encryption. In Advances in Cryptology -CRYPTO’93, LNCS 773, pages 480–491. Springer-Verlag New York, Inc., New York,NY, USA, 1994.
[3] Schechter S E, Greenstadt R A, and Smith M D. Trusted computing, peer-to-peerdistribution, and the economics of pirated entertainment. In WEIS’03: Proceedingsof the 2nd Annual Workshop on Economics and Information Security, pages 1–11.Maryland, USA, 2003.
[4] Seba H, Badache N, and Bouabdallah A. Solving the consensus problem in a dynamicgroup: An approach suitable for a mobile environment. In ISCC’02: Proceedingsof the Seventh International Symposium on Computers and Communications, page327. IEEE Computer Society, Washington, DC, USA, 2002.
[5] Zhou X, Yang X, Wei P, et al. Dynamic group signature with forward security and itsapplication. In GCC’07: Proceedings of the Sixth International Conference on Gridand Cooperative Computing, pages 473–480. IEEE Computer Society, Washington,DC, USA, 2007.
[6] Luby M and Staddon J. Combinatorial bounds for broadcast encryption. In Ad-vances in Cryptology―EUROCRYPT’98, LNCS 1043, pages 512–526. Springer-Verlag, 1998.
[7] Ballardie A. Scalable multicast key distribution. IETF Network Working Group,RFC 1949, 1996.
[8] Ballardie A. Core Based Trees (CBT version 2) multicast routing. IETF NetworkWorking Group, RFC 2189, 1997.
[9] Canetti R, Garay J, Itkis G, et al. Multicast security: a taxonomy and some e?cientconstructions. In INFOCOM’99: Proceedings of the 18th Annual Joint Conferenceof the IEEE Computer and Communications Societies, pages 708–716. IEEE Com-puter Society, New York, USA, 1999.
[10] Harney H and Muckenhirn C. Group Key Management Protocol (GKMP) Specifi-cation. RFC 2093, 1997.
[11] Harney H and Muckenhirn C. Group Key Management Protocol (GKMP) Architec-ture. RFC 2094, 1997.
[12] Mittra S. Iolus: a framework for scalable secure multicasting. ACM SIGCOMMComputer Communication Review, 27(4): 277–288, 1997.
[13] Harkins D and Doraswamy N. A Secure Scalable Multicast Key Management Pro-tocol. IETF Draft, draft-ietf-ipsecond-00.txt, 1997.
[14] Wallner D M, Harder E J, and Agee R C. Key management for multicast: Issuesand architectures. IETF Network Working Group, RFC 2627, 1999.
[15] Wong C K, Gouda M, and Lam S S. Secure group communications using key graphs.IEEE/ACM Transactions on Networking, 8(1): 16–30, 2000.
[16] Sun Y, Trappe W, and Liu K. A scalable multicast key management scheme forheterogeneous wireless networks. IEEE/ACM Transactions on Networking, 12(4):653–666, 2004.
[17]朱文涛,熊继平,李津生,等.安全组播密钥管理的层次结构研究.电子与信息学报,26(1): 7–13, 2004.
[18]曾玮妮,林亚平,胡玉鹏,等.传感器网络中一种基于分布式更新权限的组密钥管理方案.计算机研究与发展, 44(4): 606–614, 2007.
[19]刘璟,周明天.大型动态多播群组的密钥管理和访问控制.软件学报, 13(2): 291–297,2002.
[20]陈璟,杨波,田春岐.基于单向函数树的多播密钥管理方案安全性分析.西安电子科技大学学报(自然科学版), 31(6): 959–962, 2004.
[21]席国宝,陈惠芳,赵问道.基于中国剩余定理的秘密共享组播密钥管理方案.电子与信息学报, 28(12): 2378–2381, 2006.
[22]许勇,凌龙,顾冠群.可靠可缩放安全多播密钥更新实现研究.计算机研究与发展,41(6): 934–939, 2004.
[23]刘小虎,顾乃杰,陆余良,等.路径洗牌算法:安全组播中一种高效的组密钥更新算法.电子与信息学报, 29(10): 2477–2481, 2007.
[24]潘志铂,郑宝玉,吴蒙.一种基于时间流的安全多播密钥更新机制的研究.电子与信息学报, 26(7): 1045–1052, 2004.
[25]况晓辉,朱培栋,卢锡城.移动自组网络分布式组密钥更新算法.软件学报, 15(5):756–766, 2004.
[26]王巍.群组密钥管理的理论与关键技术研究.博士学位论文,西安电子科技大学, 2008,04.
[27]李凤华.分布式信息系统安全的理论与关键技术研究.博士学位论文,西安电子科技大学, 2009, 04.
[28] Moyer M J, Rao J R, and Rohatgi P. A survey of security issues in multicastcommunications. IEEE Network, 13(6): 12–23, 1999.
[29] Rafaeli S and Hutchison D. A survey of key management for secure group commu-nication. ACM Computing Surveys, 35(3): 309–329, 2003.
[30] Sandhu R S, Coyne E J, Feinstein H L, et al. Role-based access control models.Computer, 29(2): 38–47, 1996.
[31] Akl S G and Taylor P D. Cryptographic solution to a problem of access control ina hierarchy. ACM Transaction on Computer System, 1(3): 239–248, 1983.
[32] Sandhu R S. On some cryptographic solutions for access control in a tree hierarchy.In ACM’87: Proceedings of the 1987 Fall Joint Computer Conference on Exploringtechnology: today and tomorrow, pages 405–410. IEEE Computer Society Press, LosAlamitos, CA, USA, 1987.
[33] Sandhu R S. Cryptographic implementation of a tree hierarchy for access control.Information Processing Letters, 27(2): 95– 98, 1988.
[34] Ray I, Ray I, and Narasimhamurthi N. A cryptographic solution to implementaccess control in a hierarchy and more. In SACMAT’02: Proceedings of the seventhACM symposium on Access control models and technologies, pages 65–73. ACM,New York, NY, USA, 2002.
[35] Sun Y and Liu K R. Scalable hierarchical access control in secure group communi-cations. INFOCOM’04: Proccedings of the Twenty-third Annual Joint Conferenceof the IEEE Computer and Communications Societies, 2: 1296–1306, 2004.
[36] Wang G, Ouyang J, Chen H H, et al. E?cient group key management for multi-privileged groups. Computer Communications, 30(11-12): 2497–2509, 2007.
[37] Li C, Yang C, and Cheung R. Key management for role hierarchy in distributedsystems. Journal of Network and Computer Applications, 30(3): 920–936, 2007.
[38] Hassen H R, Bouabdallah A, Bettahar H, et al. Key management for content accesscontrol in a hierarchy. Computer Networks, 51(11): 3197–3219, 2007.
[39] Crampton J, Martin K, and Wild P. On key assignment for hierarchical accesscontrol. In CSFW’06: Proceedings of the 19th IEEE workshop on Computer SecurityFoundations, pages 98–111. IEEE Computer Society, Washington, DC, USA, 2006.
[40] Birget J C, Zou X, and Noubir G. Hierarchy-based access control in distributedenvironments. In ICC’01: IEEE International Conference on Communications,vol. 1, pages 229–233. 2001.
[41] Pickholtz R, Schilling D, and Milstein L. Theory of spread-spectrumcommunications–a tutorial. IEEE Transactions on Communications, 30(5): 855–884, 1982.
[42] Maughan D, Schertler M, Schneider M, et al. Internet Security Association and KeyManagement Protocol (ISAKMP). RFC 2408, 1998.
[43] Baugher M, Canetti R, Dondeti L, et al. Multicast security (MSEC) group keymanagement architecture. IETF Network Working Group, RFC 4046, 2005.
[44] Harkins D and Carrel D. The Internet Key Exchange (IKE). RFC 2409, 1998.
[45] Kerckho?s A. La cryptographie militaire. Journal des sciences militaires, 9: 5–83,1883.
[46]林闯,蒋屹新,尹浩.网络安全控制机制.清华大学出版社, 2008.
[47] Waldvogel M, Caronni G, Sun D, et al. The versakey framework: versatile groupkey management. IEEE Journal on Selected Areas in Communications, 17(9): 1614–1631, 1999.
[48] Chang I, Engel R, Kandlur D, et al. Key management for secure internet multicastusing boolean function minimization techniques. In Infocomm’99: Proceedings ofIEEE INFOCOM, vol. 2, pages 689–698. 1999.
[49] Sherman A and McGrew D. Key establishment in large dynamic groups using one-way function trees. Transactions on Software Engineering, 29(5): 444–458, 2003.
[50] Perrig A, Song D, and Tygar J D. ELK: a new protocol for e?cient large-group keydistribution. In SP’01: Proceedings of the 2001 IEEE Symposium on Security andPrivacy, pages 247–262. IEEE Computer Society, Washington, DC, USA, 2001.
[51] Chan K C and Chan S. Key management approaches to o?er data confidentialityfor secure multicast. IEEE Network, 17(5): 30–39, 2003.
[52] DeCleene B, Dondeti L, Gri?n S, et al. Secure group communications for wire-less networks. In MILCOM’01: Proceedings of IEEE Military CommunicationsConference, vol. 1, pages 113–117. 2001.
[53] Dondeti L, Samal A, and Mukherjee S. Scalable secure one-to-many group com-munication using dual encryption. Computer Communications, 23(17): 1681–1701,2000.
[54] Rafaeli S and Hutchison D. Hydra: A decentralised group key management. InWETICE’02: Proceedings of the Eleventh IEEE International Workshops on En-abling Technologies, page 62. IEEE Computer Society, Los Alamitos, CA, USA,2002.
[55] Setia S, Koussih S, Jajodia S, et al. Kronos: a scalable group re-keying approachfor secure multicast. In S&P’00: Proceedings of 2000 IEEE Symposium on Securityand Privacy, pages 215–228. 2000.
[56] Molva R and Pannetrat A. Scalable multicast security in dynamic groups. In CCS’99: Proceedings of the 6th ACM Conference on Computer and CommunicationsSecurity, pages 101–112. ACM, New York, NY, USA, 1999.
[57] Dondeti L, Mukherjee S, and Samal A. DISEC: a distributed framework for scalablesecure many-to-many communication. In ISCC’00: Proceedings of the Fifth IEEESymposium on Computers and Communications, pages 693–698. 2000.
[58] Di?e W and Hellman M E. New directions in cryptography. IEEE Transactions onInformation Theory, 22(6): 644–654, 1976.
[59] Steiner M, Tsudik G, and Waidner M. CLIQUES: A new approach to group keyagreement. In ICDCS’98: Proceedings of the 18th IEEE International Conferenceon Distributed Computing Systems, page 380. IEEE Computer Society, Los Alamitos,CA, USA, 1998.
[60] Kim Y, Perrig A, and Tsudik G. Simple and fault-tolerant key agreement for dy-namic collaborative groups. In CCS’00: Proceedings of the 7th ACM Conferenceon Computer and Communications Security, pages 235–244. ACM, New York, USA,2000.
[61] Becker K and Wille U. Communication complexity of group key distribution. In CCS’98: Proceedings of the 5th ACM Conference on Computer and CommunicationsSecurity, pages 1–6. ACM, New York, NY, USA, 1998.
[62] Burmester M and Desmedt Y. A secure and e?cient conference key distributionsystem. In Advances in Cryptology - EUROCRYPT’94, LNCS 950, pages 275–286.Springer-Verlag, 1995.
[63] Kim Y, Perrig A, and Tsudik G. Communication-e?cient group key agreement. InSec’01: Proceedings of the 16th International Conference on Information Security:Trusted Information, pages 229–244. 2001.
[64] Akyildiz I, Su W, Sankarasubramaniam Y, et al. Wireless sensor networks: a survey.Computer Networks, 38(4): 393–422, 2002.
[65] Djenouri D, Khelladi L, and Badache N. A survey of security issues in mobile adhoc and sensor networks. IEEE Communications Surveys & Tutorials, 7(4): 2–28,2005.
[66] Wang Y, Attebury G, and Ramamurthy B. A survey of security issues in wirelesssensor networks. IEEE Communications Surveys & Tutorials, 8(2): 2–23, 2006.
[67] Perrig A, Stankovic J, and Wagner D. Security in wireless sensor networks. Com-munications of the ACM, 47(6): 53–57, 2004.
[68]叶阿勇.无线传感器网络节点安全定位.博士学位论文,西安电子科技大学, 2009, 04.
[69]沈玉龙.无线传感器网络数据传输及安全技术研究.博士学位论文,西安电子科技大学,2007, 11.
[70] Technology C. Mica2: Wireless Measurement System.http://www.xbow.com/Products/.
[71] Neuman B and Ts’o T. Kerberos: an authentication service for computer networks.IEEE Communications, 32(9): 33–38, 1994.
[72]苏忠,林闯,封富君,任丰原.无线传感器网络密钥管理的方案和协议.软件学报,18(5): 1218–1231, 2007.
[73]刘志宏.无线传感器网络密钥管理.博士学位论文,西安电子科技大学, 2009, 04.
[74] Gaubatz G, Kaps J P, and Sunar B. Public key cryptography in sensor net-works―revisited. In ESAS’04: Proceedings of the 1st European Workshop on Se-curity in Ad-Hoc and Sensor Networks, pages 2–18. 2005.
[75] Malan D, Welsh M, and Smith M. A public-key infrastructure for key distributionin tinyos based on elliptic curve cryptography. In SECON’04: Proceedings of theFirst Annual IEEE Communications Society Conference on Sensor and Ad HocCommunications and Networks, pages 71–80. 2004.
[76] Eschenauer L and Gligor V D. A key management scheme for distributed sensornetworks. In CCS’02: Proceedings of the 9th ACM Conference on Computer andCommunication Security. Washington, D.C., USA, 2002.
[77] Chan H, Perrig A, and Song D. Random key predistribution schemes for sensornetworks. In SP’03: Proceedings of the 2003 IEEE Symposium on Security andPrivacy, pages 197–213. IEEE Computer Society, Washington, DC, USA, 2003.
[78] Du W, Deng J, Han Y S, et al. A pairwise key pre-distribution scheme for wirelesssensor networks. In CCS’03: Proceedings of the 10th ACM Conference on Computerand Communications Security, pages 42–51. ACM, New York, NY, USA, 2003.
[79] Liu D and Ning P. Establishing pairwise keys in distributed sensor networks. In CCS’03: Proceedings of the 10th ACM Conference on Computer and CommunicationsSecurity, pages 52–61. ACM, New York, NY, USA, 2003.
[80] Liu D and Ning P. Location-based pairwise key establishments for static sensornetworks. In SASN’03: Proceedings of the 1st ACM Workshop on Security of AdHoc and Sensor Networks, pages 72–82. ACM, New York, NY, USA, 2003.
[81] Du W, Deng J, Han Y, et al. A key management scheme for wireless sensor networksusing deployment knowledge. In Proceedings of the IEEE INFOCOM, pages 586–597.IEEE, Piscataway, 2004.
[82] Huang D, Mehta M, Medhi D, et al. Location-aware key management scheme forwireless sensor networks. In SASN’04: Proceedings of the 2nd ACM Workshop onSecurity of Ad Hoc and Sensor Networks, pages 29–42. ACM, New York, NY, USA,2004.
[83] Chan H and Perrig A. PIKE: peer intermediaries for key establishment in sensornetworks. In INFOCOM’05: Proceedings of the 24th Annual Joint Conference ofthe IEEE Computer and Communications Societies, vol. 1, pages 524–535. 2005.
[84] Camtepe S A and Yener B. Combinatorial design of key distribution mechanisms forwireless sensor networks. IEEE/ACM Transactions on Networking, 15(2): 346–358,2007.
[85] Perrig A, Szewczyk R, Tygar J D, et al. SPINS: security protocols for sensor net-works. Wireless Networks, 8(5): 521–534, 2002.
[86] Zhu S, Setia S, and Jajodia S. LEAP: E?cient security mechanisms for large-scaledistributed sensor networks. In CCS’03: Proceedings of the 10th ACM Conferenceon Computer and Communications Security, pages 62–72. Washington, DC, USA,October, 2003.
[87] Younis M F, Ghumman K, and Eltoweissy M. Location-aware combinatorial keymanagement scheme for clustered sensor networks. IEEE Transactions on Paralleland Distributed Systems, 17(8): 865–882, 2006.
[88] Eltoweissy M, Moharrum M, and Mukkamala R. Dynamic key management in sensornetworks. IEEE Communications Magazine, 44(4): 122–130, 2006.
[89] Moharrum M A and Eltoweissy M. A study of static versus dynamic keying schemesin sensor networks. In PE-WASUN’05: Proceedings of the 2nd ACM InternationalWorkshop on Performance Evaluation of Wireless Ad Hoc, Sensor, and UbiquitousNetworks, pages 122–129. ACM, New York, NY, USA, 2005.
[90] Blundo C, De Santis A, Vaccaro U, et al. Perfectly secure key distribution fordynamic conferences. Information and Computation, 146(1): 1–23, 1998.
[91] Zhang Q and Wang Y. A centralized key management scheme for hierarchical accesscontrol. In GLOBECOM’04: IEEE Global Telecommunications Conference, DallasTX vol. 4, pages 2067–2071. 2004.
[92] Davey B and Priestley H. Introduction to lattices and order. Cambridge UniversityPress, 1990.
[93] Harary F. Graph Theory. Reading, MA: Addison-Wesley, 1994.
[94] Ingemarsson I, Tang D, and Wong C. A conference key distribution system. IEEETransactions on Information Theory, 28(5): 714–720, 1982.
[95] Steer D G, Strawczynski L, Di?e W, et al. A secure audio teleconference system. InCRYPTO’88: Proceedings of the 8th Annual International Cryptology Conferenceon Advances in Cryptology, pages 520–528. Springer-Verlag, London, UK, 1990.
[96] Kim Y, Perrig A, and Tsudik G. Tree-based group key agreement. ACM Transac-tions on Information and System Security, 7(1): 60–96, 2004.
[97] Steiner M, Tsudik G, and Waidner M. Di?e-hellman key distribution extended togroup communication. In CCS’96: Proceedings of the 3rd ACM Conference onComputer and Communications Security, pages 31–37. ACM, New York, NY, USA,1996.
[98] Nam J, Kim S, and Won D. Secure group communications over combined wired andwireless networks. In TrustBus 2005, LNCS 3592, pages 90–99. Springer-Verlag,2005.
[99] Zou X, Ramamurthy B, and Magliveras S S. Secure Group Communications OverData Networks. Springer-Verlag, 2005.
[100] Li R, Li J, and Chen H H. Analysis and design of distributed hierarchical accesscontrol for multimedia networks. vol. 3, pages 1852–1856. 2005.
[101] Rowe H and Crampton J. Avoiding key redistribution in key assignment schemes.Communications in Computer and Information Science - Computer Network Secu-rity, 1: 127–140, 2007.
[102] Sun Y and Liu K R. Hierarchical group access control for secure multicast commu-nications. IEEE/ACM Transactions on Networking, 15(6): 1514–1526, 2007.
[103] Atallah M J, Blanton M, and Frikken K B. Key management for non-tree accesshierarchies. In SACMAT’06: Proceedings of the 11th ACM Symposium on AccessControl Models and Technologies, pages 11–18. ACM, New York, NY, USA, 2006.
[104] Atallah M J, Frikken K B, and Blanton M. Dynamic and e?cient key managementfor access hierarchies. In CCS’05: Proceedings of the 12th ACM Conference onComputer and Communications Security, pages 190–202. ACM, New York, NY,USA, 2005.
[105] Santis A D, Ferrara A L, and Masucci B. E?cient provably-secure hierarchical keyassignment schemes. Mathematical Foundations of Computer Science 2007, LNCS,4708: 371–382, 2007.
[106] Dustin M, Shankarappa J, Petrowski M, et al. Analysis of key management inwireless sensor networks. In EIT’07: Proccedings of IEEE International Conferenceon Electro/Information Technology, pages 263–271. Chicago, IL, USA, 17-20 May2007.
[107] Xiao Y, Rayi V K, Sun B, et al. A survey of key management schemes in wirelesssensor networks. Computer Communications, 30: 2314–2341, 2007.
[108] Naor D, Naor M, and Lotspiech J B. Revocation and tracing schemes for statelessreceivers. In Advances in Cryptology - CRYPTO’01, LNCS 2139, pages 41–62.Springer-Verlag, London, UK, 2001.
[109] Asano T. A revocation scheme with minimal storage at receivers. In Advances inCryptology - ASIACRYPT’02, LNCS 2501, pages 433–450. Springer-Verlag, London,UK, 2002.
[110] Pour A N, Kumekawa K, Kato T, et al. A hierarchical group key managementscheme for secure multicast increasing e?ciency of key distribution in leave opera-tion. Computer Networks, 51(17): 4727–4743, 2007.
[111] Pietro R D, Mancini L V, Law Y W, et al. LKHW: A directed di?usion-based securemulticast scheme for wireless sensor networks. In ICPPW’03: Proceedings of the2003 International Conference on Parallel Processing Workshops, pages 397–406.IEEE Computer Society, Los Alamitos, CA, USA, 2003.
[112] Panja B, Madria S K, and Bhargava B. Energy and communication e?cient groupkey management protocol for hierarchical sensor networks. In SUTC’06: Proceed-ings of the IEEE International Conference on Sensor Networks, Ubiquitous, andTrustworthy Computing, pages 384–393. IEEE Computer Society, Washington, DC,USA, 2006.
[113] Son J H, Lee J S, and Seo S W. Energy e?cient group key management scheme forwireless sensor networks. In COMSWARE’07: Proccedings of the 2nd InternationalConference on Communication Systems Software and Middleware, pages 1–9. 2007.
[114] Conti M, Pietro R D, Mancini L V, et al. Emergent properties: detection of thenode-capture attack in mobile wireless sensor networks. In Proceedings of the FirstACM Conference on Wireless Network Security, pages 214– 219. Alexandria, VA,USA, 2008.
[115] Silva A P, Martins M H T, Rocha B P S, et al. Decentralized intrusion detection inwireless sensor networks. In Q2SWinet’05: Proceedings of the 1st ACM Interna-tional Workshop on Quality of Service & Security in Wireless and Mobile Networks,pages 16–23. ACM, New York, NY, USA, 2005.
[116] Gupta G and Younis M. Load-balanced clustering of wireless sensor networks. InICC’03:Proceedings of IEEE International Conference on Communications, vol.3, pages 1848–1852. 2003.
[117] Younis O and Fahmy S. HEED: A hybrid, energy-e?cient, distributed clusteringapproach for ad hoc sensor networks. IEEE Transactions on Mobile Computing,3(4): 366–379, 2004.
[118] Langendoen K and Reijers N. Distributed localization in wireless sensor networks:a quantitative comparison. Computer Networks, 43(4): 499–518, 2003.
[119] Liu Z, Ma J, Huang Q, et al. Keying material based key pre-distribution scheme forsensor networks. Ad Hoc & Sensor Wireless Networks, 6(1-2): 67–89, 2008.
[120] Zhang Y and Lee W. Intrusion detection in wireless ad-hoc networks. In MobiCom’00: Proceedings of the 6th Annual International Conference on Mobile Computingand Networking, pages 275–283. ACM, New York, NY, USA, 2000.
[121] Zhang R, Qian D, Bao C, et al. Multi-agent based intrusion detection architecture.In ICCNMC’01: Proceedings of the 2001 International Conference on ComputerNetworks and Mobile Computing, pages 494–501. IEEE Computer Society, Wash-ington, DC, USA, 2001.
[122] Ganeriwal S, Balzano L K, and Srivastava M B. Reputation-based framework forhigh integrity sensor networks. ACM Transactions on Sensor Networks, 4(3): 1–37,2008.
[123] Chan H, Gligor V D, Perrig A, et al. On the distribution and revocation of cryp-tographic keys in sensor networks. IEEE Transactions on Dependable Secure Com-puting, 2(3): 233–247, 2005.
[124] Komninos N, Vergados D, and Douligeris C. Detecting unauthorized and compro-mised nodes in mobile ad hoc networks. Ad Hoc Networks, 5(3): 289–298, 2007.
[125] Ramkumar M. Down with trusted devices. In NSPW’05: New Secutity ParadigmsWorkshop. Lake Arrowhead, CA, USA, 2005.
[126] Gassend B, Dijk M V, Clarke D, et al. Controlled physical random functions andapplications. ACM Transactions on Information and System Security, 10(4): 1–22,2008.
[127]李凤华,王巍,马建峰.适用于传感器网络的分级群组密钥管理.电子学报, 36(12):2405–2411, 2008.
[128] Li F, Yan J, Ma J, et al. Leveled group key management with e?cient revocationsfor wireless sensor networks. Chinese Journal of Electronics, 18(3): 494–499, 2009.
[129] Conti M, Di Pietro R, Mancini L V, et al. Emergent properties: detection of thenode-capture attack in mobile wireless sensor networks. In WiSec’08: Proceedingsof the First ACM conference on Wireless Network Security, pages 214–219. ACM,New York, NY, USA, 2008.
[130] Roman R, Zhou J, and Lopez J. Applying intrusion detection systems to wirelesssensor networks. In CCNC’06: Proccedings of the 3rd IEEE Consumer Communi-cations and Networking Conference, vol. 2, pages 640–644. Las Vegas, Nevada, USA,2006.
[131] Liu Z, Ma J, and Huang Q. Asymmetric key pre-distribution scheme for sensornetworks. IEEE Transactions on Wireless Communications, 8(3): 1366–1372, 2009.
[2] Fiat A and Naor M. Broadcast encryption. In Advances in Cryptology -CRYPTO’93, LNCS 773, pages 480–491. Springer-Verlag New York, Inc., New York,NY, USA, 1994.
[3] Schechter S E, Greenstadt R A, and Smith M D. Trusted computing, peer-to-peerdistribution, and the economics of pirated entertainment. In WEIS’03: Proceedingsof the 2nd Annual Workshop on Economics and Information Security, pages 1–11.Maryland, USA, 2003.
[4] Seba H, Badache N, and Bouabdallah A. Solving the consensus problem in a dynamicgroup: An approach suitable for a mobile environment. In ISCC’02: Proceedingsof the Seventh International Symposium on Computers and Communications, page327. IEEE Computer Society, Washington, DC, USA, 2002.
[5] Zhou X, Yang X, Wei P, et al. Dynamic group signature with forward security and itsapplication. In GCC’07: Proceedings of the Sixth International Conference on Gridand Cooperative Computing, pages 473–480. IEEE Computer Society, Washington,DC, USA, 2007.
[6] Luby M and Staddon J. Combinatorial bounds for broadcast encryption. In Ad-vances in Cryptology―EUROCRYPT’98, LNCS 1043, pages 512–526. Springer-Verlag, 1998.
[7] Ballardie A. Scalable multicast key distribution. IETF Network Working Group,RFC 1949, 1996.
[8] Ballardie A. Core Based Trees (CBT version 2) multicast routing. IETF NetworkWorking Group, RFC 2189, 1997.
[9] Canetti R, Garay J, Itkis G, et al. Multicast security: a taxonomy and some e?cientconstructions. In INFOCOM’99: Proceedings of the 18th Annual Joint Conferenceof the IEEE Computer and Communications Societies, pages 708–716. IEEE Com-puter Society, New York, USA, 1999.
[10] Harney H and Muckenhirn C. Group Key Management Protocol (GKMP) Specifi-cation. RFC 2093, 1997.
[11] Harney H and Muckenhirn C. Group Key Management Protocol (GKMP) Architec-ture. RFC 2094, 1997.
[12] Mittra S. Iolus: a framework for scalable secure multicasting. ACM SIGCOMMComputer Communication Review, 27(4): 277–288, 1997.
[13] Harkins D and Doraswamy N. A Secure Scalable Multicast Key Management Pro-tocol. IETF Draft, draft-ietf-ipsecond-00.txt, 1997.
[14] Wallner D M, Harder E J, and Agee R C. Key management for multicast: Issuesand architectures. IETF Network Working Group, RFC 2627, 1999.
[15] Wong C K, Gouda M, and Lam S S. Secure group communications using key graphs.IEEE/ACM Transactions on Networking, 8(1): 16–30, 2000.
[16] Sun Y, Trappe W, and Liu K. A scalable multicast key management scheme forheterogeneous wireless networks. IEEE/ACM Transactions on Networking, 12(4):653–666, 2004.
[17]朱文涛,熊继平,李津生,等.安全组播密钥管理的层次结构研究.电子与信息学报,26(1): 7–13, 2004.
[18]曾玮妮,林亚平,胡玉鹏,等.传感器网络中一种基于分布式更新权限的组密钥管理方案.计算机研究与发展, 44(4): 606–614, 2007.
[19]刘璟,周明天.大型动态多播群组的密钥管理和访问控制.软件学报, 13(2): 291–297,2002.
[20]陈璟,杨波,田春岐.基于单向函数树的多播密钥管理方案安全性分析.西安电子科技大学学报(自然科学版), 31(6): 959–962, 2004.
[21]席国宝,陈惠芳,赵问道.基于中国剩余定理的秘密共享组播密钥管理方案.电子与信息学报, 28(12): 2378–2381, 2006.
[22]许勇,凌龙,顾冠群.可靠可缩放安全多播密钥更新实现研究.计算机研究与发展,41(6): 934–939, 2004.
[23]刘小虎,顾乃杰,陆余良,等.路径洗牌算法:安全组播中一种高效的组密钥更新算法.电子与信息学报, 29(10): 2477–2481, 2007.
[24]潘志铂,郑宝玉,吴蒙.一种基于时间流的安全多播密钥更新机制的研究.电子与信息学报, 26(7): 1045–1052, 2004.
[25]况晓辉,朱培栋,卢锡城.移动自组网络分布式组密钥更新算法.软件学报, 15(5):756–766, 2004.
[26]王巍.群组密钥管理的理论与关键技术研究.博士学位论文,西安电子科技大学, 2008,04.
[27]李凤华.分布式信息系统安全的理论与关键技术研究.博士学位论文,西安电子科技大学, 2009, 04.
[28] Moyer M J, Rao J R, and Rohatgi P. A survey of security issues in multicastcommunications. IEEE Network, 13(6): 12–23, 1999.
[29] Rafaeli S and Hutchison D. A survey of key management for secure group commu-nication. ACM Computing Surveys, 35(3): 309–329, 2003.
[30] Sandhu R S, Coyne E J, Feinstein H L, et al. Role-based access control models.Computer, 29(2): 38–47, 1996.
[31] Akl S G and Taylor P D. Cryptographic solution to a problem of access control ina hierarchy. ACM Transaction on Computer System, 1(3): 239–248, 1983.
[32] Sandhu R S. On some cryptographic solutions for access control in a tree hierarchy.In ACM’87: Proceedings of the 1987 Fall Joint Computer Conference on Exploringtechnology: today and tomorrow, pages 405–410. IEEE Computer Society Press, LosAlamitos, CA, USA, 1987.
[33] Sandhu R S. Cryptographic implementation of a tree hierarchy for access control.Information Processing Letters, 27(2): 95– 98, 1988.
[34] Ray I, Ray I, and Narasimhamurthi N. A cryptographic solution to implementaccess control in a hierarchy and more. In SACMAT’02: Proceedings of the seventhACM symposium on Access control models and technologies, pages 65–73. ACM,New York, NY, USA, 2002.
[35] Sun Y and Liu K R. Scalable hierarchical access control in secure group communi-cations. INFOCOM’04: Proccedings of the Twenty-third Annual Joint Conferenceof the IEEE Computer and Communications Societies, 2: 1296–1306, 2004.
[36] Wang G, Ouyang J, Chen H H, et al. E?cient group key management for multi-privileged groups. Computer Communications, 30(11-12): 2497–2509, 2007.
[37] Li C, Yang C, and Cheung R. Key management for role hierarchy in distributedsystems. Journal of Network and Computer Applications, 30(3): 920–936, 2007.
[38] Hassen H R, Bouabdallah A, Bettahar H, et al. Key management for content accesscontrol in a hierarchy. Computer Networks, 51(11): 3197–3219, 2007.
[39] Crampton J, Martin K, and Wild P. On key assignment for hierarchical accesscontrol. In CSFW’06: Proceedings of the 19th IEEE workshop on Computer SecurityFoundations, pages 98–111. IEEE Computer Society, Washington, DC, USA, 2006.
[40] Birget J C, Zou X, and Noubir G. Hierarchy-based access control in distributedenvironments. In ICC’01: IEEE International Conference on Communications,vol. 1, pages 229–233. 2001.
[41] Pickholtz R, Schilling D, and Milstein L. Theory of spread-spectrumcommunications–a tutorial. IEEE Transactions on Communications, 30(5): 855–884, 1982.
[42] Maughan D, Schertler M, Schneider M, et al. Internet Security Association and KeyManagement Protocol (ISAKMP). RFC 2408, 1998.
[43] Baugher M, Canetti R, Dondeti L, et al. Multicast security (MSEC) group keymanagement architecture. IETF Network Working Group, RFC 4046, 2005.
[44] Harkins D and Carrel D. The Internet Key Exchange (IKE). RFC 2409, 1998.
[45] Kerckho?s A. La cryptographie militaire. Journal des sciences militaires, 9: 5–83,1883.
[46]林闯,蒋屹新,尹浩.网络安全控制机制.清华大学出版社, 2008.
[47] Waldvogel M, Caronni G, Sun D, et al. The versakey framework: versatile groupkey management. IEEE Journal on Selected Areas in Communications, 17(9): 1614–1631, 1999.
[48] Chang I, Engel R, Kandlur D, et al. Key management for secure internet multicastusing boolean function minimization techniques. In Infocomm’99: Proceedings ofIEEE INFOCOM, vol. 2, pages 689–698. 1999.
[49] Sherman A and McGrew D. Key establishment in large dynamic groups using one-way function trees. Transactions on Software Engineering, 29(5): 444–458, 2003.
[50] Perrig A, Song D, and Tygar J D. ELK: a new protocol for e?cient large-group keydistribution. In SP’01: Proceedings of the 2001 IEEE Symposium on Security andPrivacy, pages 247–262. IEEE Computer Society, Washington, DC, USA, 2001.
[51] Chan K C and Chan S. Key management approaches to o?er data confidentialityfor secure multicast. IEEE Network, 17(5): 30–39, 2003.
[52] DeCleene B, Dondeti L, Gri?n S, et al. Secure group communications for wire-less networks. In MILCOM’01: Proceedings of IEEE Military CommunicationsConference, vol. 1, pages 113–117. 2001.
[53] Dondeti L, Samal A, and Mukherjee S. Scalable secure one-to-many group com-munication using dual encryption. Computer Communications, 23(17): 1681–1701,2000.
[54] Rafaeli S and Hutchison D. Hydra: A decentralised group key management. InWETICE’02: Proceedings of the Eleventh IEEE International Workshops on En-abling Technologies, page 62. IEEE Computer Society, Los Alamitos, CA, USA,2002.
[55] Setia S, Koussih S, Jajodia S, et al. Kronos: a scalable group re-keying approachfor secure multicast. In S&P’00: Proceedings of 2000 IEEE Symposium on Securityand Privacy, pages 215–228. 2000.
[56] Molva R and Pannetrat A. Scalable multicast security in dynamic groups. In CCS’99: Proceedings of the 6th ACM Conference on Computer and CommunicationsSecurity, pages 101–112. ACM, New York, NY, USA, 1999.
[57] Dondeti L, Mukherjee S, and Samal A. DISEC: a distributed framework for scalablesecure many-to-many communication. In ISCC’00: Proceedings of the Fifth IEEESymposium on Computers and Communications, pages 693–698. 2000.
[58] Di?e W and Hellman M E. New directions in cryptography. IEEE Transactions onInformation Theory, 22(6): 644–654, 1976.
[59] Steiner M, Tsudik G, and Waidner M. CLIQUES: A new approach to group keyagreement. In ICDCS’98: Proceedings of the 18th IEEE International Conferenceon Distributed Computing Systems, page 380. IEEE Computer Society, Los Alamitos,CA, USA, 1998.
[60] Kim Y, Perrig A, and Tsudik G. Simple and fault-tolerant key agreement for dy-namic collaborative groups. In CCS’00: Proceedings of the 7th ACM Conferenceon Computer and Communications Security, pages 235–244. ACM, New York, USA,2000.
[61] Becker K and Wille U. Communication complexity of group key distribution. In CCS’98: Proceedings of the 5th ACM Conference on Computer and CommunicationsSecurity, pages 1–6. ACM, New York, NY, USA, 1998.
[62] Burmester M and Desmedt Y. A secure and e?cient conference key distributionsystem. In Advances in Cryptology - EUROCRYPT’94, LNCS 950, pages 275–286.Springer-Verlag, 1995.
[63] Kim Y, Perrig A, and Tsudik G. Communication-e?cient group key agreement. InSec’01: Proceedings of the 16th International Conference on Information Security:Trusted Information, pages 229–244. 2001.
[64] Akyildiz I, Su W, Sankarasubramaniam Y, et al. Wireless sensor networks: a survey.Computer Networks, 38(4): 393–422, 2002.
[65] Djenouri D, Khelladi L, and Badache N. A survey of security issues in mobile adhoc and sensor networks. IEEE Communications Surveys & Tutorials, 7(4): 2–28,2005.
[66] Wang Y, Attebury G, and Ramamurthy B. A survey of security issues in wirelesssensor networks. IEEE Communications Surveys & Tutorials, 8(2): 2–23, 2006.
[67] Perrig A, Stankovic J, and Wagner D. Security in wireless sensor networks. Com-munications of the ACM, 47(6): 53–57, 2004.
[68]叶阿勇.无线传感器网络节点安全定位.博士学位论文,西安电子科技大学, 2009, 04.
[69]沈玉龙.无线传感器网络数据传输及安全技术研究.博士学位论文,西安电子科技大学,2007, 11.
[70] Technology C. Mica2: Wireless Measurement System.http://www.xbow.com/Products/.
[71] Neuman B and Ts’o T. Kerberos: an authentication service for computer networks.IEEE Communications, 32(9): 33–38, 1994.
[72]苏忠,林闯,封富君,任丰原.无线传感器网络密钥管理的方案和协议.软件学报,18(5): 1218–1231, 2007.
[73]刘志宏.无线传感器网络密钥管理.博士学位论文,西安电子科技大学, 2009, 04.
[74] Gaubatz G, Kaps J P, and Sunar B. Public key cryptography in sensor net-works―revisited. In ESAS’04: Proceedings of the 1st European Workshop on Se-curity in Ad-Hoc and Sensor Networks, pages 2–18. 2005.
[75] Malan D, Welsh M, and Smith M. A public-key infrastructure for key distributionin tinyos based on elliptic curve cryptography. In SECON’04: Proceedings of theFirst Annual IEEE Communications Society Conference on Sensor and Ad HocCommunications and Networks, pages 71–80. 2004.
[76] Eschenauer L and Gligor V D. A key management scheme for distributed sensornetworks. In CCS’02: Proceedings of the 9th ACM Conference on Computer andCommunication Security. Washington, D.C., USA, 2002.
[77] Chan H, Perrig A, and Song D. Random key predistribution schemes for sensornetworks. In SP’03: Proceedings of the 2003 IEEE Symposium on Security andPrivacy, pages 197–213. IEEE Computer Society, Washington, DC, USA, 2003.
[78] Du W, Deng J, Han Y S, et al. A pairwise key pre-distribution scheme for wirelesssensor networks. In CCS’03: Proceedings of the 10th ACM Conference on Computerand Communications Security, pages 42–51. ACM, New York, NY, USA, 2003.
[79] Liu D and Ning P. Establishing pairwise keys in distributed sensor networks. In CCS’03: Proceedings of the 10th ACM Conference on Computer and CommunicationsSecurity, pages 52–61. ACM, New York, NY, USA, 2003.
[80] Liu D and Ning P. Location-based pairwise key establishments for static sensornetworks. In SASN’03: Proceedings of the 1st ACM Workshop on Security of AdHoc and Sensor Networks, pages 72–82. ACM, New York, NY, USA, 2003.
[81] Du W, Deng J, Han Y, et al. A key management scheme for wireless sensor networksusing deployment knowledge. In Proceedings of the IEEE INFOCOM, pages 586–597.IEEE, Piscataway, 2004.
[82] Huang D, Mehta M, Medhi D, et al. Location-aware key management scheme forwireless sensor networks. In SASN’04: Proceedings of the 2nd ACM Workshop onSecurity of Ad Hoc and Sensor Networks, pages 29–42. ACM, New York, NY, USA,2004.
[83] Chan H and Perrig A. PIKE: peer intermediaries for key establishment in sensornetworks. In INFOCOM’05: Proceedings of the 24th Annual Joint Conference ofthe IEEE Computer and Communications Societies, vol. 1, pages 524–535. 2005.
[84] Camtepe S A and Yener B. Combinatorial design of key distribution mechanisms forwireless sensor networks. IEEE/ACM Transactions on Networking, 15(2): 346–358,2007.
[85] Perrig A, Szewczyk R, Tygar J D, et al. SPINS: security protocols for sensor net-works. Wireless Networks, 8(5): 521–534, 2002.
[86] Zhu S, Setia S, and Jajodia S. LEAP: E?cient security mechanisms for large-scaledistributed sensor networks. In CCS’03: Proceedings of the 10th ACM Conferenceon Computer and Communications Security, pages 62–72. Washington, DC, USA,October, 2003.
[87] Younis M F, Ghumman K, and Eltoweissy M. Location-aware combinatorial keymanagement scheme for clustered sensor networks. IEEE Transactions on Paralleland Distributed Systems, 17(8): 865–882, 2006.
[88] Eltoweissy M, Moharrum M, and Mukkamala R. Dynamic key management in sensornetworks. IEEE Communications Magazine, 44(4): 122–130, 2006.
[89] Moharrum M A and Eltoweissy M. A study of static versus dynamic keying schemesin sensor networks. In PE-WASUN’05: Proceedings of the 2nd ACM InternationalWorkshop on Performance Evaluation of Wireless Ad Hoc, Sensor, and UbiquitousNetworks, pages 122–129. ACM, New York, NY, USA, 2005.
[90] Blundo C, De Santis A, Vaccaro U, et al. Perfectly secure key distribution fordynamic conferences. Information and Computation, 146(1): 1–23, 1998.
[91] Zhang Q and Wang Y. A centralized key management scheme for hierarchical accesscontrol. In GLOBECOM’04: IEEE Global Telecommunications Conference, DallasTX vol. 4, pages 2067–2071. 2004.
[92] Davey B and Priestley H. Introduction to lattices and order. Cambridge UniversityPress, 1990.
[93] Harary F. Graph Theory. Reading, MA: Addison-Wesley, 1994.
[94] Ingemarsson I, Tang D, and Wong C. A conference key distribution system. IEEETransactions on Information Theory, 28(5): 714–720, 1982.
[95] Steer D G, Strawczynski L, Di?e W, et al. A secure audio teleconference system. InCRYPTO’88: Proceedings of the 8th Annual International Cryptology Conferenceon Advances in Cryptology, pages 520–528. Springer-Verlag, London, UK, 1990.
[96] Kim Y, Perrig A, and Tsudik G. Tree-based group key agreement. ACM Transac-tions on Information and System Security, 7(1): 60–96, 2004.
[97] Steiner M, Tsudik G, and Waidner M. Di?e-hellman key distribution extended togroup communication. In CCS’96: Proceedings of the 3rd ACM Conference onComputer and Communications Security, pages 31–37. ACM, New York, NY, USA,1996.
[98] Nam J, Kim S, and Won D. Secure group communications over combined wired andwireless networks. In TrustBus 2005, LNCS 3592, pages 90–99. Springer-Verlag,2005.
[99] Zou X, Ramamurthy B, and Magliveras S S. Secure Group Communications OverData Networks. Springer-Verlag, 2005.
[100] Li R, Li J, and Chen H H. Analysis and design of distributed hierarchical accesscontrol for multimedia networks. vol. 3, pages 1852–1856. 2005.
[101] Rowe H and Crampton J. Avoiding key redistribution in key assignment schemes.Communications in Computer and Information Science - Computer Network Secu-rity, 1: 127–140, 2007.
[102] Sun Y and Liu K R. Hierarchical group access control for secure multicast commu-nications. IEEE/ACM Transactions on Networking, 15(6): 1514–1526, 2007.
[103] Atallah M J, Blanton M, and Frikken K B. Key management for non-tree accesshierarchies. In SACMAT’06: Proceedings of the 11th ACM Symposium on AccessControl Models and Technologies, pages 11–18. ACM, New York, NY, USA, 2006.
[104] Atallah M J, Frikken K B, and Blanton M. Dynamic and e?cient key managementfor access hierarchies. In CCS’05: Proceedings of the 12th ACM Conference onComputer and Communications Security, pages 190–202. ACM, New York, NY,USA, 2005.
[105] Santis A D, Ferrara A L, and Masucci B. E?cient provably-secure hierarchical keyassignment schemes. Mathematical Foundations of Computer Science 2007, LNCS,4708: 371–382, 2007.
[106] Dustin M, Shankarappa J, Petrowski M, et al. Analysis of key management inwireless sensor networks. In EIT’07: Proccedings of IEEE International Conferenceon Electro/Information Technology, pages 263–271. Chicago, IL, USA, 17-20 May2007.
[107] Xiao Y, Rayi V K, Sun B, et al. A survey of key management schemes in wirelesssensor networks. Computer Communications, 30: 2314–2341, 2007.
[108] Naor D, Naor M, and Lotspiech J B. Revocation and tracing schemes for statelessreceivers. In Advances in Cryptology - CRYPTO’01, LNCS 2139, pages 41–62.Springer-Verlag, London, UK, 2001.
[109] Asano T. A revocation scheme with minimal storage at receivers. In Advances inCryptology - ASIACRYPT’02, LNCS 2501, pages 433–450. Springer-Verlag, London,UK, 2002.
[110] Pour A N, Kumekawa K, Kato T, et al. A hierarchical group key managementscheme for secure multicast increasing e?ciency of key distribution in leave opera-tion. Computer Networks, 51(17): 4727–4743, 2007.
[111] Pietro R D, Mancini L V, Law Y W, et al. LKHW: A directed di?usion-based securemulticast scheme for wireless sensor networks. In ICPPW’03: Proceedings of the2003 International Conference on Parallel Processing Workshops, pages 397–406.IEEE Computer Society, Los Alamitos, CA, USA, 2003.
[112] Panja B, Madria S K, and Bhargava B. Energy and communication e?cient groupkey management protocol for hierarchical sensor networks. In SUTC’06: Proceed-ings of the IEEE International Conference on Sensor Networks, Ubiquitous, andTrustworthy Computing, pages 384–393. IEEE Computer Society, Washington, DC,USA, 2006.
[113] Son J H, Lee J S, and Seo S W. Energy e?cient group key management scheme forwireless sensor networks. In COMSWARE’07: Proccedings of the 2nd InternationalConference on Communication Systems Software and Middleware, pages 1–9. 2007.
[114] Conti M, Pietro R D, Mancini L V, et al. Emergent properties: detection of thenode-capture attack in mobile wireless sensor networks. In Proceedings of the FirstACM Conference on Wireless Network Security, pages 214– 219. Alexandria, VA,USA, 2008.
[115] Silva A P, Martins M H T, Rocha B P S, et al. Decentralized intrusion detection inwireless sensor networks. In Q2SWinet’05: Proceedings of the 1st ACM Interna-tional Workshop on Quality of Service & Security in Wireless and Mobile Networks,pages 16–23. ACM, New York, NY, USA, 2005.
[116] Gupta G and Younis M. Load-balanced clustering of wireless sensor networks. InICC’03:Proceedings of IEEE International Conference on Communications, vol.3, pages 1848–1852. 2003.
[117] Younis O and Fahmy S. HEED: A hybrid, energy-e?cient, distributed clusteringapproach for ad hoc sensor networks. IEEE Transactions on Mobile Computing,3(4): 366–379, 2004.
[118] Langendoen K and Reijers N. Distributed localization in wireless sensor networks:a quantitative comparison. Computer Networks, 43(4): 499–518, 2003.
[119] Liu Z, Ma J, Huang Q, et al. Keying material based key pre-distribution scheme forsensor networks. Ad Hoc & Sensor Wireless Networks, 6(1-2): 67–89, 2008.
[120] Zhang Y and Lee W. Intrusion detection in wireless ad-hoc networks. In MobiCom’00: Proceedings of the 6th Annual International Conference on Mobile Computingand Networking, pages 275–283. ACM, New York, NY, USA, 2000.
[121] Zhang R, Qian D, Bao C, et al. Multi-agent based intrusion detection architecture.In ICCNMC’01: Proceedings of the 2001 International Conference on ComputerNetworks and Mobile Computing, pages 494–501. IEEE Computer Society, Wash-ington, DC, USA, 2001.
[122] Ganeriwal S, Balzano L K, and Srivastava M B. Reputation-based framework forhigh integrity sensor networks. ACM Transactions on Sensor Networks, 4(3): 1–37,2008.
[123] Chan H, Gligor V D, Perrig A, et al. On the distribution and revocation of cryp-tographic keys in sensor networks. IEEE Transactions on Dependable Secure Com-puting, 2(3): 233–247, 2005.
[124] Komninos N, Vergados D, and Douligeris C. Detecting unauthorized and compro-mised nodes in mobile ad hoc networks. Ad Hoc Networks, 5(3): 289–298, 2007.
[125] Ramkumar M. Down with trusted devices. In NSPW’05: New Secutity ParadigmsWorkshop. Lake Arrowhead, CA, USA, 2005.
[126] Gassend B, Dijk M V, Clarke D, et al. Controlled physical random functions andapplications. ACM Transactions on Information and System Security, 10(4): 1–22,2008.
[127]李凤华,王巍,马建峰.适用于传感器网络的分级群组密钥管理.电子学报, 36(12):2405–2411, 2008.
[128] Li F, Yan J, Ma J, et al. Leveled group key management with e?cient revocationsfor wireless sensor networks. Chinese Journal of Electronics, 18(3): 494–499, 2009.
[129] Conti M, Di Pietro R, Mancini L V, et al. Emergent properties: detection of thenode-capture attack in mobile wireless sensor networks. In WiSec’08: Proceedingsof the First ACM conference on Wireless Network Security, pages 214–219. ACM,New York, NY, USA, 2008.
[130] Roman R, Zhou J, and Lopez J. Applying intrusion detection systems to wirelesssensor networks. In CCNC’06: Proccedings of the 3rd IEEE Consumer Communi-cations and Networking Conference, vol. 2, pages 640–644. Las Vegas, Nevada, USA,2006.
[131] Liu Z, Ma J, and Huang Q. Asymmetric key pre-distribution scheme for sensornetworks. IEEE Transactions on Wireless Communications, 8(3): 1366–1372, 2009.